IFAS COMPUTER COORDINATORS
(ICC)
NOTES FROM January 11th 2013 REGULAR MEETING
A meeting of the ICC was held on Friday, January 11th, 2013 in the ICS conference room. The meeting was chaired and called to order by Steve Lasley at about 10:00 am.
PRESENT: Twenty-three members participated.
Remote participants: Bill Black, Wei Cao, Dan Cromer, Kevin Hill, Russell Hunter, Al Ibanez, Chris Leopold, Marvin Newman, Scott Owens, Joel Parlin, Mike Ryabin, John Wells, Gary Wilhite, and Alex York.
On-site participants: Jimmy Anuszewski, Dennis Brown, Lance Cozart, Marion Douglas, Francis Ferguson, Steve Lasley, Kamin Miller, Matthew Nash, Earl Sloan, and John Sowers. Ron Fry, Regional Account Manager, for AMX was our special guest.
STREAMING AUDIO: available here
NOTES:
Agendas were distributed and the sign-up sheet was passed around.
Member news:
Steve knew of no membership changes since our December meeting.
Recap since last meeting:
As per his usual procedure, Steve pointed folks to the notes of the last meeting, without going into any details.
Videoconferencing and WAN discussion
[In order to make meeting participation more efficient for Patrick Pettus and James Moore, these two topics have been moved to reside at the top of our agendas.]
Videoconferencing topics (previous discussion)
Video Services support fronted by the UF Computing Help Desk
Updates not available...
Replacing Polycom endpoints with some Lync-based solution (previous discussion)
Updates not available...
Other standing VC topics
End-user Scheduling (previous discussion)
Updates not available...
Possible end-point refresh in the works
Dan Cromer mentioned that Joe Joyce has asked that he prepare a report detailing the costs for replacing our current Polycom infrastructure with the AVer equivalent. Dan will be contacting us shortly requesting details on our local endpoints.
Short buffer times on course VCs
Dennis Brown mentioned having noticed short set up and tear down buffers on bridged VCs for Classes. Dean Delker has taken to making those 5 minutes for many classes to avoid conference overlaps; this has become a greater issue as the number of VCs continues to rise. If you need a longer time between connection and class start time, please talk to Dean to see if that can be arranged.
Digital Signage
Lance Cozart is exploring a digital signage solution based on Visix. He has helped UF obtain a server and Ruth Borger is our contact for content. Lance is also working with Ruth on a wayfinding project that ties into the digital signage stuff.
Lync updates (previous discussion)
Updates not available...
WAN (previous discussion)
Updates from James Moore
Updates not available...
Policy
Authentication Management policy draft (previous discussion)
Updates not available...
New 'Trouble-Ticket' Entry Page for CNS (previous discussion)
Updates not available...
CNS working to implement NAC for UF wireless (previous discussion)
UF wireless still too hard?
Updates not available...
UF Exchange updates (previous discussion)
Outsourcing of student email?
Updates not available...
Outlook asking for re-authentication
Steve mentioned a professor complaining of this just the other day. Kamin Miller said he had noticed that Outlook 2013 actually provides better feedback on the connection issue, in one case it reported credentials needed to be supplied to access the calendar. Al Ibanez said that he sees this on a regular basis as well. This is related to the load on the server apparently; if it doesn't respond quickly enough to a query from the client, the client backs off to additional negotiation methods. It seems to be something which the server guys are unable to resolve completely.
Sakai e-Learning System now in production (previous discussion)
Updates not available...
Alternate IFAS domains in e-mail (previous discussion)
Updates not available...
Electronic Copy - Print Output Cost Reduction program (previous discussion)
Updates not available...
Split DNS solution for UFAD problems (previous discussion)
Updates not available...
Projects
New web cluster (previous discussion)
Updates not available...
Windows 8 Deployment? (previous discussion)
Steven mentioned that Jeremy Moskowitz's "GPAnswers.com" newsletter recently had a link to some great resources on learning Windows 8. http://technet.microsoft.com/en-US/windows/jj687764.aspx?WT.mc_id=MSLS_win8js4itpro has six modules in a "Windows 8 Jump Start" series covering many of the new features; well worth the view.
