[312] in I/T Delivery
Pismere Project Status Report as of 6/30
daemon@ATHENA.MIT.EDU (Thomas L. Thornton)
Fri Jun 30 15:20:08 2000
Date: Fri, 30 Jun 2000 15:20:01 -0400 (EDT)
Message-Id: <200006301920.PAA08237@the-rim.mit.edu>
From: "Thomas L. Thornton" <tomt@MIT.EDU>
To: delivery@mit.edu, integration-ptl@mit.edu, dennis@mit.edu, hogue@mit.edu,
jdb@mit.edu, rar@mit.edu, vkumar@mit.edu
CC: pismere-team@mit.edu
Project Name: Pismere Delivery, Integration
Project Leader: Tom Thornton
Report Date: June 30, 2000
Submitted by: Tom Thornton
URL: http://web.mit.edu/pismere
General
-------
This status reports attempts to answer a couple questions. Is there
Pismere Team progress towards a successful delivery? Do we need any
help, and what help that might be?
Let's start by reminding you of that our goal is a fall deployment of
a cluster machine or set of machines in Department of Urban Studies
and Planning. The major things needed to achieve this are:
DHCP infrastructure
DNS infrastructure
Kerberos single sign-on
AFS
Directory population
applications
Within these areas, there are significant major blocking factors, and
risks.
For example, if we don't complete the single sign-on we still have
cross realm authentication working but users will have to type in
their password a second time in order to read email. A bigger problem
would be that this would also mean that we cannot store roaming
profiles in AFS, which would mean we would have to provide some
Microsoft file system support, a significant and expensive task.
Without DHCP infrastructure a DHCP relay will be needed on each subnet
that we have to support. This depends on Tom's help, and we plan to
meet to discuss this and DNS next week.
Without DNS infrastructure updates the service will not be 7x24. When
Chris' linux DNS server was compromised it took several days to get us
back in service for the developers.
Directory population - Dave Tanner has made a lot of progress and
Garry has been very helpful but we still have lots of work to do. We
will need more help from Tom and Garry. DCMs need to be written for
Moira updates to "rush" into production.
On the application front we have quite a few, but we really need to
get AFS solid so that we can run some of the software out of lockers.
If we don't have AFS, we can divert resources and create some
installers. At the same time we have applications that can be run on
98 and NT and someone needs to figure out how the software
distribution team takes on the task to get these deployed to the
broader community.
For schedule and critical paths with implicit milestone markers, see
the MS Project 2000 chart in the pismere locker:
/mit/pismere/projmgt/2k06.mpp
Accomplishments in June
-----------------------
- Received informal acceptance of new staffperson to come in August.
- Hired a new watchmaker for the summer.
- Obtained infrastructure hardware - 70 Gb disks, 400Gb tape backup.
Backup software packages are under evaluation.
- Obtained AFS 3.6:
3.6-specific version of aklog (pbh)
checkin of aklog (davie)
get AFS 3.6 to build locally (pbh)
- Moved and set up new test rack.
- Created many utilities:
add, attach, detach GUI (dongq)
pop, imtest, sasl (ianmga)
syslog (ppham)
krbcc32 (dalmeida)
pager (wtb2)
klprtray (jrasmuss)
- Made first pass at Access on/off issues.
- Tried to find zephyr testers.
- Obtained initial DHCP fix. Remote install testing is underway.
- AboutBox dll finished, which may be reimplemented in existing apps.
- Coordinated with Software Release Team on zephyr, plop, leash32 and
klpr.
- Met with DUSP techs regarding cluster machine delivery.
- Met with AUI Team regarding plans for new dash and olc.
Goals for July
--------------
- Washing machine (overnight build), backups.
- Apps:
revised leash32
revised klpr
revised zephyr
revised plop
Project Center
generic ftp
- Continue with Software Release Team on zephyr, plop, leash32 and
klpr.
- Keep seeking techpubs, training and support plans.
- Verify DHCP.
- IE certificate support (jis).
- Access on/off requirements.
- Generic logging library proposal.
- Finish kerberos single sign-on functionality.
- Populate the AD using DCMs and other programs.
- Get AFS 3.6 working with group policies intact.
- Meet 6 July to evaluate where we are and plans for fall delivery.
Issues
------
- When shall we get MS RTM source code? Hotfix source?
- How do we sync our AFS code with Transarc?
- Is Kerberos 1.2 beta ready for revised apps?
- Does the AUI Dash & gnome require Pismere revisions?
- Can we get NetOps to assist with Athena backup, and syslog?
Additional comments
-------------------
- Student coders are working rapidly. Barring unforseen Kerberos, AFS
or AD obstacles, we should be able to meet our fall pilot date.
AFS specific issues
-------------------
1. Need to confirm full local build on someone else's machine (davie?).
2. 3.6 local build checkin.
3. smb.c modifications to support authentication (minimal
functionality done, pbh).
4. Need further negotiation work, breaking out 2000 into a separate
if/else clause - preserve the NT setting so that Transarc might accept
the changes, also this will make future work easier. As we get away
from NetBIOS to CIFS we can expect the 2000 signature to change, for
example the list should later include "CIFS 1.0" when we move to the
CIFS port.
5. fs can cause service to die. We need research into any previous
modifications in this area.
6. Add automatic binding to valid LANA interface.
7. Resolve LANA UI issues.
8. Add support for AFS UNC name using NDIS filter driver.
9. AFS naming should be conditional on gateway functionality as well
as presence of NDIS filter driver.
10. Resolve smb.c modifications and IBM gateway functionality (UI and
code issues). For example, if the user has the gateway enabled we'll
need to support the original UNC naming convention instead of the
\\AFS naming convention.
11. Add support for AFS login authentication to use the MIT Kerberos
libraries and aklog (service provider modification?).
12. Remove dependency on Netbios transport, e.g. use CIFS over IP as
the transport. How does this interact with the name registration?
(port 445 instead of NCBLISTEN ?)
