ICC logo IFAS logo

ICC Meeting:



A meeting of the ICC was held on Friday, February 10th, 2012 in the ICS conference room. The meeting was chaired and called to order by Steve Lasley at about 10:00 am.

PRESENT: Seventeen members participated.
Remote participants: David Bauldree, Bill Black, Allan Burrage, David Bauldree, Dan Cromer, Kevin Hill, Russell Hunter, Nancy Johnson, Chris Leopold, John Wells, and Alex York.
On-site participants: Dave Blackman, Dennis Brown, Winnie Lante, Steve Lasley, John Sowers, and Wendy Williams.

STREAMING AUDIO: available here


We began about a few minute late due to various issues. For one thing, the bridge did not initiate the conference at 9:45 as was set up in TMS. Steve called Dean Delker and finally got connected a bit before 10:00. It was reported that there were two ICC meeting VCs on the bridge; the correct one was 7832010, but there apparently was another at 7832000 as well.

Steve had also received late notice that Lync/OCS could not connect to the bridge. Others had issues with streaming, though some reported using the stream successfully as well -- not sure what was going on there.

Dan Cromer "saved the day" by using Movi software on his laptop to connect to the bridge and then setting up a "Meet Now" group call using Lync to share the Movi connection:

Lync Meet Now group conversation feature

and invited the ICC-L:

Lync group conversation - invite by Email

This allowed his laptop to relay the meeting and ICCers could use the link on the email to attend via Lync/OCS.

Report from the chairman

Member news:

Steve knew of no changes in our membership this month.

Recap since last meeting:

As per his usual procedure, Steve pointed folks to the notes of the last meeting, without going into any details.

Videoconferencing and WAN discussion

[In order to make meeting participation more efficient for Patrick Pettus and James Moore, these two topics have been moved to reside at the top of our agendas.]

Videoconferencing topics (previous discussion)

End-user Scheduling (previous discussion)

Updates not available...

Movi (previous discussion)

Dennis Brown asked Dan Cromer if he thought Movi was a move robust desktop VC solution than Lync. Dan responded that he believed it was, but noted that it costs $100 per license.

Dan mentioned that the search feature will find other Movi clients that are logged on making it easy to connect to them.

Steve mentioned that both he and Mike Ryabin had failed to get Movi to respond to an incoming call from a Polycom or PVX endpoint by dialing the IP#. Dan said you need to call Movi endpoints via their SIP address, e.g. "sel.movi@video.ufl.edu", rather than by IP#.

Lync Migration results (previous discussion)

Dan Cromer had sent a notice to the IFAS-Announce list describing the migration which took place the last Monday of January. The notice shared this list of Frequently Asked Questions:

  • Will my OCS contacts move with me when I am migrated to Lync 2010?

    Yes! Your contacts are migrated along with your account.

  • Can I continue to use Office Communicator 2007 R2 (OCS) to connect to Lync?

    Yes, however, the OCS client does not support the high-availability and resiliency features in Lync Server 2010. We encourage everyone to migrate to the Lync 2010 client after the migration has completed. A follow up e-mail will be sent when the migration has completed. The Lync client software can be obtained at \\ad.ufl.edu\ufad\software\Lync. Contact your local IT support person or the IFAS Help Desk for further assistance.

  • What clients can I use to connect to meetings?

    Note: The Communicator Web App (CWA) and the Microsoft Livemeeting Client are no longer support with Lync Server 2010

  • What Web application provides Lync instant messaging (IM)?

    https://mail.ufl.edu/exchange has icons for IM after Lync is installed. However, the best user experience is provided by the Full Lync client.

  • Will my existing conferences continue to work after I am migrated to Lync 2010?

    Yes, Conference Calls (conf:// URLs) and Livemeeting (meet:// URLs) will continue to work.

    Note: We strongly encourage users to recreate their meetings with the Online Meeting add in for Outlook.

  • Will my meeting content migrate with my meetings?

    No, any meeting content will need to be reloaded after you migrate.

  • Can I modify existing meetings after I am migrated to Lync Server 2010?

