AD Committee Meeting 5/22- Minutes – Rande Enderby

 

Chair Sherry Hays opened the meeting at 1:40 and opened discussion on the goals for the committee.

 

Kevin Hill stated that the reason IFAS has holdouts not joining the IFASDOM domain is due to distrust and their need to retain control.

 

Mike Kanofsky and Chris Leopold stated that we need to create an AD tree that is only IFAS wide, not UF wide.  The idea is to create an empty root tree for UF to join at a later date and only populate IFAS at first.

 

Mike offered that the AD group at Admin affairs should be included in next meeting.

 

Discussion was held regarding Steve Lasley’s draft of “Recommendations for IT Services” is a good start, but needs to be added too and have advantages and disadvantages of AD included. 

 

There should be one person who will confidentially receive email requests for additions or changes.

 

Mark - AD maintenance committee setup after AD in place.

 

Mike – must have local domain controllers

Kevin – Enterprise admin should setup new sites.

 

Purpose: Single point login at least fro IFAS.  Ex. IFAS students can only login and have access to IFAS resources.

 

Scope:  UF wide, but initially IFAS wide.

 

Reliability: Distribution of problems.  Replication is more reliable.  Local admin can fix many problems.  Security is much better.

 

Chris – push AD as an upgrade, not new system.

 

Mike – AD will create much fewer domain admits.  Local admits will have control over OU.  Granularity will let one person have very specific things they can change/add.

 

Mike and Kevin – AD will allow pushing of service packs.   Also allow new computer to be re-installed remotely.

 

Resources:  Time, people and hardware/licensing.

 

2 modes of AD:  Mixed – BDC gets Windows 2000 AD, but still older or NT4 domain controllers.

                           Native – all computers/controllers are Windows 2000 or XP

 

Mark – wants to survey IT people who oppose AD.

 

John – IFAS needs major PR.

 

Mark – ICC should send out the survey.

 

John – IT should send out the survey.

 

Mike – NT4 support will drop within 1 year.  NT4 is 6-7 years old.

 

Mike- setup a test AD group and slowly add users.

 

Richard and Steve – test and documentation should run in parallel.

 

Mark – draft should be an executive summary.

 

Mark – we need to know how many people not in IFASDOM.  How many BDC’s and email for report.

 

Steve’s Document:  summarize summary and include an executive summary.  Summary at top, and slim down paragraphs.

 

Kevin’s Document:  drop solve SMS, drop OU.  Add granularity control, and drop Kerberos v5.

 

Chris – ICC to ITPAC to Dan.  Then Dan works with ICC to produce technical document.

 

Get Dr. Luzar and Dean Cheek and other admits input.

 

Listserve will still remain independent, but help mine AD.

 

Mark will have rough draft of survey in 3 to 4 days.

 

June 7^th, should have draft for ICC.

 

AD next meeting in about 2 weeks.

Sherry Hays Notes

 

 

The ICC Group is looking to move to AD because:

NT is going away and Microsoft will stop making the updates/patches/fixes

            i.e. (In the way SAMAS is going away, NT will be going away also)

Too many Domain administrators

No way to push updates to each machine

 

 

Service Goals:

            Purpose:           Single point login

                                                Students would be able to use their Gatorlink account ID

                                                Staff could go anywhere on campus and have their account travel with them

                       

Scope:                        IFAS-wide initially and UF-wide at a later date

                       

Reliability:  No longer relying on PDC (pier domain controllers)

                                                Exchange 2000 is more reliable

                                                AD distributing replication is more robust

 

Resources:                          Time, people, licensing, hard-drives, servers

                                    Will need money put aside for new hardware and personnel

                                    REC’s will need new BDCs (backup domain controller)

                                    Will need funding for RECs

 

We need to look into sending out an email to all IFAS IT personnel asking them pointed questions about AD and if and why they are or are not a part of IFASDOM.

 

It was mentioned during the meeting that people were refusing to join IFASDOM because they would be giving up control. 

 

An email needs to go out to all IFAS IT personnel reminding them that the ICC group was formed for the IT personnel and they are supposed to be attending the meetings.

 

It was decided that we would use Steve Lasley’s original document and add Kevin Hill’s paper to it and present to the ICC group at our next meeting.  This document would then be presented to the ITPAC Committee at their next meeting.