WNAG: Advisory Report Presented to: UCIST By: Stephen Nickerson February 3, 2006

WNAG: Advisory WNAG: Advisory ReportReport

Presented to: UCISTPresented to: UCISTBy: Stephen NickersonBy: Stephen NickersonFebruary 3, 2006February 3, 2006

Waterloo Nexus Advisory Group

Waterloo Nexus Advisory Group Waterloo Nexus Advisory Group (WNAG) consists of members from:(WNAG) consists of members from:– Applied Health Sciences (AHS)Applied Health Sciences (AHS)– ArtsArts– EngineeringEngineering– Environmental Studies (ES)Environmental Studies (ES)– Information Systems and Technology (IST)Information Systems and Technology (IST)– MathMath– ScienceScience


The Nexus Active Directory The Nexus Active Directory Environment consists of:Environment consists of:– industry standard implementations industry standard implementations

and practicesand practices– some customized configurationsome customized configuration– some tools developed in-housesome tools developed in-house


Nexus supports distributed Nexus supports distributed administrationadministration– There are four domain administrator There are four domain administrator

accountsaccounts Two in the Faculty of EngineeringTwo in the Faculty of Engineering The other two are distributed among the The other two are distributed among the

other facultiesother faculties– This provides opportunity for all to participate at This provides opportunity for all to participate at

the domain administrator levelthe domain administrator level


Distributed Administration – Distributed Administration – Cont’dCont’d– Faculties/Departments all have Faculties/Departments all have

Organizational Unit (OU) level Organizational Unit (OU) level AdministrationAdministration Each Faculty/Department has full Each Faculty/Department has full

administrative control over their OUadministrative control over their OU


Nexus was created as a secure Nexus was created as a secure environment environment

Nexus continues to expand both as Nexus continues to expand both as a teaching environment and in a teaching environment and in office and research environmentsoffice and research environments

Nexus has adapted to support Nexus has adapted to support Macintosh and Linux Macintosh and Linux authenticationauthentication


There are approximately 3425 Nexus There are approximately 3425 Nexus servers and workstations (31 Jan. 2006)servers and workstations (31 Jan. 2006)– 7 Servers7 Servers– 3418 Workstations3418 Workstations

AHS AHS 361361 Arts Arts 447447 Engineering Engineering 17221722 ESES 247247 ISTIST 9191 MathMath 246246 ScienceScience 304304


Active Directory (AD) was Active Directory (AD) was designed for top-down designed for top-down administrationadministration

The Nexus AD was designed for The Nexus AD was designed for multi-tiered administrationmulti-tiered administration– Customization of the Nexus AD Customization of the Nexus AD

enables distributed administration at enables distributed administration at the faculty/department OU levelthe faculty/department OU level

Waterloo Nexus Advisory Group Six Domain Controllers (DCs) are Six Domain Controllers (DCs) are

distributed across campusdistributed across campus– Provides redundancy and increases Provides redundancy and increases

the robustness of the environmentthe robustness of the environment


Each ‘home’ faculty provides disk Each ‘home’ faculty provides disk space for their student accountsspace for their student accounts– additional disk space may be additional disk space may be

required by a student taking a required by a student taking a course, and provided by the course, and provided by the ‘teaching’ faculty‘teaching’ faculty


The WNAG mailing list provides a The WNAG mailing list provides a forum for questions, suggestions forum for questions, suggestions and commentsand comments– Direct access to peersDirect access to peers– Feedback is promptFeedback is prompt– Issues are addressed quicklyIssues are addressed quickly


documentation subcommittee gdocumentation subcommittee goalsoals– Improve existing documentationImprove existing documentation– Create additional documentationCreate additional documentation– Assist new administratorsAssist new administrators– Use Nexus TWikiUse Nexus TWiki

Allows for collaboration on Allows for collaboration on documentationdocumentation


Nexus was designed:Nexus was designed:– to present users and administrators to present users and administrators

with a flexible, secure environmentwith a flexible, secure environment– for ease of management through for ease of management through

automationautomation e.g. accounts are automatically created e.g. accounts are automatically created

based on Registrar databased on Registrar data


Nexus determines faculty- and Nexus determines faculty- and user-specific values at loginuser-specific values at login– these values are used by user-these values are used by user-

applicationsapplications Examples:Examples:

– Setting appropriate servers for e-mail clientsSetting appropriate servers for e-mail clients– Faculty and department variables for other Faculty and department variables for other

usesuses


Started the convention of placing Started the convention of placing lab machines under an OU called lab machines under an OU called “public access”“public access”– Helps with data miningHelps with data mining

Compare and contrast what goes on in Compare and contrast what goes on in public labs and office machinespublic labs and office machines

Makes it easier to determine how many Makes it easier to determine how many public and private machines are in the public and private machines are in the Nexus environmentNexus environment


Nexus provides synchronization of Nexus provides synchronization of UNIX and Nexus passwordsUNIX and Nexus passwords

Added support for Added support for –userid–userid – Allows for logging in without the Allows for logging in without the

user’s roaming profileuser’s roaming profile Professors/Instructors have found this Professors/Instructors have found this

beneficial when using podium machinesbeneficial when using podium machines


NIPFW (firewall for student labs)NIPFW (firewall for student labs)– Based on the sourceforge project WIPFWBased on the sourceforge project WIPFW

This is a MS Windows port of the FreeBSD This is a MS Windows port of the FreeBSD package IPFW1 package IPFW1

– Provides loggingProvides logging– Automatically gathers statisticsAutomatically gathers statistics– Has a command line interfaceHas a command line interface– A very robust firewallA very robust firewall– Rule definition format is comprehensive Rule definition format is comprehensive

and well definedand well defined– Currently being tested in Arts and ScienceCurrently being tested in Arts and Science


Software packagingSoftware packaging– Engineering Computing packages Engineering Computing packages

the common applications software - the common applications software - used by many faculties/departmentsused by many faculties/departments

– Each faculty/department package Each faculty/department package software for their specific needs, as software for their specific needs, as required.required.


The logon browser is Nexus specificThe logon browser is Nexus specific– A concept brought forward from PolarisA concept brought forward from Polaris

New look logon page - Spring 2005New look logon page - Spring 2005– closer to the UW “Common Look and Feel”closer to the UW “Common Look and Feel”– customizable image and text areascustomizable image and text areas

The customizations can be done in an OU The customizations can be done in an OU specific mannerspecific manner

– Setting URLs in the AD entrySetting URLs in the AD entry Allows faculties/departments to display Allows faculties/departments to display

important messages for their usersimportant messages for their users



Looking to the futureLooking to the future– Nexus will continue to evolve with Nexus will continue to evolve with

Active Directory and other technologiesActive Directory and other technologies– Continued growthContinued growth

Main CampusMain Campus– Student labs (e.g. Science is planning a new lab)Student labs (e.g. Science is planning a new lab)– Office and research environmentsOffice and research environments

Beyond the Main CampusBeyond the Main Campus– School of Architecture (Cambridge)School of Architecture (Cambridge)– School of Pharmacy (Kitchener)School of Pharmacy (Kitchener)

Documents

WNAG: Advisory Report Presented to: UCIST By: Stephen Nickerson February 3, 2006