ICC Home  /  Members  /  Meetings  /  Peer Support  /  Documentation  /  Projects


ICC Meeting:

IFAS COMPUTER COORDINATORS
(ICC)

NOTES FROM July 9th 2004       REGULAR MEETING


A regular meeting of the ICC was held on Friday, July 9th, 2004. The meeting was chaired and called to order by Dennis Brown, at approx. 10:00 a.m. in the ICS Conference Room.

PRESENT: Sixteen members participated. Remote participants: Marcus Cathey, Nancy Johnson, Steve Lasley, and Joshua Wilson. On-site participants: David Bauldree, Dennis Brown, Jenny Brewer, Dan Cromer, Kevin Hill, Tom Hintz, Chris Hughes, Dwight Jesseman, Jack Kramer, Richard Phelan, Mark Ross and John Sawyer.

STREAMING AUDIO: available here.

NOTES:

There were no known new ICC members. Dennis Brown opened with a short discussion about the possibility of having an ICC/ICC-AD meeting at CREC in Lake Alfred. Allan Burrage had raised the idea when up in Gainesville at an earlier meeting, saying it might help demonstrate to the remote RECs that their interests are being considered by Central IT. It would also permit shorter travelling time for some of the remote sites (okay--and longer for others) and, if properly promoted, could be one of those rare occasions where all (or at least most) of IFAS IT gets together at one time in one place. There was no disagreement with the concept, but neither did any discussion address the logistics involved. It would be a terrible shame and contrary to the intension of the proposal should a meeting be held there and few show up. This discussion will continue at future ICC meetings and hopefully we can get a few people interested in the planning and arrangements so that such a thing could be the success we would hope it to be.

Jack Kramer proposed having everyone in IFAS IT get together at once--such as had been done a few times in the past (once at IFAS Entomology, once at Microbiology and once at McCarty G001 where video feeds from across the state were set up for the initial meeting of the formalized ICC under the chairmanship of Mark Ross). Deans, Department Chairs and Unit heads were included in some of these. Lake Alfred or even Gainesville could host such an event. Jack thought that this would be good way to address some of these policy issues.

Kevin Hill gave a status report on the Active Directory Subcommittee. Kevin related that we had a good meeting the day prior that ran long. The "Guidelines for IFAS OU Management" document will be reviewed as necessary, but no later than approximately every six months, to assure that it is up-to-date and contains our latest understanding of how OU managment should best occur. User enumeration is still holding us back in moving ahead with the project. Until the unit liaison role is taken seriously and the IFAS Directory information is corrected, the migration may continue to slip indefinitely. Logon scripts were discussed along with some issues with DFS and post migration drive mappings. The UF Microsoft licensing issue was not resolved by July 1st as hoped, but is still with the lawyers. There was a long discussion about removing barriers to entry by units who wanted more complete autonomy. It was proposed that, as much as possible, the "Unit Managed" computer OU be free of policies and procedures pushed from the IFAS level, but rather give such units comparatively the same situation which they would see if joining outside of IFAS. Population of local computer accounts by the ISM group is one of these key issues and that will be moved to the ICC Network Security Subcommittee for resolution under the direction of John Sawyer. Chris Hughes requests that units wishing exclusions speak up with the specifics of those so that those wishes are known and can be addressed within our structure.

Chris Hughes reported that he is working on getting the training lab ready out at the Livestock Pavillion. He is getting some test servers in place to do some test migrations. Some user migrations have already been accomplished. Logon scripts are in production. We are going to switch from the IFAS auto-populated groups to UF level ones. Course role groups for each course section are expected to be coming from UF so Chris will put off doing that himself. Completion of the migration is now set for February/March of next year. We will have to make a decision to possibly turn off IFASDOM at year's end ahead of complete remote DC placement. This may be forced due to security concerns for the inability to keep remote BDCs patched against vulnerabilities. This would necessitate authentication over the wire, but it might prove necessary. Non-IFASDOM domains that want to move early can be accommodated.

It was decided that the ICC would take the opportunity of the next ITPAC meeting, August 5th, to make ITPAC aware of the ICC's intention to create an IT Charter document for their consideration. It is assumed that ITPAC might then propose an IFAS-wide committee to carefully consider those suggestions. A Charter summary draft has been created by Chris Hughes to explain the scope of that, but it is unlikely that any greater portion of the proposed Charter would be ready to actually present by the time of the next ITPAC meeting on August 5th. Chris and Steve will work on getting that ready to present to ITPAC.

