Duke ITAC - December 4, 2008 Minutes

Duke ITAC - December 4, 2008 Minutes

ITAC Agenda
December 4, 2008 4:00-5:30
RENCI Center

* Announcements
* Blackboard directions and upgrade (Neal Caidin)
* Active Directory directions (Rob Carter, Robbie Foust, Shilen Patel)
* Event Calendar update (Deb Johnson, Richard Outten)
* Other Business


Terry Oas called meeting to order at 4:04pm.

Terry announced that Rick Holye is leaving due to personal business. Tracy Futhey noted Rick had served his two and a half years service to the committee.  Terry thanked Rick for his service.

Terry noted that he was coming from an Academic Council meeting to respond to some concerns raised through the chair of ECAC, Paula McClain.  Over the Thanskgiving weekend, there were observations made from faculty unhappy that they could not find out membership or minutes from ITAC on the Duke web site.  Terry updated Academic Council that ITAC had renewed its web site with updated email address, membership list, and so on.  Tracy will address Academic Council in January to give them a further update on email performance.

Terry has proposed regular reports from ITAC to Academic Council on IT issues since the Council appoints members to ITAC.


Neal Caidin: We have distributed a handout on Blackboard. 

Neal noted Duke is currently on Blackboard 6.3 and will be going to Blackboard 8, which has been out over a year, for support purposes.  By fall 2010 we would lose complete support for the existing version; we have deprecated support now.  We are also on extended support on our Oracle and Solaris environments and have older hardware.

Neal noted the university will get new features although Blackboard will look and feel much the same.  One of the biggest changes is the gradebook, which is completely revamped and works like an online spreadsheet.  Discussion boards and online quizzes have also been updated, among others.

Neal said the team will be using shibboleth as an authentication method per OIT guidance and will have a new way of handling Blackboard -only accounts. Logins without NetIDs, uses by non-Duke individuals or some Duke-affiliated individuals (e.g., a faculty member who wants a student view for testing purposes), will happen through a different authentication path. Neal said the team intends to make it easy for individuals with NetIDs to log in but there will be a separate path for these other logins.  TIP is the program most affected by this.

Timeline: Neal noted the team is planning to upgrade in May 2009 after the spring semester.  It appears it will be a 2-3 day outage window and there is no perfect time to do so. The plan is to backup to our test environment, so if someone needs access to grades or other data it will be possible. 

Neal stated that the team is developing the authentication activities and are planning full functional testing, workshops, and load testing. Neal also noted a dependency on shibboleth in order to complete the project on schedule.

Billy Herndon said there is an eLearning roadmap committee meeting and Ed Gomes is involved; however, it would be 2-3 years at least before we looked at moving to any new platform, which makes the version update important.

Terry asked how alternatives are being considered, whether through a committee or other method?

Ed said there is an eLearning committee with representatives from each school developing a roadmap for what the workflows are for eLearning and what are the appropriate tools to support Duke, looking at other campuses as well as groups within Duke like faculty, students, instructors.  The group wants to see how they use the technology.  Ed added there is a question of whether there should be a suite of tools or a monolithic tool like Blackboard, and how tools like authentication and other infrastructure are layered in there; the timeframe is to complete assessment and draft report within 6 mos.

Robert Wolpert noted that other groups have started using Blackboard for purposes unimagined because of a lack of other tools, e.g., as a system for collaborative tools.  Can we look for cleavage planes moving forward to provide wikis, blogs, and so forth and not have these ancillary uses back us into a corner?

Ed said his eLearning roadmap team is not assuming that any one tool is what we should use, but rather what the purposes of use are. In the end, we may use Blackboard in addition to other things, or we might find we need to replace Blackboard, or have it play a smaller role, Ed said; he added there’s no assumption as to what we use in future.

Billy clarified his sense that Robert is saying we don’t want these side uses of Blackboard to play into our assessment of eLearning needs.

Terry agreed, noting that he makes use of some of these side uses but it can be cumbersome.

Ed replied that they’re exploring what the right fit is of tools for uses.

Terry noted he used Blackboard  as basically a file server with a web interface, and there must be a better tool than that.

