IFAS COMPUTER COORDINATORS
NOTES FROM February 11th 2005 REGULAR MEETING
A meeting of the ICC was held on Friday, February 11th, 2005. The meeting was chaired and called to order by Steve Lasley, at 10:08 a.m. in the ICS conference room.
PRESENT: Nineteen members participated. Remote participants: David Ayers, Marcus Cathey, and Dan Cromer. On-site participants: David Bauldree, Benjamin Beach, Dennis Brown, Marion Douglas, Joe Hayden, Kevin Hill, Chris Hughes, Nancy Johnson, Jack Kramer, Winnie Lante, Chris Leopold, Steve Lasley, Marshal Pierce, Mark Ross, John Sawyer and Joe Spooner.
STREAMING AUDIO: here
Agendas were distributed and the meeting was called to order by Steve Lasley at 10:08 am.
A "new" ICC member member was introduced in his absence: Rick Noble, Computer Support Specialist at Agricultural Education and Communication. Steve mentioned that he hadn't had contact with Rick before, but that he had responded to the request for locating Windows 98 machines. It is hoped that Rick feels welcome to participate in any and all future ICC activities.
By way of a recap since last meeting, Steve reported briefly on what had transpired at the 3 Feb ITPAC meeting. There were four ITPAC recommendations which came out of the meeting:
Most of the ICC discussion revolved around the first of these, for standardizing IFAS on a "firstname.lastname@example.org" e-mail address format by July 2005. This is not a recommendation that Steve specifically brought to ITPAC, and it in fact came as a bit of a surprise, albeit a pleasant one. Previously, ITPAC had approved the ICC recommendation for a new IFAS e-mail address naming convention, which specified using "Gatorlink@ifas.ufl.edu". Although ITPAC recommended, standardizing on "Gatorlink@ufl.edu", there are implementation aspects that were not discussed at that meeting--in part to the surprise nature of the motion. Since then, Chris Hughes has helped develop an outline of the details involved in our options for a standard IFAS e-mail address which will be passed along to Jim Syvertsen, ITPAC chair, along with our recommendations on this matter.
Dan Cromer reported that, in speaking with Joe Joyce, he has learned that Jimmy Cheek (our VP) has approved all of the ITPAC recommendations and supports standardizing on a "email@example.com" e-mail address format. Dr. Cheek has asked Dan Cromer to go before the deans Wednesday afternoon and present our options regarding moving to this format. Dan stated that option 3 was the one he would propose, but he also seemed to already believe this would receive strong resistance and that option 2 would be what the deans would forward on to the VP for implementation. Dan also mentioned a 4th option, namely abandoning Exchange and using Gatorlink for e-mail services. Dan has in mind a long list of advantages to keeping Exchange and thinks the deans will agree on that. The ICC did a quick vote on this and clearly would not support dropping Exchange--a stance which they would like Dan to forward on to the deans.
Jack Kramer cautioned that there are many details and exceptions involved in this process and that these need to be carefully considered within the scope of any automatic methods.
Kevin Hill suggested that IT be pro-active by first sending out a list of Gatorlink names to people so they can consider whether they wish to change those--in cases where the Gatorlink name may not have been chosen originally as they might now wish to be reflected in their official e-mail address. We would also need to provide a simple way to implement any such changes that were desired.
In reference to a request from Dan Cromer for the costs involved in running Exchange, Chris Hughes reported that the hardware and software for that costs IFAS $16,000 per year. Jack Kramer pointed out that there are additional costs for that as well.
As additional justifications for keeping Exchange, Joe Spooner mentioned that, with the upgrade to the latest version of Outlook from Office 2003, the secretaries were very appreciative of the ability to look across multiple calendars. He also mentioned that Gatorlink webmail does not include attachments when forwarding e-mail.
Steve Lasley mentioned that ITPAC had it in mind that this would be "THE LAST CHANGE" in our e-mail system--at least from their standpoint. Steve felt that option 2 would be a half-measure that would not support that supposition well and that is would also not alleviate the concerns that Dawn Mendoza had at ITPAC regarding the need to create two separate e-mail accounts for new hires. Chris Hughes pointed out that option 3 would also support a move to some future e-mail system in that everyone could be moved at once.
