[399] in I/T Delivery
Pismere Project Status Report as of 11/30
daemon@ATHENA.MIT.EDU (Thomas L. Thornton)
Thu Dec 7 20:01:57 2000
Date: Thu, 7 Dec 2000 20:01:50 -0500 (EST)
Message-Id: <200012080101.UAA00724@mass-toolpike.mit.edu>
From: "Thomas L. Thornton" <tomt@MIT.EDU>
To: delivery@mit.edu, integration-ptl@mit.edu, dennis@mit.edu, njj@mit.edu,
jdb@mit.edu, rar@mit.edu, vkumar@mit.edu
CC: pismere-team@mit.edu
Project Name: Pismere Delivery, Integration
Project Leader: Tom Thornton
Report Date: 7 Dec, 2000
Submitted by: Tom Thornton
URL: http://web.mit.edu/pismere
General
-------
The cluster machines deployment to DUSP is close. The major features
we need to achieve this are:
Campuswide DHCP, otherwise expand coverage from W92, to N42, W20 and 9
DNS infrastructure
AFS loopback/redirector
Directory population of groups
Registry settings
Applications in lockers - this awaits AFS
Other than locker applications we have made steps toward solutions in
all these features. The pilot delivery seems to be, at best,
Christmas.
Accomplishments in November
---------------------------
- DHCP: TomC has "turned on" DHCP for N42. TomC expects to have the
campuswide DHCP server up around Christmas.
- DNS: zone servers and tables are under review by TomC and Chris.
- AFS: Danilo found a way to get AFS working with \\afs instead of
\\machine-afs. Davie put it into AFS 3.6.
- Developer documentation: we wrote more site-specific build script
documentation, for flags such as AFS36 and DRIVER.
- Pismere remote installer with group policy works on all our
machines. It puts a subset of tools, including Qing's MMC Moira
utilities snap-in, into a new Start Menu hierarchy. At this time the
user is required to take action to install the application suite. We
are investigating some interactions with AFS and Roaming Profiles
before we try to install the application suites without any user
intervention.
- The remote installer sets path and registry values using Group
Policy.
- We are talking to Microsoft about getting them to donate Microsoft
Consulting Services to improve the scalability and sustainability of
the current RIS process.
- Tom met with our sponsor Vijay and with Nate Johnson. In a longer
term, we will be looking into a cluster to deliver next.
- Wael, Tom and Oliver Thomas reconvened the Pismere support team to
start working on a Pismere support project plan.
- Beta releases for KfW. Danilo provided SASL libs, a better
installer interface and new help and release notes. He also changed
KfW per Jeffrey Altman's comments, and put a new icon on kdestroy.
- Tom and Susan Jones revised KfW and Plop documents. Since some
TechPubs comments apply to the installers, Tom gathered requested
changes into text files which Jonathan and SWRT can use to refine the
distributed installers.
- Ongoing alpha work with Jon Hunt of SRT, TechPubs, and HelpDesk for
KLPR, Zephyr, Plop.
- Pursued server grants from MS and Dell.
- Dave's and Paul's tests showed that the DC database size is stable,
so we can use some old machines we already have. Also, we will not
plan to do offline maintenance to defragment for now.
- Dave populated the AD with users from Moira. He met with Garry and
straightened out server issues. He discovered NT does not nest
groups, so implemented a workaround.
- Qing wrote AD disaster recovery SID-history rebuild from Moira.
- Joe sent a user account bug to MS.
- Danilo set up the team archive gateways, which are now accessible
from /web/pismere/dev.
- Joe has syslog working.
- Wael works with CSG members to write up a W2K departmental server
deployment paper.
- We understand MS RTM source code is in the mail.
- Danilo placed Active State Perl 6.20 in distrib.
- Retrospect now works, can restore to a different device, and uses
client userid/password pairs.
- Danilo and Wael planned to obtain new disks in order to run VMware.
- Tom and Jonathan Hunt planned another KfW presentation to the Help
Desk.
Goals for December
------------------
- DHCP: discuss with TomC whether we can support multiple RIS servers.
- Get NetOps to put test DNS servers into production in the Machine
Room.
- Put DHCP and DNS servers on nocwatch.
- AFS loopback needs workarounds for clients like aklog and fs, and
for adding machine-afs to the hosts file.
- Set attribute access control that shuts off anonymous access to the
directory. Answer the question, What directory access do we set up
for auditing?
- Get Garry and TomC to help us to put non-null Kerberos instances
into Moira.
- For the DUSP domain, we require two PDC machines and and RIS server.
We have an insufficient number of machines, so need to determine which
are DUSP RIS client machines, then obtain new servers, or optionally,
more client machines.
- Procure a Rose 2x16 switch for the servers.
- Install BDC.
- Set machines to audit changes on a local password, and send email on
a hit.
- Joe continues to write proposals for policies and ACLs.
- Joe should tell Kretch what we like and dislike about winlogger.
- Paul bounces the test AD server installing schema extensions, and
passes this effort along to Qing and Dave.
- Fix Plop failure to accept a drop onto an open Plop window.
- The command line kftp binary from Jeffrey Altman needs testing on
dialup and express.dialup. Kevin is looking at our
internally-developed ftp, and should compare it to kftp.
- Propose to MS distributing KLPR to other schools.
- Obtain MS help to design an RIS reinstall method to auto-detect the
computer container and a router address.
- Deliver DUSP machines, contingent on obtaining the equipment.
Longer Term Goals
-----------------
- Generic ftp requirements.
- Release Zephyr, Plop, KfW and KLPR.
- Access on/off plan.
- Generic logging library proposal.
- We need to do further work to populate AD attributes, such as white
pages info, from the MIT data warehouses.
- Plan post-pilot work.
- Package NT syslogger for other schools, and get tech pubs help from
here or a requesting school.
- Develop another group policy - making the My Computer icon
reflect the actual machine name. This probably requires a new app
using nonstandard API calls. It is still under much study.
Issues
------
- When shall we get MS SP and Hotfix source?
- How do we sync our AFS code with Transarc?
- Does the AUI Dash & gnome require Pismere revisions?
Additional comments
-------------------
Barring unforseen Kerberos, AFS or AD obstacles, we should be able
to meet an IAP pilot date.
