| IPMA Home | IPMA News |
IPMA News : March 2004
Edited By Mary Ellen Bradley and Dennis Jones
IPMA News : March 2004Edited By Mary Ellen Bradley and Dennis Jones |
|
The State of Washington Enterprise Active Directory
Washington Department of Ecology – Winner – Government Productivity Solution
Washington State’s Enterprise Reporting wins recognition at the Microsoft CIO Summit
Common Reporting Tool Selection Process is Underway
(Note: The IPMA Board did not meet in February.)
-- by Phil Grigg, Department of General Administration, and John Ditto, Department of Information Services
The Enterprise Active Directory marks an exciting new era for the IT enterprise in The State of Washington.
Every day, state agencies use hundreds of common applications, software, services and resources. There is time lost and human/financial resources spent duplicating and reinventing applications. Recent, tough budgetary constraints have demanded a paradigm shift. The technology leadership in the state has turned its attention toward shared access to applications, software, services and resources and the implementation of best practices. The enterprise is moving toward a standardized environment, schema, application programming interfaces (APIs) and an authentication system that is available and secure. The Washington State Enterprise Active Directory Forest provides a common, shared environment that makes greater levels of cooperation possible and, ultimately, reduces costs and optimizes resources.
State agencies have traditionally focused on Point Solutions for LAN/Network applications.
Each agency or department automated cumbersome manual processes to save time, increase accuracy and free staff from repetitive manual tasks. The resulting solutions helped improve workflow, delivery time and customer service. Point solutions have a down side. Agencies may duplicate effort and investment by creating single applications such as time card systems, personnel processes, asset management systems, budget applications, trouble ticket systems and emergency notification systems.
The Enterprise Active Directory may add other potential common-use applications such as: LAN faxing; mobile device services; e-mail virus scanning; offline message archiving; and Internet access to e-mail.
The Enterprise Active Directory Steering Committee, under the guidance of the Customer Advisory Board (CAB), has led the way to create the Enterprise Active Directory Forest to share network resources among agencies and departments. The Enterprise Active Directory Forest provides a common environment within which agencies can jointly share resources, create effective joint solutions for common problems and take advantage of economies of scale.
Agencies in Production - DIS, DOL, DOP, DRS, DSHS, ESD, GA, HCA, LNI, and SSV (AGR, CFC, TIB, OMWBE, GOIA )
Agencies in Pre-Production – DFI, DOH, MIL, OFM, WSP
Agencies in the Lab – ATG, ECY
Resources Available for the Enterprise Active Directory Participants:
There are a number of documents that agencies can utilize to help manage their environments within the Enterprise Active Directory:
Best Practices Active Directory Design for Managing Windows Networks
This
guide provides a step-by-step methodology based on best practices learned from
customers who have already deployed Active Directory™ in their organizations.
The intended audience for this guide is the IT professional responsible for
testing, piloting and rolling out an Active Directory design.
Best Practices Active Directory Deployment for Managing Windows Networks
This
guide assists architects, project managers and consultants with the deployment
of an Active Directory service in a network operating system (NOS). The best
practices deployment methodology encapsulates technical expertise from the
Microsoft Windows Product Group with lessons learned from customers who have
implemented Active Directory.
Security Strategy for Root Domain
This document was developed by identifying
the forest-wide resources that require protection. For each asset, an evaluation
of the related threats, vulnerabilities and constraints was performed to provide
a basis for policies and related control activities.
Welcome Kit for Agencies Joining the Enterprise
This welcome kit provides an
overview of the project plan that new agencies receive when joining the
statewide Windows forest. The kit includes checklists to guide the IT staff in
preparing the application and migration plan for review by the Forest Resource
Group.
Frequently Asked Questions
This document is a reply to the questions posed by
the Enterprise Active Directory Steering Committee. This is a first round of
responses in a developing a document that is open for distribution.
The process for joining the single-root forest typically takes several months to complete. Help is available: agencies planning to implement an Active Directory migration can take advantage of a wealth of best practices and background information.
Agencies will petition to join the Lab where they can rip and tear their environments. They will then join the Pre-Production forest for a period of time where they will ensure their configuration is correct. After a period of time in the Pre-production forest, agencies will be welcomed into the Production Forest.