Mark Ross had a problem with the current 8-character namespace within Gatorlink and suggested that we should consider moving until that problem is resolved. Kevin Hill agreed in that, otherwise, end-users would see yet another change at the time that namespace was lengthened to the propose 15 characters. We don't want to force users, potentially, to have to change their e-mail addresses twice. During the meeting, Chris Hughes received notice that the namespace extension is now scheduled for July 4-11th; this fits in well with the date proposed at ITPAC.
Jack Kramer asked if any of the proposed changes would affect support for IMAP and POP. Chris Hughes related that those services would continue to be supported. He also explained that option 2 would, in someways, make the situation even more confusing in that the e-mail address would not indicate which e-mail service a person was using; the end-user would have to know this distinction--and that would be quite problematic in many cases.
Steve Lasley proposed a motion that the ICC support option 3, provided that it is coordinated to occur in conjunction with the extension of the Gatorlink namespace and provided that a method is created to allow end-users to easily take advantage of that increase by making a one-time change to their Gatorlink username. This had unanimous support and has been incorporated into a written recommmendation which we strongly urge Dan Cromer to relay to the deans at his Wednesday meeting. Additionally, Steve will forward on the "Options for a standard IFAS e-mail address" document, along with our recommendation, to Jim Syvertsen for distribution to ITPAC.
Dennis Brown raised one last concern, that being whether or not Gatorlink could handle the additional load involved in this. Tthis would only affect e-mail coming in from outside, and Chris Hughes noted that te volume is trivial when compared to what Gatorlink handles currently.
approx. 39 minute point in stream
Moving on, Steve reminded everyone that ITPAC approved our recommendation to get rid of Windows 98 by July, and we still need to locate all those machines. Steve thanked those who had already relayed such information for their units, and implored those who have not to please do so. The initial scan to locate those was not very successful. There were many false positives and no one knows how many were turned off or otherwise not available.
The issue of restricting who can post to IFAS-ALL was discussed. Beyond the issue of people within IFAS posting messages inappropriately, a more major concern is that our lists are being hit with spam--some of which spoofs IFAS users as being the supposed sender. Chris Leopold has been in contact with L-Soft, and they recommend setting the confirm option. This setting means that when people send to a list, they receive a confirmation e-mail to which they must reply before the original message is actually posted.
Mark Ross suggested that, in conjunction with a confirm setting, monthly posts be made to the IFAS-ALL explaining some basics of how the listserv works. This should include a reminder about the confirmation and the reason behind it, and also address other other FAQs such as: don't try to sell your car on the IFAS-ALL and don't send a note to the list asking to be taken off, because that is not an option. John Sawyer mentioned that this sort of user-directed documentation could be included in the confirmation message as well. Joe Spooner also suggested that documentation be supplied for listserv admins on where to find this confirmation setting.
The ICC passed on this and our collective views were compiled into a recommendation to be brought to the next ITPAC.
approx. 50 minute point in stream
Chris Hughes wanted to address the need for administrative support to encourage more FTE for UFAD. There have been a number of problems for which IFAS has needed UFAD staff assistance and for which they were unable to provide that due to their shortage of staff. A good current example would be the recommended move to an IFAS "firstname.lastname@example.org" standard; Mike and George do not believe they can meet a July deadline for assisting in that implementation. This a prime opportunity for the IFAS VP to relay to Marc Hoit and/or Mike Conlon the importance of adequate UFAD staffing to support our needs and the needs of other UFAD participants. Steve asked Dan Cromer is he could suppport the wishes of the ICC and facilitate the raising of this to the VP for his consideration. Dan initially did not think this was appropriate.
Kevin Hill then suggested that our alternative was to make a recommendation that the VP lobby the IT Provost for appropriate support for UFAD and bring it to ITPAC. Kevin pointed out that we are at significant risk in having joined a UF-wide organization that was supported by two people in two different departments with no on-going support for bringing that organization under one umbrella. We did that with the expectation that, as critical mass was obtained, and more schools and departments joined it, that the critical infrastructure and FTE supporting that was going to be there, as specified in their charter. That has not been happening, and that is a concern, hopefully, for IFAS IT in moving forward.
