Windows Server 2008 R2 Unleashed (154 page)

. Remote Assistance

. UPS Battery Backup Software

. Applications Testing

. Backup and Restore

Windows Server 2008 R2 Project Documents

779

. Monitoring Software (Systems Center Operations Manager 2007)

. Administrative Rights

Each individual test should be documented in a test form listing the expected outcome

and the actual outcome. This becomes part of the original test plan and is used to validate

the implementation procedure or document a change.

22

Table 22.2 shows a sample test form.

TABLE 22.2

Sample Test Form

Test Name

Hardware requirements:

Software requirements:

Other requirements:

Expected outcome:

Actual outcome:

ptg

Tester:

Date:

At the end of the stage, it should be clearly documented what, if anything, has changed.

The documentation deliverables of this stage are as follows:

. Pilot implementation plan

. Implementation plan

. Rollback plan

Pilot Test Plan

Documenting a pilot implementation has special requirements because it is the first time

the implementation will touch the production environment. If the environment is a

complex one where multiple applications are affected by the implementation, all details

should be documented along with the outcome of the pilot.

This is done by having a document similar in content to the test plan form and tracking

any issues that come up.

In extreme cases, the project team will have to put into effect the rollback plan. Before

starting the pilot implementation, the team should have an escalation process along with

contact names and numbers of the personnel with the authority to make the go-no-go

decision in a given situation.

780

CHAPTER 22

Documenting a Windows Server 2008 R2 Environment

Support and Project Completion Document

A Windows Server 2008 R2 implementation should include a plan for handing off admin-

istration to the personnel who will be supporting the environment after the implementa-

tion is complete. This is especially true if the subject matter experts are brought in to

implement the Windows Server 2008 R2 infrastructure and will not be remaining onsite to

support it.

The handoff plan should be included in the original project plan and have a timeline for

delivery of the administrative documentation as well as training sessions if needed.

Administration and Maintenance Documents

Administration and maintenance documentation can be critical in maintaining a reliable

network environment. These documents help the administrator of a particular server or

set of servers organize and keep track of the different steps that need to be taken to ensure

the health of the systems under his or her care. They also facilitate the training of new

resources and reduce the variables and risks involved in these transitions.

Windows Server 2008 R2 systems can serve several different functions on the network,

such as file servers, print servers, web servers, messaging servers, terminal servers, and

ptg

remote access servers. The necessary maintenance procedures might be slightly different

for each one based on its function and importance in the network.

One key component to administration or maintenance documentation is a timeline detail-

ing when certain procedures should be followed. As Chapter 20, “Windows Server 2008 R2

Management and Maintenance Practices,” discusses, certain daily, weekly, monthly, and

quarterly procedures should be followed. These procedures, such as weekly event log

archiving, should be documented to make sure that there are clearly defined procedures

and frequency in which they should be performed.

Step-by-Step Procedure Documents

Administration and maintenance documentation contains a significant amount of proce-

dural documentation. These documents can be very helpful for complex processes, or for

processes that are not performed on a regular basis. Procedures range from technical

processes that outline each step to administrative processes that help clarify roles and

responsibilities.

Flowcharts from Microsoft Visio or a similar product are often sufficient for the adminis-

trative processes, such as when testing a new patch to a key software application, approv-

ing the addition of a new server to the network, or scheduling network downtime.

Policies

Although policy documents might not be exciting reading, they can be an administrator’s

best friend in touchy situations. A well-thought-out, complete, and approved policy docu-

ment makes it very clear who is responsible for what in specific situations. It’s also impor-

Administration and Maintenance Documents

781

tant to be realistic about which policies need to be documented and what is excessive—for

example, document policies concerning when and how the servers can be updated with

patches, newer hardware, or software.

Documented Checklists

22

Administration and maintenance documentation can be extensive, and checklists can be

quick reminders for those processes and procedures. Develop comprehensive checklists

that will help administrators perform their scheduled and unscheduled tasks. A timeline

checklist highlighting the daily, weekly, monthly, and quarterly tasks helps keep the

Windows Server 2008 R2 environment healthy. In addition, these checklists function as

excellent auditing tools.

Active Directory Infrastructure

Active Directory is one of the core services for a Windows Server 2008 R2 environment. As

such, documenting the AD infrastructure is a critical component to the environment.

There are many aspects to documents as they relate to AD, including, but not limited to,

the following:

. Forest and domain structure, such as DNS names, NetBIOS names, mode of opera-

ptg

tion, and trust relationships

. Names and placement of domain controllers (DCs) and global catalog (GC) servers

. Flexible Single Master Operations (FSMO) locations on DCs or GCs

. Sites, site links, link costs, and site link bridges

. Organizational unit (OU) topology

. Special schema entries (such as those made by applications)

. Security groups and distribution lists

. AD-integrated DNS information

. AD security

. Group Policy Object (GPO) configurations and structure

This information can be extremely useful in day-to-day operations, as well as when you’re

troubleshooting AD issues, such as replication latency or logon problems.

