Administering a large Windows NT-based network gets complicated when you start delegating user and group authority, or migrating users from one domain to another. Although NT 4.0's native domain architecture gives you some administration capabilities, you are still left unable to accomplish many tasks, such as delegating routine tasks with granularity.
To help you get around NT 4.0's domain architecture and management shortcomings, Mission Critical Software has added two robust components to its Onepoint EA suite -- Enterprise Exchange Administrator (EEA) and Enterprise Domain Administrator (EDA). The suite, once called Enterprise Administrator, is comprised of five tools, but I reviewed only EEA and EDA.
The Onepoint EA suite comes in three pieces: an enterprise administration bundle, which contains EDA, Enterprise Directory Administrator, and Enterprise Resource Administrator; Enterprise Event Administrator; and EEA.
The two new components round out Onepoint EA's toolset, complementing NT's built-in management features.
EDA provides domain consolidation and migration. It copies user accounts, groups, and computer accounts from one domain to another and automatically updates security information for directories, files, shares, and Microsoft Exchange. EDA also helps prepare for a migration to Windows 2000 by quickly copying accounts from a Windows NT domain to a Windows 2000 domain.
EEA enables secure, distributed administration of Microsoft Exchange mailboxes and distribution lists. It provides automated policy enforcement as well as extensive logging and reporting. EEA also has an Exchange distribution list synchronisation tool, which automatically synchronises Exchange distribution lists with changes made in NT group memberships and Onepoint EA Territories.
The core functionality of Onepoint EA (required by all components of the suite) is delivered via an NT service called the EA server. The EA server communicates with the EEA user interface to perform actions selected in that user interface. The EA server software can be loaded on any NT system participating in the domain to be administered.
Running the server setup program, I entered the target machine name and the service account name and password I had created. I set the service to start automatically and chose a home directory for the software. To test the EEA component, I also set some basic Exchange configuration options. My NT system does not support the Active Directory Services Interface, so I installed that as well.
I then started the EA server service and installed the client interface. Mission Critical provides both a command line client and a GUI-based client. The client software can be installed to a network directory, storing a single copy in a central location.
After everything was installed, I ran the GUI client and configured Onepoint EA for use on my test network. Before I could get into any other nuts and bolts of the new components, I had to define Onepoint EA's Territories (which serve as hierarchical subdomains) and delegate authoritative powers to the Deputies controlling the Territories.
Using EDA, I quickly moved users from one Territory to another or between NT domains. Because Onepoint EA performs security translations, migrating users is a snap, even if they have Exchange server mailboxes that also need to be handled.
With this toolkit, NT's unique security identifier (SID) changes were handled automatically; the new SID was inserted in place of the old SID for all of the user's assigned resources. And the Exchange Security Translator correctly translated the security descriptors on the end-users' Exchange mailboxes, organisations, sites, and containers, as well as the primary NT account for each mailbox. Without such functionality, migration would have taken much more time and effort.
EEA let me easily distribute the administration of many common Exchange mailbox administrative tasks to various users. For instance, I easily assigned the tasks of adding and cloning a mailbox, as well as viewing or modifying mailbox properties to a select group of users, while assigning the tasks of handling distribution lists to other users.
Onepoint EA is now a stronger product, wielding a more robust and more scalable set of functionality than similar products, such as Fastlane's DM/Suite. If you're looking for a tool to ease NT management as well as streamline an upcoming migration to Windows 2000, give Mission Critical Software's Onepoint EA a close look.
Mark Joseph Edwards (firstname.lastname@example.org) is a writer and network consultant at Netropolis Technology Group with more than 17 years of experience in the IT industry.
The bottom line: very good
Enterprise Domain Administrator, Enterprise Exchange AdministratorThe two new components integrate tightly with the rest of the Onepoint EA suite and provide a well-rounded array of functionality that can greatly ease Windows NT administration and management headaches.
Pros: Provides domain consolidation and migration; aids in transition to Windows 2000; enables secure administration of Exchange mailboxes.
Cons: No NetWare Directory Service support.
Mission Critical Software: www.missioncritical.comPrice: Enterprise Domain Administrator: $US6 per managed user; Enterprise Exchange Administrator: $US8 per managed user.
Platforms: Server: Windows NT-based system on Intel or Alpha; Client: 16- and 32-bit clients running DOS and Windows on Intel or Alpha platforms.