SCCM for IFAS
Work continues on the central SCCM plans.
Updates not available...
Exit processes, NMB and permission removal (previous discussion)
Updates not available...
Services Documentation: Is a Wiki the way? (previous discussion)
Updates not available...
Operations
Moving from McAfee VirusScan to Microsoft Forefront Endpoint Protection?
Updates not available...
Print server (previous discussion)
Updates not available...
Recording lectures for Distance Education (previous discussion)
Steve is trying to drum up support for some managed end-point recording solution to replace the Accordents which will have to be either replaced or removed from the network after Spring Term 2014 due to being Windows XP based. Steve has discussed this at length with Lance Cozart and both believe (along with Mike Ryabin) that an end-point recorder solution would be more flexible, more cost effective and thus more likely to be used (as many of the Accordents were not) than having some local appliance at each lecture location.
End-point recorders could be joined to bridged VCs for recording purposes and wouldn't have to reside in a particular location. If the control of scheduling and management of the stored files could be distributed out, this solution would be ideal for all. There are a number of solutions that might well meet our needs.
One solution is to record on the bridge, but that service doesn't really seem to have very robust support mainly due to lack of resources. Steve has been able to persuade Patrick Pettus to record a number of his department's classes, and has arranged to get archives of the recordings at the end of the term, but the process is not very comfortable and feels like "best effort" at this time. We truly need a robust solution going ahead as DE becomes a larger and larger component of our study programs.
Steve doesn't feel he has the time or expertise to lead a project but pointed out that the UF Tech Fee program would seem to be a very good avenue to explore for funding. Steve intends to speak with Dan Cromer to see if he might be willing to give Lance Cozart the go ahead on investigating this, as Lance has offered that he would be willing.
New DHCP reservation site created (previous discussion)
You are reminded that Santos Soler has created a new DHCP reservation site which you may use to request reservations.
Restoration of back-ups on the file server
Wayne Hyde intends to document and announce proper usage as time permits.
Membership of ". IFAS-ICC" e-mail distribution group to be narrowed to ICC members only (previous discussion)
Steve will keep this as a standing item on our agendas for now as a reminder. The ICC distribution list is more targeted and restricted to IFAS IT support folks only.
IFAS efforts toward Green IT (previous discussion)
Updates not available...
Creating guest GatorLink accounts: singly or in bulk (previous discussion)
Steve had left this on the agenda in case further discussion was deemed warranted.
DirectAccess pilot (previous discussion)
Alex York is on a UF-level committee investigating implementing MS DirectAccess (DA). That committee, appointed by Tim Fitzpatrick and chaired by Dan Miller, consists of (in addition to Alex) Dan Cromer, Shawn Lander, Chris Griffin, Mark Robinson, Paul Smith, James Oulman, Tom Livoti, Joe Gasper, Andrew Carey, and Iain Moffat.
Alex has taken it upon himself to create a Direct Access pilot system and he asked Steve to help test that over the holidays. Steve has a laptop configured to use that system which he has used at home for testing. Steve said that the user experience is just as if one is connected via wire here on campus; the logon scripts run just as they would under those circumstances. Drive mapping and folder redirection occurs and the user doesn't have to jump through VPN hoops or other special access methods to reach local network services here. The downside involves slowness at startup/login, but the seamlessness of the networking experience makes up for that in Steve's opinion.
Steve did note that Outlook and Lync would sometimes prompt for credentials...presumably due to slowness in connecting; that didn't always happen but was a fairly common occurrence. Steve noted that this connection is a two-way street and would make managing laptop resources much easier; currently it is difficult to catch such units on the network in order to monitor and or patch them remotely.
Steve mentioned that DA does not work over UF wireless currently but that could be implemented if CNS agreed. Alex explained the location server component (on private IP here); if the client can't reach that it assumes it is off-network and brings up the resolution policy table by which it defines a new gateway for domain resources.
Interested individuals are encouraged to contact Alex in order to get a laptop configured for the pilot (which is implemented via Group Policy).
VDI desktops as admin workstations (previous discussion)
Updates not available...
