DUKE ITAC - July 26, 2007 Minutes
ITAC Meeting Minutes
Announcements and Minutes
Kevin provided an update on the minor and temporary service disruptions in the Duke wireless network. Cisco worked closely with Duke and Apple to identify the source of this problem. Cisco has provided a fix that has been applied to Duke's network and there have been no recurrences of the problem since.
Cisco has published a security advisory with full details at http://www.cisco.com/en/US/products/products_security_advisory09186a008088ab28.shtml
A patch is available to registered Cisco customer
Cisco Blog post at
ELearning Group Report
Molly Tamerkin provided information about the e-Learning Group Report. Julian Lombardi had started the effort last August to create an e-Learning Roadmap committee.
The eLearning Roadmap committee met from August 2006 to June 2007. The group was coming up with recommendations and advise for people who would be filling future roles. Meeting notes from this group are available at http://wiki.aas.duke.edu/asist/committees/elearning
The goals of the committee were to project trends 3-5 years out to help develop strategies for coordinating and integrating eLearning environments. The committee was to advise Julian Lombardi and Bob Price regarding global, local, and school (or discipline) specific eLearning trends.
The committee worked on it’s recommendations based on infrastructure guidelines from OIT and CIT, the fact that the consumer marketplace is constantly changing and changing QUICKLY. They also considered the changes in higher education, as well as changes in the local environment and marketplace.
A question was brought up about the concept of expanding eLearning among the Duke staff. The response that an eLearning “identity” could be established that grows with an individual as the individual’s role changes and moves between, student, staff and alumni. ELearning does not sit in any one system.
It is important to use tools that interact with each other.
Mark mentioned that Web 2.0 should be good at snapping together “modules” as needed for huge synergies.
The next steps for the eLearning Roadmap committee are to finalize their paper and set priorities for this coming year.
Rafael asked How to use technology today to work differently? How do we make new people going through Duke use technology in learning?
Molly mentioned that Jeff had identified indexing, metadata, and storage.
If OIT can fulfill basic needs, schools can expand their use. The ELearning group wants to provide recommendations and not requirements.
For example, one of the recommendations include increased storage and tools to share resources
Personal Network Storage Demo
Klara’s group implemented a web front end to the network storage solution. Rob Carter did most of this work. One of the goals was to strengthen and improve the data storage network.
Klara proceeded to do a demo.
Individuals can now recover data files without having to call the Help Desk for assistance. “Lost” data is backed up to the last snapshot. Data backup happens every 24 hours. Snapshots are regenerated overnight.
The web front end allows a user to easily select and item, copy, delete.
The system incorporates the concept of favorite locations.
Shared spaces are assigned by NetID, which allows a user to give permissions to access space in the user’s storage area.
Users can be pushed into groups based on the classes they are taking.
Shared spaces include:
Personal web space – the new system makes it easier for people to manage their own web space.
Streaming – files can be uploaded into a streaming directory. This should allow users to share audio/video files more easily.
Course spaces – pre-populating course spaces are assigned to users taking specific courses
Project share spaces – data space is shared with colleagues per specific projects
Departmental & Organizational spaces – data space is shared among members of a specific department or organization
An attendee made the suggestion of using a data/time snapshot (i.e. – This snapshot was taken 7/26/07 at 3:03 EDT) on the web front so that a user could tell when the last update took place
Duke is sharing the development of this storage system with the University of Michigan.
Proposed launch date is August 1st.
All of AFS has been put on enterprise system. Quotas can be increased seamlessly.
1 gig quotas to start for all users. Individuals’ quotas can be increased as needed. Klara would like to develop the system so that users would be able to increase their quota by “self-serve.”
The group will monitor usage to avoid bandwidth usage problems. The group is not throttling access to the system right now, but can do so in the future if necessary.
A comment was made that the streaming server could become a potential bottleneck. In that case, increased use may require policy changes.
A sophisticated privilege system is in place to set permissions. Permission have been simplified into four categories
For example –
A course space owner will be a faculty member. A TA will have write permission. Students start with read only permission that can be changed as needed. Instructors will be able to toggle permissions on and off. Course group members cannot drop themselves out of a course group
Klara will take feedback for those you go on and test-drive the system.
OIT’s News and Communications’ Bill Cannon is working on a communications plan for this project.
There is no technical maximum. There is an administrative maximum.
A comment was made that this is a potentially interesting and powerful tool.
If five gigs are to be the default quota, this should be set as the expectation so that people do not think they can mirror their hard drive on the Duke data storage system.
Shibboleth, Grouper Discussion
Klara’s group member Shilen Patel is very familiar with Shibboleth and Grouper.
Klara presented a simplified diagram for person and group registry.
Grouper is a way of managing groups.
There are two ways to manage groups: automatic or manual. Manual mode is only available to “Super Users.”
WebAuth is a legacy Web SSO written in 2002 and locally developed. Shibboleth was written in 2005.
In the transition from WebAuth to Shibboleth, not all applications can use Shibboleth. For example, Kerberos service tickets cannot be passed through Shibboleth. We need to integrate Kerberos service tickets into Shibboleth to get them off WebAuth.
Currently 60 applications are using Shibboleth and only 14 of the 60 applications are using additional attributes. Shibboleth is easier to use than WebAuth. WebAuth is a true Linux application, while Shibboleth is a “wrapper.”
Klara can provide examples of applications using Shibboleth as needed
August 10 is the going away event for Chris and will take place at University Place at 5 p.m.
The meeting adjourned at 5:20 p.m.