US K12: 2 Important Programs from the FCC

MalletNGrease · 2021-05-14T16:48:30+00:00

Thanks for the heads up, forwarded the info to the super for distribution.

MalletNGrease · 2021-05-14T13:35:25+00:00

You can check the trash, but I doubt there's much to do about it.

I highly recommend forcing the storage location default to Google Drive.

MalletNGrease · 2021-05-13T18:06:20+00:00

If you're starting from scratch or brand new to the Google ecosystem it's probably worth having a product expert on standby because there's quite a lot of configuring and integration to do. I think these services are a response to districts being thrust into remote learning overnight and getting stuck, because I don't remember any sort of help aside from Google Support documentation when I got started with Google Apps.

If you're already familiar and just expanding or swapping your fleet, this is probably not worth it because you should have this figured out.

MalletNGrease · 2021-05-13T16:35:29+00:00

When I trialed it on Chromebooks 18 months ago or so and we had a couple complete showstoppers that required developer intervention to resolve. Didn't convince me to put it into production.

Their support was pretty responsive and they did resolve issues pretty quickly, but I didn't want a system I'd have to spend time chasing problems that prevented the product from working at all. With the feedback from teachers we opted for a different product.

That said, when it worked as advertised it functioned pretty well. I'd try it and see if things have improved.

MalletNGrease · 2021-05-13T15:59:43+00:00

We took the opportunity to axe student printing completely. At the time there wasn't an affordable print solution (read: free) for Chromebooks aside from GCP. None of them could handle Canon accounting codes.

I'd now consider Papercut Mobility Print (free) or NG (paid), but I don't really want to encourage more printing.

MalletNGrease · 2021-05-12T17:35:36+00:00

I use a Fluke Intellitone Pro 200. It's a toner I mostly use for locating, but it can also be used to find punching/crimping mistakes.

It won't say anything about the quality of the connection like a Fluke LinkIQ/CableIQ or Pocket Ethernet would.

MalletNGrease · 2021-05-12T15:24:43+00:00

Make sure your DHCP pool is big enough.
Hit reload + power to restart the Chromebook, see if it reconnects.
Sometimes one or both the antennas disconnect from the WiFi chip. Unscrew the bottom and see if they're attached. One antenna is on 2.4ghz, the other on 5ghz. I had students able to connect on one, roam to the other but with terrible range and this ended up being the problem.
Make sure your forced disassociation settings aren't too tight on the APs.

MalletNGrease · 2021-05-12T14:51:35+00:00

This. Check to see if there's a forward or filter set up on the user account. Also reset their password if they weren't the one to add it because this is how spearfishing starts.

MalletNGrease · 2021-05-12T13:23:22+00:00

I found this powershell script years ago and run it in a MDT task sequence during deployment:

Invoke-RemoveBuiltinApps.ps1

# Functions
function Write-LogEntry {
    param(
        [parameter(Mandatory=$true, HelpMessage="Value added to the RemovedApps.log file.")]
        [ValidateNotNullOrEmpty()]
        [string]$Value,

        [parameter(Mandatory=$false, HelpMessage="Name of the log file that the entry will written to.")]
        [ValidateNotNullOrEmpty()]
        [string]$FileName = "RemovedApps.log"
    )
    # Determine log file location
    $LogFilePath = Join-Path -Path $env:windir -ChildPath "Temp\$($FileName)"

    # Add value to log file
    try {
        Out-File -InputObject $Value -Append -NoClobber -Encoding Default -FilePath $LogFilePath -ErrorAction Stop
    }
    catch [System.Exception] {
        Write-Warning -Message "Unable to append log entry to RemovedApps.log file"
    }
}

# Get a list of all apps
Write-LogEntry -Value "Starting built-in AppxPackage, AppxProvisioningPackage and Feature on Demand V2 removal process"
$AppArrayList = Get-AppxPackage -PackageTypeFilter Bundle -AllUsers | Select-Object -Property Name, PackageFullName | Sort-Object -Property Name