There are two guiding principles: 1. A design that is simple, easy to explain and easy to maintain is the best investment 2. Possible changes in future technology must be considered when adopting a design
Most important activity — collaboration
Enterprise Activity Directory built by agencies working together
Agencies work together to develop a common application environment, schema and
secure authentication system across the enterprise. As an essential component of
Windows architecture, Enterprise Active Directory acts as a consolidation point
and central authority for streamlining and managing complex directory structures
and system software. Agencies can operate independently and still leverage all
the network information and resources across state government. Sharing
technology, services, software and expertise can mean significant savings for
tight budgets. Focused on improving the efficiency of state government
operations, Active Directory is the right solution for easy, secure and
selective access to applications.
Approved hot fixes for statewide forest
As partner agencies identify problems
in the root or production environments, the Forest Resource Group members,
Microsoft Consulting Services and Premier Support Services will recommend or
require specific critical updates to be applied to domain controllers in between
service pack releases. The hot fixes that have been approved are compiled and
agencies must use the proper links when applying hot fixes to ensure that all
state systems are running the same version of the DLLs.
Smart technology strategy for government
Building
manageability, security, interoperability into the enterprise
The Enterprise Active Directory Steering Committee has approved a number of documents which assist in the Governance of the shared forest:
Change Management Document
This document identifies a key goal of the change
management process: to ensure that all entities affected by a given change are
aware of and understand its impact. The document discusses the change management
process as it attempts to identify all affected systems and processes in order
to mitigate or eliminate any adverse effects.
Escalation Management
This escalation management document defines the
procedure for escalating problems and issues for resolution.
Health Monitoring Plan for Root Domain
The health monitoring plan document
includes procedures and checklists for optimizing the health of the root Active
Directory domain.
Naming Conventions and Standards
Agencies set to deploy Windows within the
Washington state enterprise begin by planning for Active Directory and
developing naming conventions and appropriate standards. This important first
step establishes a reliable way to find network resources across the enterprise,
while maintaining and building a Global Address List (GAL) for mail lookup.
Policy and Requirements Document
The purpose of this document is to provide a
policy and requirements framework for applications using the Active Directory.
Agencies must follow the requirements published by the Forest Application
Developers Committee (FAD) and approved by the Customer Advisory Board (CAB)
Enterprise Active Directory Steering Committee that pertain to Washington’s
Multi-agency Forest Active Directory.
Objects and Attributes
The purpose of these documents is to view the objects
and attribute definitions within the Enterprise Active Directory.
The Enterprise Active Directory has been working well for its members since 2000. There are a number of exciting initiatives on the horizon including Exchange 2003 and Single Sign-on. As more agencies join the Enterprise, the ability to leverage resources and enrich the environment increases.
We are being continually asked to do more in a co-operative manner. The Enterprise Active Directory is a path which enables this guiding principle in our network and communication disciplines.
For more information, call Phil Grigg at 360-902-7452 or John Ditto at 360-902-0349, or visit the Enterprise Active Directory web site.
-- by Debbie Stewart, Enterprise Applications Manager, Department of Ecology
At Microsoft’s Annual CIO meeting on January 14-15, 2004, the Department of Ecology was recognized as the winner of a Microsoft Government Solutions Award for work performed as part of the National Environmental Information Exchange Network, also known as the "Exchange Network".
What is the Exchange Network?
In July, 2000 the Environmental Council of States (ECOS), a national consortium of state and territorial environmental commissioners, charged a workgroup with developing a blueprint for an Exchange Network. This blueprint would serve as a conceptual design for an Internet- and standards-based, secure information systems network that supports the electronic collection, exchange, and integration of high-quality data between the U.S. Environmental Protection Agency (EPA), States, and other partners that use the Internet and standardized data formats. The decision to go forward with the Exchange Network marked the beginning of the transition from the "data push" era to an era where data resides at its source and can be accessed using network nodes, web services, and XML by those who need it from anywhere when their business requirements dictate. In 2002 EPA established a grant program to provide funding to State, Territories, and Federally Recognized Indian Tribes to support the development of the Exchange Network. Since 2002, over $40 million in federal funding have been distributed to support this effort.
What was the Problem with the Existing Solution?
