Responsibilities

Functions of the Network and Systems Administration:

The immediate tasks of the Network and Systems Administration include the central user administration, maintenance and monitoring of web and file servers, data backup of important data files, the provision of printing services and the installation of standard software for Windows, UNIX and Linux. We also work close to the System Administration of the Research Groups and the Central Computer Administration of the University to offer quick assistance when solving problems with the computers and the infrastructure of the Heinz Nixdorf Institute.

Consolidation and renewal

The IT landscape has changed considerably throughout the years. While we previously used UNIX-based clients that have access to a Unix-based infrastructure, nowadays we mainly use Windows-based clients. Today, about ninety percent of existing clients at the Heinz Nixdorf Institute are running on Windows, yet still use UNIX-based file, print and Web services. This heterogeneity results in advantages as well as disadvantages. Firstly, security related problems on either side, like viruses, worms or other malicious software, won’t affect the other side as much as it would be the case in a homogeneous infrastructure. Because of this it is possible for us to maintain avaiability for large parts of the system, even if there are acute problems. Exceptions are, of course, failures of key components, such as the firewall or the central file server. On the other hand we have to support two completely different systems with different mechanisms and have to create interfaces between them. Today we have standard software for this. However, the effort to support it is relatively high. We are always striving for a transparent user access to the resources of the Heinz Nixdorf Institute, which works regardless of the client.

For this reason the Network and Systems Administration continued its strategy for the consolidation of the infrastructure, launched in 2005, by strengthening and consolidating the previously separate user databases of UNIX and Windows clients in one database. Along with this we also unified the authentication mechanisms to ensure the safe access to the resources of the Heinz Nixdorf Institute. This allowed us to respond to the changing conditions in the central data center of the university and establish a transparent access for all members of the university to the resources of the Heinz Nixdorf Institute. This means that all members of the University can, with our approval, use the resources and computers of the Heinz Nixdorf Institute with their university login and password.

For this the Network and Systems Administration transferred user management to the Microsoft Active Directory, so that all clients and services use the standardized protocol LDAP (Lightweight Directory Access Protocol) to gain access to necessary user information. For authentication, we also use the standardized Kerberos system. This provides a unified and secure authentication to all resources of the Heinz Nixdorf Institute, since no passwords must be transmitted. The use of tickets can also be used to acquire rights to other ressources of the Heinz Nixdorf Institute without the need to reauthenticate access. For this we had to strongly rebuild the network infrastructure. The first step was the conversion of IP addresses from private to public IP address ranges. In addition, the Active Directory domain has been adapted to the changing conditions and was further developed so that the Heinz Nixdorf Institute now has a flexible, powerful and future-oriented environment in which Windows and UNIX clients can fit.

The Network and Systems Administration takes care of following services:

 

  • User administration
  • Data backup
  • Mailserver
  • Webserver (inclusive requesting additional domains)
  • Printing Services
  • Windows Server 2008-R2 Infrastructure
  • Standardsoftware-environment UNIX
  • Standardsoftware-environment Windows 7
  • Security (patches, virus scanner, service-package)
  • SSH and VPN access to the HNI network
  • Acquisition of computer-hardware and accessories (hard disks, printer ...)
  • video projector at the HNI entrance-area
  • Telephone support concerning windows-specific inquiries
  • Administration of single-place software licenses

Inquiries concerning Windows have to propose by email to rb@hni.uni-paderborn.de, thus they come automatically to the order system. Such orders can be taken directly by undergraduate assistants, apprentices or laboratory engineers.

Tasks of the undergraduate assistants or apprentices:

  • Operating system installations
  • Production and installation of new standard software packages with documentation
  • Reply of user inquiries

Special software, which is needed only in one research group, must be installed by the respective laboratory engineer. To make this installation easy and ready for future use it should be created as installation-package for each program which can be used like a standard-package. The Network and Systems Administration provides help with the structure of packages.

The additional tasks for laboratory engineers divide into:

  • Construction of AG-specific software packages
  • Solving of user requests concerning Windows-problems
  • Administration of single place licenses for software

Licensing procedures, which need a license server are still handled by the Network and Systems Administration. Server-based licensing procedures are to be preferred because of higher flexibility.

To coordinate those tasks we hold meetings between the Network and Systems Administration and the laboratory engineers in regular intervals.