We have all been aware for some time of various deficiencies in the TBI Dipatiukur computer network. Among the most important of these are:

1. The inability to prevent students from tampering with the computer desktop environment. This creates difficulties for other students who want to use the same computer and places a significant administrative burden on computer technicians charged with maintaining a consistent user interface

2. The instability of the current primary operating systems, Windows 95 and Windows 98. Computer freezes and crashes usually necessitate a restart, resulting in lost learning time. If the crash occurs on a file or internet server, numerous computers may be affected simultaneously.

3. The excessive amount of time that must be spent by computer technicians on routine tasks such as changing desktop wallpaper, reinstalling the operating system, configuring network settings, backing up essential data, and purging hard drives of inappropriate internet shortcuts and student files.

4. Slow internet connections due to excessive bandwidth demands placed on the existing network.

To address these problems, and to further ease and enhance the overall user experience for both students and staff, we propose to upgrade the existing computer network from a Windows 9x-based peer-to-peer network to a Windows 2000 server-based network. (The difference between these two types of network configuration will be explained below.) In the process, the existing network topology would be revised to maximize network bandwidth.

The proposed upgrade would offer the following advantages:

• Group-based logon and desktop security, wherein available desktop settings and permissions depend upon group membership, whether student, teacher, staff, DOS, etc.

• Centralized administration of user accounts and shared resources.

• Automatic network configuration of client computers.

• Roaming profiles which allow a user to logon anywhere in the network and have his or her same desktop settings and documents available.

•  Increased security for sensitive documents and databases.

• One-stop backup of all user documents.

• Rapid deployment/redeployment and configuration of new client computers.

• Increased network and client computer reliability.

The disadvantages include:

• Additional expenses. There are minimal hardware requirements that must be met, principally in the area of RAM. Other components may be upgraded at a later date to optimize network performance.

• A higher level of organization and attention to detail on the part of the System Administrator (Sysadmin).

• A somewhat longer startup time and, for machines that do not significantly exceed the minimum 133 MHz processor requirement, slower performance in certain applications. This will decrease with the upgrading of certain components.

The complete network upgrade would be a four-level process, with costs ranging from approximately Rp. 3 million for a fully-functional but slower implementation, to about Rp. 8 million for a faster, optimized configuration. The details will be outlined further on. First we will explain the physical and functional differences between the current and proposed TBI network topologies, including the factors that must be considered before implementing either one. We will follow with a series of scenarios demonstrating some of the facilities available with the upgraded network. Finally, we will outline specific factors that must be assessed before proceeding with an upgrade, including software compatibility, administrative competence, time requirements, and approximate financial costs for the different levels of upgrade.

The Peer-to-Peer, or “Workgroup” Model

In a peer-to-peer, or “workgroup” network such as we now have at TBI, each computer is equal to every other (see Figure 1). Each may function as a client (running programs and accessing files and printers made available over the network), or as a server (providing printers and shared files to client computers), or as both simultaneously. Each computer in the workgroup must be configured individually, whether in regards to user accounts, desktop settings, or network addresses. Logon is specific to a machine—although you can configure two machines with the same username/password combination, the settings for each computer must be made individually, and the user will not have access to the same set of documents stored by default in the My Documents folder.

Peer-to-peer networks are generally best when you have 10 or fewer co-workers who maintain their own computers and want a convenient way to share files, printers, or an internet connection. However, when this kind of network expands to over 30 computers, more than half of which are used by a constantly changing clientele who have little interest in maintaining a consistent desktop interface, then you have a recipe for trouble—or at the very least a stressed system administrator. Settings must be constantly reapplied, connections reconfigured, and entire operating systems reinstalled. The use of

Figure 1: Current TBI Dipatiukur Network

Windows 9x clients exacerbates the situation, since Windows 9x offers very few security barriers to the inquisitive would-be hacker or the innocent but careless neophyte.

The Server, or “Domain-based” Model

In a server- or domain-based network (see accompanying diagram), user accounts and shared resources are consolidated in a small number of domain controllers and member servers. These are computers which run a particular kind of operating system specially equipped and optimized for centralized administration of a domain—a logical grouping of network resources wherein all computers share the same root name.

From a single domain controller, a system administrator can, for example, configure individual user accounts, assign accounts a group membership, and apply specific security policies and desktop settings to those groups. A user logs onto the domain, not an individual computer as in the workgroup model. This makes it possible to disable certain user interface facilities that are either unnecessarily confusing, prone to misuse, or which represent security risks.

Figure 2: Proposed TBI Dipatiukur Network

User account information is stored in a single database (called the Active Directory in a Windows 2000 network) which is replicated (copied) at regular intervals among domain controllers. This provides fault-tolerance: if one domain-controller goes offline for any reason, another is available to service client requests.

Automatic network address configuration and additional administrative and monitoring tools significantly reduce the amount of time technicians spend at individual machines. Routine network-wide tasks such as changing desktop patterns or defragmenting hard drives, for example, can be accomplished right at the domain controller.

The following scenarios (some a bit tongue-in-cheek) demonstrate the various advantages of a Windows 2000 domain over a Windows 9x peer-to-peer network for students and staff of TBI Dipatiukur.