Dan Cromer asked that the ICC develop specific itemized details of problems which IFAS has had or will have due to the lack of support from UFAD. He cautioned us to only include the problems without offering specific solutions (e.g., needing more FTE), as he did not wish to give the impression that we were trying to meddle in their affairs. Chris Hughes agreed to do so and Kevin Hill and Steve Lasley offered to help in that. Dan said he would then take that to Joe Joyce and see if he felt it appropriate to have Jimmy Cheek address this issue to Marc Hoit.
approx. 59 minute point in stream
The ICC then discussed the implementation of an Office installation point. Steve mentioned that he has already started to install Office 2003 from the CD on individual's machines who have been wanting it. He would much prefer to be doing this from some official IFAS installation point, however, and he asked what needed to be done to get that in place. Chris Leopold said that John Sawyer has this responsibility, but there has been the question on how this should be handled: should an installation point be created from which admins may perform the install, or should it be automatically pushed out for all of IFAS?
It was agreed that the former should be the initial move and IFAS already has such an installation point ready which the HelpDesk has been using. This can be announced for on-campus units after a few tweaks have been made, but remote sites need to wait on local repositories and Chris Hughes stated that cannot be accomplished until next fiscal year due to drive space limitations on the multi-purpose servers. Chris Leopold proposed that we set a two-week deadline for having this available for on-campus usage and that we address this ASAP in the next fiscal year for remote sites. Chris Hughes asked if GPOs should be made available for use in pushing this out for those units wishing that, and many agreed they would like that--although it was advised to make that only apply to on-campus so that it couldn't mistakenly be applied to a remote site before the remote repostories are in place.
Chris Hughes stated that he believed the Office licensing issue with county offices will be resolved for next year (as mentioned at ITPAC) provided that IFAS see to it that those counts are included in next year's counts which Mike Conlon provides Microsoft. Someone in IFAS needs to make sure that happens; it was suggested at ITPAC that district directors would be asked to get those figures and they would be passed up through the VP to Mike Conlon.
approx. 1 hour 7 minute point in stream
Chris Hughes reported that IT had been given a brief demo of the Remedy trouble ticket system yesterday. Chris believes it will work well and meet our needs. (See here for previous discussion.) The missing piece is the sub-delegation to support people based on the network managed by field. They are hoping to have this done in two weeks, at which point they will make it available for testing for everyone in IFAS, and the HelpDesk will start using it
Dwight Jesseman could not make the meeting, but he has taking some steps in making the ICC security group a distribution list. This is something we will keep working on with the idea that we can use the ICC as a model system for demonstrating and exploring the workgroup capabilities of using Outlook with Exchange.
Steve Lasley asked Joe Spooner, chair of the ICC's IFAS IT Charter committee, to explain what transpired on the IT Charter proposal at ITPAC and to outline what he felt our role would be in the proposed Infostructure Task Force. Joe reported that he brought the idea for an IT Charter to ITPAC and that they had recommended this be addressed at the Infostructure Taskforce Level. Joe sees this as a good thing for a couple of reasons. One, it was pointed out that the 1997 report had a number of good recommendations that were never implemented, but which had been tabled due to other priorities. Second, having a charter proposal come from an ICC sub-committee, which is many levels beneath that point in administration where implementation would need to be approved, would only lead to any proposal being tabled yet again. Moving this up to the higher political levels gives actual implementation a much greater chance of happening. It also provides a higher-level mandate to get everyone's input into this process--not just people who work for IFAS, but also industry people who deal with IFAS from the outside, and also students. The goals of the Task Force would be accomplished in three phases:
- Phase One: Needs assessment stage where an analysis and survey would be performed
- Phase Two: Planning stage to see how much could be done and when it could be done
- Phase Three: Implementation stage
The original members of the ICC's subcommittee on this topic would probably be members of this taskforce and would participate to ensure the taskforce knows what can and cannot be done from the technical standpoint. From what Dan Cromer and Joe related, this will have the support of Dr. Cheek and the Taskforce should be appointed by the proposed March 1st deadline.
