|
|
|
Welcome to the Microsoft Windows Active Directory® at Penn State. This site provides information about Active Directory®, a service managed by Applied Information Technologies (AIT) of Academic Services and Emerging Technologies (ASET), a unit of Information Technology Services (ITS).
In order to support Penn State's distributed computing environment and core information technology infrastructure, ITS focuses its efforts on open standards. As the Windows® arena continues to grow, its inability, at times, to integrate well with open standards has often led to duplication of effort and/or resources. With the introduction of Service Pack 3 for Windows® 2000, Microsoft® enabled trusts between Kerberos realms and Active Directory® (AD) domains. This step moved Windows® closer to interoperability with a heterogeneous, distributed computing environment. The need for a better solution was identified and the Microsoft Windows Active Directory® Service at Penn State was developed as an outcome.
ITS provides Access Account Windows Active Directory® Root domain for use within the entire University community so that colleges, departments, and academic units can leverage the existing infrastructure via their respective Windows-based infrastructures, providing for a unified authentication and authorization domain between Windows Active Directory® and the current open standards-based infrastructure. The purpose of offering Active Directory® services to Penn State colleges, departments, and academic units (referred to as units herein) is to provide the University community with maximum flexibility and control over their own Microsoft Active Directory®-based technology infrastructures. ASET is offering this service so that Penn State organizations may leverage their respective Windows® infrastructures with our core authentication (Kerberos 5) and authorization (LDAP) services for account management. This deployment of Active Directory® is integrated with the current, open standards-based infrastructure ASET/ITS uses for core digital credential management. This provides maximum flexibility for all units, Microsoft® dependent or not.
AIT's goal is to facilitate the deployment process for sites currently interested in designing an Active Directory® network. ASET's primary intent is to guide units in evaluating the complicated design trade-offs associated with Active Directory® by providing detailed information about the cost and implications of different Active Directory® elements that would be difficult to change once deployed.
The intention of Penn State's ACCESS.PSU.EDU deployment plan is to create a stable infrastructure based on supported Microsoft® technologies, to promote autonomy among different Penn State units (either as Child Domains or Organizational Units (OUs) in the ACCESS Forest). Implementations such as account management in the OUs or Child Domains, group policies written and applied by the organization, and any technology that will not have an affect outside of a organization’s scope, are up to the discretion of that unit. If you would like to begin working with Active Directory, please visit Getting Started.
Change to KDC Settings, Effective July 12, 2006
The Pennsylvania State University ©2006. All rights reserved.
Alternative Media - Nondiscrimination Statement
This site maintained by Academic Services and Emerging Technologies, a unit of Information Technology Services.
Problem reports and requests for assistance should be directed to ITS Help Desk staff.
Last revised: Wednesday, July 12, 2006.