Server Build Procedures

The server build procedure is a detailed set of instructions for building the Windows

Server 2008 R2 system. This document can be used for troubleshooting and adding new

servers, and is a critical resource in the event of a disaster.

782

CHAPTER 22

Documenting a Windows Server 2008 R2 Environment

The following is an example of a table of contents from a server build procedure document:

Windows Server 2008 R2 Build Procedures

. System Configuration Parameters

. Configure the Server Hardware

. Install Vendor Drivers

. Configure RAID

. Install and Configure Windows Server 2008 R2

. Using Images

. Scripted Installations

. Applying Windows Server 2008 R2 Security

. Using a Security Template

. Using GPOs

. Configuring Antivirus

. Installing Service Packs and Critical Updates

ptg

. Backup Client Configuration

Configuration (As Built) Documentation

The configuration document, often referred to as an as built, details a snapshot configura-

tion of the Windows Server 2008 R2 system as it is built. This document contains essential

information required to rebuild a server.

The following is a Windows Server 2008 R2 as built document template:

Introduction

The purpose of this Windows Server 2008 R2 as built document is to assist an experienced

network administrator or engineer in restoring the server in the event of a hardware

failure. This document contains screenshots and configuration settings for the server at

the time it was built. If settings are not implicitly defined in this document, they are

assumed to be set to defaults. It is not intended to be a comprehensive disaster recovery

with step-by-step procedures for rebuilding the server. For this document to remain useful

as a recovery aid, it must be updated as configuration settings change.

. System Configuration

. Hardware Summary

. Disk Configuration

. Logical Disk Configuration

. System Summary

Administration and Maintenance Documents

783

. Device Manager

. RAID Configuration

. Windows Server 2008 R2 TCP/IP Configuration

. Network Adapter Local Area Connections

22

. Security Configuration

. Services

. Lockdown Procedures (Checklist)

. Antivirus Configuration

. Share List

. Applications and Configurations

Topology Diagrams

Network configuration diagrams and related documentation generally include local area

network (LAN) connectivity, wide area network (WAN) infrastructure connectivity, IP

subnet information, critical servers, network devices, and more. Having accurate diagrams

ptg

of the new environment can be invaluable when troubleshooting connectivity issues. For

topology diagrams that can be used for troubleshooting connectivity issues, consider

documenting the following:

. Internet service provider contact names, including technical support contact

information

. Connection type (such as frame relay, ISDN, OC-12)

. Link speed

. Committed Information Rate (CIR)

. Endpoint configurations, including routers used

. Message flow and routing

Administration Manual

The administration manual is the main tool for the administrative group. All of the

Windows tasks are documented with details specific to the organization. A well-prepared

administration manual can also be used for training new administrators.

Using Documentation for Troubleshooting Purposes

Troubleshooting documentation is helpful both in terms of the processes that the

company recommends for resolving technical issues, as well as documenting the results of

actual troubleshooting challenges. Often, companies have database and trouble-ticket

processes in place to record the time a request was made for assistance, the process

784

CHAPTER 22

Documenting a Windows Server 2008 R2 Environment

followed, and the results. This information should then be available to the appropriate

support staff so they know the appropriate resolution if the problem comes up again.

Organizations might also choose to document troubleshooting methodologies to use as

training aids and also to ensure that specific steps are taken as a standard practice for

quality of service to the user community.

Procedural Documents

Although security policies and guidelines comprise the majority of security documenta-

tion, procedures are equally as important. Procedures include not only the initial configu-

ration steps, but also maintenance procedures and more important procedures that are to

be followed in the event of a security breach.

Additional areas regarding security that can be documented include, but are not limited

to, the following:

. Auditing policies, including review

. Service packs (SPs) and hotfixes

. Certificates and certificates of authority

ptg

. Antivirus configurations

. BitLocker

. Password policies (such as length, strength, age)

. GPO security-related policies

. Registry security

. Lockdown procedures

Network Infrastructure

Network configuration documentation is essential when you’re designing technologies

that might be integrated into the network, when managing network-related services such

as DNS, when administering various locations, and when troubleshooting. Network envi-

ronments usually don’t change as much as a server infrastructure. Nonetheless, it’s impor-

tant to keep this information current and accurate through periodic reviews and analysis.

Documenting the WAN Infrastructure

Network configuration documentation also includes WAN infrastructure connectivity.

Consider documenting the following:

. Internet service provider contact names, including technical support contact

information

. Connection type (such as frame relay, ISDN, OC-12)

Disaster Recovery Documentation

785

. Link speed

. Committed Information Rate (CIR)

. Endpoint configurations, including routers used

Enterprise networks can have many different types of WAN links, each varying in speed

22

and CIR. This documentation is useful not only for understanding the environment, but

also for troubleshooting connectivity, replication issues, and more.

Network Device Documentation

Network devices such as firewalls, routers, and switches use a proprietary operating

system. Also, depending on the device, the configuration should be documented. Some