IFAS COMPUTER COORDINATORS
NOTES FROM October 13th 2006 REGULAR MEETING
A meeting of the ICC was held on Friday, October 13th, 2006. The meeting was chaired and called to order by Steve Lasley, at 10:00 a.m. in the ICS conference room.
PRESENT: Fifteen members participated.
Remote participants: Francis Ferguson, Chris Fooshee, Mike Ryabin, and Mitch Thompson.
David Bauldree, Dennis Brown, Dan Cromer, Marion Douglas, Joe Hayden, Wayne Hyde, Dwight Jesseman, Winnie Lante, Steve Lasley, Mark Ross, and Joe Spooner.
Chris Hughes visited as our honored guest.
STREAMING AUDIO: available here
Agendas were distributed and the meeting was called to order at on time at 10 AM.
There were no new members added since the last meeting, but Steve mentioned that he had heard that Ligia Ortega had left the IFAS web team and more recently Scott Weinberg has left as well.
Recap since last meeting:
As per his usual procedure, Steve pointed folks to the notes of the last meeting, without going into any details.
ICC OU Admin Peer Training plans:
ICC OU Admin Peer Training is being planned for November 7th, 1-4pm in McCarty G001. There are still a couple of seats left if others wish to attend; Steve received 18 requests for local participation and 9 requests for remote participation via Polycom from 8 different locations. Response details are available here. Steve did not, however, get much response to his query for what issues folks wished covered. Your input is critical to making this session as good as it can be. Please take the time to let Steve know your thoughts on that.
Upcoming ITPAC meeting on November 16th
There will be an ITPAC meeting mid-November, so if anyone has any issues they wish to be addressed there, please let Steve know.
IT Governance sub-committee status report
Dan Cromerr mentioned that the UF IT Governance Task Committee is meeting again to today and that Jan takes minutes which are posted for those who wish to keep informed. Their meeting schedule has been bi-weekly. Dan said that they had basically decided to use the Weill and Ross model.
Steve asked Dan to segue into the topic of the CNS proposal to host servers which was slated for near the end of the agenda but seemed to possibly fit into a discussion of UF IT Reorg. Dan wanted everyone to be aware of the service and noted that some of the IFAS 24/7 type services such as Fawn, DDIS, and FSART have been hosted there for the last two years. The IFAS server room does not have a generator or 24/7 personnel, so housing those there offers greater service protection. We pay approximately $350 a month for that. Also, we plan to place a mirror server set in Atlanta to further increase the robustness of these services.
Steve asked if Dan would still offer the IFAS server room as the first choice, should a unit come to him looking to house a server. Dan answered that he would, because there is currently no cost to a unit for doing that. He said that he wasn't sure that this was going to continue to be the case perpetually, however. We currently have 67 servers in our machine room. Dan speculated that we might merge web servers with UF in the long term, as we have done with Exchange. That is yet to be seen, however.
There was a discussion about the feasibility of cost recovery within IFAS. Joe Hayden said that much of IFAS is forbidden to charge for services. According to Joe Spooner, a unit must have an "auxiliary" account and generate more than $10k a year on that account in order to be able to charge; Joe had looked into charging for printing in his labs and it was not feasible under the rules (two years ago). Joe Hayden mentioned that there have been exceptions made for extension purposes and that all sorts of little loopholes are built-in for IFAS.
Recommendation: autogroups for *selected* roles
Steve once again wanted to refer ICC members to earlier discussion so they might consider this matter as time allowed.
IFAS Remedy System
Steve related that Dwight Jesseman had just shared with him a new Remedy interface. Dwight said that the UF Help Desk has a Spring target date for putting this into use for IFAS. You may view the new interface at http://at.ufl.edu/~hdweb. It looks to be very much improved and Adam Bellaire has done a remarkable job from first appearances.
Steve mentioned that he did not know what improvements have been made on the back-end, if any; nor did he know whether this new interface had any features which would help address the notification processes within the IFAS hierarchy. He did note that Dr. Hoit has plans to extend the use of Remedy more broadly throughout UF, in a similar manner to how it was done with IFAS. Since IFAS IT seems not to be interested in pushing for a resolution to the notification issues, it is certainly hoped that current development may impact that in a favorable way without our input.
