Chapter 3: Change and Configuration Management
43
the user in the appropriate Windows 2000 groups and create the Exchange 2000 mailbox
with the appropriate settings for that user.
Over time, your team will build a set of custom tools that are used frequently to administer
standard changes. Those tools and others will likely be used for implementing larger
changes. Treating these tools and procedures as configuration items and managing their
evolution over time is another example of the close relationship of change management
and configuration management.
Security
A very important part of effective change management is your security infrastructure. If
you do not carefully control who is capable of making which change, you can end up with
undocumented and unauthorized change occurring in your organization. You should
always ensure that your administrators only have rights to perform tasks that they have
been specifically pre-authorized to perform. In Exchange 2000 Server, administrators
require View Only Administrator rights over the Exchange 2000 organization if they are to
create and modify user accounts.
Software Control and Distribution
Updating software represents significant change. It can have a major impact on users, and
as such it should be planned very carefully to ensure that the update has minimal impact
on users. (Occasionally such a change may be urgent, and under those circumstances you
will not have time for thorough planning, but you should still plan as much as possible).
In a multi-national company with distributed administration, one of the challenges can be
to ensure that software updates are distributed as smoothly as possible. One solution to
this is Microsoft Systems Management Server, while another is to use the software assign-
ing and publishing functionality of Windows 2000.
Documentation
Linking all of the change management process together is the very strong need for up-to-
date, complete, and accurate documentation. Without thorough documentation, many of
the benefits of change management will be lost for your organization.
Thorough documentation is invaluable when implementing recurring changes. One of the
main benefits of thorough documentation is that it can turn major or significant change
into minor or standard change. Many changes are major or significant simply because you
have never made them before. But if you have, and you have documented standard proce-
dures that allow you to avoid downtime and periods of poor performance for users, it may
allow your IT executive committee or change advisory board to pre-authorize that change
for the future, significantly reducing the number of steps required to make the change the
next time.
You should ensure that entire process of change is properly documented in the change
management log. The log contains information about the change, including RFC status,