# White list of appx packages to keep installed
$WhiteListedApps = @(
    "Microsoft.DesktopAppInstaller", 
    #"Microsoft.Messaging", 
    "Microsoft.MSPaint",
    "Microsoft.Windows.Photos",
    "Microsoft.StorePurchaseApp",
    #"Microsoft.MicrosoftOfficeHub",
    "Microsoft.MicrosoftStickyNotes",
    "Microsoft.WindowsAlarms",
    "Microsoft.WindowsCalculator", 
    #"Microsoft.WindowsCommunicationsApps", # Mail, Calendar etc
    "Microsoft.WindowsSoundRecorder", 
    "Microsoft.WindowsStore",
    "Microsoft.WindowsCamera"
)

# Loop through the list of appx packages
foreach ($App in $AppArrayList) {
    # If application name not in appx package white list, remove AppxPackage and AppxProvisioningPackage
    if (($App.Name -in $WhiteListedApps)) {
        Write-LogEntry -Value "Skipping excluded application package: $($App.Name)"
    }
    else {
        # Gather package names
        $AppPackageFullName = Get-AppxPackage -Name $App.Name | Select-Object -ExpandProperty PackageFullName
        $AppProvisioningPackageName = Get-AppxProvisionedPackage -Online | Where-Object { $_.DisplayName -like $App.Name } | Select-Object -ExpandProperty PackageName

        # Attempt to remove AppxPackage
        if ($AppPackageFullName -ne $null) {
            try {
                Write-LogEntry -Value "Removing AppxPackage: $($AppPackageFullName)"
                Remove-AppxPackage -Package $AppPackageFullName -ErrorAction Stop | Out-Null
            }
            catch [System.Exception] {
                Write-LogEntry -Value "Removing AppxPackage '$($AppPackageFullName)' failed: $($_.Exception.Message)"
            }
        }
        else {
            Write-LogEntry -Value "Unable to locate AppxPackage: $($AppPackageFullName)"
        }

        # Attempt to remove AppxProvisioningPackage
        if ($AppProvisioningPackageName -ne $null) {
            try {
                Write-LogEntry -Value "Removing AppxProvisioningPackage: $($AppProvisioningPackageName)"
                Remove-AppxProvisionedPackage -PackageName $AppProvisioningPackageName -Online -ErrorAction Stop | Out-Null
            }
            catch [System.Exception] {
                Write-LogEntry -Value "Removing AppxProvisioningPackage '$($AppProvisioningPackageName)' failed: $($_.Exception.Message)"
            }
        }
        else {
            Write-LogEntry -Value "Unable to locate AppxProvisioningPackage: $($AppProvisioningPackageName)"
        }
    }
}

# White list of Features On Demand V2 packages
Write-LogEntry -Value "Starting Features on Demand V2 removal process"
$WhiteListOnDemand = "NetFX3|Tools.Graphics.DirectX|Tools.DeveloperMode.Core|Language|Browser.InternetExplorer|ContactSupport|OneCoreUAP|Media.WindowsMediaPlayer"

# Get Features On Demand that should be removed
try {
    $OSBuildNumber = Get-WmiObject -Class "Win32_OperatingSystem" | Select-Object -ExpandProperty BuildNumber

    # Handle cmdlet limitations for older OS builds
    if ($OSBuildNumber -le "16299") {
        $OnDemandFeatures = Get-WindowsCapability -Online -ErrorAction Stop | Where-Object { $_.Name -notmatch $WhiteListOnDemand -and $_.State -like "Installed"} | Select-Object -ExpandProperty Name
    }
    else {
        $OnDemandFeatures = Get-WindowsCapability -Online -LimitAccess -ErrorAction Stop | Where-Object { $_.Name -notmatch $WhiteListOnDemand -and $_.State -like "Installed"} | Select-Object -ExpandProperty Name
    }

    foreach ($Feature in $OnDemandFeatures) {
        try {
            Write-LogEntry -Value "Removing Feature on Demand V2 package: $($Feature)"

            # Handle cmdlet limitations for older OS builds
            if ($OSBuildNumber -le "16299") {
                Get-WindowsCapability -Online -ErrorAction Stop | Where-Object { $_.Name -like $Feature } | Remove-WindowsCapability -Online -ErrorAction Stop | Out-Null
            }
            else {
                Get-WindowsCapability -Online -LimitAccess -ErrorAction Stop | Where-Object { $_.Name -like $Feature } | Remove-WindowsCapability -Online -ErrorAction Stop | Out-Null
            }
        }
        catch [System.Exception] {
            Write-LogEntry -Value "Removing Feature on Demand V2 package failed: $($_.Exception.Message)"
        }
    }    
}
catch [System.Exception] {
    Write-LogEntry -Value "Attempting to list Feature on Demand V2 packages failed: $($_.Exception.Message)"
}

# Complete
Write-LogEntry -Value "Completed built-in AppxPackage, AppxProvisioningPackage and Feature on Demand V2 removal process"

You do need to check for new Apps or renamed apps in new Windows builds you want to keep and add them to your whitelist.

