Server Support

The Server Support team manages enterprise IT and networking services such as Active Drectory and Microsoft Exchange. The team also provides managed server administration and managed file services for departments.

Services for DCAs

Here are a list of services that are typically provided to Departmental Computer Administrators, who in turn support them for their individual customers.

Availability: 

Monday - Friday, 8:00am to 5:00pm

Phone: 
541-737-4710

Active Directory

DCA Service Request Forms

Please use this migration request form when one or more users are going to move from one domain to another.

Active Directory (AD) is a directory service that holds user accounts, computer accounts and groups, and stores security information for those objects. The servers that store the directory information and respond to authentication and directory lookup requests are called domain controllers. Global Catalog servers are special directory servers that contain a subset of information for every object in the forest.

Active Directory Services

Network Engineering maintains the forest root for the Oregonstate.edu AD forest. In addition, Network Engineering is responsible for the following:

  • Schema: The schema controls how objects are defined in AD. Occasionally, it is necessary to make additions to the schema. All such changes are handled by Network Engineering. Schema changes will be thoroughly tested before being implemented, and domain administrators will be notified of the changes and the reasons for making them.
  • DNS for AD: Network Engineering maintains AD service records in DNS for the Oregonstate.edu forest and other AD forests on campus.
  • Replication: Network Engineering monitors communications between domains and will contact departments running their own domain controllers if problems are discovered. Departments should contact Network Engineering when they are experiencing problems so that we can help resolve them.
  • New domains: Any department wishing to add a new domain to our AD forest should submit an Active Directory Account Migration Request. We will only consider requests that meet the requirements outlined below.

Note: If circumstances arise which affect the overall health of the Active Directory forest and Network Engineering cannot reach the DCA responsible for a system, Network Engineering may log in to Domain Controllers and make necessary changes; we will notify DCAs immediately afterward in such cases.

Requirements For Adding a New Domain to the Forest

In order to keep our AD forest as robust and reliable as possible, and to decrease replication traffic, we would like to minimize the number of domains in the Oregonstate.edu forest. Network Engineering will only consider requests for new domains when the following are true:

  • The department has at least two full-time, qualified IT staff.
  • Adequate hardware has been dedicated for at least 2 Domain Controllers.
  • Domain controllers will be monitored 24x7, and IT staff can be reached by Network Engineering in the event of an emergency.
  • The department has specific functionality requirements that cannot be met by an OU in an existing domain, such as FS_Mail.

FS_Mail Domain

Information Services provides access to the FS_Mail domain for groups who wish to use Microsoft Exchange but do not maintain their own Active Directory domain. There is no charge for FS_Mail accounts. Each department has access to their own Organizational Unit (OU), and permissions are delegated to the Departmental Computing Administrator (DCA).

FS_Mail Domain Benefits

  • Free: There is no fee for an OU in the FS_Mail domain or for accounts created there.
  • Delegated Permissions: The DCA has complete control in the OU, and can create objects, delegate permissions, set group policy, etc.
  • Redundancy: There are two domain controllers in the fs_mail domain, housed in separate locations, and backed up by UPS power.
  • Maintenance: Three full-time staff maintain the domain controllers and keep them up-to-date with the latest security patches.
  • Production Standards: The FS_Mail domain controllers are monitored 24x7, and outages that may affect customers are performed only during scheduled maintenance windows.
  • Support: Network Engineering does not provide desktop support for users of the FS_Mail domain, but we will provide some assistance to DCAs. Departments who are interested in full desktop support should contact Community Network.

Requirements For Using an FS_Mail Domain

  • DCA: Each department wishing to create accounts in the FS_Mail domain must have a DCA to perform this task, and be the point-of-contact for Network Engineering staff. Departments who do not have a DCA should talk to Community Network.
  • Licensing: Network Engineering will purchase client access licenses for departments that are not part of the Microsoft Campus License Agreement, but it is up to each department to pay for Windows and Office licenses at the desktop.

