IFAS COMPUTER COORDINATORS
NOTES FROM September 14th 2007 REGULAR MEETING
A meeting of the ICC was held on Friday, September 14th, 2007. Due to renovations which are ongoing in the ICS conference room, this meeting was moved to Entomology (Bldg 970, Rm 1014). The meeting was chaired and called to order by Steve Lasley, pretty much on time at about 10:01 am.
PRESENT: Twenty members participated.
Remote participants: Tom Barnash, Bill Black, Allan Burrage, Dan Cromer, Chris Fooshee, Francis Ferguson, Mike Ryabin, Louise Ryan, and A. D. Walker.
David Bauldree, Dennis Brown, Andrew Carey, Diana Hagan, Joe Hayden, Nancy Johnson, Winnie Lante, Steve Lasley, Ligia Ortega, Daniel Solano, and Wendy Williams.
STREAMING AUDIO: available here
Agendas were distributed, and the meeting began on time. The battery in the microphone appeared to be dead so we didn't have the usual live audio streaming. We did, however, have the Polycom session streamed via the web and the link for that was announced via the ICC-L; many thanks to Dean Delker for making that available. The Polycom session did not get recorded, but we can thank Dennis Brown for recording this locally. Due to his efforts, we are able to have an audio stream posted now.
Steve noted that George Braun has joined the ICC-L. George works with FAWN in Citra.
We'd like to welcome George and hope he chooses to participate with us in the future.
ICC Alumni News:
Joe Spooner, former CALS IT Director prior to Wendy Williams, and currently a Web Developer with the UF Web Administration Team, had recently provided Steve a list of what he has been up to lately:
- Updated and released new WIPA interface - it's a kludge b/c bluesocket requires that new pages fall inside a table of a page with their own look and feel. Only with CSS can you make it hide. It works great with almost all browsers, but breaks on browsers that do not process CSS. By break, I mean just the design/look and feel. It's completely functional with the bluesocket login prompt, but doesn't have the UF look and feel.
- I recently wrote and released a random prize plugin for our Wordpress installation of the GoGatorNation. Visit gogatornation.com today and enter for your chance to win a prize ;) Prize selection should happen every Friday at 12pm (it's performed by the user).
- We've been busy working on and releasing a workflow application for campus use. It's currently in production with the Graduate school for some of their processes that involve multiple units inside UF and in Tallahassee.
- We released a new version of the Performing Arts web site recently (about 2 months ago)
- We're taking the fall to clean up our shop a little with some programmatic automation and process management. We hope this will free up our time a bit more to do some outreach and stay ahead of the demand curve a little better while reducing daily operating risk.
We really appreciate Joe sharing that. If any of you other alums ever have any news to share, just let Steve know. We would all like to keep in touch with you.
Recap since last meeting:
As per his usual procedure, Steve pointed folks to the notes of the last meeting, without going into any details.
Update from August ITPAC meeting
Steve pointed folks to the detailed notes from the recent ITPAC meeting. You are encouraged to read through those.
UF-IFAS Web Policy and UF-IFAS Domain Name Policy drafts for review and recommendation
Steve introduced the two recommendations which we have been asked to consider. Our charge here is to pass along a recommendation on these matters to ITPAC, with the goal of eventually getting policy implemented via IMM. Steve yielded the floor at this point to Diana Hagan.
Diana explained that the UF-IFAS Web Policy draft document originated with the SFYL web team, but grew beyond the SFYL boundaries. The IFAS web team then began developing the idea more fully, seeking to move it forward. We do need to have policies in place concerning our web. While long periods of unregulated growth led to some marvelous things it also led to undesirable circumstances. We currently have over 700 websites, which is too many for a number of valid technical reasons. We want to create a policy which will allow us to re-organize this into a better, stronger, and more useful web-presence for IFAS.