State environmental agencies' inability to efficiently meet EPA reporting requirements due to changing information needs, inefficient information exchange processes, growing data integrity problems, rising system maintenance costs, decreasing budgets, dynamic change of technology, and increasing need to provide rapid data access to environmental agencies and the public.
The Exchange Network will replace and complement the traditional approach to information exchange that currently rely upon States feeding data directly to disparate EPA national data systems.
What was Ecology’s Role?
After exploring several technologies being implemented by other State environmental
agencies, WA Dept. of Ecology established a Network node using Microsoft
technology--specifically, Microsoft Server 2003, IIS 6.0, SQL 2000, .Net
Framework, Web Services add-on to .Net (providing the latest advanced Web
services capabilities), MDAC 2.7, and XML. This environment supports Ecology’s
strategic direction for application development. A Node is a simple
environmental information Web service that initiates requests for information,
processes authorized queries, and sends and receives the requested information
in a standardized XML format.
Using Microsoft technology, WA Dept. of Ecology is recognized nationally as the first state in the nation to have successfully implemented a Node and submitted required data to EPA about regulated facilities. This results in more current information available to other States and the public about regulated facilities, thus improving overall data quality and services to the citizens; and more efficient methods of providing the data, thus improving overall productivity. It also establishes the foundation for future data access/exchanges with EPA, States, and other partners (consultants, tribes, non-profits, etc.) that use the Internet for exchanging/accessing environmental data. The WA Dept. of Ecology is already working with the Oregon Dept. of Environmental Quality to exchange data concerning inter-state shipments of hazardous waste between regulated generators and treatment, storage, and disposal facilities to ensure compliance. In addition, Washington, Oregon, Alaska, and Idaho are collaborating on a project to use this infrastructure to exchange water quality monitoring data between states.
For additional information on the Exchange Network, see www.exchangenetwork.net
-- by Dennis Jones, Statewide Financial Systems Manager, Office of Financial Management
The Department of Social and Health Services (DSHS) and Office of Financial Management (OFM) received a Finalist award at the First Annual Microsoft Government Solutions Awards ceremony as part of the Microsoft Government CIO Summit held January 14 and 15, 2004. The award recognized the productivity improvements gained by the recently completed Financial Reporting Improvement Project (FRIP).
DSHS and OFM partnered in the two-year FRIP project to integrate DSHS’ Cost Allocation System and Financial Reporting System with OFM’s Agency Financial Reporting System (AFRS). The resulting system positioned OFM and DSHS to adapt the Enterprise Reporting System (FASTRACK) to meet DSHS’s financial reporting needs as well as creating additional value for existing Fastrack customers.
DSHS provides a family of programs serving 1.3 million children and families each year. Their internal Financial Reporting System (FRS) and Cost Allocation System (CAS) were used to sustain their extensive financial operations including managing the cost allocation process to maximize federal reimbursements and budget monitoring. These systems did not integrate well with the State’s enterprise-wide financial system (AFRS). As a result thousands of staff hours were spent each year in reconciliation with AFRS and explaining differences to agency management, budget staff and the legislature.
The FRIP project generated an annual savings of $400,000 to taxpayers. In addition, consolidation of these complex systems has greatly simplified systems and data maintenance requirements. Moreover, the successful addition of DSHS to FASTRACK allowed OFM to complete one of the visions for Enterprise Reporting – providing a comprehensive financial data warehouse for all State agencies’ data.
The financial data warehouse resides on the DIS SAN in OB2, occupying about a terabyte of data. Two Microsoft SQL Servers, four report servers and six web servers form the core environment for the solution. Web based report request, report preparation and report delivery are accomplished though Seagate Info 7.5 (now known as Crystal Enterprise).
Achieving a fully populated financial data warehouse has created value for DSHS and other Fastrack users, but it is just one step in the overall vision of Enterprise Financial and Administrative Reporting. More remains to be done. Version 7.5 of Crystal is not meeting the State’s performance requirements and additional capabilities are needed to address ad-hoc reporting, data analysis and access to multiple data sources. See the accompanying article on the DOP / OFM /GA partnership to push towards the next release of Enterprise Reporting.