Mark Ross said that he has been using the Remedy system more so that he doesn't overload our understaffed IT/SA group. He reported getting good response to tickets which he had initiated, although he received few e-mailed follow-up responses and those were rather obtuse; he hopes end users are getting better hand-holding in that regard. It really helps when client notification is done as part of closing a ticket. Steve would like to commend Dean Delker on the excellent job he does with end-user notification for new IFAS mailboxes; that is the sort of response that would be great to have for all ticket closings. Steve would recommend developing standard templates for those responses which could be easily inserted (with appropriate editing) in order to facilitate that. Steve also would like to note that Dean has been very diligent in cc'ing him along with those notices when a mailbox is created for one of Steve's users.
At this point Steve mentioned our current DHCP server issues and Dwight explained the status of that. While providing e-mail support for IFAS now from the UF level, Dwight is currently devoted part-time to special IFAS projects. The DHCP server is one of those. Currently, deleting an item which is no longer being used from the DHCP server, such as a scope, corrupts the DHCP database in varying ways and the reservations and other settings must then be reloaded from a backup. Dwight intends to talk with Microsoft about this, but expects it to be somewhat difficult to solve because of it being a critical production service which can't easily be taken down for testing and diagnostics. Joe Hayden and Mark Ross suggested trying to isolate whether it was a problem with the DHCP database or with the server itself; Mark thought that a virtual server platform might be employed to test the database separately.
IFAS WebDAV implementation
As of our last meeting this was approved by the ICC and is awaiting documentation prior to announcement. Steve inquired as to the status of that. Dwight reported that Diana Hagan has been working on that but he did not know the current status.
Note from future: Dwight located information on this matter. Diana's tentative documentation is viewable at http://edis-symposium.pbwiki.com/SharingFiles. There is a link entitled "BensEmail" there which offers some proposed verbiage. Diana may be contacted to ascertain current status.
Vista TAP and Vista Deployment via SMS and WDS
Steve mentioned having forwarded to the ICC group a "Vista questions from UF Vista TAP group" e-mail from Erik Schmidt that iterated some remaining administrative issues of concern. Dwight asked if anyone from the ICC goes to the meetings. As far as we know, only Torrance Zellner from the Help Desk is participating, and we have heard no details from him about that. Steve asked for a poll of how many ICCers were not on the "Vista-TAP" list. There were enough of those that Steve mentioned he would forward future postings to the ICC for the benefit of all.
Note from future: Torrance has apparently been out several weeks for ankle surgery, so IFAS may have had very little contact with that group lately.
Removal of WINS
This issue has been tabled indefinitely.
New IFAS IP Plan
Chris Leopold could not make it to the meeting, but Steve noted that the IT/SA group is extremely busy and falling behind with even the day-to-day. Many projects have had to be placed on hold until staffing levels can be brought back up to mere starvation levels.
Move to IF-SRV-WEB
Interviews are underway and we hope to offer the IT Expert web position to one of the candidates by the end of next week. Shortly thereafter we will be interviewing to replace the Chris Hughes position. Dan Cromer mentioned that Joe Joyce is aware of the staffing problems and that he has been amenable to considering filling Jenny Brewer's old position (which has been vacant for some time). That would not happen until Marshall and Chris are both replaced and a reassessment was done, however. This is somewhat positive, but one might wonder why waiting is even necessary; we all well know that the extra position is sorely needed just as soon as possible.
Dan mentioned another complication, which is that Richard Lee has tendered his resignation. Dan wants to change that DBA/SQL position to "IT Expert" from "Assistant In", and needs to fill that as soon as possible as well. That position is critical to Unifas, HR, the Directory and all applications which require databases. Steve suspects ther would be a tough transition period for a new person coming into this position; lack of documentation might be quite an issue in getting up to speed. Mark mentioned that this position is certainly critical to some very core IFAS services.
Exit processes, NMB and permission removal
Prior exit procedure discussion. The GLAM project is now scheduled to be fully deployed by mid November. Steve developed some notes from the presentation which Mike Conlon is presenting on this (ufad\if-admn credentials required).