The policy defines what sites are covered within its purview, describes the various existing UF Policies and guidelines as well as the state and federal laws pertaining to our sites. There has been an Oversight Committee, chaired by Jack Battenfield, and this policy document better defines the roles of that group. The group itself is being reorganized and redefined currently. The authority of the IFAS Web Team Advisory Committee to enforce policy matters is defined as well. The policy document also discusses identity (with the individual responsible for the content being a vital part) and branding issues and web site maintenance (where obsolete content can reflect poorly on the entire organization). Finally, the current draft includes numerous resources which are available to assist with meeting the goals defined by the policy itself.
Ligia Ortega then detailed the UF-IFAS Domain Name Policy draft mentioning that IFAS currently has no domain policy at all. The large number of tiny sites currently within "ifas.ufl.edu" clearly point to the need for such a policy. Having 700+ sites splits the relevance of search hits across all the various websites and consequently dilutes the ratings given. We could greatly improve our presence within web search engines by consolidating these. After carefully going through each of the 700+ websites, Ligia estimates at about 75% can be done away with. This policy really has two parts. The first addresses the policies for creation of new domain names. The second deals with how our current domain name structure is weakening our current web presence and how restructuring that would provide increased value. One of the main challenges for us in getting folks behind this is explaining/demonstrating how this will improve the "searchability" of our content for both ourselves and our clients. IFAS has yet another opportunity to lead the way for the rest of UF--just as we did with Exchange, Active Directory and videoconferencing.
Ligia provided a link to a tutorial on "Optimizing for Users and Search Engines" which was put together by the UF Web Administration group. She mentioned that, while a little long, the resources provided stress accuracy in names of files, folders, and tags within the page itself as well as the importance of adding quality content.
Steve asked how this all related to the search for a content management solution for IFAS. Diana said that the site reorganization proposed by the domain policy would be a necessary first step to migrating to a content management system. Ligia pointed out that we didn't want to migrate in poor content. Steve was concerned, however, that our users would see this as bothering them twice; once with the pain of policy compliance and then again with whatever changes a content management might introduce. Steve wondered if the two couldn't be combined somehow.
Joe Hayden asked if this all referred only to sites hosted on if-srv-web and was told that it related more to the domain name of the URL than the actual machine hosting the material. Steve wondered which departments and centers had their own web servers. Steve suggested that such units might want to take a careful look at these policies to evaluate how they might affect them. Joe mentioned also that there are a number of IFAS sites within the "ufl.edu" domain--i.e. some without "ifas." in the domain name. Ligia said that some of those were legitimate and that we likely couldn't do much about domains already granted at the UF level in any case. Dennis Brown's department of Horticultural Sciences is one on-campus site that has chosen not to move to being hosted by the ITSA group, and which has a domain name outside ifas.
Steve asked if inclusion into a content management system (down-the-road) would be "mandatory" for all. Ligia responded that this policy was written outside the context of any content management system; particularly since we do not yet have one. Diana responded that, in her opinion, there were just too many special circumstances (collaborative sites or sites funded via grants and having to meet particular outside requirements as two examples) for inclusion to ever be mandatory for all. There may, however, be incentives to join based on things like inclusion in an IFAS-level search engine.
Ligia mentioned that the policy included links to resources which people could utilize for assistance in meeting compliance requirements. It wouldn't be reasonable to expect people to comply without providing such assistance. Steve pointed out that roughly half of the web policy document dealt with resources. He felt that those could be better located elsewhere, perhaps linked into the policy itself. His reasoning there is that, for presentation to ITPAC, we would want to provide as simple and concise a policy statement as possible. Steve felt that would increase the ease of understanding the core issues and more likely lead to success.
Steve asked Mark Ross for his opinion on the policy matter. He noted that previous experiences with ITPAC suggested that they were not inclined to recommend any web policies. Steve noted that there was indeed some precedent there. When the issue of handling course sites was raised, the consensus had indeed been that this could be handled as a procedural matter rather than via policy.
Steve suggested that we could take advantage of that; in the meantime, by changing our suggestions on how sites are granted and implemented. For example, the website request page could be modified to not suggest a new .ifas level domain. Rather, it could list the various unit sites and suggest incorporation as a new folder beneath the appropriate location. It makes no sense to continue to suggest (as the current request page does) that clients get new domains in every instance. The first active step we can take--as a procedural matter--is to change our suggestions regarding new sites. Most of those making the requests don't know what is best and may not even care. It is time we started guiding people in the proper direction as that is something directly under our own control.
