School districts have been busy coping with the end of Microsoft's support of Windows XP. But another key end-of-life deadline is just around the corner.
On July 14, 2015, Microsoft will cease extended support for Windows Server 2003. At that point, any server running the operating system could put an entire data center infrastructure at risk for zero-day attacks and other hacker exploits.
Despite budget squeezes and IT resource limitations, district leaders have started developing and implementing an end-of-life survival strategy. "As with many school systems, our biggest challenge is manpower," says James Prudente, director of network operations for the five schools that form New York's Islip Public Schools. "With our four-person IT staff, it's not easy to take on new projects and initiatives while keeping everything running day to day."
It doesn't help that the district is simultaneously rolling out a new Wi-Fi network and Windows 8.1 tablets.
Nevertheless, the IT department has inventoried its servers — it currently has 40 VMware virtual servers running applications on Windows Server 2003 — and developed a migration strategy.
"We've divided the servers into three groups," Prudente explains. "The first consists of internal IT applications, such as network monitoring, OS and software patching, and help desk ticketing, which are under our direct control, run the latest application versions, and benefit from full maintenance and support."
The second group of servers runs a mix of instructional software — some that's up to date, and some that's obsolete and unsupported by developers.
The final group consists of one server running a custom add-on to the district's student management system. "It's not actively developed and has very limited support," Prudente says of the add-on.
By starting with its internally focused applications, "we can fine-tune our migration procedures with minimal impact to our users, and then turn our attention to the second group of servers," Prudente continues.
Next, his team will collaborate with teachers and staff to identify every application in the second group and decide which to retire. For software that is outdated but still used, IT and curricular staff will seek replacement programs or determine if the old software can be migrated to the new server platform.
Prudente is still investigating the scale and challenges presented by the server in the third group. He expects to hire an outside integrator to perform custom work to get the system running on the new version of Windows.
Stay Current or Play It Safe?
Although Windows Server 2012 is the newer variant, many districts are opting to migrate to Windows Server 2008 R2.
Portland (Maine) Public Schools, for example, is moving its transportation database, Active Directory and a student information system add-on to virtual machines and Windows Server 2008 R2.
"The difference between Windows Server 2012 and Windows Server 2003 is so much greater than Windows Server 2008 R2 and 2003," says Ken Hess, an IT analyst and systems administrator. "School systems with limited budgets and expertise are afraid of such a big change. We've also seen some districts run into problems trying to get old network storage solutions — purchased before 2008 — to work with Windows Server 2012, and sometimes even 2008."
Even so, Islip Public Schools is transitioning directly to Windows Server 2012 R2. "We feel that the more current we are now, the further along we'll be before we have to do this again," Prudente says.
The district already has applications running on Windows Server 2012 R2, so the IT team is familiar with the OS and its Active Directory implementation. They also know that Windows Server 2012 R2 works well with their existing FalconStor storage area network. Therefore, migration should be a matter of reinstalling applications on the new Windows Server 2012 R2 virtual machines, backing up and restoring data, testing the upgrade, and bringing the new server into production.
A phased transition is common, Hess says. "Most organizations start with a few occasional users to see that everything is working before connecting heavy users to the new servers," he explains.
Onward to the Cloud
For Portland Public Schools, the end of Windows 2003 support also has jump-started its move to the cloud.
"It often takes too much time to ramp up someone on a new system," says Director of Technology Services Trey Bachner. "Our approach is to let a Software as a Service vendor or cloud service take on more responsibility and focus the IT staff on the end-user experience and more strategic projects."
The 16-school district will begin its shift to SaaS with the internal student assessment system, which currently runs on Windows Server 2003.
Meanwhile, Chapel Hill–Carrboro City (N.C.) Schools is transitioning from Citrix XenApp servers running on Windows Server 2003 to a Google Apps cloud — a move designed to complement its purchase of Lenovo Chromebooks for all 20 schools.
"We're looking at other applications as well to see what we can responsibly move to the cloud," says Dave Scott, the district's IT collaboration manager. He has already noticed that his department's prior focus on server capacity and uptime has shifted to bandwidth capacity and Internet uptime, he adds.
It's possible some things won't migrate, however, adds Director of IT Operations Doug Noell. Older, 32-bit applications may not run on Windows Server 2008 R2, so the district may just keep them on Windows Server 2003. "They don't access the Internet directly and, unlike a home user, we have a strong firewall," he says. "We're considering whether it will be safe to leave them."
Any Windows Server transition brings challenges, and Noell anticipates that migrating Active Directory could be one of the biggest. "There's a lot of risk in building a new AD environment from scratch and migrating all your data to it," he says. "Plus, we'll have to get all of the new drivers to work."
Shelby County Schools is taking a phased approach to its transition. "We moved our [enterprise resource planning] system to an open-source solution, and most of the leftover applications running Windows Server 2003 can be shut down," says Dorren Ball, IT director of infrastructure and system support services for the district of more than 200 schools in southwest Tennessee.
The IT department will first move current Windows 2003 file shares to Windows Server 2008 R2, but the long-term plan calls for a gradual adoption of Windows Server 2012. "That way, we can roll back to 2008 R2 if 2012 doesn't work out," she says.
Windows Server 2003 may not affect as many machines as Windows XP did, but many IT leaders believe the former's end-of-support issues are thornier than the latter's. "Unlike upgrading a desktop OS, where you're dealing with a lot of identical workstations with similar software, every Windows 2003 server upgrade is unique," Prudente says.
How to Ensure a Smooth Migration
Microsoft's end-of-support deadline for Windows Server 2003 is roughly a year away. District leaders who have already started the process agree that those who haven't should begin at once. They also offer the following tips to simplify the transition:
- Conduct a thorough inventory of Windows Server 2003 physical and virtual servers and applications.
- Divide applications into categories based on whether they're deemed critical, less critical, replaceable or "retireable."
- Migrate as many server applications to virtual machines as possible.
- Consider moving to a Software as a Service solution — either from your current vendor or another provider.
- Decide whether being current is more important than moving to a more familiar Windows Server 2008 R2 implementation. Similarly, decide whether it better serves district needs to begin with non-customer-facing applications (to minimize disruptions) or critical applications (to ensure readiness and a secure server environment before the deadline passes).
- Talk to storage vendors to ensure that existing storage area networks and network-attached storage arrays will work with whichever versions of Windows Server and Active Directory you deploy.
- Determine utilization levels on existing server hardware. If they're low, consider moving your new virtual machines to those systems. Analyze hardware requirements and determine whether you need to purchase and configure new systems to support the migration.
- Don't expect to migrate completely over summer break. These transitions are complicated and shouldn't be rushed.