    Yes, with some caveats. If you want to change the meeting end date, end time, participant list, or the meeting subject you must reschedule the meeting in the new Lync 2010 meeting format. When you change any of these details, the Lync Outlook add-in will prompt you to manually reschedule the meeting and send an updated invitation to all participants.

  • Will the Lync client Outlook integration (Online Meeting add-in) remove the Live Meeting client or will we need to remove that from all of our PCs?

    The Lync install will not remove the Live Meeting client. It does replace the Outlook Live Meeting plug-in with Lync Online Meeting.

Dan Cromer also shared the following information with the ICC regarding federation and student use:

Message from Dan Cromer to the ICC-L:
"[ICC-L] Lync federation, use by students" Tue 1/31/2012 5:34 PM

After testing this afternoon, I realized that Lync "Attendee" can be used by anyone under Windows, at least to attend Lync Online Meetings. After setting up an online meeting, the meeting link can be sent to any e-mail address. From there, when the student (or other recipient) clicks on the meeting, they’re given a choice to connect with Lync Attendee, Web browser, or phone. They can download Lync Attendee if they don’t already have it installed; I think the best approach would be for the guest attendee to click on the link for “first time use” to download Attendee before trying to join the meeting. This can’t be tested on computers already having Lync installed, as the meeting link will automatically start Lync, if it’s there.

In addition, I’ve also successfully tested the Lync federation with Lync users @microsoft.com and Microsoft Live Messenger, though Live Messenger only has audio and video, no screen or application sharing. Since I see presence for users @dell.com, I suspect that it is also working, though I haven’t yet had a chance to test. AOL federation isn’t yet established; I understand James is working on certificate issues for some other university systems.

Some "hiccups" have been noticed in the move to Lync. Winnie Lante had experienced difficulties connecting to bridged videoconferences, for example. The {conference ID}@vcs.video.ufl.edu} connection method did not seem to work and she also had difficulties in going directly to the bridge and trying to join a conference via the keypad.

Dan Cromer had responded as follows:

Message from Dan Cromer to the ICC-L:
"Re: [ICC-L] Lync connection to bridge" Wed 2/1/2012 2:50 PM

The transition from OCS to Lync is not complete. When it is, everything should work. There was no way to configure and test the Lync connection to the bridge until the production server and environment was in place. Video (Patrick) and CNS (James) will work together to get it done.

I’m not sure why Winnie was unable to use the method described below to connect, as it just worked fine for me in two separate tries. One test you can use when you pull down the keypad and enter a character, it should show at the bottom of the screen window. If you don’t see “Entering ID” in the blue area at the bottom, along with the numbers you typed, then you’re not sending the DTMF signals needed and should disconnect and reconnect. You can also use the dial pad to enter “##”, and it will change to far camera control, so you can use the keys on the dial pad for moving the selected conference down. With this you use “2” for up, “4” for left, “6” for right, and “8” for down. Using the far camera controls allows you to change the view of the conference.

Kevin Hill noted two other "operational oddities":

  1. If I initiate a call to one of the bridges without video (the default action from the contacts list) it will connect and you hear the welcome announcement. If I add video at that point, I’ll see my preview in the corner, but the bridge menu video never starts. Otherwise, if I initiate the call by right-clicking the bridge from the contact list and choose “start a video call” the bridge menu video is received fine. I can then use the keypad to join or create a conference.
  2. Once in a conference, the received video “glitches” a bit and then freezes after anywhere from 5 to 20 seconds and never recovers. The stream bandwidth (~300 kbps both up & down) doesn’t change after the freeze.

Dan Cromer responded with:

Message from Dan Cromer to the ICC-L:
"Re: [ICC-L] Lync connection to bridge" Wed 2/1/2012 4:24 PM

This is something I suggest you test several times until you get comfortable. Even on campus (and with OCS in the past) I’ve had network issues that caused audio or video not to work. One obvious question is whether you un-muted your mic, as the default is to connect with it muted. I’ve also had the case where the speaker sounded like a chipmunk or Donald Duck voice, as if the speaker had just deeply inhaled helium. Other times it happened that the bridge was seen, but dial pad keys had no effect. In these cases, the only fix seemed to be to disconnect and call back. OCS/Lync connection to the video bridge is not nearly as usable as with Movi, so should only be considered for occasional use. If common videoconferences are planned with the video bridge, Movi should be the choice application, though at about $100/license it isn’t something that is affordable for all.

