What are supported Operating Systems?
- Microsoft Windows 2019
- Microsoft Windows 2022
- Red Hat Enterprise Linux 8
I have some questions about my server but do not know where to go, what do I do?
If you have an emergency please contact the IT Assistance Center.
For general inquiries or requests involving hosted services, you may submit a Server Support Request.
What is the policy on server names?
The server names themselves are determined by the Systems Administration Team (with your input), but you are permitted to request an alias (DNS CNAME) to have a friendlier name for your end-users.
Example Server Name: itacweb1.matrix.txstate.edu
Example Alias: frontdesk.itac.txstate.edu
Naming conventions still apply when requesting an alias for a fourth level domain or higher (see UPPS 04.04.08).
How do I make my server accessible off-campus?
- You can request VPN access via infosecurity@txstate.edu if your system needs to be accessible through VPN.
- If you need access off-campus and it can't go through VPN
How do I receive authorization for specific applications?
Applications/software must be reviewed by the Information Security Office. This can be initiated by submitting a Service Evaluation Request.
How can my application authenticate against TXST?
Numerous options exist and should be established in your data security plan from Information Security Office.
| Native AD |
Depends on the application documentations. Submit any binding requirements to the Systems Administration team via Server Support Request. |
| LDAPS |
Request an LDAP service account.
Must use LDAPS (secure LDAP)
- Ldap.txstate.edu:636
- Ldap.qual.txstate.edu:636
- Ldap.dev.txstate.edu:636
|
|
SAML Single Sign-On (Shibboleth)
|
If your application supports SAML, request via SAML Single Sign-On. |
What are my options for password-less authentication?
At this time, only our Red Hat Enterprise Linux servers are configured to allow for certificate-based authentication.
What is our multi-factor authentication solution and how can I use it with my server?
- We utilize Duo Multi-Factor Authentication.
- If you would like to add DUO to your SSH or RDP, please submit a Server Support Request.
- If you would like to add DUO to your application and it supports it, you may request an integration key from infosecurity@txstate.edu.
Preferred solutions for common requirements
The short name of the server doesn't work but the long name does, what can I do?
Using the short name/NetBIOS name (server instead of server.dept.txstate.edu) is not recommended nor supported. The DNS name of Fully Qualified Domain Name should be used in all cases.
Can I request a bare metal server?
You may contact ITAC with your request of specifications and budget.
Will TXST IT house my server hardware for me?
We may only house systems that were purchased or coordinated through Technology Resources and meet various requirements such as vendor, warranty, etc.
I have a vendor who needs access to my server, what can I do?
- Teams/Zoom where the application admin shares their screen
- Guest account with VPN access
I need help managing my server. Where can I go?
You may review the shared responsibility model to list the separation of duties between application and systems administration. The Systems Administration team will provide the server, network, backups, OS updates. Systems Administration can also be of assistance in connecting to other University-managed services. Any assistance with installation/configuration/upgrades of your application should be directed to your software vendor or a consultant.
How is access to a server controlled or changed?
Microsoft Windows
A role (Active Directory Group) is made available in the Online Toolkit. The name will traditionally follow the format of RDP-<servername>-Admins. For example, if your server name is itacapp1, the group would be RDP-itacapp1-Admins.
Any changes to this group should come from the role manager of the group. If you do not know who that is, or one is not assigned, a ticket to ITAC requesting the manager or addition of a manager can be sent.
Red Hat Enterprise Linux
There are two primary ways for controlling access to a RHEL server.
- A role (Active Directory Group) is made available in the Online Toolkit. The name will traditionally follow the format of RDP-<servername>-Admins.
EXAMPLE: If your server name is itacapp1, the group would be RDP-itacapp1-Admins.
- A configuration management tool (Puppet) can push the configuration of administrators to a server or a group of servers. You will normally see a designated group of administrators in the same team or department have the exact same access to all that team/department's servers.
EXAMPLE: ITAC may have 3 personnel that manage ITAC Linux systems. Those same 3 administrators would be part of the same group that is pushed to all ITAC Linux Systems.
NOTE: Changes to your server may be requested via the Server Support Request. You can also use this request if you have access to a server and need to be removed as an admin.
What does administrator access mean?
As an administrator, you may install and configure software and are responsible for the operation/maintenance of your software. You may reference the shared responsibility model for more detail.
I'm not responsible for the server, but I need to keep my access.
Administrative permissions for a server inherently entail responsibility for the operation of that server and adhering to all university policies. Texas State adheres to the principle of least privilege. Application administrators are responsible for auditing access to their server and applications via means such as Role Management or application-specific records. Access that is no longer necessary for the administration of the system must be removed.
How do I request actions and/or changes to my server?
Requests for general server changes (firewall, access, shares, etc.) can be made via the Server Support Request.
What do I do if the server is no longer needed?
Requests for decommissioning may be made via the Server Support Request.
Where is my server hosted?
TXST University servers may be housed in one of our data centers on the San Marcos campus. Servers provisioned via the Hosted Service Request will be virtual.
What uptime can I expect?
We do not have any SLA for uptime.
What is the cost for running my server?
At this time, there is usually no cost for running a server in the data center. As this is a shared university resource, if compute (CPU/Memory) or storage requirements are high, there will be additional discussion needed.
Who can request a server?
I have questions on using High Performance Computing for my research, where do I go?