Multiple websites hosted on CPanel are down.  IT technicians are aware of the issue and working to restore service.

Between 10/2 and 10/3, UNM users have experienced email delivery issues when communicating with @comcast.net addresses (and other non-UNM domains).

We have identified the root cause and are working with Comcast (and other providers) to implement a resolution.

Users should see relief starting after 6:30 PM 10/3.

Technicians will monitor the situation and make adjustments to the remediation strategy as needed.

There is an ongoing issue with users accessing Adobe Creative Cloud through the UNM App Store.  Automatic provisioning is not functioning properly.  UNM IT is aware of the issue and are working with Adobe to resolve the issue. 

To comply with security requirements, the Pinnacle application will be upgraded from version 7.6 to 7.7 and Oracle security patches applied. The Pinnacle production application will be unavailable while that work is being done. That work is scheduled to take place Tuesday, October 4th from 6 am to 1 PM.

To simplify service delivery, improve reliability, and improve security, EMSS will be changing the ht.unm.edu/smtp.unm.edu email relay deployment to a "hot" and "cold" standby configuration. The change will be implemented on Tuesday, October 11 between 5:00 PM and 6:00 PM.

Minimal outage or impact is expected - the DNS cutover will be seamless, and all other aspects of the configuration will be trued up prior to that.

Services/devices using ht.unm.edu WILL NOT experience any changes.

Services/devices using smtp.unm.edu on port 465 or 587 must take into account the following.

Today, smtp.unm.edu DOES NOT ensure end-to-end encryption on any ports - the connection between the sending device and the relay is encrypted (if port 587 is used) BUT the connection from the relay to the destination email server IS NEVER encrypted. That is not secure, but ensures delivery to all organizations, regardless of their support for TLS.

After the cutover, the relay will start to enforce end-to-end encryption when mail is sent via port 587. That is, the connection between the sending device and the relay is encrypted, and the connection between the relay and the destination email server is encrypted. Encryption from the relay to the destination email server is enforced – if the destination email server does not support STARTTLS, the message will not be delivered.

That is the most secure configuration BUT AFFECTS DELIVERY TO ORGANIZATIONS WHOSE EMAIL SERVERS DO NOT SUPPORT TLS.

Users of smtp.unm.edu on ports 465 or 587 who need to ensure delivery to all organizations, regardless of their support for TLS, should use port 25 instead (and submit a request to have the device/service IP whitelisted, so clear-text authentication on port 25 is avoided).

An outage of all services that flow through UNM's primary load balance hardware to be expected. Outage window is expected to be brief, but an extended time is requested to give adequate time for a successful cutover from the old to new hardware.

This includes but not excluding Banner ERP lobowebapp systems, dept web services, LoboCloud vRA Portal, Shiboleth, LDAP, CAS, oraweb, web, wireless, and individual 1:1 web servers VMs in SDDC using load balance hardware.

Announcements will be made to IT Alerts, SYSINFO, and BANNEROPS once the cutover and testing has verified a successful transition

IT Platforms to federate console.cloud.vmware.com with UNM.EDU Azure AD SSO MFA. This will be converting any account that accesses console.cloud.vmware.com using ID@unm.edu with local VMware.com password to authenticate against Azure AD SSO with MFA and against validated UNM.EDU Global Groups synched into console.cloud.vmware.com.

This will NOT affect users accessing my.vmware.com for support, license, and software downloads.