Services Not Provided With FS_Mail

  • Desktop Support: Network Engineering will consult with DCAs but we do not provide desktop support.
  • Email: Exchange Email is a separate service which does have a fee - read the Exchange documentation for more information.
  • Server Support: Network Engineering will charge a fee to provide support of departmental servers.

Departments interested in using the FS_Mail domain should contact us.

LDAP Connections to the Exchange Global Address List

There are currently two directories on campus:

These two directories contain much of the same information, but they are not identical.

The OSU Online Directory currently contains records for everyone that has an ONID account (anyone officially associated with OSU). The OSU Online Directory is meant to be public and gets information from OSU's student and human resources system (Banner). Because the information in the Online Directory comes straight from Banner, it is generally very accurate.

The Exchange Global Address Book is a private directory visible only by people with accounts in OSU's Active Directory forest (Exchange users and all ONID users). It contains all the information from the OSU Online Directory (because ONID accounts are listed in it as well), plus a large number of Exchange accounts. All of the non-ONID information in Exchange is manually entered in a somewhat inconsistent way. This means that sometimes it is more accurate and sometimes it is less accurate than the Online Directory.

We are doing our best to bring these two directories closer together over time.

Configuring Your Email Client to Use the OSU Online Directory

This directory requires no authentication, and is very easy to configure. See the ONID documentation for more information.

Configuring Your Email Client to View the Exchange Global Address Book

If you are using Outlook in MAPI mode (this is how most users on campus use Outlook), you can automatically view the Global Address Book by clicking on the Address Book icon. There is no special configuration required.

If you are using a different email client, or Outlook in POP or IMAP mode, you will need to add the Global Address Book as an LDAP server in your client's settings. Please note the following caveats if you choose to use this directory via LDAP:

  • When accessing the Global Address Book via LDAP, you will not see the exact same information that Outlook users see. For example, you will see hidden objects that don't normally show up in the Outlook address book.
  • You can only connect to the Global Address Book via LDAP if you have an Active Directory account - authentication is required.
  • The LDAP server does not currently support secure communications, so your username and password will be passed in plain text. Consider using the VPN if you will be accessing the Global Address Book via LDAP from off campus.

To add the GAL to your Outlook 2007/2003 client first go to the Control panel. From the Control Panel double click on the Mail icon, click Show Profiles, select the profile you want to add the GAL to. Now with your profile selected click on Properties, E-mail Accounts, Address Book tab, New, LDAP, and put in the information below.

The settings needed to connect to the Global Address Book are as follows:

  • LDAP Server Name: gc.oregonstate.edu
  • User Name: domain\username
  • Password: your password
  • Port: 3268
  • Search Base: leave blank

Where "domain\username" is an Active Directory domain and username.

Having trouble? Try setting your search base to dc=oregonstate,dc=edu

Mail Services

Information Services is responsible for the management of the campus-wide email infrastructure. We provide mail relaying, spam and virus filtering, Microsoft Exchange mailboxes, mailing lists, and more.

Microsoft Exchange Mailbox Hosting

We provide a fee-based mailbox-hosting service to approximately 4,500 users campus-wide. We do not provide account administration; that task is delegated to the Department Computer Administrator (DCA) for the department. If your department does not have a DCA to manage account and mailbox administration and support, you should consider using the Community Network service.

Billing and technical information can be found on our Microsoft Exchange Mailbox Hosting page.

NEW: Exchange Online Archiving

Exchange Online Archiving is an email storage option that has been implemented for Exchange accounts allowing messages to be quickly and easily archived to simplify mailbox quota management. This solution utilizes server-side storage that works in a similar manner to the traditional Personal Folders (PST) files most of us are used to. The advantage with this approach is that the archive is backed-up nightly, can have messages moved into it automatically, and is available within Webmail so it can be accessed from off campus. Information and instructions for using Exchange Online Archiving.

NEW: Internet Calendar Publishing for Exchange

This newly enabled feature on the Exchange servers gives individuals the ability to publish their calendar online. Once enabled people can see your current appointments via the web. This can be useful if you have a need for individuals on campus, off campus, or even people outside of the university to view your calendar. Learn how to publish your Exchange calendar online.

