Microsoft 1 Security, Software Control and Distribution, Documentation

Chapter 3: Change and Configuration Management 43

the user in the appropriate Windows 2000 groups and create the Exchange 2000 mailbox

with the appropriate settings for that user.

Over time, your team will build a set of custom tools that are used frequently to administer

standard changes. Those tools and others will likely be used for implementing larger

changes. Treating these tools and procedures as configuration items and managing their

evolution over time is another example of the close relationship of change management

and configuration management.

Security

A very important part of effective change management is your security infrastructure. If

you do not carefully control who is capable of making which change, you can end up with

undocumented and unauthorized change occurring in your organization. You should

always ensure that your administrators only have rights to perform tasks that they have

been specifically pre-authorized to perform. In Exchange 2000 Server, administrators

require View Only Administrator rights over the Exchange 2000 organization if they are to

create and modify user accounts.

Software Control and Distribution

Updating software represents significant change. It can have a major impact on users, and

as such it should be planned very carefully to ensure that the update has minimal impact

on users. (Occasionally such a change may be urgent, and under those circumstances you

will not have time for thorough planning, but you should still plan as much as possible).

In a multi-national company with distributed administration, one of the challenges can be

to ensure that software updates are distributed as smoothly as possible. One solution to

this is Microsoft Systems Management Server, while another is to use the software assign-

ing and publishing functionality of Windows 2000.

Documentation

Linking all of the change management process together is the very strong need for up-to-

date, complete, and accurate documentation. Without thorough documentation, many of

the benefits of change management will be lost for your organization.

Thorough documentation is invaluable when implementing recurring changes. One of the

main benefits of thorough documentation is that it can turn major or significant change

into minor or standard change. Many changes are major or significant simply because you

have never made them before. But if you have, and you have documented standard proce-

dures that allow you to avoid downtime and periods of poor performance for users, it may

allow your IT executive committee or change advisory board to pre-authorize that change

for the future, significantly reducing the number of steps required to make the change the

next time.

You should ensure that entire process of change is properly documented in the change

management log. The log contains information about the change, including RFC status,