Describe the situation, challenge or problem you or your team faced.
A private K-12 school was running on a Windows Server 2000 network with an infrastructure that had been neglected and was falling apart. Viruses, spyware, 10mb hubs, and lack of backups plagued the system. The schools data was at risk. The old server (P4 1.6 white box workstation) had bad sector and disk write errors filling the event log every 30 minutes. Users had almost full rights, and there was no internet filtering. Teacher data was accessible to students due to poor security. The school only receives partial funding from the government, and had minimal budget for IT, so I and a few others volunteered to do a comprehensive analysis on the computer systems. Recommendations turned into implementation plans and I ended up the project lead and primary implementer.
Describe how your solution helped overcome the challenge. Tell us about the innovative ways you used technology to create this solution.
What obstacles or roadblocks were overcome? Is the solution reusable elsewhere? Be specific!
I replaced the whole domain and file system with multiple Windows 2008 servers running virtualized on a Dell 2900. We made heavy use of GPO's, folder redirection, automation, and role based access control. Utilizing a product called USBDLM combined with software restriction policies, we were able to restrict usage of USB flash drives. Automated scripts were setup to create AD accounts, profiles, and group memberships based on user data from the enrollment system. Utilizing MDT with WDS we built HW independent desktop image (that took some digging!). Windows Server Backup was utilized along with Symantec to backup all data to one tape. A Barracuda AD integrated web filter system protects kids/teachers on the web. 150+ hours of my time later, it was done.
What positive impact did your solution have in the workplace, the community, or at home?
The school immediately benefited from increased stability, security, and sustainability. We were pleased by very thankful teachers, administration, and school society. Some unhappy students (no more games!). Protection from spyware, malware and pornography/violence on the web ensures compliance with government policies and confident parents. A solid backup solution for servers and administration PC's has released nerves and tension about data loss. Users were very excited with Office 2007, and other software upgrades.
Feel free to let the community know about any interesting or humorous tidbits you feel will add to your submission.
In the analysis report, I made a note that the current server room was very dusty and that the old backup tapes were not standing upright. This got a laugh at the school board presentation, as it was a random tidbit between things like: Drive's failing, and Impending failure. While fine tuning the software restriction policies, I wanted to prevent users from storing executables in various profile locations. Not realizing that .lnk (shortcut) was in the default executable policy, I ended up with students not being able to launch Word from their start menus. Oops! The big highlight was creating a custom policy and profile for a student with visual (among other) impairments. When the student logged on the new system the first time. he was so excited, and it made all the hours feel worth it.
To help the community understand the scope of your project, please select the technologies utilized.
2008 Server, IIS7, FSRM, WDS, WSUS, MDT