Email Lists (Mailman)

We host email lists for discussion, classes, information distribution, or any other use, so long as the purpose of the list is for OSU-related business. Additional information and list administration (such as creating and managing your lists) is available at lists.oregonstate.edu.

Campus Mail Relays

The campus mail relays handle most of the email coming into and leaving campus. The relays run Debian GNU/Linux with Postfix as the mail transport agent. These servers do spam and virus detection with a host of utilities including several RBLs, Amavis, SpamAssassin and ClamAV. These services are provided free of charge to all departments at OSU.

The maximum size limit for a message sent through the campus mail relays is 100Mb.

mail.oregonstate.edu

Any machine on campus that needs to send mail can use the host mail.oregonstate.edu as its outbound SMTP relay.

Hosts off-campus can also use mail.oregonstate.edu, but ONID authentication with SSL/TLS is required. The following email clients are known to support smtp auth: Outlook, Outlook Express, Eudora, Thunderbird and Mail.app. For more information on configuring email clients, please see the Helpdocs site.

smtp.oregonstate.edu

Mail servers on campus should route outbound mail through smtp.oregonstate.edu instead of mail.oregonstate.edu. We try to divide up our traffic so that spam or virus mail inadvertently sent from workstations doesn't cause our production mail servers to be blacklisted. Please don't use smtp.oregonstate.edu to relay mail from regular workstations.

Note: the smtp.oregonstate.edu servers are inaccessible from off-campus. This allows us to handle on-campus and off-campus mail differently.

relay.oregonstate.edu

Most inbound mail for campus passes through the relay.oregonstate.edu servers. If you would like to point an MX at relay.oregonstate.edu, please contact Network Engineering so that we can configure the necessary transport records.

Access Lists for Mail Servers

If you would like to configure a host to accept mail only from the campus mail servers, please allow the following IPs:

  • OSU Mail Relays:
    128.193.15.32/28

 

Mail Flow Diagram

The diagram below shows how mail flows at OSU.  Click on the diagram to see the full-sized image.

Note that emails from authenticated clients, on-campus clients, and OSU mail servers are only subject to anti-virus scanning. In contrast, messages from the Internet (cloud with angry eyes in the diagram) are subject to many more checks including RBLs, greylisting and SpamAssassin tagging.

When email messages leave the OSU network destined for the Internet, they are subject to anti-virus scanning, but are not otherwise hindered.

The "Client Rules" on the top-right of the picture show that email can also be filtered by the recipient.

Diagram showing email flow at OSU

Dealing With Spam at OSU

Network Engineering uses several tools to help keep spam from reaching your mailbox.

Greylisting

OSU implemented greylisting at the campus mail relays on October 30, 2007. At that time, statistics showed that greylisting reduced by over half the amount of spam that arrives in OSU email accounts.

Greylisting works by sending a temporary failure message on the first attempt of a unique combination of sender IP, sender and recipient. Legitimate, properly-configured mail servers deal with a temporary failure by queueing the message and resending later. (Resend times vary, but 15-30 minutes is typical.) On subsequent attempts to send a message, the greylisting server allows the message to be delivered.

Greylisting works as an effective method to prevent spam because spammers typically do not bother to queue mail. Rather they blast the spam out once and ignore delivery failures.

The downside of greylisting is that it may cause a legitimate message to be delayed (typically for about 30 minutes, although this depends on the configuration at the sending server). Messages may also appear to arrive out of order, as subsequent messages from the same sender are not delayed. This will only happen the first time that a new sender tries to send to a new recipient.

Sites that have implemented greylisting address these issues by building up a comprehensive whitelist. That is the approach we are taking as well. We have already whitelisted several sites that OSU communicates with on a daily basis. If there are sites that you are concerned about, please send us a list at net (at) oregonstate.edu, and we will add them to the whitelist.

NOTE: Greylisting does not apply to email sent within OSU.

