Active Directory (AD)
ITS provides and administrates the infrastructure for the AD.UNC.EDU Active Directory. This service includes hosting the AD.UNC.EDU domain controller servers, life cycling those servers, maintaining the domain root level directory structure, and managing any servers hosting/supporting Active Directory Services. ITS provides backup, restore, as well as disaster recovery planning for this infrastructure to maintain this service. ITS will manage, approve, and perform changes to the Active Directory schema. We will provide dynamic DNS name registration for AD.UNC.EDU.
In addition to these functions we will provide the following:
- ITS will monitor the Active Directory domain controllers and related servers for availability and optimal performance.
- ITS will maintain a test environment for development and testing purposes.
- ITS will provide consulting and best practices for using and migrating to the ad.unc.edu domain. See AD Admin Manual for additional information.
- ITS will follow best practices to ensure compliance with UNC-CH IT security standards. See UNC-CH IT Security Standards for additional information.
ITS Windows Domain Services are available to UNC-Chapel Hill faculty, staff, students, retirees, contractors, distance learners, visiting scholars and others who require UNC-Chapel Hill resources to work in conjunction with UNC-Chapel Hill as provisioned by departmental service administrators (OU Admins).
Remedy request via ITS-HELP (http://help.unc.edu/help/olhr/).
Native support for Windows and Mac clients.
Off campus access requires VPN.
Technical Support Contact Information
ITS Service Desk:
- Phone (919) 962-HELP (4357)
- Chat: https://help.unc.edu/chat
- Online Help Request: http://help.unc.edu/help/olhr/
- Twitter: @unchelpdesk
- Facebook: unchelpdesk
- YouTube: unchelpdesk
- Instagram: unchelpdesk
SLA Response Times
Service Level response times to service requests are measured by when a request is submitted to the ITS-Systems remedy group. Other forms of contact may affect the ability to address the request in a timely fashion.
- Critical = 1 hour, 24x7
- Important = 1 Business day, 8-5 M-F
- General = 3 Business days, 8-5 M-F
ITS-Systems collects data on:
- Active Directory Availability
- Service Utilization
- Number of Objects Managed by Departments.
Service Metrics / Service Goal metrics
Availability X/99.9%, X/99.9%
Maintenance for the Active Directory infrastructure is performed as needed depending on patch releases from the vendor. All maintenance impacting Active Directory will be announced a minimum of 14 days in advance, according to established change management procedures. Changes will be scheduled to minimize business impact based on urgency and availability of resources.
Hours Of Operation
- Active Directory is a 24/7 service.
- ITS Systems has a standby rotation to deal with critical issues after normal business hours.
- The ITS Service Desk business hours are 7:30 a.m. to 12:00 am, Monday through Friday, with limited after hours support during off hours. The ITS Service Desk services are not offered during official university closings but customers can still submit their requests via the web at help.unc.edu. (Adverse Weather Policy: http://hr.unc.edu/policies-procedures-systems/spa-employee-policies/leave-and-holidays/adverse-weather-spa/)
- Customer will designate a service administrator (OU Admin) and provide appropriate contact information for that individual. Customer is responsible for maintaining this role.
- Customer will regularly review and follow best practices outlined in the AD Admin Manual.
- Customer will not use Active Directory in a way that will negatively affect other users and abide by the university acceptable use policy. See Acceptable Use Policy for additional information.
- Customer will follow best practices to ensure compliance with UNC-CH IT security standards. See UNC-CH IT security standards for additional information.
- Customer will ensure that all operating systems and installed software on computers in their organizational unit are properly licensed.
- Customer is responsible for ensuring the security of domain computers.
- Customer will consult with ITS Security and ITS Systems before overriding security policy or blocking inheritance of security policy. In addition, Customer will maintain documentation of these policy overrides for business and audit purposes.
- Customer will coordinate any installation, testing or changes with ITS to maintain system integrity. ITS will be notified of any changes via a Remedy ticket to ITS-SYSTEMS.
- Customer will manage all aspects of their organizational unit, the objects contained within that unit, and are responsible for removing access granted via objects from that unit for active directory accounts in alignment with the UNC Chapel Hill Onyen Policy.
- Customer will provide end user support for all computers in their organizational unit and for the users of said computers.
- Customer will submit any requests for service via the Remedy support tracking system. The designated service administrator is responsible for submitting the request, either by creating the Remedy ticket or by contacting the ITS Service Desk.
- Customer will subscribe to the SysAdmins Team in O365 in order to be aware of any notifications about changes that will impact the AD.UNC.EDU Domain service.
- Customer will subscribe to email@example.com or the ITS Change Notices syndication feed at https://its.unc.edu in order to be aware of any notifications about changes that may impact the AD.UNC.EDU Domain service.
- Customer will provide feedback to ITS regarding end-user quality of service.
- Termination of service is the responsibility of the primary service administrator (OU Admin) for the department via remedy request to ITS-Systems. It may be necessary in some cases, in order to adhere to University Policy or other governing requirements or to ensure the security and integrity of the system, for ITS to deprovision accounts, terminate access, remove data or applications, or take other actions on the system without the involvement of the department.
Out of Scope
- Client issues are to be handled by departmental support staff and/or Service Desk until systemic issues are found.
- Customer service administrator (OU Admin) is responsible for applying provisioning and deprovisioning practices for access based on active directory groups they manage and are responsible for providing documentation of that info to Auditors upon request.