Category Archives: All Groups

Escalating to CX Tier 2 Desktop Support

If you haven’t heard, we are splitting up our workload into tier 1 (Service Desk) and tier 2 (CX desktop support). For CX-supported customers/computers we now have the option to escalate to a dedicated tier 2 team who can handle more advanced troubleshoots and in-office appointments.

The Service Desk will continue to be the first point-of-contact for customers.

The CX Tier 2 Desktop Support team are housed in the basement of Strand Ag. The members of the team are documented here: https://oregonstate.teamdynamix.com/TDClient/1935/Portal/KB/ArticleDet?ID=27764#tier2ds

In TeamDynamix, they are: CX Tier 2 Desktop Support

In the Customer Experience team in Teams, you can notify the Desktop Support team by using the @tier2ds tag.

Please read the following KB for escalation instructions: https://oregonstate.teamdynamix.com/TDClient/1935/Portal/KB/ArticleDet?ID=77269#tier2ds

When escalating, please use the TeamDynamix template called “CX Tier 2 Desktop Support Escalation” and record the following information:

  • Who is the end-user?
  • What computer (or add the asset)?
  • Where are they located?
  • What symptoms/errors were seen?
  • What steps were tried?
  • Wireless or wired?

Please record as much information as you can during the first contact with the customer. This saves time and frustration for everyone later!

Q and A:

  • Q: Can I escalate questions about personal devices?
  • A: If the customer is a CX-supported customer using a personal device for work, this may be appropriate. If you’re not sure, ask in Teams.
  • Q: The customer is not a CX-supported customer; can I escalate their ticket to tier 2?
  • A: No. The tier 2 team is a premium service for CX-supported customers. (CX-supported customers are labeled as such in RefTool, usually. For a list, see: https://oregonstate.teamdynamix.com/TDClient/1935/Portal/KB/ArticleDet?ID=53440)
  • Q: Can we still schedule in-office appointments as before?
  • A: Yes. Make sure to assign the ticket to the technician who has the appointment and use the “CX Tier 2 Desktop Support Escalation” template to capture the information the technician will need.
  • Q: I’ve been on the phone with the customer for a while and can’t think of anything to try – can I just escalate the ticket to tier 2?
  • A: Please try to exhaust all tier 1 resources first, including searching our knowledge base and asking for help on Teams. Please don’t “punt” customers to tier 2.
  • Q: Is there a phone number I can transfer calls to for tier 2?
  • A: No. Let the customer know you are making a ticket and escalating it, and that someone will get back to them shortly. Or, schedule an in-office appointment as appropriate.
  • Q: When should I schedule an in-office appointment versus assigning a ticket to tier 2 and letting them follow up to schedule?
  • A: Use good judgment. If the problem is pretty well-understood but requires on-site work (example: setting up a computer in someone’s office) scheduling an appointment makes sense. If the problem is “weird” and may require some research, let the customer know someone will get back to them about scheduling and reassign the ticket to tier 2. If the customer is calling in to make an appointment, of course make an appointment!
  • Q: Normally I would escalate this issue to IAM or Canvas or Office 365 teams. Should I still do that?
  • A: Yes. If there was already an established escalation path for that issue, please continue to use that. CX Tier 2 Desktop Support is more for general desktop support troubleshooting and questions, like software issues, network issues, printing issues, etc., and is for CX-supported customers only.
  • Q: Should I assign accounts issues to CX Tier 2?
  • A: No. Those still go to the CN Accounts team.
  • Q: Can we still dispatch a technician to someone’s office if they need urgent in-person help?
  • A: Yes! If you are working on-site in Milne, you can still go to a customer’s office if needed. You can also ask on Teams (use tag @tier2ds) if anyone from the tier 2 team is available.
  • Q: I have other questions.
  • A: Please ask Kirsten or Lori on Teams. Thanks!

Reftool Groups Update – 11/16

Reftool will be updated today, 11/16, with a new Azure Groups feature.

Azure Groups Overview

Previously, RefTool would query the local domain controller for user groups. This would return many groups, but would often miss groups that were only in Azure or on a different domain controller. Querying Azure instead solves this issue and gives more information on each group, such as the specific on-premise domain it’s from, the description, and the type of group it is. Some examples of groups only in Azure are Microsoft Teams teams and some administrative groups.