There was considerable discussion around the fact that participation in the UFAD will make certain aspects of the current email account retention policies technically impossible. Under the proposed UFAD system, user accounts belong to UF and not IFAS. When a person's affiliation with IFAS is ended, and this is formalized by a change in their UF directory entry that moves them out of the IFAS user OU, IFAS would no longer have access to the attributes of that account and could therefore not continue to provide Exchange service. Consequently, the ICC will recommend to ITPAC that the current policy that provides for 6 month email account retention be changed. The proposal is that email forwarding accounts be created and retained for a 1 year minimum. This only affects those who no longer retain IFAS affiliation and might include those who move to other UF departments outside IFAS or those who have left completely. It would not include such categories as emeritus faculty or faculty who have moved, perhaps, to another university but still engage in UF business such as participating in grants or graduate student committees. Those categories can retain their IFAS affiliation in the UF Directory and thus their email accounts for as long as is necessary. Procedures are being developed that will provide, as part of the exit process, a backup of all email as well as assistance in forwarding email to a new location. Since UF retains email accounts at least 6 months after a person leaves, one option for the short-term is to assist exiting employees in forwarding to a Gatorlink account. An ICC recommendation on this will be presented to ITPAC at the August 5th meeting for their consideration.

A procedure for allowing end users to temporarily change forwarding on their own e-mail account was discussed. It was recommended that a process for that be developed if possible.

Chris Hughes explained how the IFAS Admin Agreement is basically a request to create a service account. It states that a particular person is in charge of managing a unit's computer resources. If management is not claimed by a unit, those resources will be managed by Central IT. Dan Cromer said that this is something that will have to be communicated to units so they know the consequences of Active Directory and what it will mean to them. Dan said he intends to do that.

Kevin Hill raised the question of whether some subset of OU Admin functions might be delegated for units who had a support person that didn't feel comfortable with all the rights and responsibilities involved with full OU Admin access. This discussion may be continued at the next ICC-AD meeting.

Jenny Brewer reported that the motion to change the AD subcommittee meeting time has been dropped by general concensus. Chris Hughes reported that Mike Kanofsky and George Bryan of UFAD will be unable to dedicate 4 hours to our ICC-AD meetings (as the last one ran extremely long). It was decided that they might be accommodated by either moving UF-related issues to early on in each meeting, or have UFAD staff come every other meeting perhaps. Kevin preferred the latter as he appreciates their perspective on the IFAS side of things in addition to having them there to present only UF related issues. It was decided to try to keep to the agenda for the first 2 hours and leave any overruns for extra discussion.

Dan gave a brief update of the Distance Education video project. He asked that Steve Lasley remind ICCers of the VIDEO-L list and the http://video.ifas.ufl.edu site via the ICC-L (which was done BTW). The circuits should all be installed and tested via loopback to the smart jack T1 termination points as of this week (see Status Document). Many of the units are getting the video equipment: the TVs, Polycoms and so forth; unfortunately some of those arrived as a surprise due to the recipients being unaware they were coming and why. The routers and switches are in; one router was DOA, but is being replaced. Campus is configuring the routers and schedules are set for their deployment.

John Sawyer gave a quick PatchLink update. It is currently deployed on about 300 machines throughout IFASDOM. He is doing it in batches of about 150 at a time. It hasn't been put into the logon script because of fear of deploying to a bunch of remotes site before the remote repositories are in place. The remote repositories will be the multipurpose servers that are planned for deployment. Kevin and Jack both volunteered to go earlier, but John isn't sure if that can be handled sooner for those sites who have alternative machines they could donate to that cause in the meantime. He said he will check into that. Training is still on for the 15th from 2-3, but the room for that has moved from the Food Products Lab to the conference room in building 120. This is for on-campus admins at this time.

John reported that the will be a meeting scheduled for the ICC Network Security Subcommittee soon to go over several items directly related to AD as well as issues with WinXP SP2. Any who have issues to get on that agenda, please contact John.

Jenny reported that, for whatever reason, there were no problems reported with the Windows 9x upgrades for AD. Perhaps this is simply because no body tried to install those.

Jack Kramer requested that Dan place some emphasis on the WAN group participating in these ICC meetings. Dan reported that the DE project had higher priority currently, but that such would be encouraged in the future.

At Jack's suggestion, Dan proposed that IT might be brought into an upcoming IFAS Administrative Council meeting in the not too distant future. A portion of that meeting could then be used to discuss IT issues, such as AD and the proposed IT Charter with the IFAS Administration.

The meeting adjourned at about 12:15pm.


last edited 14 July 2004 by Steve Lasley