Wayne's Power Tools (previous discussion)
Updates not available...
Computer compliance tool in production (previous discussion)
Updates not available...
Folder permissioning on the IFAS file server (previous discussion)
You are reminded to please take the time to read and implement the new standards. If you have any questions get with Wayne or Steve.
Disabling/deleting computer accounts based on computer password age (previous discussion)
This is yet another matter for which finding time for implementation is proving difficult. Steve wants folks to remember that Andrew Carey had a good plan for dealing with this which perhaps Alex York can find the time to address eventually. In the meantime, it would be very good of each OU Admin to consider mimicking the proposed plan manually by keeping their own records and deleting any computer object which have been disabled for 90 or more days; Wayne's Power Tools can identify those. Steve has finally begun doing that for his own unit and it has made his view within ADUC much more agreeable.
Since BitLocker stores its keys within the computer object in UFAD, Alex York and Chris Leopold are considering scavenging those keys for secure storage elsewhere. That would provide a fallback for decrypting a drive should the associated computer object be deleted.
Core Services status (previous discussion)
Updates not available...
ePO updates (previous discussion)
Updates not available...
Status of SharePoint services (previous discussion)
IFAS migrating to centralized MOSS
Updates not available...
Public folder file deletion policies and procedures status (previous discussion)
Updates not available...
Patching updates... (previous discussion)
Microsoft
The January Microsoft patches included 7 bulletins (2 "Critical", and 5 "Important") covering 12 vulnerabilities in Windows, Microsoft Office, Microsoft Developer Tools, Microsoft Server Software, and Microsoft .NET Framework. A risk assessment is available here.
McAfee provides podcasts on the highlights of each month's offerings.
Adobe
Adobe announced new security patches for Reader and Acrobat and also for (can you guess?) Flash.
Java
Java vulnerabilities are in the news again which is no surprise. Steve hasn't really figured out which way to move on this yet and suspects he will give it a little more time before responding dramatically anyway. Any move is painful and in his experience there will just be yet another Java event begging for response soon. Steve is hoping Oracle produces a patch so he can get that out and move on to other issues. Backing up to version 6 is a very short-term solution since that goes end-of-life in February.
In lieu of removal, one option is to put in v7u10 and disable it in the browser via the new control panel option as mentioned last month in the ICC notes. That would potentially make it relatively easy to re-enable if necessary. Unfortunately, most of Steve's machines are now x64 but have/need the x86 version of Java for the x86 of IE. It appears that this new security setting is unavailable in such instances.
MS Office News update (previous discussion)
Updates not available...
Job Matrix Update status (previous discussion)
Updates not available...
Remedy system status (previous discussion)
Updates not available...
Other Topics
Issues Wednesday AM with various Multi-Purpose Servers (MPS)
There was an issue with numerous MPS servers around the state yesterday that disrupted computing at a number of locations. Kevin Hill wanted to understand what caused that; the problem was resolved but ITSA did not report on the resolution to the ICC-L. Kevin said that his local MPS server was offline. As a result DHCP wasn't running. Because of patch Tuesday there were a number of computers rebooting and they booted back up without an IP address. There is no redundancy there at all, so if the MPS is offline for whatever reason they are dead in the water.
Chris Leopold responded that it appeared that some patch on the servers caused a roughly twenty of them to go into WinRE. Alex York explained that this affected only the MPS VM component of these servers and not the hypervisor or the DC VM component. His best guess is that some patch on the servers caused the issue, but restarting them fixed the issue.
Steve asked Chris about how these servers are monitored and Chris responded that they utilize IPSentry and MOM. Chris had noticed these servers were down when he came in about 7:30 AM at roughly the same time that Kevin reported it. Steve suggested that ITSA make the effort to provide resolution notice to the ICC-L; that helps the support folks understand what transpired and provides us with confidence that the issues are being resolved quickly and appropriately.
Problems accessing http://files.ifas.ufl.edu
Al Ibanez reported that some of his faculty were having problems accessing the file server via the WebDav portal at http://files.ifas.ufl.edu.