Dan mentioned that he had spoken with Mary Anne Morgan, our new HR director, about future prospects for automation based on the GLAM project. He also received her agreement for adding "computer account management" as a part of the exit checklist for anyone leaving. They discussed the importance of units actually following a formal exit procedure as well. Dan believes these matters should help things a bit.
Steve asked if Daniel Halsey had begun investigating BizTalk message consumption; Dan replied that life had gotten in the way of that for now. Daniel has been busy revising the FSART site due to the blocking of one of its applications by a participating university's firewall.
Listserv confirm settings
Administration had asked Dan Cromer to investigate all possibilities for addressing our listserv/spam issues due to the fact that they feared a list sender might forget about the confirmation and consequently an important notice might not go out in a timely fashion. Consequently, Dan now proposed yet another alternative solution to our listserv/spam problem. He wants to change all our lists so that only subscribers can post. In itself, that would cause a problem for IFAS employees at county offices who have their e-mail clients configured to use their county addresses. To resolve that for our dynamic lists, Dan would then want to change the e-mail fields in the IFAS Directory for those individuals so that their entries contained their county addresses--as per their Gatorlink forwarding address.
This proposal was not well received. Discussion by the ICC focused on a number of drawbacks. First of all, this would not stop spam from spoofed addresses. It would also cause dynamic lists, in some cases, to send to other than the official UF business address; unifying those addresses had been a key point in our recent changes to the way e-mail addressing is handling within IFAS, and would threaten to partially unravel that. As a corollary to that, the e-mail entries in the printed IFAS directory for those individuals would then list something other than their official UF business e-mail address as their IFAS published contact information--this would seem to violate the IFAS IMM regarding e-mail standardization. For such dynamic lists, mailings to people with alternative addresses would then bypass the Gatorlink system entirely, removing the user-controlled Gatorlink e-mail forwarding configuration from its key position in our e-mailing processes.
Dwight is concerned that such a scheme would add confusion back into the considerable work which was done to make our address database uniform in nature. Mark Ross believed there might be other unforeseen consequences as well which could lead to other things breaking. Plus we would be dependent on our Directory Liaisons, many of whom are not maintaining that database properly or at all. Also, list owners with alternative addresses might have some confusion with such a configuration when it came to managing their lists.
Steve suggested that, if this plan was to be implemented, it might be better to add another field via an insert query to the IFAS Directory which would retain the official UF business address there for everyone as well. If we could pull from the UF Directory, we could access the Gatorlink forwarding addresses directly and handle this all programmatically; should an address be set to "@my.ifas.ufl.edu", a dynamic list could build a "GL@ufl.edu" version--otherwise using the forwarding address as is. That would remove the weak Directory Liaison link from the picture at least.
In short, and as per all previous such discussions, everyone in the ICC still prefers that confirmation be implemented as per the ICC and ITPAC recommendations. Winnie Lante has successfully moved a number of her departmental lists to confirm without issue. During our meeting, Joe Spooner asked John Bevis via e-mail for clarification on how this matter is handled at UF as follows:
I'm curious about the UFL listservs.
1. Do you always, by default, setup the listerv to confirm messages
that are sent to the list?
2. Are all the college undergrad and grad listservs (not just CALS)
setup to have messages confirm?
I'm helping out on a listserv policy question here in IFAS and wanted
to see what you guys do as a comparison.
John Bevis responded:
Setting lists to use the confirm option (ie, Send=xxx,Confirm) is
relatively new for us. Most of the lists I create are set up that way.
However, the automated creation script run via a link on
http://lists.ufl.edu does not include the confirm keyword in the list
header it generates. I'm almost certain some of the college undergrad
and grad lists pre-date when I started the use confirm and probably
don't have it set.
From a policy perspective I do think we should use confirm on all of
these lists. It is one of the few protections for a list that REALLY
Winnie suggested that a trial confirmation be set for one list so that administration might try out the confirm experience; they may just find that it is not as big a problem as they fear.
Dan concluded our discussion of this matter by emphasizing that IFAS will have a continuing need for our own Directory shadow system due to the fact that PeopleSoft does not maintain all of the relationships which we require for our business processes. The long term plan, however, is to automatically update those portions of that directory which are mere duplications of existing UF-centralized information--merging that with our related extensions. In the meantime, we need our Directory Liaisons to continue to maintain this database independently. Dan intends to put out a message to those liaisons which emphasizes this need.
