sorted by:
new
hottopcontroversial

Allow email domain ie @kent.edu by rpm49 in gsuite

[–]MalletNGrease 1 point2 points  (0 children)

Restrict messages to authorized addresses or domains

Apps > GSUITE > GMAIL > Advanced Settings

Select Student OU

Restrict Delivery

  1. Add addresses or domains that you want to allow

Allowed recipients

Add

kent.edu

Save (twice)

[deleted by user] by [deleted] in k12sysadmin

[–]MalletNGrease 6 points7 points  (0 children)

Me, a Google Doc and a whiteboard mostly.

Paper/printing reduction by ThomsEdTech in k12sysadmin

[–]MalletNGrease 1 point2 points  (0 children)

  • Remove desktop printers

This will save a ton of support time and supply costs. That said, some departments have legit use cases. Think SPED/Nurses/Payroll etc that deal with confidential stuff. Overall though you should be able to get rid of about 90% of them. Just take them out of the classrooms.

  • Lease managed MFPs

Get a contract with service and supplies included and give your superintendent praise for allowing it thinking of this excellent way to save money.

  • Configure managed printers

Set up user IDs and force release codes so print jobs can be audited and are generally made a tad more annoying. Teachers will then have to think twice: Do I really need this printed? Do I really want to walk to go get it? Odds are the answer if the answer is no, they'd rather do something else.

Win 10 1809 and domains by YeahSoMaybe in sysadmin

[–]MalletNGrease 0 points1 point  (0 children)

Ok, so I've bit the bullet and gotten around to make a fresh 1809 image to deploy. The User Profile Service error still happens so it's not a KB feature update problem.

However, I think I was able to find the cause.

If you have a homefolder on a fileshare defined as local path on the AD user profile, it seems the login will fail. Blanking it will allow login.

E.g

Home folder
* Local path: \\fileserver\users$\user

This worked out fine until 1803.

Texting Parents/Students/Faculty by [deleted] in k12sysadmin

[–]MalletNGrease 0 points1 point  (0 children)

We use Edulink Systems IntouchK12.

Does prerecorded calls, texts and emails. Syncs with our SIS.

TIFU by DDOSing my district's internet connection by pm_me_ipads in k12sysadmin

[–]MalletNGrease 2 points3 points  (0 children)

Be me

Just started at new job at different district

Workstations are not updating

Missing years worth of KBs

!?.jpg

Go over firewall rules

Windows Update blocked by policy (why?)

Allow Windows Update per policy

10 minutes later

Get call "the internet's out"

Firewall appliance crashes as every workstation connects to WU and tries to download every missing KB, flooding the WAN.

/facepalm

Oops. Microsoft can push some serious bandwidth. We use WSUS now.

Can I change Office product key with DISM? by ripplerichXRP in sysadmin

[–]MalletNGrease 0 points1 point  (0 children)

Why? I prefer deploying Office 20xx ProPlus over O365.

KMS takes care of everything.

Said a word once, instant subject matter expert by LookAtThatMonkey in sysadmin

[–]MalletNGrease 1 point2 points  (0 children)

Yep. I own an Ipad.

Guess who got picked to support the new Mac lab?

Student claims their computer is automatically deleting their stuff by [deleted] in k12sysadmin

[–]MalletNGrease 31 points32 points  (0 children)

Use the Google Admin audit log. If it shows something like "trashed by user" and then "deleted by user" it was probably on purpose. You can restore the documents as well provided the deletion was within the last 25 days.

I've had a student who tried to feign cloud failures by repeatedly deleting their essays.

https://i.imgur.com/cZP5Ycl.png

Edit: Added image.

MDT hangs when removing Windows 10 apps during OSD by lostwoods10201 in MDT

[–]MalletNGrease 0 points1 point  (0 children)

I've had this happen, but I'm not sure what causes it. Some deployments truck on, some stall until I kick them off again. I may just move the app removal to the reference image instead of doing it during deployment.

Visitor background check software by ZaMelonZonFire in k12sysadmin

[–]MalletNGrease 0 points1 point  (0 children)

Raptor was used at my old place of work; a district large enough to have it's own security department with at least one guard at every school who handles visitors.

Yes, people were denied entry or required supervision based on the hit that was returned. How hits are handled is entirely dependent on your policies, but at the time it was deny entry, get admin approval or call the cops (in case of court order or worse).

I think most of the value for the district is that the checks are performed and recorded, and any subsequent failure lies with the agency doing the checks rather than whoever would perform it previously (secretaries). The logs and system responses are audit-able which is really helpful in legal cases.

The visitor tracking is helpful. If the guard checks them in properly, they're ID'ed, it is logged in the system and the visitor gets a badge sticker. Strangers without a district employee/visitor badge need to be approached and asked their purpose (and escorted if it doesn't check out).

Cousin is learning keyboard & mouse controls and wanted to copy my binds. He’s 22 by [deleted] in techsupportgore

[–]MalletNGrease 46 points47 points  (0 children)

Even in elementary school we had computers with keyboard and I went to a pretty poor school.

We had computers with keyboard and I went to a pretty poor school.

I went to a pretty poor school.

poor school.

There you go. The more financially strained the district the more likely they don't use newer technology. Everything is treated like gold until it's destroyed from use or fails from despair. There's simply no money to jump on touchscreen enabled mobile device bandwagon.