Terry commented that the current Blackboard gradebook allows you to get grades from Blackboard to the Registrar in a “kludgey” way, and asked whether this would be improved in the new version.

Neal answered that functionality will occur in the same fashion and will involve an export.  It’s a plug-in we contracted Blackboard to write.  Tracy asked whether this isn’t built in to Blackboard.  Neal replied that it is not, though there are some other methods out there in the open source and other communities.  He added that you no longer have to hit “OK” for each grade you enter.

John Board commented that the terrifying thing here is we are forklifting everything at once, but it sounds like there are reasons for optimism in that we are doing this in the test environment.

Neal replied that the team had done several iterations of running through the entire data load through the import process and noted the glitches, and had started to do some of the tuning as well. The team initially thought we might do this sooner but we couldn’t go at the same time as the PeopleSoft upgrade.

Neal added that he would be giving demos next week at the CIT open house to demonstrate core functionality.

John added that Blackboard version 8 is new to us but is not the “latest and greatest.”  Neal agreed, noting it has been out over a year, and version 9 is coming out in January; we are not moving to version 9 now.

Tracy asked whether faculty could test this out at the CIT open house. Neal noted that for most faculty it will look familiar, but if someone wants to do this, they are welcome to contact me.

Terry emphasized this doesn’t sound like the SISS system upgrade, and noted that there is a benefit in running “casual users” of Blackboard past the system, without guidance, letting them just try it and see how they react. Terry noted he had encouraged SISS and others to try this method. He also recommended the Blackboard team contact the DUSes from the various schools.

Active Directory directions

Rob Carter and Shilen Patel (OIT co-leads for identity management) and Robbie Foust (lead Windows system administrator) presented an update on Active Directory.
Rob noted a project is underway to deploy a new Active Directory (AD) service tightly coupled with the Identity Management system. AD is an infrastructure tied throughout Windows to allow central management for large numbers of users and systems across organizational boundaries, he said.

Rob said that AD has historically been considered as an “application,” not a part of the overall identity management (IdM) infrastructure. He added this meant we haven’t had linkages, such as to NetIDs and passwords, leaving users with a dissonant experience.

Rob said that many organizations on campus have built their own Active Directory infrastructure since OIT wasn’t providing a comprehensive solution. OIT’s lack of a robust is also making it hard to offer new services, like Exchange or Sharepoint, that require an AD infrastructure, he said

Shilen explained that the IdM system draws data from PeopleSoft and SAP through LDAP.  For instance, when a new employee is hired, when that info gets into the IdM, we can create a NetID for them fairly quickly, he said.  At the same time, when you use an application that authenticates against LDAP, the LDAP system trusts Kerberos for the password rather than storing the password locally itself, Shilen explained.

AD is on the periphery for this environment, he said; there’s limited account provisioning but no synchronization of passwords, for instance. We also have separate ADs for comprehensive messaging (Unity voice mail) and for Windows systems.

Tracy clarified that the impact here of OIT’s limited AD is that departments may have to set up their own local directories and users with a lot of overhead for managing accounts and users.

Shilen said that in the new environment, OIT will merge the two ADs into one and make them part of the core IdM system. This means we will automatically provision accounts for new students, faculty and staff; update their affiliation in real time; and allow password changes via Online@Duke to feed Kerberos as well as the AD.  Also we can deprovision accounts; when your NetIDs get expired, we will be able to lock down your NetID account and AD account, he said.

Robbie Foust said we will end up with a more attractive AD offering, without maintaining multiple “forests” on campus, providing one environment taking advantage of NetID and password.

Tracy clarified this will be a single, integrated forest on campus.

Robbie added that this environment will be replicated across data centers so that there is redundancy.  He also noted that departments will be able to merge their ADs into win.duke.edu will be able to have delegated full rights to an OU where they can add their own computer asset objects and their own user accounts so as to create accounts for one-time use as for guests.

Robert Wolpert asked how we can make sure the user IDs don’t clash if they are created by departments. Robbie replied we encourage use of firstname.lastname format, which is unique from NetIDs. He added that the big win was that a central AD frees up individual departments from having their own departmental Ads and the like and the overhead of maintaining their own users.

Jim Daigle asked what the timeframe is for the project.