Status of our Public folder file deletion policies and procedures
This is another example of an implementation that has been on hold due to improper staffing levels and the lack of time to follow-up with such matters. Implementation, as previous discussed, is awaiting documentation. Dwight had solicited input on the wording of his e-mail notice (again, see previous discussion) from Wayne Hyde and Steve Lasley but has not received that. Steve feels the notice should point to web-based documentation and will try to formulate what he thinks should be included in addition to those aspects that were discussed previously. Once documentation is in place, the actual deletion policy can be implemented as per prior ICC discussion. Dan Cromer suggested that this be combined with the documentation about the IFAS WebDAV implementation so that a single notification of both could be made to the IFAS-ALL.
Dwight Jesseman: move to Tigert Hall and contact info
Dwight currently has two offices. His primary office is in Tigert Hall, room 328. Dwight shares that office with the "network guys" of OIT's ITSS (Server Support). Dwight also is using the office within IFAS IT formerly occupied by Chris Hughes, room 214. Dwight will retain this second office, at least until the end of the year, in order to assist with IFAS projects other than e-mail. He is dedicating approximately 10 hours a week to these other matters. Dwight stated that the Remedy system would be his preferred method for people to contact him. Dwight does not have a direct phone line in Tigert.
Deleting of mailboxes for users in the "Other" OU
Dwight had sent an e-mail to the ICC on 9-11-06 that contained a list of people within the Other OU who still have an IFAS mailbox (These are users for whom an IFAS NMB had been removed without following associated established exit procedures (ufad\if-admn credentials required) for requesting mailbox removal (ufad\if-admn credentials required).
Dwight sought and received the go-ahead to proceed with this; the mailboxes will be disabled for 30 days and thereafter deleted. Additionally, Dwight will send an e-mail to those folks on the slim chance that they might receive that and respond.
Placing the back-end Exchange servers on private IP's
Dwight had sent an e-mail to the ICC on 8-1-06 concerning the need to move our Exchange back-end servers to private IP. His concern there was Macintosh users who might be connecting directly to those and for whom this transition would cause problems. It is a simple matter of changing the client configuration and the ICC gave its blessing for Dwight to proceed with the IP changes. This will happen on some upcoming Sunday morning and Dwight will let the ICC know the exact date and time prior. Dan Cromer added that Dwight should make certain that Dr. McLellan is configured properly so this would not affect him.
IE7 via Automatic Update
IE7 is targeted for release on Wednesday, October 18, at 9 p.m. and is due to be deployed by Microsoft via automatic update during the normal November update cycle. Steve has been using it and sees little problem with allowing that to proceed.
IM usage for IT support
Mike Ryabin had wanted to discuss the use of IM among IFAS IT for support purposes--particular for video conference support. He had had difficulties getting assistance from Video Services when problems arose with Distance Education Classes at Ft. Lauderdale; there is often nobody staffing the phones at video services. Mike had written:
I'd like to see one IM app that everyone would agree to use so we
wouldn't have to wonder around looking to for links. I personally
don't use IM except for work and therefore, wouldn't have any
preference to a particular vendor. I'm currently connected to
Exodus and Win.Messenger, both work fine for me. Going by
previous experience, the place where I worked before UF was using
Sametime Connect running on a Domino Server. It was primarily for
the enterprise use, based on the Lotus Notes email addresses and
with some capabilities of connecting to other IM's such as Yahoo,
MSN, etc. From that comparison point, Exodus might be more
suitable for our environment although not necessarily the primary
Prior discussion within the ICC had indicated a preference for using UF's jabber server and that seemed to be the continuing consensus. Contacts there are based on Gatorlink, so there would be no need to hunt for those or provide a separate directory. The next step would be for someone to evangelize this to all ICCers so that running a jabber client at startup became part of each of our usual practices. Apparently, both Exodus and Gaim work fine, with the latter supporting a number of other IM services in addition to Jabber. Steve will plan an upcoming poll of the ICC to see who is running such a client regularly and whether or not we can each agree to implement that practice.
Note from future: Response from the ICC was, for the most part, either favorable or non-existent.