Steve mentioned that another issue which dovetails into this is the proposal made by Chris Leopold at the last meeting that the ICC have a representative which attends the IFAS faculty meetings. Joe Spooner graciously offered to take on this role--something which was enthusiastically supported by all. This would involve attending their quarterly public meetings and getting items on that agenda as Joe deemed appropriate.
approx. 1 hour 15 minute point in stream
Before moving on to the "removal of UF mail server whitelist" issue, Dennis Brown wanted to clarify the agenda item listed as "Proposal to upgrade all of IFAS to Windows XP SP2 and Windows 2003 Server by June 1, 2005". This particular wording was a mistake that had been propagated by cutting and pasting the topic from an earlier agenda. The July date refers only to Windows 98. The ICC has been discussing the end of 2005 as being the similar cut-off date for Windows 2000.
We then discussed the problem of the whitelist which we currently have on Exchange for any mail from the UF Gatorlink mail service. Steve gave himself as a good example. He gets very little spam on his "@ifas.ufl.edu" account, but plenty at his Gatorlink address. With the Gatorlink forward being whitelisted, none of that spam is now being caught by our perfectly good (and recently updated) IMF solution on Exchange 2003. The whitelist (which can only be specified by IP address and therefore includes all e-mail forwarded from Gatorlink) was implemented when some "important" message from PeopleSoft ended up in someone Junk E-mail folder. This is causing untold pain that far exceeds the problem which it is trying to solve.
Chris Hughes stated that a solution has been programmed for us by a person in Checkoslovakia that converts the Gatorlink Spam-Assassin score to an equivalent SCL score. Chris Hughes has confirmed on his home system that this software does indeed work. The programmer is willing to provide the source code along with the software at a cost of only $200. The problem is he requires payment in the form of a wire transfer. Dan Cromer says he will approve the purchase, but the problem is how exactly to get the payment made. Chris Hughes said he already has the programmer's approval to use the software pending payment, so he will go ahead with testing in a more realistic environment.
approx. 1 hour 20 minute point in stream
Kevin Hill, chairman: AD, gave a general status report and run-down from yesterday's ICC-AD meeting. He reported that we accomplished a lot in our fairly short meeting. We approved a script that will change local administrator passwords based on an algorithm. Chris Hughes stated that anyone who has been specified as a Technical Contact by their unit administrator on the OU sheet that went out, will get an e-mail regarding how to specify their unique portion and what the algorithm is. Chris Leopold said that we have approval from Dan to use Richard Lee on the programming involved in this. Chris Hughes will work with Richard on getting that implemented; there is currently a functional demo but that cannot be made available to all at this time.
The ICC-AD also voted to flatten the OU structure to support the new PeopleSoft codes. Within this we discussed the possibility of district support having a tree structure for those if that is desired. We also approved, after March 15th, the implementation of the new IF-ADML (local) and IF-ADMN (network) administrative accounts to shore-up security. We asked for the specifics on how OU admins would access stored information on who had accounts in local administrative groups--data which is scheduled to again be recorded via machine logon scripts. This information is expected to be available through the web or via Access. You would plug in the user or machine and see what resources they could access on local machines across our organization. This is primarily meant to aid in deprovisioning user access to our systems. We talked a little bit about training and documentation. We didn't resolve much there other than that the next batch of training would occur after the OU reorganization.
approx. 1 hour 26 minute point in stream
John Sawyer reported that there were some problems with ePO machines being updated. The older version of VirusScan (7.0) with the newer version of the ePO agent (3.5), for some reason, wants to check into SrvTask3--which is no longer available. This is only fixed by the installation of VirusScan 8. Steve mentioned that the real problem is, how do we get the ePO agent 3.5 and VirusScan 8.0 on all our machines. Chris Leopold suggested that a GPO be created and that it be used to push out the ePO agent 3.5 to all machines within the IFAS co-managed OU. From there, John Sawyer stated that we could use ePO to push out VirusScan 8.0. Everyone agreed to this; if it would fix the problem, but Kevin Hill (for one) did not think it would, as he has seen other problems that somehow relate to credentials. Chris Hughes asked if everyone in the co-managed OU wished to have the latest ePO agent and VirusScan software on all computers. Further, he asked if any of us wanted to manage ePO ourselves or if we would prefer that it was handled for us. This seemed to be the concensus, so Chris Hughes said he would work with John to see that this was accomplished.
Dennis Brown mentioned that he had three users who wanted to stay with Norton Anti-virus and was wondering if they could be accommodated. This could be done, as per ITPAC policy, by requesting an exception from Dan Cromer.