User Interface Changes

The previous group display, located in the “Account Details” block, has been removed. A users groups will now display at the bottom of their user page. A “Jump to User Groups” button has been added to the “Account Details” block to allow you to quickly jump to the new groups display.

This screenshot shows the new “Jump to User Groups” button and shows how the old groups display is no longer there

The Azure Groups block itself is a simple table of information for all of a users groups. The following are some specifics about the table:

  • You can sort the “Group Name” and “Group Source” columns by clocking their headers
  • “Group Source” shows you which on-premise domain controller the user group was synced from or if it is a group only in Azure
  • The copy button will only copy the group name. Copying the DN is not possible
  • There is a “Get Nested Groups” button below the table that allows you to see groups that a user’s groups are members of. This feature is only recommended for advanced users
  • Groups are not instantly synced to Azure. The bottom left of RefTool shows the last sync time. Additionally, there are some cases where certain groups are not synced to Azure
Screenshot of the new groups display

Please contact OSU TeamDynamix Support with any questions or feedback.

Service Desk Digest

ONID Password Changes Due 10/27/2021

At about 9:00am on Wednesday, 10/27/2021, the first round of ONID password resets are due. There are 16,000 accounts in this first round, and several thousand still need to change their password. IAM are monitoring these numbers as we get closer to the deadline. Past ticket counts indicate that about 2-3% of customers need assistance with password change, so we are currently estimating about 80 additional calls on Wednesday. Several of our full-time staff have their schedules blocked that morning to help with tickets, and IAM will be helping with tickets as needed that day, too.

Parent ticket: Parent: Password Changes, August-November 2021

Please use the ticket form called “ONID Password Assistance” when helping customers.

Note that Service Desk has the ability to do reset PINs for students now – we do not need to refer to Registrar. Please verify identity as usual.

Athletics Firewall Migration 10/28/2021

On Thursday, 10/28/2021 at 6:30am-7:30am, the Athletics workstation firewall will be migrated to new equipment. Customers may notice a very brief outage, but most should not be impacted. If there are any issues after the change that appear to be firewall related, please contact Andre Farque or Tyler Pruitt on Teams.

Parent ticket: https://oregonstate.teamdynamix.com/TDNext/Apps/425/Tickets/TicketDet?TicketID=18365483

“Defend the Macs” – Upcoming Apple Management Changes

On Monday, 10/4/2021, an announcement will be sent to all CN and Cosine customers about changes coming for management of OSU-owned Apple devices.

The announcement notifies customers of the following upcoming changes:

  • All Apple devices will be enrolled in Microsoft Defender for Endpoint (MDE) for antivirus/antimalware.
  • All Apple devices will be enrolled in JAMF for OS and software updates and inventory. (Note: most CN Macs are already in JAMF, but most Cosine and Hatfield computers are not.)
  • New Apple devices will be domain-joined and users will login with their ONID account.
  • On New Apple devices, users will no longer have local admin, except in specific cases.
  • The use of Apple IDs and applications that require Apple IDs will be minimized.

The announcement is going out as a heads up to customers. However, at this time we are not quite ready to join all Macs to Active Directory. In particular, there are some issues with domain joining Big Sur computers. The Infrastructure and Endpoint teams are working on this issue and hope to have it resolved soon.

As we setup new Macs (or “rebuild” existing Macs) we should make sure they have MDE installed, but do not need to domain join them yet. I hope to have an update on that by the end of next week.

I have started an internal FAQ for questions about the “Defend the Macs” project and upcoming changes to Apple device management – let me know what additional questions you have: https://oregonstate.teamdynamix.com/TDClient/1935/Portal/KB/ArticleDet?ID=134596

Reftool UI update 9/27

RefTool is scheduled to update Monday, September 27th, at 8:30 PM. Below are some changes included in this update

Search Interface Improvements

The user interface for RefTool search has been simplified to better show all the options and tools available to the user. Please note that no functionality was removed, but it may be in a different location. One key difference is that department search is now hidden until you click the “Search Options” button.

The search page after clicking the “Search Options” button

Smaller Improvements

The following changes were also made:

  • Now, searching a se- account as an email address (like se-onid@oregonstate.edu) will return a result, even if that is not actually a working email address
  • You can now right click -> open in new tab (or middle click) a search result to open it in a new tab
  • RefTool now looks much better on mobile phone and tablets
  • Bug fixes to group names, link editor,