ICC logo IFAS logo

ICC Meeting:



A meeting of the ICC was held on Friday, April 8th, 2011 in the ICS conference room. The meeting was chaired and called to order by Steve Lasley at about 10:00 am.

PRESENT: Fifteen members participated.
Remote participants: Bill Black, Allan Burrage, Dan Christophy, Dan Cromer, Francis Ferguson, Chris Fooshee, Marvin Newman, Joel Parlin, A. D. Walker, and Wendy Williams.
On-site participants: Dennis Brown, Wayne Hyde, James Moore, Winnie Lante, and Steve Lasley.

STREAMING AUDIO: available here


Agendas were distributed and the sign-up sheet was passed around.

Report from the chairman

Member news:

The ICC had two members receive 2011 Superior Accomplishment awards in the Scientific/Technical category! Ben Beach, IT Expert/NE District Support for IFAS Information Technology and Bart M. Schutzman, Senior Computer Program Analyst with Environmental Horticulture. Congratulations to them both!

Recap since last meeting:

As per his usual procedure, Steve pointed folks to the notes of the last meeting, without going into any details.

Videoconferencing and WAN discussion

[In order to make meeting participation more efficient for Patrick Pettus and James Moore, these two topics have been moved to reside at the top of our agendas.]

Videoconferencing topics (previous discussion)

End-user Scheduling (previous discussion)

Dan Cromer had been expecting Patrick Pettus to participate with us this morning to explain, but it would appear we are getting closer to something which has been in the works a long time. Patrick Pettus has reported via private e-mail exchange that he plans on making scheduling through TMS available at the end of this semester. We need to figure out how we want to deal with the automatically generated e-mails. Those e-mails will contain all of the connection information for the conference and will be sent to the person requesting the conference. We could just leave it up to the person requesting to forward that information on to the appropriate people, but Patrick thinks we would be better off sending messages to each requested site if we can come up with an acceptable way of doing that.

Demo licenses for MOVI available

Patrick also mentioned in private e-mails that we have 100 demo licenses for MOVI until May 15th. This is another computer-based videoconferencing solution software similar to Polycom's PVX, but which works both on the PC and Macintosh. Patrick can create accounts on request--just contact him.

Dan Cromer said that he has used this Tandberg product and has found it very easy to use. He thinks it might be a good interim solution for departmental and upper administration meeting rooms in conjunction with a CX5000 camera. Eventually, Lync might make such a solution obsolete, but until we have better interconnection with Polycom, this would be a good alternative to PVX software that will run on either a PC or a Mac. Apparently, Dean McLellan is happy with using this in his own conference room currently.

Vidyo is another interesting solution

Steve noted that he recently heard about yet another videoconferencing solution called Vidyo on the AV-1 Forum. It has some very interesting features and purports to make videoconferencing as easy as Web conferencing. They even offer an out-sourcing solution via hosting.

Lync deployment (previous discussion)

Dan Cromer said that he has talked with Tim Fitzpatrick and encouraged him on several occasions to move forward with Lync deployment--at least getting some of the background parts in place. The IT Strategic Plan is currently a higher prior with Tim, Fedro Zazueta and with Elias Eldayrie himself, and that has been taking a good deal of time at their level. The Exchange 2010 migration and SharePoint are also competing for scarce personnel resources in this area as well. Lync and the entire Unified Communications (UC) issue have consequently taken a back seat.

Dan has been pressing to get Lync working sooner rather than later, however, because it could save IFAS up to $5000 a month on long distance costs. Our long distance bill within IFAS is around $120,000 and if we could save half of that it would come to around this $5000 figure.

Dan has raised this to the IT Leadership Team, but Tim had responded that this was low priority in his mind. Elias, however, did ask Tim to have something back on this issue in four weeks. Dan reiterated this as being something very important to IFAS and offered to volunteer his own services to assist on the effort in any way that he could. Elias has told Dan that he will encourage Tim to allow Dan to at least participate in the study.

Dan said that the Tier Two committee has come up with the follow details regarding what they believe we need to consider in regard to UC and he would appreciate input from the ICC.

Unified Communication System requirements:

  1. Soft phone capability.
  2. Integration and compatibility with current telecom systems.
  3. Integration with campus directory and Exchange calendar.
  4. Secure communications to local server(s).
  5. Low total cost of ownership.
  6. Ease of use and deployment.
  7. Faculty, Staff, and Student licenses.
  8. Anonymous access.
  9. Web-based access.
  10. Standards-based integration with Polycom and other H.323 end-points, including H.239 content sharing.
  11. Voice mail integration with inbox.
  12. Clients for multiple OS.
  13. Works with CX5000 cameras.
  14. Ability to record conversation, including video and content.
  15. Delivery of voice mail to e-mail.
  16. Federation with other UC clients/universities/companies.