Mike Ryabin asked how the transition from the old domain names would be handled. Ligia said that those would be redirected for one year. Mike then asked about the timeframe on all this. Steve mentioned that it is difficult to estimate how long it may take to even get a policy approved, let alone get to our final goal of having a well-managed content system for IFAS. The first step is to get a well-conceived policy statement prepared from which we will have foundations set and goals to meet. Obviously, the road will not be easy and will require an increase in staffing levels in order to assist folks in the transition. It is doable however, as has been demonstrated with the success in getting many CEOs to move to the new SFYL format; providing assistance in doing so is a critical step that cannot be overlooked.
Mark mentioned that this will be too difficult to administrate and maintain, however, without a content management system in place. Even with SFYL, certain sites are starting to "stray" because there simply is not the staff available to monitor and assist in correcting problems. That alone should point to the value and absolute necessity for a content management system.
Steve asked Winnie Lante to mention what she is doing in her department to encourage the movement of their course websites to eLearning. Winnie has presented a proposal to the SFRC Faculty Advisory Committee on the matter and received a very favorable response. They intend to move this proposal on to the general faculty meeting for further consideration. Steve complemented Winnie in demonstrating one way in which each of the departmental support folks can assist in steering folks to a more sensible website organization within IFAS. We often tend to overlook the effect we can have at the grassroots level for improving things a little bit at a time. A coordinated effort along these lines could have a great impact even in the absence of central policy.
UF IT Advisory Committee for Network Infrastructure meeting
Steve gave a brief rundown from yesterday's ITAC-NI meeting. Chairman Jack Sabin was unable to make the meeting, so Erik Deumens ran it in his absence. The only specific item on the agenda was to elect a new chairman, and that matter was quickly resolved when Dan Miller volunteered. Dan is not a current member of the committee, but it was assumed that Marc Hoit could easily resolve that detail and Dan was voted in unanimously.
The rest of the hour was spent discussing various items of IT interest and focusing on what issues we may want to address in the coming months. Erik mentioned that the Advisory Committee for the UF Exchange Project had met recently for the first time. Erik is apparently on that committee. Clint Collins asked about how Exchange was picked for this and whether or not any Open Source solutions had been or would be considered. Erik responded that Exchange had already been picked as the application which was to be deployed. Dan Cromer and Tim Fitzpatrick both provided their perspectives on how this project came to be, but basically it comes from IFAS teaming with UF to build a broader-based Exchange solution which, hopefully, would be attractive to others at UF.
Clint mentioned that some costs savings might accrue from using a solution such as Zimbra. He mentioned that the cost was minimal and that it could interoperate with Exchange. He also mentioned that it supported Outlook. Clint thought that this might be even be combined with the Web Calendaring project in some fashion. This project is being built down-up, however and is not a top-down process. This led to later discussion on lack of movement in getting a CIO for UF; it was lamented that most projects (even fairly large ones) are currently only able to be organized by cooperative grouping of existing resources. UF-level oversight for IT reorganization and for enterprise-level projects will be hampered until leadership places a priority on IT at the highest levels.
Dan Cromer asked Tim Fitzpatrick for a status update on the Wallplate Project. Tim said that the project was moving along, but they were a bit behind--mostly because the pre-project migration of units took longer than anticipated. Budget is going to be an issue. At this time it is not known how the current budget issues may affect things.
Tom Livoti reported that he is working on a wireless project which involves wireless service modules (WiSM). This provides great flexibility with centralized management of access points. It does, however, require careful configuration on multiple modules in order to provide the necessary redundancy.
Tim Fitzpatrick was asked about the co-location service. Tim said that not too many are wanting to house their own servers in the CSE machine room currently; rather, more are interested in having applications hosted on centrally owned and managed blades.
Dan Miller expressed interest in a number of projects which HSC is working on, including an agent-less NAC/security compliance solution. 802.1x was discussed as a potential topic for discussion at upcoming meetings.