Russell Hunter had mentioned that he was able to receive messages from outside (federated) entities using OCS but could not reply or establish a call. Dennis Brown mentioned having the same issue, though it wasn't clear if he was referring to what Russell mentioned or what Kevin was experiencing.

In a separate e-mail Dan said:

Message from Dan Cromer to the ICC-L:
"Re: [ICC-L] Lync connection to bridge" Fri 2/3/2012 1:40 PM

If anyone is having problems connecting with Lync to other UF Lync users, please let me know. Russell is speaking of problems using Lync with outside contacts, such as Dell. UF OSG is working to resolve the issue, though I’ve had a successful connection with Bill Campman from Microsoft. OSG and video groups are also working to resolve the Lync connectivity to the video bridges. I did update the wiki page at http://wiki.it.ufl.edu/wiki/Lync.

The main issue with Lync/OCS currently is that it will not connect to the bridge and thus cannot be used to participate in bridged videoconferences. Dan Cromer explained that the issue has to do with creating an encyrpted connection between the Lync and Tandberg systems; one or the other will not accept the certification to allow connection. Dan Cromer is hopeful that Patrick Pettus can coordinate with James Oulman to get this fixed sometime next week.

[Note: According to emails to the CCC after the meeting, Lync Mobility is still a work in progress; that is expected to be ready in a couple of weeks apparently and will allow the use of newly released Lync clients for mobile devices.]

WAN (previous discussion)

Updates from James Moore

James Moore was unable to attend, but plans to be here in March to provide us an update.


UF File Express moves to round 2 beta testing

Dan Cromer announced this to the ICC-L last Friday. You may try it out at https://file-express.ufl.edu/folder.php.

Dan had shared the following email from Shawn Lander (the project lead):

Message from Shawn Lander:
"file-express open for round 2 beta testing" Thursday, February 02, 2012 9:32 PM

We are done beating on it and making changes. Thus, you can start testing again and it won’t magically stop working for a time.


All features relating to the user and admin side of the application are done. On the user side we have a really good uploading process that will handle large files. We’ve successfully had two people uploading GBs of files at the same time (I was uploading 13GB in 7 files and Christopher was uploading 7GB in 3 files).

On the admin side of things we have three levels of access:

  1. VIEWERS: envisioned for helpdesk staff. Allows you to lookup a gatorlink username. Will display all active folders and a list of the expired folders for the last 30 days. This role will allow helpdesk staff to verify settings on a folder.
  2. DELETERS: envisioned for helpdesk managers (2nd tier support). In addition to seeing the folders above, they can force delete them (can also supply a reason). Email will be sent to the folder creator and, optionally, to anyone the creator specified to send email to regarding the folder. Also has the ability to see the largest 10 folders. Finally, has the ability to download the entire folder table (so you can report on utilization of the service).
  3. ADMINS: envisioned for CNS… has the ability to change many settings of the system (server quota, min/max expiration time, file chunk size, max file size, service names).

Barb [Sedesse], Iain [Moffat] and I have all three levels of access. Ayola [Singh-Kreitz] is set up as a VIEWER. Kiem [Tran] is set up as a DELETER. The control of permissions is done through UFAD security groups that currently reside in the EG-ADM OUs. This will need to change and then the application updated.

There may be cosmetic changes to a few things left to be made (i.e. the email sent when a folder is force deleted needs to be reworded). The FAQ and HELP sections of the website need to be filled in.

Please beat on it and let me know your thoughts/comments. Please review all help text from popups and the like.

To answer a question before it is asked… the application works best in the latest versions of Firefox and Safari. It works decently with IE but only if Silverlight or Flash is installed. It works with Chrome (and better if Gears is installed). IE seems to have bigger delays in starting and doing uploads since it depends on the different plugins (especially when the file is large). Firefox/Safari use native html 5 commands and, as a result, begins things immediately. At some time IE will start supporting all the needed html 5 commands and get on the ‘best’ list.

