Skip to end of metadata
Go to start of metadata
  • We will attempt to give oversight (and direct assistance when/where possible) to the CISL IT group in regard to Active Directory management. This will include working closely with CISL IT to define and prioritize a "road map" for future Active Directory development as well as monitoring the progress of current projects.




ADTF Meeting Notes

Current Members

  • Garth D'Attilo - ACOM
  • Tim Fredrick - ACOM
  • Peter Buss - CGD
  • Mark Bradford - CISL
  • Erin McDaniel - CISL
  • Ramsey Wallis - CISL
  • Tim Alberta - COMET
  • Bob Bubon - COMET
  • Jose Castilleja - COSMIC
  • Matt Hoekstra - COSMIC
  • Dennis Ogg - DLS
  • Michael Rousseau - DLS
  • Ted Russ - EOL
  • Jody Williams - EOL
  • Heather Harris - FANDA
  • Travis Kuennen - HAO
  • Kim Nesnadny - HAO
  • Rudy Estrada - JOSS
  • Jon Disterhof - MMM
  • Kay Sandoval - MMM
  • Nick Chartier - RAL
  • Anne-marie Tarrant - RAL
  • Wendy Derman - SEG
  • Susan Ramsey - SEG
  • Jose Castilleja - UCP
  • Matt Hoekstra - UCP


    • Examining how to best leverage Active Directory to serve as the Central IDM/IAM solution.


  • PKI for CIT.UCAR.EDU Domain
  • Mac extensions for SCCM
    • On hold pending SCCM support?
    • MCX is deprecated
    • Better options available? Casper, Cfengine, Chef, Munki, Puppet?
  • Collaborative management of Active Directory
    • Reduce CISL IT workload
    • Training requirements?
    • Change management system?
    • How can we help?


  • Server 2012 - AD 2012 planning/deployment
    • ADBA - Active Directory Based Activation - Only works for windows 8/server 2012 and beyond (boo!)
    • Domain Joins from remote locations
    • Virtualization of domain controllers and support services such as KMS
    • Enhanced management features
    • Test Environment? Virtualized test servers permanently in place (allowing rollbacks)?
    • Time Frame?
  • Domain Controller moves
    • DCCG will most likely move to the NETS rack at CG2
    • ACCIS has approved the request to place an additional DC at NWSC for business continuity
      • Will try to find existing hardware to put into production
      • Will be brought up at ITC meeting for short discussion
  • Test Domain(s)
    • 2008R2
      • ACD is developing some KVM based virtual machine images to simulate an active directory and kerberos infrastructure  that could in theory be transferred to a KVM host on an internal subnet.
    • 2012
      • SEG is working on the pass through authentication
      • No current volunteers to stand up a 2012 domain for testing
  • Enterprise Management/Support of CIT Domain
    • Search is on for Wendy's Migration document
    • ACCIS has adopted the ADTF recommendation and will work on a formal document


  • Policy decisions go through ADTF.
  • Domain-related announcements and discussion takes place on the Active Directory mailman list
  • Domain-related testing announcements and discussion takes place on the Active Directory Task Force mailman list.
  • Domain information can be viewed on the CIT website.

The Top-Level Admin SLA has been rewritten and is ready for review: CIT SLA

In addition, I have attached a first draft of a project proposal form. Comments are welcome. At some point we will address finalizing the proposed Project Certification policy.

  • No labels