Desirable options:

  1. Integration with Microsoft SharePoint and Office.
  2. Phone-in ability to check e-mail and calendar.
  3. One-click calling from Outlook contact card.
  4. One-click calling from Web-page reference.

Note: the above were updated from Dan's original posting to the ICC to place items in what he believes is priority order. John Madey has been appointed by Elias to lead the UC project and Dan Cromer is on the evaluation team.

Dan mentioned having heard from Elias yesterday that he would like these processes to be more open and that he would talk to Tim about that. Transparency in governance and process is a goal Elias supports and Dan was pleased and encouraged by that.

Dan added that it is not just IFAS that is showing interest in soft phones. Justin Laufer, IT Specialist for the Center for Latin American Studies, would like a soft phone option because he wants a GB desktop connection and does not want to pay for the more expensive GB model Cisco phone.

WAN transition to CNS (previous discussion)

Updates from James Moore

James reported that he continues to roll through the upgrades at all the CEOs. He is meeting with Apopka and Quincy next week to discuss VoIP to replace their aging phone systems. His is also investigating VoIP for Immokalee and will be sending down new LAN equipment there shortly. Next fiscal year, which is just around the corner, they will also be investigating VoIP and a new LAN for Homestead.

James is also looking into a new circuit for Vero Beach. FLR has an upgrade in Orlando that he thinks will help us out in crossing LATAs and getting rid of the $350/ month inter-office charges.

Regarding Immokalee, James said they are beginning to work with FacOps to figure out how to get the fiber in "on the cheap". If that can get in quickly James believes we are just about 45 days out from having a connection. Fiber installations take about a week or two and the installation at Homestead ran about $5000.

James also discussed a project he is investigating for Winnie Lante to add networking to the Austin Cary Memorial Forest Learning Center. James is investigating a wireless solution from Verizon for that.


myUFL changes due May 10th

Due to the Financial Systems upgrade, the myUFL portal will be changing its look and feel. Some technical maintenance will take place the weekend of April 15-17 during which some portions of the myUFL system will be unavailable.

New Secunia site license

Rob Adams, UF's Information Security Officer announced a Secunia CSI site license that includes Secunia PSI for all students, faculty and staff not on CSI:

Message from Rob Adams to the SCCM-L:
"Re: Secunia" Fri 3/25/2011 9:10 AM


News travels fast around here…love it!!!

I announced that we secured a site license for Secunia at the Campus IT Directors meeting yesterday. As part of the Governance for UF IT, the Information Security and Compliance Advisory Committee (ISCAC) recommended that we move forward with tools to assist the campus with third party patch management in an effort to attain a more proactive stance as it relates to information security (additionally, I have been getting a lot of inquiries for this capability, specifically Secunia). We moved forward with this recommendation and invested in Secunia CSI 4.1 Enterprise (integrated with Microsoft WSUS/SCCM).


  • Secunia CSI site license
  • Secunia PSI for all students (to account for devices not running CSI – can be faculty and staff also)
  • Access to new versions during the subscription period (5 years)

I indicated to the Campus IT Directors that my office would be communicating with them to organize this effort. There was some discussion about setting up a hub and spoke configuration for this. I am happy to entertain architectural changes and centralizing services where it makes sense to the campus IT community to better serve their constituencies.


This CSI software connects to WSUS and SCCM via their APIs. Some videos are available showing the configuration details. Since IFAS already utilizes WSUS, there will be numerous configuration issues to coordinate and being short on time and resources does not help.

Free Windows 7 Deployment Training for UF IT Staff

As mentioned at our last meeting, three days of free training are being offered to IT staff. Registration is required and there will be no remote access or recordings available.

Upcoming Peer2Peer

In case you missed it, last month's Peer 2 Peer event is available as a recording.

Update on domain policy and redirect duration

As mentioned last time, our domain policy is being reviewed by a sub-committee of ITPAC.

CNS wants to host DHCP/DNS solution for all campus (previous discussion)

For now, this is a non-issue within IFAS. As stated last time, a great deal of investigation would need to occur before we could consider moving to this.

UF Exchange Project updates (previous discussion)

Exchange 2010 migration status

Dan Cromer related that the move to Exchange 2010 broke many/most Blackberry devices. Consequently, they are in the process of upgrading the Blackberry Enterprise Server (BES) which is expected to be done by the end of next week. Once that issue is resolved Dan expects a notice to go out about actively migrating. The expectation is that we will all be moved over by the end of June.

Moved all to Proofpoint seemingly without glitches

Steve noted that he had not heard a peep from his users and that seemed to be the case overall. Dennis Brown mentioned that he had one concerned user but that was the only issue mentioned. Steve speculated that this is similar enough to the Barracuda as to be easily understandable by our clients. It also doesn't hurt that so few messages are actually quarantined.

