Versions Compared

Version Old Version 7 New Version 8
Changes made by

Jim Woods

Jim Woods

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Date

Host

Agenda

Notes, decisions and action items

John Echeveste (Unlicensed)

Endpoint Topics:

  • Tenable/Nessus client deployment for all endpoints.

  • FireEye Agent client deployments for all endpoints

  • Bitlocker

  • LAPS and local account password management

  • Kerberos hardening patches / roadmap

Jim Woods

Windows Authentication and AD horror show stories

  • Campus outage issues

    • Andrew Espinoza Library EZ-Proxy depends on Campus LDAP

    • Sam Hunter Campus AD was down. Secondary location for Pub Safety will be used for additional resiliency

    • DR sites in the Cloud

    • Alex Mook Backup systems like Cohesity and Rubrik can restore to the cloud. Need the rest of the infrastructure to use that as a proper DR site.

    • Andrew Espinoza Domain Endpoints (Client)- dependencies on on-premise DCs

    • Hank Rayner - Storage replication between local sites

    • Is there an RCA yet for the outage? Coming soon

    • Glen Nason (Unlicensed) - recovery of systems and the order, based on dependancies to sequence the recovery

  • SHI check-in and gripes

Alex Mook

  • Infrastructure as Code

  • Endpoint and Helpdesk topics

    • What’s a pressing need?

    • Any tools or tricks to share?

  •  Jim Woods will host the next meeting
  •  Most groups using SCCM for imaging, Datto or other tools for config
    •  ARIT and ETS have recurring issues with SCCM, “it’s a beast”
    •  Library, ARIT and ETS all looking to migrate or upgrade in the near future
    •  ARIT, ETS, and SA all using SCCM for multiple domains
  •  Get SCCM admins access to shared resource page
  •  HelpDesk Endpoint Topics for next meeting, pressing needs and tools/tricks
  •  Future topics:
    •  Workspaces
    •  Bitlocker
    •  LAPS and local account password management
    •  Windows 11 and infrastructure support for it
    •  Tenable/Nessus
    •  User onboarding/offboarding, lifecycle management

John Echeveste (Unlicensed)

John Echeveste (Unlicensed)

  • PSA for EOL and EOS of Windows Server 2012 and 2012R2

  • PSA - EOL for SQL Server 2012

  • SHI issues

  • Remote Management, Patching and Software Deployment

    • Survey of what people are using now

    • DATTO Demo

  • Moving local User Ids to netid

    • Why? How? What are the drawbacks?

  •  Action Item: Migrating Local users IDs to Campus NetIDs

Sam Hunter

  • PSA for EOL and EOS of Windows Server 2012 and 2012R2

  • Splunk for Windows

    • M365/AzureAD App Demo

    • Splunk “Apps” to look at M354, InfoSec, Observability

    • Mike Franklin has a custom Dashboard for On-premise Active Directory

    • Audit Rules shared best practices request

  •  Action Item: add custom Splunk AD dashboards to Github Repo
  •  Action Item: Could we create a shared AD Dashboard?

John Echeveste (Unlicensed)

  • IE 11 EOL

  • Fireeye rollout

  • Monitoring Survey

    • SCOM (Systems Center Operations Manager) (no current users)

    • LogicMonitor - a few users

    • Naggios - a few users

    • Zabbix - a few users

  • Patching

    • Roger Padilla to talk about Windows patch rollouts in ETS

    • ARIT is using Datto

Andrew Espinoza

  • Microsoft Licensing (MCCA) Information sharing

  • Encryption, Certificates, and PKI infrastructure

  • Available Lightning Talks

    • Interfacing between Campus Identity API and your local Active Directory using Powershell

Andrew Espinoza

  • About Campus AD

  • How to set up a One-way Trust with Selective Authentication

Jim Woods

  • Initial kickoff

  • Introductions

...