IFAS COMPUTER COORDINATORS
NOTES FROM March 12th 2004 REGULAR MEETING
A regular meeting of the ICC was held on Friday, March 12th, 2004. The meeting was chaired and called to order by Steve Lasley, at 10:00 a.m. in the ICS Conference Room.
PRESENT: Eighteen members participated. Remote participants: David Ayers, Joel Parlin and Joshua Wilson. On-site participants: Mike Armstrong, David Bauldree, Robert Boden. Jenny Brewer, Dennis Brown, Dan Cromer, Joe Hayden, Kevin Hill, Chris Hughes, Dwight (Jesse Toothpick) Jesseman, Jack Kramer, Steve Lasley, Chris Leopold, Richard Phalen, Mark Ross, and John (Hank) Sawyer.
STREAMING AUDIO: available in two parts - part 1 and part 2.
Steve Lasley broached the subject of ICC officer elections, specifically to replace himself as chair. No interest was demonstrated in replacement.
In preparation for the upcoming ITPAC meeting on March 30th, discussion was opened on the proposed formal written ICC recommendation for "Centrally-based software installations". A number of suggestions were incorporated into the recommendation and continued modifications were solicited to be held via the ICC-L prior to ITPAC.
Kevin Hill briefly discussed the status of the AD project. Kevin mentioned that ICC members who were interested in joining a management station to the UFAD for purposes of trying out the various tools that are available should contact him.
John Sawyer arrived late, so Chris Leopold addressed the status of the Patchlink implementation. A new, hefty, dual-processor server with dual GB links is on order. Interest in a demo of the system was expressed, although it is not clear that John can have this ready in time for the next ICC meeting.
Jenny Brewer gave a brief status report on the new ePO implementation. She is most concerned with machines that are still missing from ePO and had emailed the ICC-L with instructions on setting up Win98 boxes so they can participate. Jenny can help you implement agent installation via a logon script if you are interested in making sure all new machines are accounted for on first logon.
Mike Armstrong had asked for a discussion on whether we should participate in SPF which provides a means of stopping the successful forging of email addresses. Yahoo and AOL are participating, and as of June 1st, they will not accept email from non-participants. This would require modifying the DNS to add SPF text records identifying our email users--which would help others whose MTAs were SPF aware. In regards to our servers becoming SPF aware, Jenny is investigating whether XWall does or will support SPF. After considerable discussion, it was decided that implementation should be investigated including discussing with UF their plans in this regard. If it is part of being a good network citizen, then it is likely we should at least publish our SPF records for the benefit of others.
Chris Leopold mentioned that the timing may be good on this, as we will be reorganizing our DNS in anticipation of moving to AD. Jack Kramer mentioned that he saw a problem with there being many incorrect reverse lookup entries in the DNS--in the Homestead site for example. Chris responded that dynamic DNS with AD will certainly alleviate that particular problem.
Jenny Brewer reported that the Bayesian filter got out of whack and had to be cleared. She is retraining it currently. She will slowly decrease the score at which spam is marked as the training proceeds; she had it down to around 63 previously without false positives, after a month of training. Jenny also mentioned that SPAM reports can currently be sent to either ALL or only a set list of people. Generating the list would be too time intensive, which is why we are all still getting the reports. Until the recent problem, there had been NO retrievals of messages blocked by the Bayesian filter. We are currently averaging about 80 retrievals (of all types) from the roughly 20 thousand messages that are being blocked each day. There are more false positives from SLS (Spam Lookup Service) than from any other category. Jenny reminded everyone no attachments will be blocked that wouldn't be blocked by Outlook and that the spam reports are in html and will only function for those using html-enabled mail clients. The reports, generated by the new ESAT Informer are now more detailed.
Chris Leopold spoke briefly on the problem with spammers bypassing XWall and going directly to Exchange which apparently has been prevented through re-configuration.
Kevin Hill wanted to see about getting everyone's Kixtart version updated from 3.62 to 4.21. Along with Jenny, Kevin has tested it successfully at Immokalee on various platforms and it has a number of features they feel are desirable. To move to the new version, you just have to change your logon script names in all your user profiles (in User Manager) from kix32test.bat to logon.bat for all your users. Dwight raised the question of this being done wholesale for all IFASDOM and no one objected. You may review these scripts by going to \\nt-pdc\netlogon. Logon.bat makes sure the new Kixtart version is installed (via platform dependent methods) and then calls kixtart.kix. Kixtart.kix puts up the legal banner then tests for user group affiliation and calls unit specific scripts on that basis. The file "Kixtart Document.doc" documents the various files in the netlogon share and what they do.
Dan Cromer reported that about a dozen RECs are being upgraded with dedicated T1 links to campus to support distance education video with quaranteed quality of service (QOS) via Cisco routers. This is the end result of the Interactive Communication Task Force Committee investigation into upgrading the IFAS video system. This system will use the UF video concentrator. As a result of this upcoming deployment, ICCers at the RECs involved will be expected to provide support for this new system (except for those places, such as Ft. Lauderdale, that have a specific position already in place to handle distance ed). Both Kevin Hill and Jack Kramer asked if REC ICC staff could co-manage those routers. Since these will be managed primarily by UF net services, Dan did not know if that would be allowed, but he understood the reasons for wanting that and will look into the possibility. Jack Kramer related his concern that this new connection will actually reduce his overall bandwidth. Dan said that this will have to be monitored and adjusted appropriately. Kevin requested that unit admins at the sites involved be plugged into the information loop on this issue, as they were (apparently for the most part) left out prior to this.
Dwight reported that quotas have been established on nt-file, srvweb, and srvweb2. Using WQuinn's QuotaAdvisor (now owned by Veritas) Dwight has set individual limits of 512MB and group limits of 5 GB on nt-file user folders and public folders. Roughly 300GB more storage will soon be added to that server. For the web servers, quotas are initially set at 128MB and can be incrementally increased from there as necessary. Jenny, Dean and Dwight can handle requests for modifying quotas directly or via referral from the HelpDesk. Srvweb is a fairly new server that contains all the websites IFAS has hosted up to this time (approx. 650 of them). Srvweb2 is a brand new Win2k3 server placed into production this fall. All new websites will be placed there. Jack Kramer mentioned wanting to move http://flrec.ifas.ufl.edu to the IFAS web servers.
Chris mentioned that nt-file is NOT for desktop backup, but rather for file sharing purposes. In the future we may have to implement methods to enforce that position.
Dan Cromer pointed out that someone had trouble recovering old email attachments that were archived via OTG (a package now owned by Legato). The official means for recovering these is documented on the IFAS Help Desk website under the How To's > Network > Recover Archived Email menu. The direct link is http://itsa.ifas.ufl.edu/services/recover_archived_email.htm.
Mark Ross mentioned wanting to not get the alert.txt attachments when a virus infected attachment is caught. This is confusing his users and causing him headaches. It seemed however, that most others still want those delivered.
The meeting adjourned about noon.