Real-time Black Hole Lists (RBLs)

An RBL is a list of hosts that are known spammers or open relays (misconfigured mail servers). When we receive email from one of these sites, we bounce the message back to the sender explaining that they are in an RBL and providing directions to get delisted from it. We also block mail from dynamic IP ranges, because mail servers should never have a dynamic IP. Finally, we block mail from dialup users and cable modem users - these users must relay through their ISPs mail server rather than sending directly to us (a trick often used by spammers).

We use the following RBLs at OSU:

If you are having trouble receiving mail from another site because they are listed in one of these RBLs, please tell the person at the remote location to contact their e-mail administrator or ISP and give them the information in the bounce message that they received from OSU. Contact us at net(at)oregonstate.edu if the sending site is unable or unwilling to get delisted - we may be able to help them get delisted, or simply add them to the allow list.

OSU Block List

In addition to RBLs and greylisting, we maintain a custom block list for OSU. When we receive complaints about senders or hosts on the Internet spamming OSU addresses, we put in a static block for that site. Sometimes the block is a sender address (such as user@yahoo.com), or an IP address. In some cases we will block an entire domain name (e.g. everything @foo.com) or a block of IP addresses that seem to be in use by spammers.

Phish Detection

We treat messages that are detected as phish the same way that we treat virus emails: they are discarded at the mail relays. In addition, we block the reply-to address on phishing emails so that if anyone at OSU tries to reply to a phish, their message will not go to the phisher.  Users who have responded to a phish with their username and password will typically have their OSU account disabled, and will be asked to change their password. 

Despite our best efforts, some phishing emails still make it through. Please never send your password in email, and be careful with your personally identifiable information such as credit card numbers and social security number.

SpamAssassin Tagging

All messages coming into OSU from the Internet are tagged with SpamAssassin headers. These headers indicate the likelihood that a given message is spam. You can use these headers to filter mail that is likely spam into a junk folder. For more information, see the SpamAssassin page.

Microsoft Exchange Mailbox Hosting

Network Engineering provides a fee-based Microsoft Exchange mailbox hosting service to approximately 4,500 users campus-wide. This service includes:

  • Spam filtering
  • Anti-virus protection
  • Active Directory domain licensing for departments without a domain (FS_Mail)
  • Remote access via Outlook Web Access and POP/IMAP
  • Public folders
  • Tiered support team
  • 24x7 uptime active monitoring via MOM and OpenNMS
  • Regular maintenance and upgrades
  • Production standards and scheduled maintenance windows
  • Replacement equipment on hand
  • Nightly full backups (for system disaster recovery only)
  • Retention of deleted mailboxes for 90 days
  • Retention of deleted mail items for 14 days

Permissions are delegated to the Department Computer Administrator (DCA), who is responsible for all account and mailbox administration and user support. DCAs have access to a full-time Exchange support person for help with everything from configuring clients to troubleshooting mail delivery problems.

Exchange Billing Information

We charge $2 per mailbox/month for mailboxes set to the default "prohibit send" limit. Current default limits are:

  • warning limit: 400,000 KB (400 MB)
  • prohibit send: 500,000 KB (500 MB)
  • prohibit send & receive: 1,000,000 KB (1 GB)

Mailboxes set to a higher quota are billed an additional $2 per 500,000KB increment of the default "prohibit send" limit, e.g. a 1GB mailbox costs $4/month, a 1.5GB mailbox costs $6/month, and so on.

Resource mailboxes with a quota of 100MB are free.

We also provide access to the FS_Mail domain for groups who wish to use Exchange but do not maintain their own Active Directory domain. There is no charge for FS_Mail accounts.

Please note: Network Engineering does not provide account administration - that task is delegated to the DCA for the department. If your department does not have a person to manage account and mailbox administration and support, you should consider using the Community Network service.

ONID Class Email Groups

Excepting College of Business courses (see below), every course at OSU now has its own Exchange email address. These class addresses are actually email 'groups' and contain the ONID email address of every student in the course. An instructor can quickly and easily contact everyone currently enrolled in the class by sending an email to the course address and adding new members to the group.