Thank you for your time.


PS: If you tried anything earlier than now (9:30pm on Thursday) you may have received an error caused by shutting down an editor and blindly saving settings (they shouldn’t have been saved).

Steve said that he had only taken a quick look at the test site. He asked if anybody had tried this yet, but no one had apparently. Winnie asked what the allowed file size would be; Steve didn't know at the time, but looking this up later (on https://file-express.ufl.edu/) it appears that they plan to allow "unlimited number of files of no more than 5GB each."

UFIT news site announced

Dan Cromer had shared the announcement of a new UFIT news site whose goal is to "deliver timely, important news items that will assist faculty and staff with their academic, service, and business process needs."

Dan has asked Tracy Gale of CITT to come to our March ICC meeting and make a brief presentation similar to the one she made recently to the IT Directors where she discuss developing news stories for this new news service.

Dennis Brown has agreed to assist Dan Cromer in developing IT news stories for IFAS and both have asked for wide involvement with that being a team effort would be the best approach.

SharePoint training by Dan Holme (previous discussion)

Registration for these February 20th and 21st sessions is now available. Details were posted to the ACTIVEDIR-L previously by Erik Schmidt.

Campus VoIP improvement implemented (previous discussion)

Voice messages left on the UF VoIP system (Cisco Unity) are now being forwarded to associated Exchange accounts. When a voice message is left, two emails are triggered per voice message, both listed as coming from "Cisco Unity Connection Messaging System <unityconnection@voip.ufl.edu>":

  1. Message from <sender> (<phone number>)

    This is the first to arrive and contains the message itself as an attached .wav file.

    An outside sender is generally listed as "Unknown sender."

  2. Message notification: Voice message from <phone number>

    This message arrives soon thereafter and provides a count of the number of pending voice messages as well as the sending phone number and time details.

Interactions between Unity and Exchange lead to the following message management considerations:

  • "Reading" the voice message within Outlook triggers the voicemail system to move that message into "saved messages" and turn off the message waiting light on the phone itself.

    Note that this doesn't mean the WAV attachment has been played/heard. A message can get easily become marked as read automatically depending on option settings within Outlook:

    Reading Pane

    Marking the message as unread within Outlook reverses this process; doing so triggers the voicemail system to move the message back into current messages and turn the phone's message waiting light back on.

  • Deleting a voice message from within the Outlook Inbox triggers the voicemail system to remove the voice message from its system and to clear the message waiting light on the associated phone if the message had been unread.

  • Deleting a message via the voicemail system (i.e., via phone) will delete the corresponding WAV file message from Exchange while the associated "message notification" email will remain untouched. This conserves space on Exchange while maintaining call tracking.

  • Moving a voice message to another folder outside the Outlook inbox preserves the message within Exchange. The effect on the voicemail system is the same as with message deletion: the voicemail system removes the voice message from its system and clears the message waiting light on the associated phone if the message had been unread.

A number of ICCers, such as Winnie Lante and Dennis Brown indicated that they had not been getting these emails. You can use Wayne's Powertools to check your membership. Winnie and Dennis, for example, do not appear to be in the group yet. If you need someone added, please let Dan Cromer know. He will need to know their phone number and email address; remember that prerequisites include having both an Exchange e-mail account and UF VoIP phone number.

UF FAX server project (previous discussion)

Steve noted that he has now successfully used the out-going fax via Outlook. Initially he had an unusual issue that took Curtis Weldon a bit of time to ferret out. Steve had entered his email address into the "E-mail:" field of a service account (general tab) at some point. This somehow threw off the ldap lookup routine used on the fax server and caused a "Requested #571 Delivery not authorized, message refused: sender not authorized ##" bounce message.

Dan Cromer had provided Steve with instructions to test the in-coming fax capabilities with some test numbers, but he never got that aspect to work. Apparently, CNS is still discussing how to handle the incoming fax service. Dan had provided the following instructions which he suspected would be subject to change:

Incoming fax numbers must be pre-staged to UFAD and coordinated with UF Telecom. This process is still under development, and may be modified.