In the longer term, MS Live Meeting would be perhaps an even better solution. Chris Hughes said that this would not be very expensive, with the standard edition of that being about $1200 and we could buy CALS for the tech support people. This would allow the use of Live Messenger for IM-style interaction. The Enterprise CALS suite, if supported by the Campus Agreement, would include the necessary licensing for this. This is an option that could be addressed for UF at the October 2007 renewal time.
Dan Cromer said, with regards to the VC issue, he would contact Patrick Pettus and Justin Stone about the matter.
VM Server Hosting by IFAS IT
Joe Spooner asked about the possibility of IFAS IT hosting some Windows Server VMs for various testing purposes. Dan seemed amenable to that suggestion, provided hardware was available. Dwight stated that a server is on order to provide virtual server service for a number of IFAS processes. Once that is in place, and if loads warrant, then that machine would be available for that purpose. The new virtual server will free up off-service-contract machines for testing purposes down the road as well.
Mark Ross has been trying to help Richard Phalen set up a bunch of machines. Mark had RIS working in the past with his own DHCP server, but something happened to break that; Mark suspects some settings on the switches as preventing that from working for Richard. Mark using the IFAS DHCP server for that, but was unsuccessful due to the lack of needed drivers there. Mark asked if there was interest within the ICC for having a central RIS service. If so, he would volunteer to maintain that in the IFAS machine room and even provide the hardware himself if necessary. Steve mentioned that potential usage by the Help Desk would alone seem to justify an effort there. Chris Hughes suggested that it might not be quite that easy due to the way the broadcasts for RIS go out; if the RIS service is not hosted on the DHCP server, Chris believes we would have issues with the IP forwarders. From the Microsoft documentation Mark has seen, where the RIS and DHCP servers are hosted separately, he thinks there must be a way to do this.
Dan Cromer supported pursuing investigation of this provide a machine was available. Dwight mentioned that \\if-srv-file01 would be available currently for that purpose. \\if-srv-file01 machine will shortly go off maintenance, however, but might allow the concept to be tested.
New 5100 Scanning Engine
Wayne Hyde announced that he had pushed out this new engine to all our clients.
New social engineering e-mail on the loose
Wayne Hyde also mentioned there is a "Thank you for your order of a Sony VAIO laptop" e-mail making the rounds that contains a Trojan downloader in the attachment which is not currently detected by McAfee. Wayne intends to block the attachment.
High CPU usage related to Windows Update and/or Windows Defender
A number of people have seen systems become unusable with a symptom of cpu resources being consumed at 100% by svchost. This was first reported to the ICC by Chris Fooshee. Steve Lasley saw this on one machine and it was alleviated by the removal of Windows Defender. Joe Hayden reported that this was only a temporary fix on one of his machines as the problem returned the next day. Others have seen it on machines without that software. Joe Gasper posted a script to fix Windows Update issues (ufad\if-admn credentials required), but that has been reported by Chris Fooshee to not help in all instances. Is puzzlement. Joe Hayden suggests logging on and immediately entering the task manager, pointing to the svchost process, right-clicking, and doing an "end service tree"; then you can go out and get your updates correctly. Steve wonders if this article is pertinent to this issue.
Capacitor failure on Dell machines
Mark Ross brought up the issue of capacitor failure on Dell motherboards and within Dell power supplies. Dell has apparently extended the warranty on these issues to five years; if upon inspection you see swelling of the capacitors, call Dell immediately for replacement. Failing capacitors can lead to all sorts of weird symptoms. Steve has seen an example where a machine would start up and run normally for a while, but shortly thereafter spontaneously shut down--instantly as if the power cord had been pulled. It would then sometimes be hard to get to turn on, but would eventually and the process would repeat. Dell replaced both the motherboard and the power supply on that particular machine.
Wireless Access Policy at Ft. Lauderdale
Mike Ryabin is preparing to implement a wireless solution at the Ft. Lauderdale REC and has developed a Wireless Access Policy (ufad\if-admn credentials required) for which he is seeking comment.
The meeting was adjourned on time at 12:00 p.m. Dennis Brown arranged for us to take Chris Hughes and his wife out to the Olive Garden for lunch after the meeting and a good time was had by all.