On the first day of each term the email groups are automatically created from course lists in Banner. Instructors are automatically given permission to send and receive group email. By default, instructors are only allowed to send group email from their ONID email address.

Login & Help

Frequently Asked Questions

What if I don't know my ONID login name and password?
If you have never signed up for ONID, or have forgotten your ONID password, visit the ONID homepage. To sign up for ONID, click on the "Sign Up For ONID" link in the top left. To change a forgotten password, click on the "Change Password" link in the top left.

Why was my message to my class list rejected?
By default, only the instructor of a course can send to the list, and only from their ONID email address. If you are the instructor for a course and need to send to a list from another email address, click on the link above to manage your list. Login with your ONID credentials, and then add your other email address as a sender.

Why can't I add my email address as a sender?
Your email address must be in the Exchange Global Address Book in order for you to add it as an approved sender on your class list. Contact your Department Computer Administrator to get your email address added to the Exchange Global Address Book.

How do I remove a Sender that I added manually?
All senders that you have added manually are now displayed. You can remove one by clicking on the person's name.

How do I remove a Member that I added manually?
We have not implemented this feature yet, but we hope to make it available soon.

Where are the College of Business classes?
The College of Business uses a different process to create class groups. In order to avoid confusion, we are not creating ONID class groups for Business classes. If you are a Business instructor, please contact your college for more information about class groups.

I added my TA as a sender. Why don't they receive mail sent to the list?
Adding someone as a sender is not the same as adding them as a member. If you want someone to be able to send to a list AND receive mail sent to a list, add them as both a sender and a member.

Will the changes I make to my class groups now be saved for next term?
No. All group configuration changes and memberships are reset at the end of the term, because a given course may be taught by a different instructor in the next term. If you make custom changes to your class groups one term, you will need to make those changes again at the beginning of the next term.

Can I get a list of the members on my class lists?
The list memberships are hidden in the Exchange Global Address Book to protect student privacy. To obtain a list of members in your classes, visit Blackboard or the OSU Online Services page.

SpamAssassin

Oregon State University uses SpamAssassin to tag inbound email that appears to be spam. You can use these SpamAssassin tags to filter junk mail out of your mailbox.

Headers assigned by SpamAssassin

Example headers that you can filter on:

X-Spam-Flag: YES
X-Spam-Level: ********
(a # of stars indicating the likeliness that this is spam)

When creating a rule in your e-mail program to filter mail based on SpamAssassin tags, you have the choice of either using the "X-Spam-Flag" header, or the "X-Spam-Level" header. The X-Spam-Flag header will be set to YES whenever the message has a SpamAssassin score of 5 or higher. If you would like to catch messages with a score of 3 or more instead, you can create a rule that looks for this header:

X-Spam-Level: ***

How to use SpamAssassin

ONID Users

You can enable SpamAssassin by going to http://www.onid.orst.edu. Choose "Login to ONID", and click on "Manage Mail" after you have authenticated.

Microsoft Outlook 2000 & XP:

  • Note: Outlook XP requires you first create a "Blank Rule" and then all of the following apply.
  • Right-click on your "Inbox" and choose "New Folder". Name it "junk".
  • Click Tools then Rules Wizard.
  • A window should pop up, click New.
  • Choose "Check Messages When they Arrive" and click next.
  • Check the box for "With <Specific Words> in the Message header".
  • Click the "specific words" link and enter the following as its shown: X-Spam-Flag: YES
  • Click "move it to the specified folder".
  • Choose the "junk" folder you created in the first step and click OK.
  • Click "Finish" then OK. Your rule should now be set up. DO NOT CLICK NEXT.

Entourage

  • Click Tools then Rules.
  • Select Specific Header as the criteria.
  • Enter the desired trap for the headers.
       Example: X-Spam-Flag: YES Would filter any message that was tagged by our system as "Spam"
  • Click apply.