  1. (Not yet implemented) Submit a Telecom Service Request (http://telecom.cns.ufl.edu/ServiceRequest) to have your fax number converted to the fax server service, or request an additional fax number. Costs are the same as standard VoIP service per number.

  2. Create a UFAD security group in your OU in the form: {Unit-OU}-FAXadm-{incoming fax number}

    For example: IF-FAXadm-3925757

    This is the group for all who will have access to the fax mailbox.

  3. Create a user service account in your OU in the form: {Unit-OU}-FAX-{incoming fax number}

    For example: IF-FAX-3925757

    The password of the service account must be shared with any Mac users for access to the fax inbox, so set it with that in mind.

    Assign the corresponding security group as owner of the service account.

    Set the fax number in the service account properties “Telephones” Fax field in the form (nnn) nnn-nnnn. Example: (352) 392-5757

  4. Request that the unit Tier 2 Exchange support person (Scott Owens for IFAS) mail-enable the service account.

  5. Assist users as necessary to add the fax service account to their Outlook configuration.

Steve mentioned that he had some folks in his unit try out the sending side of things and that it seems to work fine. Steve turned their paper FAX coversheet into a PDF form to assist in creating those. Incoming has been held up because CNS wants to handle group assignments for that in-house rather than distribute it for security reasons. They were fearful that someone might "hijack" the President's fax number for example. In any case, they are apparently still working out the workflow details on how to request that. During BitLocker setup, the keys may be saved to a USB drive and then copied to a secure area. Steve has been doing this even for his UFAD joined machines just to feel a bit safer.

Upcoming requirements for InCommon Silver (previous discussion)

Updates not available...

Implementing the Mobile Computing Security policy (previous discussion).

Steve mentioned that he has begun the slow process of getting the laptops in his department encrypted. He plans to use BitLocker where possible. He stills has some laptops running WinXP or Win7 Pro which will need to be rebuilt prior.

Dennis asked if we really needed to encrypt all laptops or only those with restricted data. Steve is of the opinion that all faculty are likely to have restricted data of some type, especially student information within emails. While he isn't sure that Outlook's offline cache is readable, Steve suspects the risk is substantial.

If try out BitLocker on a UFAD joined machine but cannot view the key in UFAD via ADUC ("BitLocker Recovery" tab on the computer object) please let Alex York know; there were some permissioning issues with Steve's if-admn account initially that prevented this for him and Steve is not sure if that has been corrected for all OU admins yet. For machines not joined to UFAD, one would have to archive the keys otherwise, but this is fairly easy to do.

Please note that portions of this discussion relating to UFAD key archival are recorded in a later section of these meeting notes that deals with disabling/deleting computer accounts based on computer password age.

Steve noted as he had at earlier meetings that PGP WDE is much clumsier than BitLocker.

Wake on LAN support coming to campus: (previous discussion)

Updates not available...

New Secunia site license (previous discussion)

Steve mentioned that he has started to put UF's Secunia PSI on his laptops because of how infrequently he can get ahold of those to even look at their patch levels. Dennis Brown said he has been putting in on many of his desktops as well. PSI updates several of the third-party packages automatically (flash included) and it also will help raise awareness of patch levels; consequently, Steve feels adding this is a good idea.

KACE agent deployed to IFAS (previous discussion)

The GPO was enabled earlier this week. If you have machines for which you want to manage deployment manually you may make use of the ". IFAS-OU-PreventKace" security group in your organizational unit. All these groups are members of ". ifas-if-kace-client-5.3.46801_DenyRead".

Dan Cromer reported that he put the current KACE counts for IFAS online at \\ad.ufl.edu\IFAS\Software\KACE. He also said that he is working with UF central IT services to set up a recurring count report until some form of console or dashboard can be developed.

Dan mentioned that access to the console is not granular and that is why we haven't been allowed to view that. Dan wondered if anyone cared who saw our machine software details and it appeared that no one was very concerned.

Steve pointed out that Wayne can provide read access to the Secunia console as well upon request. Steve said that he hasn't really been too interested so far because he can use PsInfo to query a machine for software remotely as necessary. Wayne's Power Tools can search across machines for a particular application/version as well--though the database is not always up-to-date -- particularly for laptops.

