17
Reddit’s r_k12sysadmin Credits: @r_channels @reddit2telegram
Network Tools
Curious and interested in all answers, but we are a smallish independent school with limited budget. Currently using a mesh of free and open source solutions. What are you all using for your network monitoring, IP management, etc.. on a smallish scale?
https://redd.it/1kybs8f
@r_k12sysadmin
Google 2FA Issues
We started enforcing 2FA this last school year for almost all of our staff and for the most part it was simple and little resistance. I am however having issues it seems with a percentage of staff that whenever they change their password it breaks the 2FA, i have to change the Enforced setting to their OU to Enforced by (Date) so it will let them re-enroll, and then go to their user account and turn their 2FA off. It seems to be mostly random as to who it affects or doesn't affect... anyone else have this issue? We use Google AD Sync and the password changes happen in our domain environment initially. Thanks!
https://redd.it/1ky0ecm
@r_k12sysadmin
I made a website to make hardware checking Chromebooks easier.
At the beginning of this year, I found myself with a stack of Chromebooks that had been turned in by students at the end of the previous school year. Since this is my first year working with Chromebooks, I ran into two problems:
1. I had no way of knowing whether the returned Chromebooks were actually in working condition or if the students had simply turned them in without regard to their state.
2. As I began distributing Chromebooks, I’d occasionally find one left on my desk with a note that just said “doesn’t work.”
So, at the start of the year, I threw together a basic website to help me save time testing devices. It was rough, but it got the job done.
Over this past weekend, I cleaned it up, gave it a proper UI, and made it public.
I'm sharing it here in hopes it might save others some time too:
https://WeTestIt.live
The website includes the following features:
Camera Test: Displays all available cameras side by side simultaneously.
Keyboard Test: Shows a visual of the keyboard and highlights keys as they are pressed or held.
Sound Test: Plays a tone from either the left or right speaker independently. You can also choose the audio output source.
Microphone Test: Displays both the waveform and spectrogram for a selected input device. Also includes a recording and playback feature.
Mouse Test: Plots mouse X and Y movement on a graph and visually shows delta movement. Tracks left and right clicks as well.
Dead Pixel Test: Fills the screen with solid red, green, or blue colors. Clicking cycles through the colors to help identify dead pixels.
Touch Screen Test: Displays the location of all screen touches, with labeled indexes for multi-touch support.
CPU/Hardware Stress Test: Shows CPU load, RAM usage, and battery percentage. Includes a multi-threaded stress test to assess thermals and troubleshoot power-related issues.
https://redd.it/1kxkml6
@r_k12sysadmin
Highschool classroom AV setup?
Just looking for some advice/options here. All of our district buildings, except the high school, connect a laptop to an AV cart in the front of the room. The high school classrooms still have desktops from 2012 or so, along with Chromebooks teachers got during Covid. We're refreshing the highschool classrooms. The plan was to get them new staff Chromebooks, remove the desktops, and sell the old covid chromebooks to recyclers.
Some teachers and building admin have asked about keeping the old chromebooks to roam around the room with while teaching, and leave the new one plugged in to AV. While I see the benefits of this, I don't really want to continue supporting the old devices. A wireless display option could be nice, but I've had bad experiences with ChromeCast in the past.
What do your typical high school classroom setups look like? We do still have projectors that aren't in the budget to be replaced yet. While going to a touch display would be nice, that's a future upgrade for us.
https://redd.it/1kxfwkn
@r_k12sysadmin
I just got my Vmware Quote and it is Nuts
So with that being said, I just want to get a feel of what you might have done and if and what other virtualizer did you go with. Any tips, regrets, etc. Thanks so much. By the way, I have 4 hosts runing about 10 servers between them, $15,000ish for a year. Nuts?
https://redd.it/1kwvad6
@r_k12sysadmin
Win10 EOL - Extended Security Update Program
Lots of districts have old Windows machines that either don't have good enough components to upgrade to Win11, or the district doesn't have the budget to fully replace the devices. Luckily, there is an alternative option...
Microsoft is now offering educational discounts for Win10 Extended Security Updates, costs come to be:
1 year of extended security updates for Windows 10 = $1 per device
2nd year of extended security updates for Windows 10 = $2 per device
3rd year of extended security updates for Windows 10 = $4 per device
This is only for educational districts, regular end users pay $30 for the first year, so in terms of saving money, it's incredible. In our district. we planning on utilizing this offer for most of our Windows 10 machines, until there is enough budget to fully replace them. I want to share this information in case someone doesn't know and they're wondering what the heck to do with the upcoming Win10 EOL. I brought this attention to my cousin who works in another district, and they're saving $100k or more in total. Figured this info might help someone else out there!
https://www.microsoft.com/en-us/education/blog/2024/04/windows-10-end-of-support-updates-for-education/
https://redd.it/1kwqkqj
@r_k12sysadmin
Anyone have an alternative to LittleSIS for Google Classroom Management? Maybe that links to Powerschool?