Eudora 5.X

  • Click on Tools then Filters
  • Click New
  • Highlight the 'untitled' rule you've just created
  • On the right, check Incoming and change HEADER to say <ny Header>
  • Find the pulldown menu that says contains, and change it to matches regexp (case insensitive)
  • Enter X-Spam-Flag: YES on the line next to it.
  • Set first action to Transfer To then Trash. Or any other folder you want to filter the spam to.
  • Set second action to Skip Rest
  • Close box, and say yes when asked to save filters.

Spam-identification tactics used by SpamAssassin

  • Header Analysis: spammers use a number of tricks to mask their identities, fool you into thinking they've sent a valid message, or fool you into thinking you must have subscribed at some stage. SpamAssassin tries to spot these.
  • Text Analysis: Spam messages often have a characteristic style (to put it politely), and some characteristic disclaimers and CYA text. SpamAssassin can spot these, too. For a list of the rules that SpamAssassin uses see SpamAssassin Tests.
  • Razor: Vipul's Razor is a collaborative spam-tracking database, which works by taking a signature of spam messages. Since spam typically operates by sending an identical message to hundreds of people, Razor short-circuits this by allowing the first person to receive a spam to add it to the database -- at which point everyone else will automatically block it.

SQL Database Hosting

MS SQL Server is a database management system that supports Microsoft's version of SQL (Structured Query Language). It has commonly been used by businesses for small to medium size databases. On campus its main use has been for data storage for third party applications and websites.

MS SQL Hosting Services & Costs

We offer an environment for departments to use MS SQL 2005 & 2008 without having to purchase server hardware, software, and licensing. SQL Maintenance and backups are included with the service.

  • $40 per month per database.

Request MS SQL Service

If your department is interested in our SQL hosting service, please fill out the SQL Server Request Form. If you have general questions about this service, contact us at itconsult (at) oregonstate.edu or 541-737-4710.

SSL Certificates

Secure Sockets Layer (SSL) is a security protocol that provides an encrypted Internet connection. An SSL certificate is proof from an independent third party that your website belongs to the organization it says it does and that your users will be transmitting information via an encrypted connection. You should use an SSL certificate to protect any website or service that handles sensitive data such as login credentials.

Certificates can also be used to sign documents electronically or to sign code for distribution.

Free InCommon Certificates 

OSU is now registered for the InCommon Certificate service.  With this membership, OSU has unlimited access to SSL certificates at no additional cost to individual service providers.  All OSU-owned domains are covered.  The following certificate types are available: web server SSL certificates, extended validation certificates, code signing certificates, wildcard certificates and SAN certificates. The certificate authority (CA) is Comodo, an industry-standard CA trusted by most clients. 

To obtain a certificate through InCommon, please complete the InCommon SSL Certificate Request Form.

Other Certificate Authorities

Thawte - To request or renew a Thawte certificate, please use the form below. However, please be aware that OSU now has access to free certificates from InCommon (see above).

Order or renew a Thawte SSL Certificate

Windows Servers - All domain-joined Windows servers in the Oregonstate AD forest can make use of AD SSL certificates at no cost.  The certificates will automatically be trusted by AD-joined client machines at OSU. To request a Windows certificate, please email ServerSupport@oregonstate.edu.

Other CAs: You may request an SSL certificate from another Certificate Authority and the request will typically be forwarded to the WHOIS contact for the domain name of the host.

GoDaddy SSL Certificates
DigiCert Certificates

IPSCA - You may also request an SSL certificate from IPSCA, a certificate authority that provides free 2 year SSL certificates to EDU customers. Please Note: we have experienced some support issues with IPSCA and are no longer recommending this service.

Request an IPSCA Certificate

IPSCA SSL Certificate Request

IPSCA certificates should work with all major browsers but we do not have a lot of experience with this vendor yet, so use at your own risk. These certificates are ideal for systems with limited use that you might currently be securing with a self-signed certificate.

