EXP393 Systems Manager's Report
- JR Mike Cannon (Unlicensed)
EXP393 System Manager's Report
Mike Cannon and Nick Logan
Servers (Microsoft):
All server administrative passwords were changed due to the retirement of Michael Hodge.
TAMU Div-IT migrated the shipboard mailboxes to the new Exchange 2019 Server.
Applied monthly cumulative security and critical updates to all Windows servers for June and July.
Applied vendor supplied updates to physical servers for BIOS and various server hardware firmware.
Adobe Update Server is fully functional and providing Adobe Creative Cloud App updates to all workstations with Adobe CC packages installed.
Active Directory Project Preparation
Attended several planning meetings with shore IODP and TAMU IT staff to plan and prepare the ship Active Directory environment.
DNS Server - Started the process of configuring new DNS servers on the Active Directory domain controllers. The DNS entries from the existing server were migrated to the new servers and all servers and devices connected to the network are in the process of having their DNS settings changed to point to the new DNS servers.
Performed initial configuration of IODP Active Directory Users and Group, creating organizational units for workstations, servers and user accounts,
Normalized and relocated existing user accounts to proper organizational units.
Began developing group policy for upcoming Active Directory rollout.
Acronis Backups worked well for the most part. We did encounter a few backup failures due to computer use but we were able to re-run the backups which then completed without issues.
Added a new workflow to the Commvault Commcell server that allows better configuration of security settings with more granular control over password settings and other specs thus allowing us to remain in compliance with TAMU security best practices.
Servers (Linux):
All server administrative passwords were changed due to the retirement of Michael Hodge.
Applied monthly vendor-supplied security and critical updates to all Linux server for June and July
A new server was built to serve as a repository management tool (RMT) for our SuSE Linux servers and devices. It will provide a single point location our other servers can download updates from instead of each server downloading directly from the internet.
The DBA's encountered some problems with this server after a reboot. They worked with Oracle support to correct those issues.,
Servers (ODA):
No issues to report with this resource.
Servers (VMware):
Applied vendor supplied security and critical updates to all VMware servers as available.
Upgraded vCenter Server appliance from vSphere 6.7 to 7.0 to keep computing environment patched with the latest security fixes provided by VMware.
Upgraded existing production ESXi cluster from vSphere 6.7 to 7.0 to keep computing environment patched with the latest security fixes provided by VMware.
Installed vSphere ESXi 7.0 on an existing former Windows Server. The new ESXi server (Crater) will serve as a testing environment for the JOIDES Resolution data center.
3PAR SAN:
An individual drive failure occurred on 07/16 in the 3PAR SAN. The vendor, HPE, was contacted and a replacement drive was sent to the main office for shipment to the ship for spares stock. The failed drive was removed and marked for return shipment back to the main office where it will be destroyed. A replacement drive was installed in its place from spares stock. The SAN array rebuilt itself. No other failures were noted.
Network:
Researched and obtained vendor supplied switch updates for the main and server rack switch units. This firmware will be applied after EOX.
Configured fiber channel switches and server rack Ethernet switch for the addition of the new ESXi server (Crater).
Created and utilized a new wireless network to allow users to re-authenticate disabled cloud-based services on personal devices.
PC Workstations:
Updates to Firefox, 7zip, Zoom, Acrobat Reader DC, VLC, PowerShell7, Adobe Creative Cloud Desktop, Chrome, Notepad++ applied via Zenworks.
Adobe Acrobat X/XI Pro, Reader X/XI and Adobe CS6 Suite removal approved for all shipboard workstations because of security risks posed by being unsupported.
Adobe Creative Cloud programs to be used on the ship going forward.
Creative Cloud Apps will only be available on specific workstations, as it requires access to the internet.
Updates will be Installed and downloaded from the recently setup Adobe Update Server.
Commonly used Adobe products such as Acrobat Pro, Bridge, Illustrator, Photoshop, Lightroom and Premiere Pro will be available for install by users from the Adobe CC Desktop App.
Developed, built and tested six individual role-based deployment images and scripts for new HP Z2 and Z6 PC workstations that will be deployed after EXP393. These new computers will replace our aging HP Z240 workstations currently in use.
Deployed new Z2 workstations (four) to replace the Z240's in the user room. These were used to test and finalize our deployment plan for the upcoming larger deployment project after EXP393.
Deployed new Z2 workstations in the MCS office to replace the Z240 management workstations.
Publications specialist reported that they were unable to open CorelDRAW on the Pubs office computer. We confirmed that the software would open and crash after the CorelDRAW splash screen. We uninstalled and reinstalled the software but this did not fix the issue. We think this problem is due to a corrupted user profile. Other profiles on the computer were able to access the software without issue. Since this computer will be replaced soon, we opted to create an elevated shortcut for CorelDRAW to allow the publications specialist to open CorelDRAW under a different profile for the time being.
Mac Workstations:
Loaned MBP54028 to the science party to be used to process DMT data. The screen appeared to be damaged due to possible rough handling. We will return this laptop to shore for surplus and request a replacement.
Applied monthly Mac OS updates to all Mac workstations.
Updates to Firefox, Chrome, CrowdStrike, Office 2019, VLC, Adobe Reader DC, Adobe Creative Cloud Desktop applied via ARD.
Upgraded macOS to Monterey for the Imaging Specialist's Mac Pro and User Room Mac Minis, so that we could install the latest Adobe CC Suite of Apps.
Replaced the Intel Mac Minis for the Microscope Lab (2), for the Outreach Officers (2), for the Developers, Phys Props and PMAG Labs, with new M1 Mac Minis.
Printers:
Users notified that the Scan function on the copiers were requesting credentials to access network resources. A Scan to Network quick set workflow, already configured with proper credentials, was available but hard to find by end users. The Scan function button was removed from the copier's home screen and this Scan to Network workflow was moved to the home screen making it easier to find and use, improving user experience when attempting to scan documents.
Cleared jams and cleaned label printers where necessary.
Satellite/Internet/Phones:
Observed several small outages this expedition along with a few multi-hour outages.
Some multi-hour outrages due to bad weather in Norway home base. One on 08/02 and 08/03 due to networking problems in Marlink's network.
Other Equipment/Projects:
CrowdStrike continues to provide frequent false positives with respect to shipboard activities. Bandwidth configurations were explored throughout the expedition, testing is still on-going.
Samsung TV failed in the Open Office, replaced with a spare 32 inch Samsung TV.
Designed a Monitor Mount Wedge that can be printed on the 3D printer to tighten up loose monitor mount swivel plates. This part is still in development and testing phase at this time.
WhatsApp voice and video calling was allowed through the ship's firewall. Performed WhatsApp video and voice call testing with help from the Tech Staff, to verify impact to ship's bandwidth usage.
Conducted RSAM security assessments for ship IT resources and developed remediation plans to correct all findings.
Data center shutdown due to UPS test on 08/03/22.