Been using LittleSIS for years, love to tool. It has its quirks and limitations, but alongside GAM I'm able to reliably sync rosters nightly, manage and make changes to the ownership and other roles in classrooms through their admin interface, and get information and troubleshoot as needed. Admin has pushed back on it this year and tasked me with finding an alternative that may also sync grades from Classroom to PowerTeacher Pro Gradebook.
Anyone have any different products? I know I can sync my rosters to Clever, then import with the sync in Workspace for Edu Plus, but I'd lose the classroom management explorer LittleSIS provides. For ease of use, I'd rather not have to rely on GAM -- yet if I had to I'm sure I could script some of the more common uses of it if I needed to.
I did find the "gradetransferer" chrome plugin to empower teachers to take their GC grades and import them to PS.
Anyone have any great tools for managing google classroom creation/archiving/rostering? Bonus Nachos if it handles grade transfers to PS!
https://redd.it/1kwopmc
@r_k12sysadmin
Android based smart panels
Why is it when I get a new smart panel from any manufacturer that it’s straight garbage?
I’m working on one a teacher says it plays the audio from a video but no picture and it only plays certain content
https://redd.it/1kv8tg2
@r_k12sysadmin
Anyone know how to check why an interface may have gone down?
Earlier today our ES went down - cameras, PA, Internet, phones, etc. I found some show commands for our Cisco connection between the HS and ES to check logs, but none of them show when the connection dropped, how long it's been up, if there was any power surge or drop before it went down, etc. The HS/MS, all in one building, stayed up, but the ES lost connection for about...well the user claimed it was down for 20 mins before they contacted us. It came back up on its own as soon as I showed up (I did see the cameras down, and slowly coming back up when I got there, and I couldn't connect via IP phone when I tried calling over). Any ideas on how I might be able to figure out what happened to maybe prevent it from happening again? Also we have construction going on, and they are digging. If they hit the fiber without breaking it, would that have caused a temporary break in the connection?
https://redd.it/1kdjnz5
@r_k12sysadmin
Board Room Presentation Setup
I have been given the task to find a way to connect two large screen televisions in our boardroom for when people come to present at board meetings. I'm curious if anybody is doing this that allows users to present from all devices and if there is a way to do this wirelessly without having to physically connect an HDMI. I would like both screens to display the same content
https://redd.it/1kdejqj
@r_k12sysadmin
Moving from Jamf Connect to native Kerberos?
Hi all,
I'm struggling with the fact that we're at the mercy of JamfConnect's 2-week license renewal grace period being during summer break when teachers will probably have their computers offline. What this means for my users is that they will probably get back after their license has expired and when they go to log onto their computers they'll get a big message about their license having expired. Even if the device pulls down the refreshed config profile automatically and the JamfConnect app refreshes itself with the new license (BIG DOUBT), it's still a bad look for our department with something that's not our fault, it's just Jamf being unable to wrap their heads around how K12 education works -- namely that most of our fleet will be offline for nearly 3 months out of every year.
Have any of you configured the native Kerberos SSO extension to keep passwords synced with AD for local accounts? That's really all we need. Login window replacement with IdP is cool, but not necessary. I'm looking for implementation guides or resources.
Thanks!
https://redd.it/1kdaqzk
@r_k12sysadmin
Primary/Secondary Education or higher ed for Google Workspace?
I've been having a growing problem of 2FA with students in situations where they can't resolve it. The reasoning isnt that 2FA is set for them, it is because Google didn't recognize their location and challenged it. Then the students dont have a phone on them for variouse reasons.
Aparantly, our partner Trafera has a google account they use for setting up our new chromebooks before sending them ot (I am new and was unaware untill I ordored more student Chromebooks). Now they are getting the same thing and after some research and checking my settings I felt at a loss.
So I read if your school is set to higher ed it might be extra strict and when I took a look it was set to higher ed and we are a highschool. I thought I did enough research to establish that it wouldnt break anything to change this to Primary/Secondary Education. I guess I made a bad mistake becuase soon after, I started to get students at my office door. It started with not being able to get into Securly Pass and dont know if related but Apple suddenly wasn't able to sync with our google accounts. Well I don't have time to tinker, I am already overwhelmed tbh, so I just switch it back to higher ed and that resolved the issues. However Apple still can't sync and I may have to reach out to them for help.
