Present: William Dougherty-NI&S, Chair/scribe; Mike Moyer-Data Center Manager; Brian Long-SETI; Jeff Kidd-CNS PR; Flex Vaughn-VTOC; Karen Herrington-IMS; Brian Jones-CNS CNO; Wanda Baber-SS SMT; Susan Brooker-Gross-IT Admin & Planning; Richard Quintin-DBAA.
SAMWise calendar and tool update:
Nicole has made some mockups of the Schedule Maintenance and Urgent Maintenance forms, and we have gotten feedback from Flex and Teresa. I've also talked to other 4Help staff about the workflow, and have gotten some usability suggestions from Kim Gausepohl. It is likely that the entire effort will be replaced by ServiceNow, but since that won't be deployed until August, we'll keep going with the Google Sites/Scripts/Calendar version. If anyone on the committee would like to meet with QA to discuss their particular posting and notification needs, please let me know.
Middleware:
On the 10th we will update ED-Lite and on the 17th ED-ID and ED-Auth nodes will be updated. This will be done during Middleware's scheduled maintenance window.
Loading should take at most an hour, during which ED-LDAP replication will be down. ED-LDAP will be available during the upgrade.
Details:
The following changes will go into production:
1. Upgrade to OpenLDAP 2.4.38.
2. Use lmbd database instead of bdb.
3. cn=authstats will be populated with actual auth data.
4. Support for SHA-512 passwords.
5. Allowed ciphers will include (new ciphers designated with '+'):
AES128-GCM-SHA256 +
AES128-SHA
AES128-SHA256 +
AES256-GCM-SHA384 +
AES256-SHA
AES256-SHA256 +
CAMELLIA128-SHA +
CAMELLIA256-SHA +
DES-CBC3-SHA
IDEA-CBC-SHA
RC4-MD5
RC4-MD5
RC4-SHA
SEED-SHA +
Added after event on the 10th: First load took longer than expected, so next week's process is under review. This may change from Monday to a Sunday, so perhaps the following Sunday. Updates will follow as soon as known. Added in Proof: A different method for loading will be deployed, so the change will take place as scheduled on the 17th.
CAS upgrade is also being planned to make it more fail-over resilient. Desire is to put this into production on March 31st during normal maintenance window. Change has gone through regular dev/preprod cycle with no issues.
M:SIS:
Patch maintenance will be performed on all M:SIS production servers Saturday, March 29th, from 5am-11am.
Hokies Active Directory and Hokies DNS will be available, but the following M:SIS services will be unavailable for 5-15 minutes at various times during the maintenance period.
ADadmin web site
OU admin web site
Hokie SelfService web site
VT M:SIS web site
VDWS
VDWS portal web site
SharePoint web site
entire W2K-DEV and W2K-TEST forests and web sites and services
Active Directory authentication is expected to be working in Hokies and University Services domains due to the presence of a domain controller in each domain that will not be offline. Machines that have cached their domain controller or are programmed to use a DNS server that will be offline may experience delays during logins and queries.
Data Center: UPS battery replacement; the one which had been installed with System X is over 10 years old and connected in series. Still in early planning stages to replace the aged batteries. While
the work is being done, the systems will be in bypass. Plan is to improve the system.
SMT: Still needs dates after commencement to take NetApp NAS. Probably need an entire 8 hour window. New equipment is on its way.
CNS: UC Infrastructure upgrade is scheduled for Friday, March 28th, and Saturday, March 29th. There will be a two-hour window on the 28th during which voicemail already stored will be unavailable. Also early on the 29th, there will be a 15 minutes window when voice service will be unavailable.
Change to CableTV is coming in by the end of May.
Cutting over areas of campus to the new core by switchroom regions; Owens has already been done. This is being announced through VT-DNET.