Rob noted this is targeted for spring semester, likely early spring.  We need to have this working by March for some projects Mark McCahill is working on.

Mark McCahill added that we’re really setting the stage for being able to take advantage of Microsoft applications, which have a fairly compelling set of applications to offer in the integrated messaging environment.

Dave Richardson asked what the scope and limitations are for departments and units that want nothing to do with anything that came out of Microsoft? Will the network and applications and credentials work fine without relying on a Microsoft environment?

Rob Carter replied that for those users and departments, it’s an interesting project but nothing that has to affect you; this is independent from other IdM systems. Tracy emphasized this, adding that this is responding to some users’ needs but no impact to those not interested.

Dave noted he had felt as though we had some real limitations imposed with an AD proposal last year. Terry clarified that the project Dave referred to was a DHTS proposal that would have impacted the School of Medicine users but was ultimately moved to the back burner.

Tracy noted that in the DHTS world there do remain questions of how we integrate, how do we design an AD so as to not have problems. Rob Carter added that conversations are starting with the Medical School, which sits between the campus and health system, but we’re not sure where that conversation is going to go.

Terry asked if the AD can span 152.3 and 152.16; Robbie Foust noted there are no IP restrictions. 

Robert Wolpert noted that as we move towards role-based authorization, the structure of the IdM might change; he asked whether the integration of AD with IdM would make role-based authorization harder.

Rob Carter responded that the IdM structure is changing as well, not really as part of the AD work.  The expectation is we will get much better capabilities to do data exchange and that should make it easier to have the IdM engine do data migration and manipulation on the fly, he said, but this project will not create a constraint.

Robert Wolpert asked if there is an impact to resource allocation from OIT taking on AD services once provided in the departments. Rob Carter responded that it’s not a huge investment in hardware to bring up an AD, and represents more of a change in how we think about service offerings.

Andrew Keck asked if the service will be compelling to draw departments or whether departments will have to be compelled to join? Rob Carter stated the team expects the former.

Ed Gomes added that the directors from the schools have been pushing for OIT to offer this service and that schools are self-compelled to want it, noting that centralized account management is a significant benefit.  There are some role-based features within AD that we can take advantage of at a more efficient level, he said.

Susan Gerbeth-Jones asked whether Grouper functionality would be integrated with AD. Rob Carter replied that it’s on the radar, but not the roadmap per se.  Grouper is an Internet2 project to allow you to create groups based on attributes, like all faculty in a department, ad hoc groups, etc. The idea would be eventually to take Grouper and feed those groups into AD via the IdM.  Whether that is on day one is unlikely, maybe a little further into it once we get our feet wet.

Ed asked if there would be approval for schema extensions, and how that process would work. Robbie Foust noted that a steering committee has been discussed, but that’s something we need to solidify before production.

Events Calendar

Deb Johnson noted some of this group know we started working on this last December, after many groups had met to talk about a calendar, maybe for six years or longer.  We had a suggestion to go with BedeWork, an open source product from RPI, she said, we started working on it with an ambitious schedule, with kickoff in January, pilot March, launch in July.

Deb noted that Duke customized the site’s functionality and design; Blackwell did the site design, addressing requirement that we have a place to promote events.  The Office of News and Communications has the ability to control top banner giving nice changing look.

Deb said the old calendar required you to scroll past ongoing events to get to today’s items, for instance.  Duke set up a method so that ongoing events are scheduled in a separate sidebar, and limited the information at the top of the calendar to encourage browsing/scrolling.  Hyperlinks from Duke locations to the maps.duke.edu site and images in event descriptions are also supported.

One of the most challenging new requirements was support for co-sponsorship, something encouraged at Duke, Deb said.  She reported that the developers who worked on the calendar did an outstanding job of solving this in a way that no other schools using this tool have done; RPI may adopt it within their software. They also added new categorization and ability to pull events through RSS, iCal, and XML.

Deb reported significant use of the feeds – 9,600 feeds being pulled over a four-and-a-half day period because of the feed refresh rate.  Every time you touch the student affairs site, for instance, you hit the calendar. Also, for two weeks in Nov. 2007 vs. Nov. 2008, we had a 48% increase in the number of events in the calendar. 

