Defining the Administrative Model
Before the computer and networking environment can be managed effectively, an organization and its IT
must first define how the tasks will be assigned and managed. The job of delegating responsibility for the network defines the organization's administrative model. Three different types of administrative modelscentralized, distributed, and mixedcan be used to logically break up the management of the enterprise network between several IT specialists or departments within the organization's IT division. When there is no administrative model, the environment is managed chaotically, and the bulk of work is usually made up of fire-fighting. Server updates and modifications must more frequently be performed on the spot without proper testing. Also, when administrative or maintenance
are not performed correctly or consistently, securing the environment and auditing administrative events are nearly
. Environments that do not follow an administrative model are administered reactively rather than proactively.
To choose or define the correct administrative model, the organization must discover what services are needed in each location and where the administrators with the skills to manage these services are located. Placing administrators in remote offices that require very little IT administration might be a waste of money, but when the small group is
of VIPs in the company, it might be a good idea to give these elite users the highest level of service available.
The Centralized Administration Model
The centralized administration model is simple in concept: All the IT-
administration is controlled by one group, usually located at one physical location. In the centralized model, all the critical servers are housed in one or a few locations instead of distributed at each location. This arrangement allows for a central backup and always having the correct IT staff member available when a server fails. For example, if an organization uses the Microsoft Exchange 2003 messaging server and a server is located at each site, a qualified staff member might not be available at each location if data or the entire server must be recovered from backup. In such a scenario, administration would need to be handled remotely if possible, but in a centralized administration model, both the Exchange Server 2003 administrator and the servers would be located in the same location, enabling recovery and administration to be handled as
and effectively as possible.
The Distributed Administration Model
The distributed administration model is the
of the centralized model in that tasks can be divided among IT and non-IT staff
in various locations. The rights to perform administrative tasks can be granted based on geography, department, or job function. Also, administrative control can be granted for a specific network service such as DNS or DHCP. This allows separation of server and workstation administration without giving unqualified administrators the rights to modify network settings or security.
Windows Server 2003 systems allow for granular administrative rights and permissions, giving enterprise administrators more flexibility when assigning tasks to staff members. Distributed administration based only on geographical proximity is commonly found among organizations. After all, if a physical visit to the server, workstation, or network device is needed, having the
qualified administrator responsible for it might
The Mixed Administration Model
The mixed administration model is a mix of administrative responsibilities, using both centralized and distributed administration. One example could be that all security policies and standard server configurations are defined from a central site or headquarters, but the implementation and management of servers are defined by physical location, limiting administrators from changing configurations on servers in other locations. Also, the rights to manage only specified
accounts can be granted to provide even more distributed administration on a per-site or per-department basis.