Beyond my dumb mistake.... Should our school really be on higher ed? That seems odd? I don't know why that was set up to begin with. Maybe it doesnt matter? Or maybe I should consider changing that this summer if possible? What do you all use?
Also.. any advice on this Trafera vendor situation? you can only pause the challange for 10mins
https://redd.it/1kcyc25
@r_k12sysadmin
State testing accomodation app replacement
Hi all - as Google will be discontinuing Chrome app support in the near future (reference: https://support.google.com/chrome/a/answer/15950395), we are seeking a replacement for the "Shiny Shiny" app. This app has been essential for providing accommodations to our special education students during state testing, allowing them to type or dictate their answers on Chromebooks without requiring Wi-Fi or auto-correct features. Have been using it for years and it was a perfect solution.
We are now trying to find alternative workflows that can achieve this same functionality on Chromebooks without relying on a Chrome app.
If you are aware of any existing workflows that could meet these specific accommodation needs, it would be awesome to hear about them. Thanks!
https://redd.it/1kcg5kb
@r_k12sysadmin
Admin wants to buy school issued laptop
I have an admin who wants to purchase their school-issued laptop from the district. Has anyone navigated this before? We are a K-12 public school in Minnesota.
https://redd.it/1kcflc2
@r_k12sysadmin
How do I disable Copilot app for students on 11 24H2?
Dumb question probably, but I feel like I'm missing something.
I'd like to remove copilot, preferably through GPO since we don't use Intune. But from what I can tell it's not working anymore in 24H2. I can remove the icon, but students are still able to launch it and run it.
Is there a way to remove it without Applocker? Or should I just remove the appxpackage on login or something?
Leave it to Microsoft to have a GPO that says "Allow Copilot" that doens't actually do anything.
https://redd.it/1kcagkx
@r_k12sysadmin
Unique Smartboard issue, can you guess the cause?
https://redd.it/1kybt7q
@r_k12sysadmin
Apple TVs blank displays needing restarts
We use Apple TVs for our wireless projection, lately we have been seeing a high number of classrooms where the device needs to be rebooted before the apple tv display shows up. these are HD 4th gen models. we have tried updating from 18.3 to 18.5 firmware and new HDMI cables but we still have issues. Any ideas?
https://redd.it/1kxluf0
@r_k12sysadmin
Prevent UAC prompt - GPO running .bat to run .exe on district machines
Hello all,
I'm testing a .bat file that will run a .exe to install Google Drive for Desktop. I want to use group policy to push this out to district machines. The .exe is located on a shared file on one of our servers, and I have a command in the .bat that appears to be working which simply points to the .exe:
"\\\\SRV\\sharedFolder\\GoogleDriveSetup.exe"
Running the command in cmd from a client machine works as expected, but it prompts for UAC when the .exe is run. Is there anything I can add to the command to prevent the UAC prompt or any other solution to this?
TIA
https://redd.it/1kxhnb5
@r_k12sysadmin
Is it possible for students to make groups in Google?
My attention was called to a specific student today who needed to lose some privileges due to her behavior. While I was glancing over her user page in Google, I noticed that she was in a Google Group. Usually, I'm the one who makes and assigns staff to groups in Google. The only time I ever assign students to groups is if it pertains to extensions they need, or losing privileges. The group has a very generic name and is this particular student as the Owner and 6 or so other 5th graders. I have no earthly idea where this group came from, nor why a student is the owner. Is it at all possible for students to create a group by themselves?
https://redd.it/1kwvghr
@r_k12sysadmin
Windows 11 upgrade
Hey guys I work for a high school district and we have to make a huge purchase of PC'S to make way for the end of support of windows 10. We have a bunch of OptiPlex 7010's and 7050's. I've heard there's ways to get around upgrading these to windows 11 by making some changes in the registry but I'm not sure that's the right way to go. Thoughts? Opinions?
https://redd.it/1kwpkqa
@r_k12sysadmin
Update Policy Not Installing Updates — HELPPPP?
Hi everyone,
I’m testing a Windows 11 24H2 laptop where I’ve configured the Group Policy to force automatic download and installation of Windows Updates. According to the policy settings, updates should be downloaded and installed automatically every day.
However, after monitoring the device for 2 days, I noticed that updates are downloaded and detected (Event IDs 41 and 26 in WindowsUpdateClient), but never installed. No install events show up in the event viewer.