Steve mentioned to the ICC that he is going to try to convince Dan Miller to provide videoconferencing for the ITAC-NI meetings, provided we can find a suitable venue for doing that. Steve feels that everyone would benefit from having the committee's discussions be more widely available.
Dan Cromer told the ICC that, with its new high-speed connection, MREC is moving ahead with plans for authenticated wireless deployment. As the connection improves at more locations throughout the state, the intention is to provide more of the same services which are enjoyed here on campus. Dan mentioned that we will continue to work through the ITAC-NI committee to see that the needs of our remote locations continue to be addressed and considered in the big picture.
IT Governance sub-committee status report
There has been no reported movement on this standing agenda item; it is still pending high-level hiring decisions.
UF Calendar Project
Prior UF Calendar Project discussion. Wendy Williams had no news to report on this matter. Steve believes the project is basically awaiting the needed commitment of resources; whether that will materialize is not known.
On a similar but separate subject, Mark Ross asked if any of us were familiar with the Extension Calendar. The Perl-based Open Source software on which this is based has "gone under". Dan Cromer reported that Meeting Room Manager is being purchased as a replacement. In looking at this after the meeting, Steve noticed that the Enterprise version of the Meeting Manager software supports Outlook integration for meeting scheduling. In later communication with Dan Cromer, he confirmed that we're ordering the Enterprise version for 50 simultaneous seats.
The UF Exchange Project
Dwight Jesseman was unavailable for an update on this, but we will keep it on our radar and try to keep everyone informed of the progress as the project continues.
The Wallplate Project
There was a status update on this at yesterday's ITAC-NI meeting as briefly mentioned above. Steve is still awaiting the proper time and method to use in addressing his own department's cost concerns regarding the wallplate project.
Recommendation: autogroups for *selected* roles
This is generally not discussed (and wasn't again this month) but is being kept on the agenda for future consideration. Basic role autogroups are now in place within UFAD.
Split DNS solution for UFAD problems
As a standing issue, Steve would like to remind folks that he is investigating alternate solutions for the split DNS issues. Initial tests look promising.
If anyone else would like to help test this, please get with Steve. Since a split-DNS solution is not expected to happen any time soon, this might really help out with our user experience in the meantime.
Listserv confirm settings
Dan Cromer reported that this project is complete! The only list not set for confirmation is the IFAS-ALL-L which is moderated now by Jack Battenfield's office.
Dennis Brown asked about the subnet lists which had been turned off due to high spam levels. Dan Cromer reported that they had all been collapsed into a single list which should be able to handle the roughly 40/yr valid notifications which have historically occurred. After the meeting, Steve heard from Wayne that this list will be "IFASIRT-L@lists.ifas.ufl.edu". Right now it only has Chris Leopold and Wayne on it, but Wayne will get the other folks added as soon as possible.
SharePoint Test Site
Prior SharePoint discussion. Ben Beach was not available and Steve asked if anyone knew about the status. Diana mentioned that the extensive use by EDIS of the Sharepoint test site had caused Ben some problems in moving the "my.ifas.ufl.edu" URL for use as our production WSS site for internal "intranet" use by IFAS. Dan Cromer mentioned that currently the new internal site is hosted as http://our.ifas.ufl.edu. Diana mentioned that the organization of the site still needed some work and that it wouldn't be ready for "IFAS-ALL-L" notification until we address the current need to enter credentials for access.
Virtualization of Core Services
Wayne Hyde had provided details for last month's meeting notes about ITSA's plans regarding virtualization. Since those were not really part of the meeting, but rather incorporated into just the meeting notes, Steve wanted to make everyone aware of those. Andrew Carey reported the good news that they had gotten approval on acquiring the SAN and they were expecting a quote on that from Dell today. That is extremely good news as it promises to allow IFAS to provide for our ever expanding storage needs in a much more robust and redundant environment.