Al mentioned that trying to submit credentials throws and error. He is aware that Santos has rebooted something in the past to fix a similar issue, but whatever the cause it appears to be a problem once again. Chris Leopold asked that Al send screen shots of the issue so they could diagnose this further.
VoiceThread: A new service from Academic Technologies
Steve learned of this new service just before the holidays and had shared with the ICC:
"VoiceThread is a new service from Academic Technologies to support teaching and learning. VoiceThread is an interactive collaboration and sharing tool that enables users to add images, documents, and videos, and to which other users can add voice, text, audio files, or video comments. Typically, an instructor creates the initial narrative slides and students then add their comments at any point in the narration. VoiceThreads can be posted on your website or save it to an MP3 or DVD. VoiceThread can be used to simulate conversations and interviews, allow users to critique and comment on interviews and analyze a conversation for body language and other nuances such as tone of voice. In short, VoiceThread allows instructional collaboration centered on communication."
Mark Minasi returning to UF
Don't forget that Mark Minasi is returning as a presenter in UFIT's "Technically Speaking" series on February 6-7, 2013. Mark's talk will focus on Windows 8 and Server 2012. Details are available at http://www.it.ufl.edu/community/events/minasi_content.html. This two day event will not be streamed or recorded so remote folks will have to travel to Gainesville if they wish to see this. Registration is now open so don't delay!
Special Guest: Ron Fry from AMX
Lance Cozart invited Ron Fry to give us a brief overview of AMX's A/V integration and management products. Lance recently designed and installed a system in Entomology based on the DVX-3150HD all-in-one presentation switcher. This system brings system configuration and monitoring within the reach of the average IT support person--something that was not really possible until just recently.
Steve is not going to write detailed notes on Ron's presentation, but will add a few comments which you see following. Our meeting was recorded on the bridge and viewing that would be much better than anything Steve might write. You can view that recording by going to http://mediasite.video.ufl.edu and looking under the "Videoconferences" folder for the "Monthly ICC Meeting" dated "Friday, January 11, 2013". Steve's introduction to Ron's presentation begins at about the "28 minute" point in the stream.
One of the things Steve likes about the new system in Entomology is that all configuration settings can be within a single macro; this means a faculty member simply has to select a single button on the touch panel to configure the system for their particular use. Room 2218 has a powered retractable screen and projector with two TVs on either side of the screen as well as another TV at the back. A Polycom is also integrated. We have different buttons that a user would select if they were using the room PC or have something else plugged into the various wall-plate inputs (HDMI, DVI, VGA, SVideo, Composite Video) with or without Polycom. The touch panel can also be accessed via VNC so Steve can even press that one button remotely for someone.
Should anyone wish to see the AMX system at Entomology, Steve would be glad to give you a tour/demo. Ease of maintenance is one of the main selling points of this system in Steve's mind. Entomology has a Crestron installation in another lecture room and any changes to that system require detailed programming. For example, when a camera needed to be replaced the dealer had to visit multiple times to get the programming correct. This resulted in considerable downtime and expense. With the AMX system, one could simply purchase and install a replacement device (picking one from AMX's broad supported list of manufacturers and devices), make a quick change in RPM and upload the new program.
Veterinary Medicine has a very extensive AMX-based system in their new Small Animal Hospital that you may want to investigate as well. According to Ron, FSU and Nova Southeastern have both standardized on AMX now.
Lance and Ron are investigating making UF a dealer so we could buy direct. That would provide us a very large cost advantage with obtaining the equipment and the support is already excellent. When items are purchased through a dealer it is often much more difficult to get an RMA because one is dealing through a middle-man; until one has suffered through this it is easy to underestimate the value/cost of that. Should we get dealer status, problem resolution would potentially be tremendously streamlined.
AMX has given IFAS 25 client licenses for their enterprise management system and Chris Leopold has rolled an RMS server for us. The next step is to connect that to UFAD so we can distribute access rights more easily. Once RMS is pointed at a DVX unit, it populates with all the assets and their status, including things like projector bulb life, connection status, etc. The next 24 clients adopting AMX here in IFAS will get all this management essentially for free.
The meeting was adjourned about 10 minutes early around 11:50 am.
|