Dan Cromer mentioned that the Barracudas will soon be turned off as all quarantined messages will be aged-out after 30 days. At that time he expects the URL on ProofPoint to change back from http://quarantine.mail.ufl.edu to http://spam.mail.ufl.edu.

Centralized FAX service via Exchange (previous discussion)

No updates available...

Sakai e-Learning System now in production (previous discussion)

No updates available...

IT survey is coming (previous discussion)

We will keep this topic on our agendas until some resolution occurs.

Alternate IFAS domains in e-mail

No updates available...

Electronic Copy - Print Output Cost Reduction program (previous discussion)

Dan mentioned getting an e-mail from our CFO, Matt Fajack, saying that the ITNs will go out in a couple of weeks. Winnie's department has an immediate need and likely cannot wait for that to be resolved. She said that they are currently getting bids from the three state-approved vendors.

myuf Market (previous discussion)

Steve wants to keep this on our agendas in case discussion seems warranted.

Split DNS solution for UFAD problems

Steve wants to keep this on the agenda for future reference.


New web cluster

No updates available...

MPS/DC refresh

Regarding the DC replication issues we have been experiencing, Steve had heard that OSG believes they have solved that by removing one troublesome DC. Andrew Carey was not available for comment, but time will tell. Steve has been a bit concerned that central monitoring had not seemed to catch these issues in the past--rather Andrew has had to be the point person on reporting those issues.

New SQL cluster

No updates available...

New virtual infrastructure being planned and spec'ed out

Wayne Hyde said that he is currently evaluating whether or not to stick with VMware or switch over to Hyper-V with the next revision. The incentive to switch would be cost, but currently VMware's management tools are much superior. A VSphere 4.1 Enterprise license costs about $6000 in up-front costs with one-year maintenance. Then it would run an additional roughly $1000 per year per ESX host server. Hyper-V is "free" and does have some advantages now with R2 as far as dynamic memory. That feature might make Hyper-V a good solution to our VDI infrastructure so that VMs could be easily adjusted with regards to memory needs of the GIS VMs.

Unfortunately, the SCCM 2012 products (which demoed well at MMS last week) won't finalize until after we need to make our equipment purchase.

Regarding the processors he is looking at for these host machines, Wayne believes that clock speed may be more useful that a greater number of cores at this time so he is leaning towards 6-core processors running at a faster clock speed.

IFAS WebDAV implementation

There continues to be no progress on the documentation which was to happen prior to announcement. Since this has never been formally announced, the matter remains on the agenda as a standing item.

Windows 7 Deployment via the WAIK, MS Deployment Toolkit 2010, USMT 4.0, WDS, and SCCM

Free Windows 7 Deployment Training for UF IT Staff

As mentioned last time, don't forget that this opportunity is coming up in a couple of weeks. If you haven't registered yet, do so right away.

RSAT for Windows 7 SP1 is out

This is not a Windows deployment topic, but the new version of the Remote Server Administration Tools for Windows 7 with Service Pack 1 (SP1) is now available for download. You can now add RSAT to a Win7 SP1 install after-the-fact.

Steve took this opportunity to also mention he discovered that HP's Web Jetadmin tools will not install on Windows 7 SP1 currently. A hot fix is anticipated. Steve hates that HP makes this huge cumbersome program the only means to update firmware on their printers.

Windows 7 SP1 via WSUS

As mentioned last time, Wayne has created a means for pushing this out via WSUS. That said, there is no hurry and various problems have been reported; you may want to run through a checklist of recommended preparations. Steve had heard that it is very important to install SP1 by itself, as there have been issues when it is installed along with other updates. Microsoft is Updating the metadata of the WSUS and Microsoft Catalog items to mark them for exclusive install to avoid this issue. Wayne has created a target group called "7SP1" and it can be used similarly to how IE8 was handled.

Wayne mentioned that he is also creating target groups for IE9.

UF SCCM Support Group

No updates available...

Exit processes, NMB and permission removal (prior discussion)

No updates available...

Re-enabling the Windows firewall (prior discussion)

No updates available...

Services Documentation: Is a Wiki the way? (prior discussion)

No updates available...


Recording lectures for Distance Education (previous discussion)

Protected access for captured lectures

Steve had been assuming access could be controlled the same way sub-folder access is handled for other web sites--namely by denying read access to the anonymous user and adding another controlling security group with read access. While that does do the trick, it also breaks the script which provides the table of contents for stored lectures. We clearly need a better solution.

New DHCP reservation site created (previous discussion)

You are reminded that Santos Soler has created a new DHCP reservation site which you may use to request reservations. Dennis Brown mentioned having used the site successfully and Steve added that he had utilized it just yesterday. Santos prefers that we use this rather than e-mail him separately.