Simplified User Interface. A student sits down at a computer in the study center or computer lab. She is faced with a logon screen which asks for her user name, but which also informs her that if she logs on as “student” there is no need to enter a password. She types in “student” and presses enter. The desktop interface appears, with the TBI logo in the background—or whatever recent bit of advertising the marketing department has cooked up. She’s not too familiar with computers and is a bit nervous. But there on her desktop are clearly-labeled icons showing the programs available to her, including a file called “For New Users” which explains the basics of getting around the system in both English and Indonesian. Relatively speaking, there isn’t much that’s intimidating. The Start Menu contains only items that have been approved for student use. Buttons in Internet Explorer are clearly labeled. Confusing or system-critical controls are either not visible or grayed out.

Group-based Desktop Security. A student comes in and logs on. This one has a computer at home and knows that you can customize the look and feel of the desktop. He gets on the internet and finds a picture of his favorite boy-band. He right clicks on the picture and chooses the Set as wallpaper command. But a raucous beep and error message informs him that he does not have permission to change the desktop wallpaper. He opens up the Display control panel. But although he can still change the screen resolution, the settings on the Background and Appearance tabs do not respond to his inquisitive clicks. He tries to change the position of toolbars and the location of menus, but they won’t budge. Now he’s getting irritated and figures he’ll just try to screw things up a little. He looks for system-critical control panels, but they’re not listed in the Control Panel menu. He tries to open them directly via the system folder, he gets an “access denied” message. He tries to delete some folders and files that are outside of the designated student documents folder: permission denied. He tries to change the settings in Internet Explorer: no luck again. He tries to change network drive mappings: same result. He tries to delete the desktop icons, and…success! So he adds a few of his own icons, including a link to a bestiality site he discovered while mom and dad were asleep, which he cunningly labels “Mickey Mouse Club”. Now he’s got us—or at least, so he thinks. Feeling better, he gets up and leaves. Ten minutes later, the computer—sensing there has been no user-input for some time—sends a message to the screen informing anyone who might still be there that it will execute an automatic logoff after the next 60 seconds. The logoff occurs. Another student then sits down at the same computer and logs on. The desktop appears—but without the sinister Mouse link. In fact, the desktop is exactly the same as the day it was configured by the Sysadmin from his domain controller a few weeks before.

One-stop Administration. Xeno has discovered a new addition for the Website of the Week collection. He logs onto any computer with his username and password. He navigates to a shared folder on the network, called Favorites, which stores the browser links for the student account. Students do not have permission to change these links, but teachers do. Xeno’s membership in the teachers security group allows him to open the Favorites folder, go to the Website of the Week subfolder, and add a link for the new addition. He can even be granted permission to change the default home page on all student web browsers to point to the new site, so that when they open their web browsers it will be the first thing they see.

Transparent Encryption. Simon is working on a highly sensitive appraisal of teacher and staff performance—one that contains phrases like “post-industrial methodology” and “questionable personal hygiene.” He is used to saving files like this on a floppy and keeping it under his pillow when he goes to bed at night. Now, however, he simply saves the file to his personal documents folder on the network—which only he has access to and which is regularly backed up. Simon knows, however, that sneaky Sysadmins usually have (or can easily gain) full access to all folders and files. If these same Sysadmins are in the grips of a Big Brother Complex (which he naturally plans to mention in his report), they might be tempted to have a peek at his files. So he encrypts the file by right-clicking on it, clicking the security tab, and setting the Encrypt checkbox. Now only a person using his username and password (which he alone knows) can view the file.

Remote Access. Rachel, Simon, and Francis are having a meeting at the Jl. Jawa branch. Rachel realizes she’s forgotten to print out some important financial projections that she wanted to share with the DOS’s. Unfortunately, the information she needs is in her documents folder on the Dipatiukur network. She could call up one of the admin people, have her logon to Rachel’s account (compromising her password in the process), print the document, and have it faxed to Jl. Jawa. Or, she could sit down at Francis’s computer (which now has an attached modem and runs Windows 2000 Professional), dial the Dipatiukur Remote Access Service located on one of the server computers in the Admin room, logon to her account, open the file, and print directly to the Jl. Jawa laser printer. She could potentially do the same thing from as far away as Jakarta or Malang.

Remote Administration via Terminal Services.  Ade is spending the day at Jl. Jawa, troubleshooting various configuration problems resulting from that branch’s continued reliance on Windows 9x workgroup networking. It’s mid afternoon—time for his regular check on the Dipatiukur network. He could make a quick run back to Dipatiukur, or he could just assume that everything is okay and leave the check until tomorrow. Instead, he dials up the DU Remote Access Service and logs directly onto the Domain Controller using Windows 2000 Terminal Services. He can now run the Domain Controller exactly as if he were sitting at its keyboard. He checks the error logs and notices that one of the network drives is nearing capacity. This seems odd, so he investigates further and sees that Sisil has stored several gigabytes of Westlife MP3’s in her personal folder, which is located on the same drive as all the other staff folders. He decides it’s time to implement disk quotas, so that certain people don’t use more than their fair share of the limited hard disk space. He configures the settings, and puts a note in Sisil’s desktop folder asking her to remove some of the offending files. He then logs off, closes the remote session, and goes back to work on the Jl. Jawa computers.

Roaming Profiles. Alice needs to prepare a lesson using the computer. Unfortunately, Frank is in the middle of a scheduling frenzy and won’t let anybody near the staffroom computer…

(end excerpt)