[296] in Kakapo Windows Team
30 Jan container administrators minutes
daemon@ATHENA.MIT.EDU (Thomas L. Thornton)
Mon Feb 2 17:03:39 2004
Date: Mon, 2 Feb 2004 17:03:36 -0500 (EST)
Message-Id: <200402022203.i12M3aNi011971@the-rim.mit.edu>
From: "Thomas L. Thornton" <tomt@MIT.EDU>
To: contact-container-admins@MIT.EDU
CC: kakapo@MIT.EDU
win.mit.edu Container Administrators Meeting
Friday, 30 January, 11:00am-1:00pm, E19-758
Agenda Outline
IS organizational news
Documentation, < http://mit.edu/is/topics/windows >
Domain changes since November
Feature testing / Deployment plans
Discussion
IS organizational news
Tom begins to describe transformations underway in Information
Services and Technology, IS&T, formerly known as Information Systems.
Windows development now occurs under the new sub-IS&T organization
named Operations and Infrastructure Services, OIS, headed by Theresa
Regan. Now win.mit.edu efforts become a collection of Windows
services and no longer a project. Tom introduces Marshal Vale,
software development manager. Staff plan to continue work as usual,
and between Marshall and Paul Container Admin meetings will continue
to be convened.
Paul, Cana McCoy and Richard Edelson explain that running and
maintaining WIN servers moves to Network Operations, now known as
NIST, led by Marc Silis, who reports to Theresa.
This IS reorganization should have little impact on this group. Our
WIN customer interfaces remain the same. Over time, a few mailing
list names may change.
We now have a production web site for the entry-level WIN customer.
See:
http://mit.edu/is/topics/windows/server
Domain changes since November
On servers, we deployed SP4 to DCs and other infrastructure machines.
We researched it alot beforehand, seeing two puzzling behaviors:
Irregular growth in number of handles;
A DC reboot, unrelated to handles, but with no service outage.
So, please report any suspicious problems such as spontaneous reboots
when they happen. Please do not wait until the next Container Admins
meeting.
Two other changes were made to WIN servers. For one, there is a new
setting so the machines time sync to our time servers. Second is a
new Kerberos ticket policy to support Windows 2003 Server, W2K3S,
machines
On domain machines distinct from infrastructure servers, after
November when we allowed cross-forest roaming,on 21 December we made a
four-fold change:
1. Remote event log viewing may no longer allow any authenticated
user. The security log already was restricted. You might want
to allow local admins only. WIN makes a new GP available to
restrict this.
In viewing event logs, Steve Dowdy has a viewing problem on two
machines that developers will help investigate. [See
appended, below.])
The present WIN 4.0 AFS client puts userid into event log, but
the new one will not. Note that other third-party software may
place private info there.
2. Mirror-distrib copies \\win\dfs\ops\distrib to your path at
\Program Files\MIT\mirror\distrib. We do not plan to put much
there, and it uses robocopy, an incremental copy utility.
Shut off any other local version if you were testing it before.
3. ansify-profile changes a filename Unicode character into one in
7-bit ASCII. This is a per-user setting. The only user who may
want to disable it uses Unicode filenames to NTFS alone. We
will get doc online.
Here also, shut off any other local version if you were testing
it before.
4. Further registry setting to avoid W2K3S warning dialogs.
There is a new app, gpfind, to discover a GP without installing and
using GPMC. New documentation for gpfind is to come.
Beware XP SP2 that is in beta 1. We advise you wait for beta 2, since
the current version blue screens often, although it works on domain
machines, with AFS. It renames some registry keys, especially a
kerberos one.
Feature testing / Deployment plans
Our November IAP deployment plans are postponed due to a number of
issues. It seems SP4 makes software deployment less predictable -
developers see some machines take updates, some not. We await that
stability, and some binaries need more testing, like the AFS client
with its new features:
Works through a VPN;
Overcomes previous NetBIOS limitations;
Nested directory creation fixes TechTime, SecureCRT, maybe Eudora.
Therefore, we will not make our IAP target, but aim to deploy
win.mit.edu 4.1 during the term.
After the meeting, regarding Steve Dowdy's EventLog bug, Joe writes:
Steve reported a bug where his event log is strangely blank, even though
the event viewer claims it isn't. After looking online, it seems that
other people have seen this exact same behavior on Win2K SP4. And it turns
out: it's a good ol' fashioned Microsoft Bug:
KB Article #829246: http://support.microsoft.com/?id=829246 (If that link
doesn't work, it's because MS's online KB is having some trouble
today. Right now I'm getting about a 50% success rate with any given link.)
There's a hotfix apparently, but we need to ask PSS for it. So I suppose
Paul will get the ball rolling on that.