Dennis related that Santos had mentioned an issue with the field size for the IP# being too short to handle the maximum of 15 possible characters. Dennis didn't know if that had been fixed yet or not.

Restoration of back-ups on the file server

Wayne Hyde intends to document and announce proper usage as time permits.

Membership of ". IFAS-ICC" e-mail distribution group to be narrowed to ICC members only (previous discussion)

Steve will keep this as a standing item on our agendas for now as a reminder. The ICC distribution list is more targeted and restricted to IFAS IT support folks only.

IFAS efforts toward Green IT (previous discussion)

No updates available...

Creating guest GatorLink accounts: singly or in bulk (prior discussion)

Steve had left this on the agenda in case further discussion was deemed warranted.

Can IFAS support DirectAccess in the future? (prior discussion)

Steve wants to keep this topic on our radar.

Moving away from the IFAS VPN service (previous discussion)

No updates available...

VDI desktops as admin workstations (previous discussion)

No updates available...

Wayne's Power Tools (prior discussion)

No updates available...

Computer compliance tool in production (previous discussion)

No updates available...

Folder permissioning on the IFAS file server

You are reminded to please take the time to read and implement the new standards. If you have any questions get with Wayne or Steve.

Disabling/deleting computer accounts based on computer password age

This is yet another matter for which finding time for implementation is proving difficult. Steve wants folks to remember that Andrew Carey has a good plan for dealing with this which he simply has had no time to address. In the meantime, it would be very good of each OU Admin to consider mimicking the proposed plan manually by keeping their own records and deleting any computer object which have been disabled for 90 or more days; Wayne's Power Tools can identify those. Steve has finally begun doing that for his own unit and it has made his view within ADUC much more agreeable.

Core Services status (previous discussion)

see the new virtual infrastructure section above...

ePO updates

No updates available...

Status of SharePoint services (prior discussion)

IFAS migrating to centralized MOSS

No updates available...

Public folder file deletion policies and procedures status

Nothing further was available on this topic at this time.

Patching updates...


The April Microsoft patches will include seventeen bulletins (nine "Critical" and eight "Important") covering a whopping sixty-four vulnerabilities across Microsoft Windows, Microsoft Office, Internet Explorer, Visual Studio, .NET Framework and GDI+.

McAfee provides podcasts on the highlights of each month's offerings and another podcast summary of these patches is provided by "Security Bulletins for the regular IT guy".


There were new critical updates released for Adobe Acrobat, Flash and Reader. You can view your current Flash version by going here. Flash should be at ( for Chrome). Acrobat should be at 10.0.2 or 9.2.4; Adobe Reader 10.0.1 was not patched and is supposedly not vulnerable.

MS Office News update

No updates available...

Job Matrix Update status

This is here as a standing topic--no discussion this month.

Remedy system status (previous discussion)

No updates available...

Other Topics

usage of the UF IT Alerts Dashboard page by IFAS

Dan Cromer mentioned that he would like to get IFAS using this site for the posting of IFAS issues. Apparently a number of central IFAS IT people (Dan believed that included Chris Leopold, Andrew Carey and the Help Desk) have the ability to add items there now. Dan wanted input on who might need to do that.

Steve asked whether "phones down at REC" or "network down at CEO" type messages might be appropriate for that. If so, IT staff at RECs and the IT District Support folks might want access. Steve believed we should to make sure we are posting pertinent information there before urging folks to go there, however. Otherwise our users will be disappointed by the expectations we might set.

Dan mentioned that EDIS outages and ECES outages were other good candidates for posting here. Steve agreed with Dan that this would be a good thing; it seemed to him that the main issues would be coordinating with our various IT staff members. We would need to make sure everyone involved knew how and when (i.e., when it might be appropriate) to do that.

Passwords for Polycoms

Marvin Newman related his frustration with not having the administrative password to his own Polycom units. Apparently Video Services changed some settings on his unit that caused problems. He called Patrick Pettus, but Patrick would not give him the password so he could correct the problem. It seemed to be the consensus of the ICC discussion that Patrick has generally been very good at working with folks in such cases. Allan Burrage suggested a well written e-mail explaining the problem to Patrick and copying Dan Cromer and possibly Marvin's director. Patrick has been very accommodating in the past and Allan believed a bit of additional communication would clear up the issue.

Dennis Brown mentioned that Lance Cozart with the IFAS Help Desk was a good resource for Polycom issues as well, though he would not likely be available after normal business hours.

RODC issues at remote sites (prior discussion)

Diagnosis and resolution of this issue has been very slow. On March 22nd, CNS/OSG announced that they would be removing a stale forest trust on UFDC07 that they believed might be causing what they described as "intermittent replication problems across the domain".

UAC settings egregious for users?

No updates available...

PDF-Xchange (prior discussion)

No updates available...

The meeting was adjourned early a little after 11:00 AM.