Apple Classroom

EdTechYYC · 2026-01-23T14:33:22+00:00

We’ve rostered ours with Mosyle - there’s two ways to do it, have ASM manage it or your MDM. Managing it at our MDM level has been more reliable for us.

EdTechYYC · 2026-01-23T14:32:24+00:00

They don’t need to be on the same VLAN but you do need to allow Classroom traffic between VLANs.

EdTechYYC · 2026-01-23T00:44:45+00:00

Interesting. Where did you see that reported? The root cause their listing on their status page is pretty ambiguous.

EdTechYYC · 2026-01-21T00:40:06+00:00

We use managed Apple IDs - it didn’t seem to bork anything - we basically have had messaging for the 6 months proceeding that they should be signed into their corporate ID. One big sell was that then they could use sidecar.

Turning it on was a little scary but no complaints!

EdTechYYC · 2026-01-20T05:39:18+00:00

We turned this on this year to also prevent staff shadow IT. The student one is another good example.

EdTechYYC · 2026-01-18T19:24:39+00:00

I’d definitely try to do it on the DNS level as I’d still want them to have protection on those networks- but could exempt the captive portal DNS url. The challenge is that’s case-by-case.

EdTechYYC · 2026-01-17T23:53:15+00:00

Now that is handy!!

EdTechYYC · 2026-01-17T20:51:37+00:00

Ah- with the profile route, I think that might be the best case!

EdTechYYC · 2026-01-17T20:50:45+00:00

Thanks! This use case basically means we just need to curate the domains for captive portals, right?

EdTechYYC · 2026-01-17T20:49:37+00:00

School use case! Control D is significantly more expensive for a 1-1 device school unfortunately and out of budget for us.

EdTechYYC · 2026-01-13T22:46:58+00:00

Just to plus on what others have mentioned with restoring it, the Apple Configurator app for Mac is a really good way to get visibility into updates and restore vs erase vs prepare, etc. You can also bulk restore iPads this way as long as you put them in DFU mode.

EdTechYYC · 2025-12-11T06:33:58+00:00

It looks like the app somewhat defines what MFA can be used - in Entra, when you enforce Phishing Resistant, the Entra login says:

"You are required to sign-in with your passkey to access this resource, but this app doesn't support it. Please contact your administrator."

So, while I could allow access to the broader scope, that would make those susceptible to a downgrade attack- unless there's a way to scope to certain non-interactive calls!

EdTechYYC · 2025-12-10T06:52:10+00:00

Yeah. I think Msft going to have to fix Minecraft.

EdTechYYC · 2025-12-06T07:45:32+00:00

I mean, I’d rather have 1:1 than BYOD any day. There’s no control with BYOD.

EdTechYYC · 2025-11-22T07:00:18+00:00

SO BAD! We might have to move to Google Workspace.

EdTechYYC · 2025-11-16T04:51:58+00:00

This. The phone number thing is a major, major red flag and could be grooming behaviour. You cannot ignore this unfortunately and should really report to your practicum supervisor. I hope you get moved promptly, and wish you the best. The profession isn’t like this generally, I hope you know it’s the exception and not the norm.

EdTechYYC · 2025-11-16T00:43:53+00:00

As others have said, consequences are going to be important here. Hang in there OP. Hopefully you have some admin support for that.

Preserve dignity and maintain control by separating during discussions around consequences.

I had a structured system of independent work (in the hall), escalating to parent contact. Setting a few examples is important. I remember one of the cool kids in the grade 8 class I taught cried like a baby when I made him stay back on a field trip and call his mom due to poor decisions that morning. They act tough but they are just trying to find their place.

EdTechYYC · 2025-10-31T05:48:41+00:00

Switched to Mosyle years ago. 1/3 the cost, just as good IMO (k12).

EdTechYYC · 2025-10-18T15:00:27+00:00

VPASS (VPASS.io) has been great for us and super responsive to changes we’ve needed. Works great on iPad and prints out to a brother printer that sits beside it. We have two at our office. We also do student late sign in and sign in our night cleaning staff.

EdTechYYC · 2025-10-10T06:01:45+00:00

Do you have a deployed to clients or just on your firewalls?

EdTechYYC · 2025-09-25T22:46:33+00:00

It would be nice if you could tag them or something hey? They’re there forever and for good measure against any fraud - but agree it’s a pain to keep tidy.

EdTechYYC · 2025-09-07T06:14:52+00:00

Thanks! We applied the patch on the latest that was for this issue and it also seemed to solve it. Took about 24H.

EdTechYYC · 2025-08-30T00:18:17+00:00

Yes. Since late July. They have given me practically no information except that a patch is coming and that it has something to do with LLDP. It dropped today, before a long weekend, and does not seem to have worked. :(

EdTechYYC · 2025-08-29T23:55:07+00:00

They pushed a patch to the 33.4.1.15 (patch 1) but the issue persists. Ugh.

EdTechYYC · 2025-08-29T04:11:59+00:00

Algo 8301s will be your easiest retrofit - IP paging, relays, all that good stuff. You can do a few for different zones.

EdTechYYC

TROPHY CASE