To Request a Certificate from IPSCA

  1. Visit http://certs.ipsca.com
  2. Click on the option "$0 for 2 years .edu Domain".
  3. Generate a CSR on the server to be secured. Click on the help link on the IPSCA page for help generating a CSR from your server software.
  4. Fill out the form:
    1. Type of Certificate: Choose "Education (2 years $0)".
    2. Customer Contact Information:
      First Name: Network
      Last Name: Engineering
      email: hostmaster@oregonstate.edu
      Phone Number: 541-737-9187
      Fax Number: 541-713-3000
      Company: Oregon State University (* Required *)
      Address: Kerr B211
      Address: Oregon State University
      City: Corvallis
      State: Oregon
      Zip: 97331
      Country: United States
    3. Technical Contact Information: enter your name, email and phone.
    4. Server Type: Select your server software.
    5. Paste in your certificate signing request that you created above.
    6. Read the agreement and click Submit.
  5. After you submit your request, an email will be sent to Information Services for approval. Once we have approved the request, you will receive email from IPSCA.
  6. Follow the instructions from IPSCA to install your certificate.
  7. NOTE: you may need to install the root CA from IPSCA - otherwise, clients will complain about the certificate when they connect to your server. Please follow the directions in the message from IPSCA.

Thawte SSL Certificate Request

The following steps should be followed by the system administrator of the server that the SSL certificate will be hosted on.

Thawte Pricing

We pre-purchase tokens from Thawte at a discounted bulk price.

New/Renewal

  • 1 Year - $189.99
  • 2 Years - $379.98
  • 3 Years - $569.97

Additional license for a certificate

  • 1 Year - $189.99
  • 2 Years - $379.98
  • 3 Years - $569.97

Part One

Once we have reviewed your request, you will receive an email back from us indicating that you can proceed with the renewal or acquisition.

Part Two

  • Go to http://www.thawte.com.
  • Click on "My Account."
  • Click on "Enterprise Account."
  • Sign in by entering your username, which is typically your OSU email address, and your password.
  • To renew a certificate, click on "Renew" next to the certificate name. To request a new certificate, click on "Get a certificate."
  • Choose the type of certificate, number of years, and number of server licenses. Thawte will then ask you to paste in the CSR from your system. If you need help generating a CSR, click on the question marks on the site for assistance.
  • Once you have submitted your request to Thawte, Thawte will ask Information Services to approve it. This step typically takes no more than a few minutes during business hours. However, it may take Thawte up to a couple of hours to issue the certificate.
  • Once Thawte has issued the certificate, you will receive an email with instructions for retrieving it.

VMWare Hosting

Information Services offers low-cost, fault-tolerant VMware Virtual Machine hosting. Both of our systems use VMware ESX and Dell 2950 PowerEdge servers. You can get individual VMware Virtual Machines starting at just $60.00/Month, or we can implement a customized dedicated VMware server environment to meet your needs.

We provide you with a base Linux or Windows Operating System, either 32bit or 64bit, on VMware ESX hosts along with VMware HA (High Availability) on Dell PowerEdge servers connected to 4GB fiber array disks. We can take snapshots of your VM before you apply updates or install applications to test. Once testing is done please contact us to remove the snapshots, as they are for temporary uses and are not to be used as a backup service.

We can install Windows Server 2003/2008, Debian, Red Hat Enterprise Linux or SUSE Linux. You would need to purchase an OS license or provide proof of ownership.

VM Pricing

Our monthly fee covers:

  • Ongoing hardware replacement and upgrades
  • VMware service and patching of ESX hosts
  • Annual software licensing and maintenance
  • FTE to support the service

Owners of the VMs are responsible for:

  • Performing your own OS patching and updates
  • Performing your own backups

As an alternative to performing your own backups, Information Services offers server backup services for an additional cost.

Processor Capacity Memory Disk Storage Base Cost
1 CPU 512 MB up to 1024 up to 40 GB $60.00/mo
2 CPUs 2 GB RAM up to 80 GB $90.00/mo
4 CPUs 3 GB RAM and up up to 200 GB $125.00/mo