Chris Leopold spoke regarding the CNS wallplate model and provided a handout and some numbers relating to this. Chris feels that the $5 per port that CNS wishes to charge is unrealistically high for IFAS, but this will require getting a decision from the VP. Chris is for the wallplate model if it can be paid for off the top and is implemented 100% throughout the Gainesville UF campus. Chris Hughes also feels that it is important that the charge reflects actual costs and is not just a "grab for money".
approx. 1 hour 44 minute point in stream
Dan Cromer reported that the UF IT Network Infrastructure committee (ITAC-NI) unanimously approved the proposal as posted by Tim Fitzpatrick--with the addendum that it would require proper funding to support the maintenance of these services. This proposal provides that there is no mandate to join the initiative. Off-campus remote locations are not covered under this for the timebeing.
Chris Leopold asked the ICC if we wished to have IT fully determine what it would cost essentially to do our own wallplate within IFAS and propose this as a budget item to IFAS. This proposal received no objections.
Chris Leopold reported that a new set of UF IT security policies and standards have been fully approved and those will will require migrating all IFAS subnets to private IPs.
Chris Hughes proposed that we move all IFAS devices to DHCP, away from static addressing. Exceptions would include devices that could not use DHCP, or possibly some webservers which need multiple addresses that can not be handled via that method. For the latter, he would still like to see those addresses being reflected in the DHCP log so we know what is and is not available. John Sawyer would additionally like to include into this, standard documentation on where those devices actually are and who is responsible for them. Kevin mentioned we should also have a printer naming convention. Steve noted that with so much on IT's plate it is becoming more and more important to keep track of priorities and ensure that progress continues to be made on each item. Chris Leopold said that he would rely on the ICC for direction as to priorities.
Chris Leopold announced that Marshal Pierce has accepted the IT/SA IIS position. Chris also mentioned that Richard Lee is moving to their building and taking over the DBA responsibilities for SQLserver. While Richard will not be an IT/SA employee, his close proximity and programming prowess are expected to allow for his part-time usage on programming projects deemed important to IT/SA. There will also be a full-time programming position coming in the position that Marshal vacated for which Chris Leopold hopes to have 50% control to help with future IT/SA programming projects. Dean Delker has been reassigned to the HelpDesk by Dan Cromer. Dean will retain some IT/SA duties, including e-mail account creation and listserv usage management. Dean will also support the IT/SA documentation effort. Despite the fact that IT/SA has effectively loss .5 FTE in these dealings, Chris Leopold is cautiously optimistic.
Dwight Jesseman was absent, but he had wanted to remind people of the decision which was made way back in November on a new security group naming convention: namely, ". IFAS-XXX". There was a problem in implementing this due to the leading ".", but that has been resolved. Chris is working with Dwight to assure that all login scripts continue to work through this change.
approx. 2 hour 7 minute point in stream
Dwight had also mentioned to Steve that IT/SA wishes to develop an official list of supported services and that they desired input from the ICC on that. The goal is then to acquire adequate funding for those services and to no longer increase services without assuring that adequate funding has been acquired for those.
The question of IFAS obtaining Messageware Plus Pack 2003 for OWA was raised recently because this has been implemented by Mike Kanofsky and it solves some of the issues with OWA, including the ability to browse the GAL. The cost for IFAS would be $12,000. Chris Hughes wanted to emphasize that the UFAD implementation is not supported by IFAS and is not yet at production level. This is not how anyone in IFAS should currently access IFAS e-mail. There are problems with it and you should not direct your users to it at this time.
Chris Leopold mentioned that we cannot currently support infinite retention time for the public shares on IF-SRV-FILE01. Kevin Hill uses a Temp share as a dropbox area for moving files internally among users who might otherwise not have access to doing that. He deletes files that have been there over 30 days. He also supports public folders which are writeable by his users and readable by all in IFAS. Those have a 90 day retention time, unless longer periods are required for certain projects. In all cases, however, the retention time is limited. Chris Hughes wanted a permanent public area for which space could be controlled via reporting usage to unit heads.
Steve ended the meeting my mentioning the weekly IT/SA staff meetings, the second of which is being held this afternoon in the Entomology conference room. All ICCers are invited.
The meeting was adjourned late at approximately 12:30.