Active Directory: LSU Overview

  

GROK Overview Banner

General Information

The Information Technology Services uses Active Directory Service, using existing PAWS IDs for access to a campus-wide Windows-based directory. This service is available to all departments in order to create a safer and more reliable Microsoft Windows computing environment at LSU. Departments are not required to create or manage IDs and names because they can rely on the existing student, faculty, and staff member database. This is how students, faculty, and staff members can use the same ID for various applications (my.lsu.edu) and the eduroam wireless and the campus computers in the labs (Windows-based).   The LSU domain is just one of several domains at LSU.  There are others, such as the BIOSCI domain or the SVM domain.  Computers around campus will allow you to log-in to any one of these domains.
 

Eligibility & Order Procedures

Available To:    LSU Technology Support Professionals (TSPs).

Request Service:    Submit a request to the Help Desk  OR  e-mail your request to helpdesk@lsu.edu.

Delivery Time:    5 business days.
 

Confirm Connection to the LSU Domain (lsu.edu)

Join the LSU Domain


 

Advantages & Features

File Sharing: One can share Windows files with any other person using the LSU Active Directory (AD).

Single Logon: The PAWS ID allows one to log into their personal web desktop and access the eduroam wireless network on campus. It also allows one to register computers on campus to utilize DHCP services.

Security: Systems are up-to-date with patches and virus definitions. In addition, joining the LSU AD helps to reduce the risk of security incidents on campus and allows a coordinated response if such an incident takes place.

Departmental services: As part of the LSU AD infrastructure, departments can offer members a variety of services, such as automatic distribution of software.

Infrastructure services: There are a number of other services such as Microsoft Operations Manager, Microsoft Systems Management Server for maintaining desktops, and Microsoft's Exchange e-mail service that work as part of the LSU AD.

Less maintenance: Accounts for all students, staff, and faculty are pulled directly from the mainframe. The responsibility of administering the AD and the servers that support the AD falls to ITS, allowing departmental IT personnel to focus on the needs of their department. In addition, with all workstations included in the AD, Microsoft Software Update Services will be able to push the latest Microsoft security patches to all workstations.

Reduced support costs: Users may contact the ITS Help Desk at 225.578.3375 for issues such as account lock outs. Users can also handle their own password changes via PAWS.

Managed Scalability, Backup, and Disaster Recovery: ITS runs all the domain components, purchases all required hardware and upgrades, and expands hardware as load dictates. Additionally, all domain services are backed up to secure off-site locations, and domain controllers are geographically dispersed across multiple datacenters on campus (and soon across the LONI network).

Advanced Security Services: Systems that are part of LSU’s Active Directory can utilize LSU’s PKI to automatically provision users and computers with certificates. These certificates can be used to secure web servers, databases, and the security of data on departments’ laptops. This encryption helps the department meet the guidelines of the Louisiana Database Breach Notification Law.

  • The main purpose of Active Directory is to provide central authentication and authorization services for Windows based computers.
  • Active Directory also allows administrators to assign policies, deploy software, and apply critical updates to an entire organization.
     

Group Policy

Similar to the "Local Security Policy" available on all Windows NT workstations, the Group policy sets a layer of security on top of the local machine policy: you are in charge of your own Organization Unit Group Policy.  This includes:

  • Mandating that machines have enabled a firewall.
  • Allowing/disallowing installation of printers.
  • Automatic mounting of printers and network drives.
  • Even small changes, like forcing the classic start menu or disallowing users to lock or shutdown their machines.
     

Windows Updates

Regardless of your Group Policy settings, some policies are 'global' such as the downloading and automatic installation of Windows updates.  This means that your Windows Updates will be automatically installed onto your computer without any action on your part.  This is done in order to maintain the security of the LSU network.

  • This does not include service packs. Service packs must be installed by the departmental IT support personnel. 
  • This is because such update exerts an increased load on the LSU network and also because departments have the right to plan for service packs on their own IT timeline.
     

LSU Support & Policy Statements

Help Desk Contact Information

Policy Statements

3717
12/15/2016 1:56:26 PM