Attending: Dan G, Billy B., Kevin S. John K, Mark S., Mike McC, Craig DeS, Jack F and Richard M.

Continuation of previous meeting in July in which we discussed using Wolftech to replace etssauth servers and Sun IDM integration.

Craig gave an overview of how the portal et al currently used the Auth Tree eDir, and it's requirements.  We discussed how AD password policies differ, and covered some workflows about what would happen if one's basic access to one's desktop was controlled by the P1..P5 security policies.

Yesterday Kevin and I met with Danny and Harry and discussed how to address the proliferation of OU admins in the WolfTech domain from within OIT.  We now have 11 OIT OUs,  (OIT-AC, OIT-ComTech-CMS, OIT-OCC, ISO_PROV,ISO_SHS,ISO_RnD, TSS_CS, TSS_LSS, TSS-DS, TSS-SC not to mention ITD-DSP), which is causing problems because being an OU admin in WolfTech implies a level of communication with the rest of the admin community that simply isn't present in most cases.

I'm excited about the chance to use SAR for our account creation and other management, but I've got a nagging fear that all of ISO may not be on the same page about what strategies we're using these days.

Several of us met individually with Richard over the last couple of days to talk about using SAR (aka Sun One identify manager) for account provisioning.

SAR is used as a replacement for an earlier home made applicaiton called ASAP, and is used to provision and deprovision access to things.  There are currently 36 systems in SAR, some of which don't actually do the provisioning, but handle the process flow by presenting forms for approval and sending e-mail to each party in the workflow to encourage them to fill out said forms.

We had the next to the last "File System Team" meeting this morning.  I wasn't taking good notes, so the particulars I record here may not be correct.  Eric is doing our "official" write-up, so anything differenet between that write up and this one means that this one is in error.

Not a lot of new stuff on the agenda

• We need servers in ACSAD to switch to use ns60/ns61 for DNS.  Plans are to run ISO servers while the CAB deliberates applying GPO to ship ns60/ns61 domain-wide.

From 6/22/2009

• Terminal Server CALS in WolfTech
• Migration of 4 x OIT groups in WolfTech to WolfTech

Action Items from earlier meetings

Agenda for 6/22/2009

• Terminal Server CALS in WolfTech
• Review Hardware Assets
• Project plans for DESAD, Unity.AD, ACSAD
• Need 2 x 2650 class servers for Nagios project - is this OK with the team?
• New project: Migration of 4 x OIT groups in WolfTech to WolfTech :-)
• OU layout discussion (jrwells)

Action Items from earlier meetings

Proposed Agenda for 6/15/2009 meeting

• OIT servers need to move out of "wolftech.ad.ncsu.edu" DNS domain in QIP. What servers do we have, and can we set a date to move them?
• What do we really think re: cached filesystems?
• Patchlink servers from DESAD to WT - timetable for CAB and Sysnews posts
• Discuss combined on-call plans
• Discuss breakdown of work / needed rights
• Out of band management (DRAC/iLO) to WT
• DFS paths for Terminal Server profiles

Action items/todos from last meeting

I've been attending a biweekly meeting called by Jason M. in TSS-SC for a while now, but haven't been posting my notes.  Sorry 'bout that. :-)

The membership at these meetings is Ed L (TSS), Tom F (TSS), Tim G. (Security & Complience), Danny D (TSS), Dan Evans (TSS) and Jason M. (TSS). It was originally conviened to discuss the use of "cached credentials" on administrative desktops.  It's since transmongrafied into a general discussion of desktop issues, and thus something to be reported to our ISO team as a whole.

Agenda for 6/8/2009 from whiteboard in 308

• RDP to common port accross all our servers?
• Nagios Dog N Pony by jaklein (still not baked)
• OCS Inventory updates
• New business: FlexLM to WolfTech?
• Home dirs in WolfTech
• "CPU" check to only return warnings in Nagios?

Action items/todos from last meeting