IFAS WebDAV implementation
Still no movement has occurred in getting this documented. Nancy Johnson reported that some of her county users were having difficulty saving files to the 4H subfolder of the main IFAS public folder using http://files.ifas.ufl.edu. One possibility is that these folks do not have their NMB set to an organization within IFAS. Permissions to the public folder are based on the IFAS autogroup. Proper documentation may help with this and similar issues.
Vista TAP and Vista Deployment via SMS and WDS
Andrew Carey has made some real progress on getting our login scripts to run properly with Vista. He has implemented an IF-Co-Managed User-Vista Test GPO (ufad\if-admn credentials required for access) and is controlling use of that via a security group. If you would like to participate in the testing, contact Andrew for inclusion.
This solution runs our logon scripts normally except for when Vista is the OS is being used. For those, it adds the task as a scheduled event rather than running it directly. The only remaining issue is that the script stops working when a user is moved into then out of the Local Administrators group. This is very baffling and we should at least understand the mechanism of that before proceeding to full deployment.
New IFAS IP Plan
No confirmation yet, but this project is believed to be completed--or nearly so. Steve believes he can take this off our project list, but wondered if some of the other dependent projects, such as reinstating the Windows Firewall, might now be considered for moving ahead on.
Exit processes, NMB and permission removal
Prior exit procedure discussion. Dan Cromer suggested that Steve might want to take this item off our project list as well. Dan has completed his work with HR to implement a supplemental exit checklist. Steve believes, however, that this will be an ongoing issue which will require continued monitoring and improvement; thus he would like it to remain as a topic for continued discussion.
Dan also mentioned that there is a new project in the works at UF for consolidating identity management that may involve changing, among other things, how NMB is handled. There is discussion about assigning that to IT staff rather than to Directory Coordinators. Steve asked if anyone had gone to the August 31st "town hall meeting" which (he believed) was seeking input on this. You may recall Mike Conlon's notice for that event:
From: Conlon, Mike
Sent: Monday, August 13, 2007 4:28 PM
To: 'firstname.lastname@example.org'; 'email@example.com'; 'firstname.lastname@example.org'
Subject: Next steps for GatorLink authentication and authorization -- Town
Hall meeting August 31st
Since 1997 the University has been developing its "GatorLink" identity and
access management systems (IAM). A rich and integrated set of services and
capabilities have been developed. GatorLink usernames and passwords can be
used in the enterprise systems, local systems and desktop systems. These
credentials are managed via relationships to directory-managed affiliations.
Password management is based on security roles. Our username and password
management is well-regarded as a model for IAM in higher education.
We would like to consider some improvements to the way in which systems
access and use credentials. Specifically, we would like to:
* Create a true "Web Initial Sign On" (WebISO) environment, in which
credentials can be presented when first needed and users can move
seamlessly between systems. ISIS, myUFL, WebCT, WebMail and many other
systems including local systems should participate in a symmetric WebISO
environment providing a much improved integrated experience for all our
* Use credentials in more of our environments. We should provide simple
and standard ways to use existing credentials for a broader set of
applications, including UNIX and Linux based systems.
* Provide a secure means for partners to authenticate using GatorLink
credentials. We have off-campus partners providing services to our
community. Our community would benefit from the ability to use their
GatorLink credentials with these providers in a secure manner.
* Use group-based information for controlling access where appropriate.
The University has and maintains over 15,000 security groups indicating
membership in course sections, PeopleSoft roles, directory affiliations
and much more. We need a simple, cost effective, multi-platform method
that service providers can use in order for them to use this information
to control access to resources. We would like to provide these new and
important capabilities while building on our successful credential
management and IAM infrastructure.
Some of these capabilities are currently or partially provided using
"GLAuth" and the GatorLink cookie. This technology has served us well and
is used in various ways by various systems. We would like to consider
augmenting or replacing this technology to meet the needs identified above.
A 90 minute town hall style meeting will be held at 1 PM on August 31st in
the Reitz Union Auditorium to discuss the requirements with the university
In addition, I have asked a group of IT practitioners with insight and
experience into GLAuth and the requirements to help with selection of
approaches. Additional meetings may be needed to finalize approaches.
Work could then begin on various implementations as required to implement
the various improvements.
