2012 July

July 16, 2012

Here’s an update on recent happenings with the UW Windows Infrastructure.

 

Readers should give special attention to the planned change to the UWWI user mail attribute values, as detailed below.

 

==== New Capabilities and Improvements ====

 

* Reflecting the heavy growth of the UWWI line of business, UW-IT has increased the staff allocation:

                -Will Kaufman, a technical support representative who also works with UW-IT’s managed workstation service, has begun fielding some 1st tier tickets.

                -Eric Kool-Brown, a new hire, is going through on-board training. During his career at Microsoft, Eric worked on the original design of Active Directory Users and Computers–among many other things.

 

====Spotlights====

 

* Work with the Office 365 project team has identified an urgent need to change the UWWI user mail attribute provisioning algorithm. Known problems include:

-lack of user input validation (misspellings abound),

-no constraints around the DNS subdomain specified,

-the ability for more than a single user account to have the same address.

 

A plan to address this has been formed:

-During the summer, we’ll reset all UWWI user account’s mail value to <uwnetid>@uw.edu.

-We’ll add a capability to the UW NetID Manage page to allow users to change from this default value. The UW NetID Manage page will:

-enforce input validation,

-know about “accepted DNS domains”, and

-not allow more than a single user account to have the same address.

 

The UW NetID Manage page will also provide a method for users to control whether they are included in the UW Exchange/Office 365 global address list (GAL).

 

We’ll have more info about this change as it approaches. If you have an application that integrates with the NETID domain which leverages the UWWI user mail attribute and you have concerns about this change, please let us know. We expect this change to happen in the next 3-6 weeks.

 

* An Annual Service Assessment for the UW Windows Infrastructure line of business was completed. UW-IT has plans to make these customer visible, as they include relevant information like 1 and 3 year forecasts.

 

* UW-IT kicked off a project to decommission the UW Forest. Customers in the forest have plans to migrate out by February 2013. 2 domains have shut down since the project started, 8 customer domains remain. Most of these customers plan to migrate to a delegated OU.

 

* Brian Arkills, UW-IT’s technical lead for the UW Windows Infrastructure line of business, was recently honored by Microsoft with their MVP award for his contributions in Directory Services technical communities during the past year.

 

==== Trends ====

 

* Since December, UWWI has added: 14 delegated OUs (52 total), 2 trusts (53 total), ~1100 computers (4500 total), ~42k users (562k total).

* UWWI support requests remain steady. 122 UWWI support tickets resolved since December.

* OU utilization rates (based on requestor’s projections) indicate that a lot of OUs are getting started. 16 OUs have more adoption than planned, 9 are making progress towards their plans, and 27 are getting started.

 

You can see metrics about UWWI at http://www.netid.washington.edu/dirinfo/stats.

 

==== What’s Next ====

 

Our objectives for the months ahead include:

 

* Continued work and changes to support the Office 365 project. As noted above, this will include a change to the UWWI user mail attribute, and we may replace our existing ILM deployment with the newest FIM release.

* Continue to refactor the UWWI Group Sync Agent to provide near real-time sync with reduced latency for all UW group changes. We think this work will be deployed in August. This improvement, together with another imminent improvement to the way course groups are provisioned to the Groups service, will result in near real-time course groups in the NETID domain.

* Support of the university-wide Business Continuity Initiative by placing a NETID DC in a separate geo-zone. Other critical UWWI infrastructure will also be considered in the future.

* Support the many delegated OU customers getting started and in the midst of migrations over the summer.

 

Additionally, some possibilities given enough resources:

 

* Investigate what’s needed to provide a scalable ADFS service that customers can leverage for federated authentication to/from the Windows platform.

* Invest in changes needed for Unix integration

* Investigate SCCM 2012 delegation features to enable OU customers to deploy SCCM for computer management within the NETID domain.

 

==== Your Feedback ====

 

Supporting your needs for UWWI capabilities offered via the Basic Services Bundle is our priority, so we welcome feedback on how we can make the UWWI service more valuable to you.

 

The UWWI service has a backlog visible to customers at https://jira.cac.washington.edu/browse/UWWI where you can get more details about possible improvements, current prioritization of that work, and even what we’ve been doing. You can “vote” for items in the backlog to help us rank priorities, or you can contact us via iam-support@uw.edu.