Chemical Engineering will be doing their own rewiring. Martin is considering moving the DWE point of presence switch to the new wiring closet, which would be timely
A desire for switch and port statistics was raised. Erick will get the MRTG stats working again.
Discussion of probing security vulnerabilities with such software as Satan, Cracker or 3rd party services. Wide agreement that we should do something pro-active.
Erick introduced this subject, and explained how he is interested in an AD design where all of Waterloo Polaris and all of the Engineering Departments were in a single domain. Advantages of the common domain cited were primarily related to ease of sharing information. A disadvantage would be that all parties participating a domain would have to agree on some issues, for example the password strength. All agreed that the IST password strength rules enforced on x-hiered Unix systems were too strong. Erick pointed out that such rules could only be enforced on Windows 2000 by disabling the stock password changing tools, and sending the user to a web page.
Erick proposed that to make a common AD attractive to the member system administrators, these basic design rules would be followed:
A discussion ensued which called into question any advantage of sharing a domain, and in fact questioned whether Active Directory was useful, and whether Windows 2000 was on our (near) horizon. This led to 2 opposing viewpoints, characterized as follows:
Mike wanted concrete examples of how 2000/AD/common-domain would help his users. Erick cited some examples of improved information sharing, but Mike countered that information sharing was currently possible with NT, and felt that it would still be possible under a multi-domain 2000 model. Dennis believed Directory Services and Directory Service enabled applications were a natural evolution of information technology, and one should plan accordingly. Mike felt that the over simplifying of the users computing environment (by such things as placing their POP server etc in a single location so that they didn't have to remember it) led to a naive user community, that was less able to resolve their own computer problems.
Some departmental dissatisfaction of centrally distributed software (Waterloo Polaris and x-hier) was cited which tends to encourage the use of a separate domain. Erick pointed out that Windows 95 should not be used as an example of software distribution, since it was never intended to do that, whereas Windows 2000 seems well designed to allow for both centrally distributed services, and locally managed services. Some believed that had not been proven yet.
Bruce said that EC wanted to build an AD design that would not preclude departmental participation. Bernie asked what information EC needed now in order to do so, and could not imagine EC making a poor design, or making poor design decisions that could not be reversed. Bernie suggested that when EC needs departmental involvement, it could e-mail the ESAG list with questions. Some members felt that it might be hard to respond, given the current level of Windows 2000 and Active Directory expertise.
Some members did not see a particular need to move quickly on Windows 2000, citing satisfactory results with 98/NT (in non Waterloo Polaris environments). EC members noted that Waterloo Polaris runs Windows 95 only, and cannot be upgraded to 98, and that there would be a need to move beyond 95 at some point, and we needed to be ready.