My questions:
1. Could there be other policies or settings that override this behavior and block installation?
2. Is there a known issue or bug in Windows 11 24H2 that might cause this problem?
3. Are there specific logs or diagnostic tools I should check beyond WindowsUpdateClient events to understand why the install never happens?
4. Could any power or wake settings interfere with scheduled installs even if the machine is awake?
https://redd.it/1kwq9rt
@r_k12sysadmin
Master Google Calendar
Hello.
There is a push to keep a Google master calendar once and for all, but I am not sure about our approach. To be clear, I have not been asked to be involved, and my suggestions so far are not being heard, but I am trying to avoid headaches down the road, when it inevitably becomes my problem.
So, a bunch of people (departments, clubs, etc...) will have their own calendars and will share those with the calendar person, who will then put all the events into a "master" calendar for all to see. I already see lots of problems with this.
We also want to print a monthly calendar and send it home. Apparently our parents are asking for it. I can't start to imagine the blot on a monthly calendar that includes every daily schedule, club meeting, athletic event, assembly, filed trip, etc. etc....
I would suggest, at minimum, and this is where I would like to hear other suggestions as well, that each department, club, etc. would share their calendar with anyone who needs to be in the loop, not just the master calendar person. Each person then would be able to see all department calendar events at once as needed (i.e., when trying to avoid conflicts with other events, rooms, etc.) or hide them when not needed.
How do you guys use your Google calendar to make a "Master" that makes sense?
https://redd.it/1kwm4ov
@r_k12sysadmin
This is more of a professional development question, but I need some input.
TLDR: Building principal asked what he can do to get me to stay long term. The only things I don't like about my job is the money and my office. He doesn't handle salary, and I'm not totally sure my office is something that can be changed (might be an office up for grabs next year, might not). Work pays for my certs, doesn't reimburse for tuition, I don't think. What do I tell him? Am I overlooking anything that you more seasoned techs might think to ask for?
I apologize if this isn't the correct space to ask this in.
I am currently in my first ever IT role and have been there for a bit over a year. I was originally hired to pretty much just be the floater. I'd go wherever I was needed rather than having my own school to manage while my peers managed their own school. No degree, no certifications, no experience. One of the other techs quit and he was not very well-liked, to say the least, and I ended up taking over his school. They have vocalized many times they didn't like the other tech and they love me and don't ever want me to leave. My plan was to get a year of experience, get my certs, and move on to better things (more money), but I really love being there and decided to stay until it is no longer financially feasible. I don't know when that would be.
The building principal emailed me recently, wanting to set up a meeting. He said he was very impressed with my performance, my proactive thinking, and he really likes having me in the building. He said he wanted to know my future aspirations so he can help me get there and wants to know what he can do to keep me in the building long-term. He said he never bothered trying to do "evaluations" with the tech in our building since no one ever stayed long term. I don't know where I want to take my tech career, but I am starting college later this year to obtain a bachelors in IT. Work does pay for my certs, but I don't believe they reimburse for tuition. I will be taking out a $4,000 student loan.
The only two things I can honestly say I don't like about my job is my office, and the money. My office is very small, dusty, has no air flow and is cramped. Any more than one person in there and you're bumping shoulders. It's also right next to coat hooks and is very loud when the kids get their snack or come to and leave school. Additionally, the kids tend to peak in and watch over my shoulder and I don't always catch them right away. Closing my door isn't totally feasible and I can't rearrange the office so the kids can't see my screens (trust me, I have tried more than once). The money? Terrible. I don't get paid that much and am almost, but not quite, paycheck to paycheck. According to ZipRecruiter, I am below average. We are a fairly small district and are paid on the same level as maintenance and the custodians. I'm not sure if this is normal, or different for bigger districts.
I can't ask him for a raise, since he doesn't handle salary, and it would create a discrepancy between myself and the other techs that have their degree and years of experience on me. I would also feel like I am going over my boss's head, and I would never do that. Additionally, my certs are paid for by work, There is a very, very small chance one of the counselor's offices is up for grabs next school year, and aside from asking to be considered for the office, if it even opens up, I have no idea what to tell him that would make me want to stay long term. What are some things I may be overlooking that you would ask for in order to stay long-term? Or, should I just tell him everything I said here and see what he might do on his own volition?
https://redd.it/1ke54ix
@r_k12sysadmin
ClassLink ThreatScan
https://www.classlink.com/products/threatscan
https://redd.it/1kddxnt
@r_k12sysadmin
Do Chromebook-only users need Microsoft A3 licenses?
