If you haven’t heard, we are splitting up our workload into tier 1 (Service Desk) and tier 2 (CX desktop support). For CX-supported customers/computers we now have the option to escalate to a dedicated tier 2 team who can handle more advanced troubleshoots and in-office appointments.
The Service Desk will continue to be the first point-of-contact for customers.
Q: Can we still schedule in-office appointments as before?
A: Yes. Make sure to assign the ticket to the technician who has the appointment and use the “CX Tier 2 Desktop Support Escalation” template to capture the information the technician will need.
Q: I’ve been on the phone with the customer for a while and can’t think of anything to try – can I just escalate the ticket to tier 2?
A: Please try to exhaust all tier 1 resources first, including searching our knowledge base and asking for help on Teams. Please don’t “punt” customers to tier 2.
Q: Is there a phone number I can transfer calls to for tier 2?
A: No. Let the customer know you are making a ticket and escalating it, and that someone will get back to them shortly. Or, schedule an in-office appointment as appropriate.
Q: When should I schedule an in-office appointment versus assigning a ticket to tier 2 and letting them follow up to schedule?
A: Use good judgment. If the problem is pretty well-understood but requires on-site work (example: setting up a computer in someone’s office) scheduling an appointment makes sense. If the problem is “weird” and may require some research, let the customer know someone will get back to them about scheduling and reassign the ticket to tier 2. If the customer is calling in to make an appointment, of course make an appointment!
Q: Normally I would escalate this issue to IAM or Canvas or Office 365 teams. Should I still do that?
A: Yes. If there was already an established escalation path for that issue, please continue to use that. CX Tier 2 Desktop Support is more for general desktop support troubleshooting and questions, like software issues, network issues, printing issues, etc., and is for CX-supported customers only.
Q: Should I assign accounts issues to CX Tier 2?
A: No. Those still go to the CN Accounts team.
Q: Can we still dispatch a technician to someone’s office if they need urgent in-person help?
A: Yes! If you are working on-site in Milne, you can still go to a customer’s office if needed. You can also ask on Teams (use tag @tier2ds) if anyone from the tier 2 team is available.
Reftool will be updated today, 11/16, with a new Azure Groups feature.
Azure Groups Overview
Previously, RefTool would query the local domain controller for user groups. This would return many groups, but would often miss groups that were only in Azure or on a different domain controller. Querying Azure instead solves this issue and gives more information on each group, such as the specific on-premise domain it’s from, the description, and the type of group it is. Some examples of groups only in Azure are Microsoft Teams teams and some administrative groups.
User Interface Changes
The previous group display, located in the “Account Details” block, has been removed. A users groups will now display at the bottom of their user page. A “Jump to User Groups” button has been added to the “Account Details” block to allow you to quickly jump to the new groups display.
The Azure Groups block itself is a simple table of information for all of a users groups. The following are some specifics about the table:
You can sort the “Group Name” and “Group Source” columns by clocking their headers
“Group Source” shows you which on-premise domain controller the user group was synced from or if it is a group only in Azure
The copy button will only copy the group name. Copying the DN is not possible
There is a “Get Nested Groups” button below the table that allows you to see groups that a user’s groups are members of. This feature is only recommended for advanced users
Groups are not instantly synced to Azure. The bottom left of RefTool shows the last sync time. Additionally, there are some cases where certain groups are not synced to Azure
At about 9:00am on Wednesday, 10/27/2021, the first round of ONID password resets are due. There are 16,000 accounts in this first round, and several thousand still need to change their password. IAM are monitoring these numbers as we get closer to the deadline. Past ticket counts indicate that about 2-3% of customers need assistance with password change, so we are currently estimating about 80 additional calls on Wednesday. Several of our full-time staff have their schedules blocked that morning to help with tickets, and IAM will be helping with tickets as needed that day, too.
Please use the ticket form called “ONID Password Assistance” when helping customers.
Note that Service Desk has the ability to do reset PINs for students now – we do not need to refer to Registrar. Please verify identity as usual.
Athletics Firewall Migration 10/28/2021
On Thursday, 10/28/2021 at 6:30am-7:30am, the Athletics workstation firewall will be migrated to new equipment. Customers may notice a very brief outage, but most should not be impacted. If there are any issues after the change that appear to be firewall related, please contact Andre Farque or Tyler Pruitt on Teams.
On Monday, 10/4/2021, an announcement will be sent to all CN and Cosine customers about changes coming for management of OSU-owned Apple devices.
The announcement notifies customers of the following upcoming changes:
All Apple devices will be enrolled in Microsoft Defender for Endpoint (MDE) for antivirus/antimalware.
All Apple devices will be enrolled in JAMF for OS and software updates and inventory. (Note: most CN Macs are already in JAMF, but most Cosine and Hatfield computers are not.)
New Apple devices will be domain-joined and users will login with their ONID account.
On New Apple devices, users will no longer have local admin, except in specific cases.
The use of Apple IDs and applications that require Apple IDs will be minimized.
The announcement is going out as a heads up to customers. However, at this time we are not quite ready to join all Macs to Active Directory. In particular, there are some issues with domain joining Big Sur computers. The Infrastructure and Endpoint teams are working on this issue and hope to have it resolved soon.
As we setup new Macs (or “rebuild” existing Macs) we should make sure they have MDE installed, but do not need to domain join them yet. I hope to have an update on that by the end of next week.
RefTool is scheduled to update Monday, September 27th, at 8:30 PM. Below are some changes included in this update
Search Interface Improvements
The user interface for RefTool search has been simplified to better show all the options and tools available to the user. Please note that no functionality was removed, but it may be in a different location. One key difference is that department search is now hidden until you click the “Search Options” button.
The following changes were also made:
Now, searching a se- account as an email address (like firstname.lastname@example.org) will return a result, even if that is not actually a working email address
You can now right click -> open in new tab (or middle click) a search result to open it in a new tab
RefTool now looks much better on mobile phone and tablets