Deb added that there had been redundancy of events, with some departments putting items in their departmental calendar as well as the university calendar.  Now the calendar supports local events that never appear on the university-wide view, but if you pull an XML file, those events come in for use on local school sites.  Law School is doing this, for instance.  Those events were on the old calendar’s view; they’re still in the system but no longer appear on the site.

The team has also been working on a student calendar, Deb noted, but it is not yet operational; the team needs to decide what their audience is looking for. Goal is to have featured items on Events@Duke on their calendar as well; need to make sure that student events never show up on the university calendar, but want key university events to appear on both calendars, like athletic events and academic calendar dates.

The student calendar is a separate install/build of the software, Deb said, adding that the team is compiling feedback from students to share with OIT and is prepopulating the calendar with data ahead of a January 7 launch.

John Board asked if the calendar will export to Facebook.  Deb noted that it does export to iCal.  John commented that a student would be able to devise an application to rip the calendar to Facebook.

Dave Richardson inquired about the list of departments appearing in the event calendar. Deb noted there’s a long list of depatments in the event calendar, and administrators for those groups; the list came from the old calendar and their administrators, and that for Arts & Sciences, her team was given a list of all departments.

Robert Wolpert asked how you can add another group. Deb replied that the method is specified on the help page.

Terry Oas expressed his concern that at Duke there is a desperate need for a seminar/conference events system and that some schools are doing their own efforts seemingly unaware of this university resource.  Deb noted that since October a staff member is going to each department and reaching out about the calendar.

Terry replied that there are plenty of groups running seminars that aren’t departments that don’t seem to be reached.  He noted that he cannot find a category for seminars specifically.

A discussion followed on the categorization of seminars as a subcategory of Lectures/Conferences. Terry noted that supporting regular, weekly seminar entries would bring many faculty on board using it. Ginny Cake noted these users are out in places like the Graduate School and noted there is a steering committee for the event calendar. Deb noted that the team had a request to add a category called Scientific Seminar, and that there were concerns over losing the hierarchy of categories.

Ed Gomes asked whether you could get a feed from the calendar to view just the subcategory of seminars but not, say, symposia or all lectures/conferences. Deb noted that those are rolled up, and that there was a challenge in different people at Duke using different names for these things.
Bob Newlin noted and Deb agreed that you could pull out just Chemistry seminars specifically, even if another department calls those events panels for these.

Terry asked if you can filter on multiple groups. Richard Outten said you can pull from multiple groups on the site.  Terry mused this might not be intuitive to do.

Deb noted that from her conversations with RPI, Duke was in the same development phase as UChicago and Cornell.  Brown, Yale and the UC system will be using BedeWork as well.  RPI told us that they wanted to use the Duke implementation as it is the best implementation of the BedeWork system, Deb said, adding it is a credit to our team that we have done as much as we have been able to do with the software as it was. She noted an interest in talking to the individuals who have more feedback on uses for the calendar. Ginny encouraged attendees to pass those names to Deb.

Jim Roberts added that the team didn’t have representation from the School of Medicine on the steering committee.  Terry added that a larger issue is specific representation from the scientific departments. Deb noted she had met with Anton Zuiker from the medical communicators side, and he is going to provide a list from the health side perspective for analysis, including issues of how to handle events like grand rounds.

Terry recommended the steering committee reconsider the categories.

Paolo Magniafico observed that it seemed like the discussion was tying too closely this representation of a calendar with the data store behind it.  He added that you might want to store data in there that aren’t traditionally events, like food service times and bus schedules, and represent them in a way through a user interface without creating yet another database of timebounded elements.

Tracy expanded on the idea noting the suggestion was to use the back end store for different data types, with different interfaces able to view and use that kind of data via tags and so forth.

An attendee asked how can you import data, to which Deb noted ICS files were the only method.  The attendee observed a trend he had seen on ITAC, being able to export data out of a system but not import them.  Deb noted super-admins could Import data into the system.

Terry asked if the ITAC student representatives had feedback on the calendar. Danny Wolf said he hadn’t had a chance to experiment but will look at it.

The meeting adjourned at 5:17p.m. for an end-of-semester reception.