I look forward to meeting with you on the 31st. Please share your
thoughts about these improvements. Your participation will help us make
good choices for improving our IAM capabilities.
Polycom maintenance and contingency planning
Mari Jayne Fredericks had asked for this to be put on the agenda, but then was unable to participate. Consequently, she had asked if this could be deferred to an upcoming meeting. Dan Cromer did report that he is in the process of ordering a great deal of new Polycom hardware for deployment. This will provide Polycom VSX8000 units for the various RECs and VSX7400 units for many of the county sites who do not yet have such facilities. This should allow all our sites to be able to handle H.239 People+Content.
Dan Cromer had made Steve aware yesterday of software called People+Content IP. This allows a Windows computer to connect directly to a Polycom unit and send its desktop as content to an on-going videoconference. The software can be downloaded from Polycom and Dan has also made it available at PPCIP-V1108. Unfortunately, it only runs for a limited time without tithing to Polycom on the order of $500 per the Polycom unit which is being connected.
Dan also mentioned that he will be posting some new versions of the PVX software at \\ad.ufl.edu\IFAS\IT\Public\Software\. One is the current production version and the other is a pre-production "Vista" version which takes good advantage of dual core processors apparently.
Urchin has replaced Live Stats
Mark Ross related that the transition to Urchin has been very smooth. He is happy with its much improved performance over Live Stats in analyzing logs. Mark also mentioned that Urchin is not limited to the last year of data as Live Stats was. It can go back and analyze any period for which log files exist. If there is some particular period for which you wish log information, let Mark know and he will try to locate that. We have extensive archives, but they were not well organized; if you can specify what you need, there is a good chance that Mark can find it.
Mark also noted that he had to obtain more licenses than he really should have due to the huge number of IFAS websites. As one method of controlling the proliferation, he has taken the stance that Urchin not be used for course websites. Moving such sites to eLearning would be a much superior method for instructors to obtain detailed statistics on course site usage.
Listserv upgrade to version 15.0
Dan Cromer had posted a note to the ICC-L about this after-the-fact. There were a few glitches initially which have now been corrected. Steve noted that he had "reprimanded" Chris Leopold (who hung his head in shame :-) at not providing prior notice of the impending upgrade to the ICC. All joking aside, there is no good reason to not provide prior ICC-L notice on all work and changes which have the potential of affecting our users. Steve thinks UF Network Services provides the best example of how this can and should be done. They notify IT staff (via Net-Managers-L) of all planned maintenance items on a regular basis. There is no downside of doing so and making such notifications a part of standard procedure is important.
Steve noted an issue with the default color setting on our custom front page of the listserv. Diana said that this was under the control of the user, but Steve suggested that the defaults should be tweaked and the background removed to improve the contrast of the text links provided there. Steve does not recall ever modifying his settings from the defaults and, in fact, did not know he could.
This was a light month, thankfully, with the only critical patch relating to Windows 2000 machines.
Office 2007 issues update
Steve mentioned that he has found Outlook 2007 to be slow and asked for comments from others. Many are finding their users are beginning to request Office 2007 apparently and Diana noted that the newer version had some advantages in working with SharePoint.
Job Matrix Update status
Dan Cromer had mentioned that Matt Wilson is now the primary contact for the Listserv. This and several other assignments remain incorrectly specified on the job matrix. It would help everyone if this new job matrix link was more regularly maintained.
Admin Helper Script and IE7 update
This item is being left on the agendas so it remains on our radar. Steve suspects that this issue will come back to the forefront as Vista deployment proceeds.
Remedy system status
We had a brief discussion of the woes with this system. Steve feels that the basic problems could be addressed and resolved for the most part if a person was assigned to following through with that. Others felt a different solution may be needed.
Alachua Heart Walk
IFAS IT is signing up team members for the October 13th Alachua Heart Walk. Donna McCraw has created a great promo message "from Bob Dylan" about the Alachua Heart Walk. (Requires the latest Flash player, so if the message is blank, try an update). Please consider joining in this worthy cause.
The meeting was adjourned on time, at about noon.