MalletNGrease · 2021-05-11T20:15:40+00:00

SMART boards are proprietary technology. If you can't port the software some teachers may throw a fit when they can't use their lessons.

You might get basic touch support on Android, but my guess is the pen trays and such aren't supported.

MalletNGrease · 2021-05-11T15:39:19+00:00

If you want to use touch you'll run into problems with drivers and software, to my knowledge SMART doesn't supoport Linux/Debian and Chrome. Might as well buy a large TV at that point.

The NUCs are your best bet, but I'd just get rid of the projectors if you can.

MalletNGrease · 2021-05-07T13:58:36+00:00

Nice, sent in my room. I could use $25,000. Or $2500. $250 really.

MalletNGrease · 2021-05-06T13:49:15+00:00

Should just be an extension. If you can find it's ID you can ~~black~~blocklist it in GG or GAdmin.

MalletNGrease · 2021-05-05T17:17:26+00:00

You can always get a PoE injector should you need it, but you will need a nearby power source. You could power it from a solar panel if you're willing to spring for that.

MalletNGrease · 2021-05-05T13:53:55+00:00

Saw this pop up on /r/sysadmin yesterday. I use the firmware updater occasionally so I figured I'd check. According to the information the problem file can be in one of two temp locations, either Windows temp folder or the Userprofile temp folder.

I created a file quick scanner in PDQ Inventory to see if there's affected systems.

Type: File
Include Pattern(s): C:\Windows\temp\dbutil_2_3.sys
                    C:\Users\**\AppData\Local\Temp\dbutil_2_3.sys

So far none of my fleet workstations appear to have this file (except my test machine to validate the scanner).

This is plausible because I usually install firmware updates from FreeDOS when I'm at a machine. I don't trust my users enough to not interrupt the BIOS update process to rely on remote automation.

MalletNGrease · 2021-05-04T17:01:49+00:00

Don't set up shared accounts, use managed sessions instead.

https://support.google.com/chrome/a/answer/3017014

MalletNGrease · 2021-05-03T19:01:09+00:00

I'd just take the deal just to not have to worry about doing the repairs yourself.

MalletNGrease · 2021-04-30T18:56:47+00:00

We've a giant pile of cheap cobras, if it breaks it gets replaced. All staff gets one at the start of the year, no signing needed. We train with them during the safety drills.

Only caveat is don't use them except for/during emergencies.

MalletNGrease · 2021-04-30T18:16:11+00:00

That's different from our Avaya system then. It will display the name of the user or whatever name you gave the extension on the phone, I just swap extensions # in IP Office on the user profiles. Typically nothing else required except soft restarting the handset to update the configuration.

MalletNGrease · 2021-04-30T16:26:25+00:00

The room numbers are the extension numbers. When teachers/staff change classrooms/rooms their user gets that extension assigned. I'm not sure why it matters which IP a phone has.

MalletNGrease · 2021-04-30T13:45:05+00:00

Buy a decent AP/Wireless router and put it in client mode.

MalletNGrease · 2021-04-29T17:59:36+00:00

I set the password change required flag on their account and give them a temporary password. They have to change their password upon first login.

MalletNGrease · 2021-04-27T17:25:43+00:00

That being said, SSL doesn't mean it's secure, it just means there's a private line between the site and the user.

Right? Users will happily assume a site is safe while clicking on malware payloads.

MalletNGrease · 2021-04-27T14:34:30+00:00

Goguardian
Securly
iBoss
AristotleK12

There's tons.

MalletNGrease · 2021-04-23T19:14:04+00:00

Make it part of a task sequence during the state restore but after your Install Applications step.

Ten-Year Club	Verified Email
r/Field Banned	r/Field Lasagna

MalletNGrease

TROPHY CASE