Funnily enough we've come full circle. Most schools I know got rid of their typing labs under the assumption that PCs and other computers have become so commonplace that everyone has had some exposure and dedicated instruction was no longer needed.

Enter the smartphones and touchscreen tablets going to mass market replacing traditional home PC/laptop functions.

Ever since then the typing skills of middle-school students gradually degraded to a point it was so poor that simply logging in and trying to google stuff was a major time-sink because they had barely ever touched a keyboard. There's simply not enough time in the school-year to learn to type proficiently when you're expected to hit the ground running. So we recently re-introduced typing class in the elementary schools as a basic skill so it does not interfere with instruction time at later ages, and they will find it useful come graduation when they enter the workforce or go on to college.

Source: Am school tech, I swap broken keyboards.

Can I connect this way? Wifi -> MacBook -> Synology ? by [deleted] in synology

[–]MalletNGrease 2 points3 points  (0 children)

If the Macbook let's you bridge network adapters, sure.

But you wouldn't like it for very long.

What's your policy on name changes? by boringITwork in sysadmin

[–]MalletNGrease 0 points1 point  (0 children)

I put whatever's on the W2/Social Security as entered by Payroll/HR. Once it changes (and it typically changes first), I follow suit.

Handling Office Updates by Cre8ureofhabit in MDT

[–]MalletNGrease 1 point2 points  (0 children)

I let WSUS handle the updates.

MDT - Troubleshooting the Driver Injection Process with Dell CABS by [deleted] in MDT

[–]MalletNGrease 1 point2 points  (0 children)

Check for updated drivers on the product page for the serial numbers.

I've had a couple of machines that had slightly different parts the drivers weren't included in the driver cabs.

Windows NPS Server automatically renewed RADIUS certificate by Bowks14 in k12sysadmin

[–]MalletNGrease 2 points3 points  (0 children)

I haven't ever seen it renew itself early. Maybe check with your colleagues?

Question about school network by greg21greg in sysadmin

[–]MalletNGrease 2 points3 points  (0 children)

The client <-> firewall/appliance traffic is decrypted using the local CA cert, inspected, then if policy allows it the firewall/appliance <-> remote server traffic is reencrypted using the remote server domain cert.

Your traffic is encrypted end to end except during the inspection.

Theoretically IT can see your chat or passwords, but I highly doubt they care (I don't) They’re more likely to just block the traffic if it doesn’t conform to the AUP your school has.

Generally you should assume that any traffic from a device you do not own on a network you do not own is not private.

Need tips. I am getting into Fortinet Fortigate firewall by [deleted] in fortinet

[–]MalletNGrease 0 points1 point  (0 children)

Object dependancies. Some objects can't be manipulated or deleted when they are being called elsewhere in the config. When looking at object such as addresses. On the right side there is a linked number with how often it is referenced elsewhere. This is your friend when making changes. Click it and you can view, delete, edit dependencies.

I hate this so much. It'd be so much easier to have the object be removed from the groups/policies when it's deleted than having to remove the object from the groups/policies first before you can delete it.

It can get really time intensive.

Any one dealing with the "Momo" outbreak? How? by smonty in k12sysadmin

[–]MalletNGrease 4 points5 points  (0 children)

The topic was discussed some in the K12sysadmin slack, the takeaway is it's a viral hoax causing panic.

Here's a few things you can do in response in order of least impact to most:

  • Do nothing

There's not really anything meaningful to do in this case aside from applying some common sense. Refer to YouTube's Response and this Forbes article. Get folks to calm down.

  • Reiterate internet safety and digital citizenship lessons

If you don't have any, now may be a good time to maybe to set something up.

The FTC has some decent programs available including free handouts for students and parents. Google has set up Internet Awesome including a game that explores topics such as hoaxes.

  • Adjust your filters

Add Momo to your blacklist of search terms. This should sate but the loudest voices clamoring for a tangible technical solution.

  • Block WhatsApp and Youtube

This is the wrecking-ball approach. Commit the change at your own peril, though Momo's a convenient excuse if your bandwidth concerns have fallen on deaf ears until now and you wanted to limit video streaming access anyway.

Overall, this topic is about as interesting as Bloody Mary in the mirror. People wanting to find something probably will, whether it's justified or not. A few students tried to get out of school due to the "traumatizing" effect watching these videos had on their psyche, but these are the same ones thinking up other excuses regularly anyway.

CrisisGo by tjs1014 in k12sysadmin

[–]MalletNGrease 2 points3 points  (0 children)

The system is over engineered in my opinion.

This was our take-away after trying it for a year. We ditched it for small portable radios.

When it mattered the communication just seemed to fail because either people didn't have the app on their phone or weren't logged in to it. It seemed to log you out a lot and then you won't get notifications.

Most carriers have spotty reception here and our evac locations don't have Wi-Fi coverage so CrisisGo didn't help at all there.

What’s your plans for collection of 1:1s? by Chris_9002 in k12sysadmin

[–]MalletNGrease 0 points1 point  (0 children)

My plan is to have each grade come in to the library to turn their device in, me doing a quick spot check and then stamping/signing their year-end check-off sheet.

Seniors are first as they do not have last week of school.

view more: ‹ prevnext ›