We are working on our Microsoft EES licensing for next year and the vast majority of our teachers and other instructional staff will be moving to Chromebooks and will not be using Windows computers at all. From bits I've read, it sounds like those users would NOT be required to have an A3 license and we could save some money.
For example, this page strongly indicates the users would not need the license:
https://support.oetc.org/hc/en-us/articles/360036019012-Microsoft-How-do-I-count-the-number-of-Education-Qualified-Users-EQU-at-my-institution
The most pertinent lines include: "If an employee or contractor needs access to products or features from the M365 A3 or A5 suites to do their job, they are counted as an EQU" which is basically restating Microsoft's definition of an EQU that says "An employee or contractor (except students) who accesses or uses an Education Platform Product for the benefit of the institution."
So it *seems* we would be able to reduce our Microsoft A3 licenses by the number of staff who will now be 100% on the Google platform.
Have any other districts dealt with this? Did you come to the same conclusion and were able to reduce your licensing significantly?
Thanks for your time!
https://redd.it/1kdbfjn
@r_k12sysadmin
Cisco Meraki Multicast Setup?
Prefece: Networking is my weakest area. I know enough to do some basic troubleshooting and set up, so if this is a dumb question, please bear with me.
TL:DR - How do you set up multicast routing in a Cisco Meraki network?
I am working on trying to get things set up and ready for the summer so I can hit the ground running when school lets out. I purchased a new imaging deployment software (as we still have multiple PC labs that I need to reimage) and so far it has been working well.
The issue is that if I try to image items through the network using multicast deployment, it doesn't work. Unicast works fine, but I can't be doing just a few devices at a time.
Speaking to support for the software (which is ManageEngine OS Deployer), they said what they can see from the logs is that the network is dropping the multicast packets.
I am trying to rectify this, but for some reason I am really struggling to figure out how to set this up. Any thoughts or advice on how to do this? I have tried following their documentation but have still been unsuccessful.
Details:
- Imaging software is ManageEngine OS Deployer
- Whole network is Cisco Meraki hardware
- All PCs are in same VLAN
- Server PC has a static IP address
- Target machines are DHCP
Any thoughts or advice would be greatly appreicated! Thank you!
https://redd.it/1kczsno
@r_k12sysadmin
ID scanning (registry check) + Badge Printing?
We currently use VisitU (acquired by PikMyKid) to scan IDs and print badges for visitors.
We are making the switch to ParentSquare to handle CICO and implement easier packet/form signing. PS has all we need except the ability to scan IDs and print badges, which VisitU did before.
Is there any third party software or such that we can use, that isn't an entire/expensive annual subscription?
VisitU/PikMyKid cost $3500/year base price--just seeing if there are strictly ID scanning + badge printing solutions that don't necessarily need to connect to our SIS, since we want to pay for ParentSquare and just implement some smaller solution for badge printing.
Thanks for reading!
https://redd.it/1kcivpn
@r_k12sysadmin
Chromebooks with full storage...
Hi all!
I have a fleet of about 3,000 chromebooks. A LOT of them are all above like 90% full on storage.
We are 1:1 but when devices are back from repair or handed in after graduation, they are given back out.
they are so full get get super slow as well.
How can I remedy this issue? My setting is set to "do not erase local data". Its been like this for YEARS. Most state testing requires this actually.
Would mass clearing user profiles help this issue? Or should I turned on "delete local data" for like a full week, then turn it back off?
https://redd.it/1kcenpo
@r_k12sysadmin
Mediatek Wireless Cards on Chromebooks
I'm trying to get my Chromebook replacements to fit within what I budgeted, but everything's gone up significantly.
I found a model that has a Kompanio processor, which doesn't worry me too much - I've got a couple (one is my own test unit) and performance seems fine.
What does give me pause is the wireless card - a MediaTek MT7921. I've been burned before by terrible Realtek wireless cards that I had to swap out with Intel cards to make laptops usable. However, I think a lot of that was due to lousy Windows drivers so maybe less of an issue on ChromeOS? An issue like this might not be immediately apparent on my couple test units, but could show up at scale.
Just wondering if anyone has experience with this wireless card and if it's fine in Chromebooks in your environment? We use 802.1x auth and the 5 GHz band exclusively.
https://redd.it/1kcdgrx
@r_k12sysadmin
Compass Cloud and MacOS
Has anyone deployed Compass Cloud using Mosyle or JAMF so far? Certiport recommends just manually installing it, saying moving it in the script I use can cause issues, but I need a way to actually deploy this.
https://redd.it/1kc60zz
@r_k12sysadmin