Andrew For Life (DRAFT)
Task Overview
Document revision: 0.4 - 04/17/2003
http://yendi.cc.cmu.edu/work/afl/tasks.html
Stuff
- Phase 1
- Overview: Just don't delete graduating seniors (class of 2003)
Andrew IDs.
Questions:
- Will Alumni have EduPersonAffiliation?
- confirm only class of 2003?
- Will CMU.EDU allow alumni to change CMU.EDU forwarding address?
Items to consider/do:
- Legal obligations: access to licensed software, access to library
resources
- dialup (easily)
- vpn and netreg triggers
- unix/macos (nss_ldap) - windows clusters,
- Identify other services that must restrict/control based on
alumni
- Identify LDAP schema for Alumni and describe the interaction with
other LDAP objects. (will be in person tree; will have
additional attributes;
- Provide guidance on how applications should check for alumni.
- Identify what privacy issues there are and/or draft a privacy
guideline.
- Clarify the issues of multiple status including alumni. What
process is needed to resolve conflicting issues.
- Write User Support SLA - will be no support from us. Alumni
Relations is responsible for it all but currently paying Publishing
Concepts so maybe they would pay us.
- Usage logging and reporting: proper logging and reporting to show
resource consumption/impact of Alumni
- Prohibit Unix login - may not be able to get around it because of
the library and software.
- Password reset based on secret questions - trade-off is with HC
support; probably don't want to do defer because of support issues.
- Prevent quota increases
- Delete www.andrew.cmu.edu web space
- Tasks after phase 1
-
- Prohibit user login unless explicitly in user.permits.
- New userid creation plan (AUID) / PUID creation / PUID expiration
/ AUID reinstatement
- maximize automation
- validate system sustainability (financial, system scalability, etc.)
- Identify other services that should restrict/control based on
alumni and provide guidance on how to do it.
- Provide guidance to new services on how to deal with alumni
- Offer service to old alumni not in any system
- Phase out Publishing Concepts email forwarding service and fold
into this service.
- Inactivity AndrewID deletion - policy to reuse id if there is
inactivity; will not delete person object.
- Delete afs volume
- Reduce existing (email/afs) quota - not worth it now; maybe
eventually
Completed Items
Tasks that have been completed:
- Email Server Resources - Equipment purchased.
ChangeLog
0.4 - 04/17/2003 - more updates
0.3 - 03/13/2003 - Update based on meeting
0.2 - 03/13/2003 - Update based on 2.08
0.1 - 03/12/2003 - Initial draft