Kevin Hill mentioned that SWFREC has its own WSUS server and thus he has access to the Secunia console for his unit. He said that this was working out well for him.

Domain Policy and redirect duration (previous discussion)

Updates not available...

CNS working to implement NAC for UF wireless (previous discussion)

Updates not available...

UF Exchange Project updates (previous discussion)

Dennis Brown asked why UF Exchange doesn't have the capability to restore mailboxes to account for user errors in managing things. Steve speculated that this would be a huge drain on people resources. Wendy Williams agreed that restoring mailboxes was a lengthy procedure. Kevin Hill said that Exchange 2007 could restore individual mailboxes, but it was not a quick and easy process. He mentioned that some folks would appreciate aging out after 13 months rather than yearly because of once-a-year emails many have to attend to. Steve pointed out that someone would no doubt then want 14 months.

Steve wondered if Exchange 2010 had some feature that might make some kind of restore less burdensome on the administrators, but none of us have the experience to know. It might be something worth asking at a Tier 2 meeting if Scott Owens is willing, as Dennis related that his faculty expect that level of service and are surprised it doesn't exist. The Exchange admins should at least know that this is an ongoing issue with our users--even if addressing it is deemed too difficult at this time.

Sakai e-Learning System now in production (previous discussion)

Updates not available...

Alternate IFAS domains in e-mail (previous discussion)

Updates not available...

Electronic Copy - Print Output Cost Reduction program (previous discussion)

Updates not available...

Split DNS solution for UFAD problems (previous discussion)

Updates not available...


New web cluster (previous discussion)

Updates not available...

File server migrations (previous discussion)

Wayne has worked hard on getting all the campus departments moved to the new file server cluster. He sent out a notice to the ICC-L explaining the situation and Steve updated the associated IT/SA Services Documentation on File Services to better reflect the new situation. In particular, Steve posted Wayne's table for mapping cluster node shares to the current DFS structure.

Windows 7 Deployment via the WAIK, MS Deployment Toolkit 2010, USMT 4.0, WDS, and SCCM (previous discussion)

MDT 2010

Steve noted that his deployment system continues to work quite well and has saved him many hours of work overall (though there was considerable front-end load in setting that up).


Alex York has been making strides on a new SCCM installation using the recent infrastructure upgrade. Alex is excited about the possibilities and is planning a demo to the ICC at an upcoming meeting.

Exit processes, NMB and permission removal (previous discussion)

Updates not available...

Re-enabling the Windows firewall (previous discussion)

Updates not available...

Services Documentation: Is a Wiki the way? (previous discussion)

Updates not available...


Moving from McAfee VirusScan to Microsoft Forefront Endpoint Protection?

Steve had intended to ask Alex York about what it might take to get us there but he was not available at the time. We will readdress this at an upcoming meeting.

Print server (previous discussion)

Updates not available...

Recording lectures for Distance Education (previous discussion)

Updates not available...

New DHCP reservation site created (previous discussion)

You are reminded that Santos Soler has created a new DHCP reservation site which you may use to request reservations.

Restoration of back-ups on the file server

Wayne Hyde intends to document and announce proper usage as time permits.

Membership of ". IFAS-ICC" e-mail distribution group to be narrowed to ICC members only (previous discussion)

Steve will keep this as a standing item on our agendas for now as a reminder. The ICC distribution list is more targeted and restricted to IFAS IT support folks only.

IFAS efforts toward Green IT (previous discussion)

Updates not available...

Creating guest GatorLink accounts: singly or in bulk (previous discussion)

Steve had left this on the agenda in case further discussion was deemed warranted.

Can IFAS support DirectAccess in the future? (previous discussion)

Updates not available...

Moving away from the IFAS VPN service (previous discussion)

David Essex of the IFAS Help Desk had asked what ports were utilized by the IFAS VPN. Wayne Hyde responded with a link to a Microsoft knowledgebase article on the topic, providing also the short answer:

  • server port: 1723/tcp
  • client ports: 1024-65535/tcp

VDI desktops as admin workstations (previous discussion)

Updates not available...