-- by Dennis Jones, Statewide Financial Systems Manager, Office of Financial Management
Washington State has distributed responsibility for the core Financial and Administrative systems supporting government operations. The office of Financial Management (OFM) has responsibility for providing Accounting and Budgeting systems. The Department of Personnel (DOP) supports Human Resource and Payroll Systems. The Department of General Administration (GA) supports the Purchasing /Supply Chain processes. The Department of Information Services (DIS) provides computing and network infrastructure services. Individual agencies also provide significant systems support to these functions.
OFM and DOP both have data warehouses to support end-user reporting needs. Both of these data warehouses are hosted on Windows servers running Microsoft SQL Server and the future Human Resource Management System (HRMS) will also be hosted on a Microsoft platform. GA plans implementation of a SQL Server data warehouse in 2004 to support the consolidation and reporting of procurement data. Many of the agency end users need access to the information stored in more than one of theses data warehouses as well as their own agency unique data warehouses / data stores. A variety of reporting tools are used to provide users with access to this information. Currently DOP offers access to their data warehouse via MS Access and OFM provides FASTRACK, a web-based reporting tool using Seagate Info 7.5 (now known as Crystal Enterprise). The new SAP HRMS offers yet a different set of reporting tools and capabilities.
DOP is replacing its current Human Resource systems with a commercial HRMS from SAP. This implementation presents opportunities for DOP to enhance or replace its data warehouse and reporting tools. OFM faces a need to upgrade its reporting tools to move to a newer version of Crystal Enterprise or replace Crystal with other reporting tools to enhance the current reporting capability. GA will begin development of their Procurement data warehouse in 2004 biennium. Individual agencies are interested in upgrading their reporting capabilities as reported in a Reporting Tools Survey responded to by 16 agencies in early 2003.
These converging business plans provide a unique opportunity for Central Financial and Administrative systems providers (DOP, OFM, GA and DIS) as well as line agencies to work together toward a common reporting tool direction.
The Central Financial and Administrative systems providers share a vision for a common set of reporting tools to that will:
The tools will meet the needs for:
The tools will provide:
The tools will satisfy the needs of:
The tools will facilitate access to multiple data sources (internal and external) on multiple platforms and work within the State’s security and authorization infrastructure.
In December, the partners evaluated the two incumbent toolsets - SAP and Crystal Decisions’ Crystal Enterprise Version 10 to determine if either one would meet the defined business objectives. (Note that in December 2003, Business Objects, Inc. completed their acquisition Crystal Decisions.) The evaluation in December was based on a set of criteria reflecting the business objectives and a set of vendor demonstrations. Crystal Enterprise was selected as the best toolset to meet the state’s needs. Crystal’s primary advantage is its ability to access multiple data sources / warehouses. SAP is very strong when all of the data can be imported into the SAP business warehouse data store. In addition to the ability to access multiple data sources, including SAP business warehouses, the final evaluation report highlighted the following features of Crystal Enterprise:
To complete the evaluation the partners decided to conduct a proof-of-concept prototype to validate performance, reliability, usability, manageability, scalability and the levels of adaptability of the overall system. Department of Information Systems, General Administration, Department of Personnel, Office of Financial Management as well as partners from Business Objects (Crystal Decisions), Microsoft, Accenture (the SAP implementer) along with a selected group of agency Human Resource and Financial customers are participants in this evaluation. The proof-of-concept is scheduled to complete by March 31, 2004 following a rigorous performance test using the Microsoft lab in Issaquah.
Following successful completion of the proof-of-concept, business plans and deployment strategies will be developed by DOP / Accenture for HRMS reporting and by OFM for upgrading the FASTRACK reporting. In addition, DOP, OFM, GA, DIS, Ecology and Labor & Industries are working with Business Objects to establish a favorable enterprise licensing agreement for the Crystal Decisions tools. For more information contact the proof-of-concept project managers - Ann Bruner at OFM or Debbie Kendall at DOP.
5 Years Ago -- March 1999 IPMA Newsletter
10 Years Ago -- March 1994 IPMA Newsletter
15 Years Ago -- March 1989 IPMA Newsletter
20 Years Ago -- March 1984 Association of Data Processing Managers Newsletter
25 Years Ago -- March 1979 Association of Data Processing Managers Newsletter
IPMA, P.O. Box 1943, Olympia, WA 98507-1943