Wayne's Power Tools (previous discussion)

Updates not available...

Computer compliance tool in production (previous discussion)

Updates not available...

Folder permissioning on the IFAS file server (previous discussion)

You are reminded to please take the time to read and implement the new standards. If you have any questions get with Wayne or Steve.

Disabling/deleting computer accounts based on computer password age (previous discussion)

This is yet another matter for which finding time for implementation is proving difficult. Steve wants folks to remember that Andrew Carey had a good plan for dealing with this which perhaps Alex can find the time to address eventually. In the meantime, it would be very good of each OU Admin to consider mimicking the proposed plan manually by keeping their own records and deleting any computer object which have been disabled for 90 or more days; Wayne's Power Tools can identify those. Steve has finally begun doing that for his own unit and it has made his view within ADUC much more agreeable.

Since BitLocker stores its keys within the computer object in UFAD, Alex York and Chris Leopold are considering scavenging those keys for secure storage elsewhere. That would provide a fallback for decrypting a drive should the associated computer object be deleted.

Core Services status (previous discussion)

see the new virtual infrastructure section above...

ePO updates (previous discussion)

Wayne updated ePO to 4.6.1 and also checked in VirusScan 8.8P1 and the latest McAfee agent two weeks ago. Soon after he began pushing VirusScan 8.8P1 out to machines that have 8.8 installed.

The new ePO console has quite a few improvements, one of which is the ability to initiate a client task immediately from the ePO console on a managed system. If the client is behind a firewall, the task will start once the client checks in with ePO. Wayne has been working to adjust some permissions on the OU admin role to get this to work.

Status of SharePoint services (previous discussion)

IFAS migrating to centralized MOSS

Updates not available...

Public folder file deletion policies and procedures status (previous discussion)

Updates not available...

Patching updates... (previous discussion)


The February Microsoft patches will include 9 bulletins (4 "Critical" and 5 "Important") covering 21 vulnerabilities in Microsoft Windows, Office, Internet Explorer, and .NET/Silverlight.

McAfee provides podcasts on the highlights of each month's offerings.


The latest version of Acrobat and Reader (10.1.2) apparently caused issues with viewing reports in PeopleSoft. The problem seemed to go away -- likely due to tweaking that was done on the server-side.


Trouble is brewing for Java with regards to SAS and likely other software which support a particular version of that Software The last public update of Java version 6 is slated for July 2012. Steve wanted to know if anyone had installed SAS 9.3 to work with JRE v7 yet and whether or not that worked, but apparently no one had. JMP is another program that relies on JRE version 6 as far as Steve knows and there are likely others.

MS Office News update (previous discussion)

Updates not available...

Job Matrix Update status (previous discussion)

Updates not available...

Remedy system status (previous discussion)

Other Topics

Results of GPO disabling for non-portable devices (previous discussion)

It turns out that successful WMI filtering of laptops is not really possible. As a result, many laptops that had been using offline files had that feature inadvertently disabled. This caused issues for users in at least two units.

Steve also mentioned it having escaped his recollection at the time this temp fix was first proposed that offline files is needed in order to index redirected folders. Disabling it removes the ability to quick search files on the server. There may be some workarounds but they look too cumbersome to consider. Steve is surprised he hasn't had complaints--he can only assume not many folks actually use the search feature.

As a result of these issues, the GPO has now been unlinked. That means that newly-built machines will have offline files enabled and you may re-enable it as necessary on current machines.

Let's hope the root cause of the problem can soon be discovered and addressed.

WebDAV issue with Mac OS X Lion (previous discussion)

Updates not available...

Shredding hard drives at the Hub

Winnie mentioned that she had learned how to use the drive shredding service that is now available on campus at the Help Desk in the Hub. Winnie said that you need to enter the serial number for each drive you wish to dispose of and mentioned that the form system which they require utilizes an ancient laptop. It asks for the associated department but has no IFAS units listed in its drop-down menus currently. They are working on that but currently don't care what department you designate.

The meeting was adjourned about 40 minutes early at around 11:20 AM.