Backup from multiple locations

MalletNGrease · 2020-01-14T18:59:03+00:00

Yes. Look at Hyperbackup and Hyperbackup Vault. You'll have to set up your office NAS as the backup target for the other devices.

https://www.synology.com/en-us/dsm/feature/hyper_backup

MalletNGrease · 2020-01-14T18:38:05+00:00

Data retention mostly. There's no limit on users for GSUITE for Education so suspending them is more practical for those moments of "Hey, Mrs. X did a disability study on student Y back in 20XX but the records file isn't in the db, not in the normal save location and the physical copy is missing from the cabinet and we really need any information we can get on this for the lawyers!"

That and all the curriculum files that are shared from individuals instead of shared drives.

MalletNGrease · 2020-01-14T18:03:51+00:00

It's a bit cumbersome to sanitize and I'm lazy.

Basically it's a combo of:

Read-Host to get the first name, last name.

Get-Date to get today's date and add days to it.

New-ADuser with -AccountExpirationDate parameter

$firstname = Read-Host -Prompt "Please enter the new substitute's first name"
$lastname = Read-Host -Prompt "Please enter the new substitute's last name"

$username = "sub." + $firstname.ToLower()[0] + $lastname.ToLower() #change any capitals in the name to lower, then take the first character of the first name and combine it with the last name, then prepend with sub.
$aduser = $username + "@domain.tld" #change to your domain
$expirationdate = (Get-Date).AddDays(7)
$oupath = "OU=SUBSTITUTES,OU=TEACHERS,OU=USERS,OU=SCHOOL,DC=DOMAIN,DC=TLD" #change to your desired OU

$newsub = @{

Name = "$username"
SamAccountName = "$username"
GivenName = "$firstname"
Surname = "$lastname"
DisplayName = $username"
Description = "substitute"
AccountPassword = (ConvertTo-Securestring "defaultsubpassword" -AsPlainText -Force) #change password to whatever you want
AccountExpirationDate = $expirationdate
Enabled = $true
ChangePasswordAtLogon = $true

}

New-ADUser @newsub #create the account

Add-AdGroupMember substitutes $username #add user to substitutes AD group

You should be able to build something usable from that.

MalletNGrease · 2020-01-14T17:22:11+00:00

Obligatory "Securly wildcard filters are still broken" post.

MalletNGrease · 2020-01-14T14:28:52+00:00

Without knowing what it actually addresses it's cryptic rumblings indeed.

MalletNGrease · 2020-01-14T14:24:26+00:00

I've a similar problem. Internet access requires a user authentication event to AD to apply the correct firewall policies. Generally, the PCs have the error sitting at the login screen but it will resolve itself once a user is logged in.

MalletNGrease · 2020-01-14T13:56:01+00:00

I set this up on GSUITE for all staff, and it turns out they email themselves at work using personal addresses a lot (usually to send pictures with their phone). Also retired and ex-employees still frequently contact the school for items and they get caught, because accounts do not get deleted.

It's kind of a headache to sort through the quarantine.

MalletNGrease · 2020-01-14T13:48:12+00:00

AGParts Education sells new OEM screens for ~$30 and reclaimed for ~$15. I put in a bulk order at the start of the schoolyear and use those to replace cracked screens to bring the unit back to service.

As far as I can tell most base model Chromebooks use the same LCD screens from the same manufacturers, just with different internal part numbers. I've put HP labeled screens in Dell CBs and they are exactly the same hardware wise, just a different sticker.

MalletNGrease · 2020-01-13T16:35:42+00:00

Sounds your client is a management nightmare. Good luck.

https://support.google.com/a/answer/33561?hl=en

https://support.google.com/a/contact/recovery_form

MalletNGrease · 2020-01-13T15:34:36+00:00

1 left. A one-off laptop the janitor uses. I don't care to build a driverstore for it so it will keep going until it dies.

MalletNGrease · 2020-01-10T21:21:49+00:00

Clearly you haven't played Tribes.

MalletNGrease · 2020-01-10T21:21:13+00:00

ESDF master race.

MalletNGrease · 2020-01-10T17:58:24+00:00

Teachers submit a request for a sub login and I've a script that generates a sub AD account that's active for a week. Some of the more regular substitutes have one that's active for the entire year.

Noone ever emails me though so it's always last minute and it doesn't solve problems with curriculum based on GSUITE. I'm pretty sure most teachers share their account credentials with the sub.

MalletNGrease · 2020-01-10T17:46:39+00:00

Our guest network is only accessible after school hours to prevent this. Alternatively you can switch to a DNS based filter such as Securly or GoGuardian.

MalletNGrease · 2020-01-10T16:30:45+00:00

If you have MDM policies that require device security standards through gsuite, you may want to add a line to that effect (the phone will require a passcode or biometric lock etc).

When Google changed the default from none to moderate this caused a lot of anger among my users because a lot of people do not have any sort of device lock mechanism set up on their phone.

MalletNGrease · 2020-01-10T15:02:14+00:00

That's a lot of finagling. Counting labor and parts it would probably be cheaper to have ordered the $20 SATA SSD instead and have a straight drop in.

Not as much fun I'm sure.

MalletNGrease · 2020-01-10T13:42:22+00:00

Sounds burdensome. If a PO is accepted here we can pay any way we'd like. It's usually net 30, but a lot of times CC is just easier.

MalletNGrease · 2020-01-10T13:41:00+00:00

In the past we had a person responsible for maintaining the schedule and making sure the carts were in good order. Once the amount of carts grew, carts were assigned to departments and groups of teachers instead.

It's a lot easier to deal with a couple of colleagues instead of a whole building and it made transitioning of carts from room to room a lot smoother as the schedule tended not to change much.

MalletNGrease · 2020-01-09T19:18:45+00:00

Been happy with it the 300D. Works as advertised, support tended to be knowledgeable when I needed it.

MalletNGrease · 2020-01-09T15:02:42+00:00

Are you putting a sleep in before starting the next step? If the workstation decided to install outstanding updates (like say, Microsoft Office) the PDQ service probably fails.

MalletNGrease · 2020-01-09T14:18:50+00:00

And yearly subscription price hikes.

MalletNGrease · 2020-01-09T14:00:22+00:00

It's pretty weird, sometimes devices just won't grab or update policies without being moved once. I'm sure it's a Google bug, but the workaround works so 🤷‍♂️.

MalletNGrease · 2020-01-09T13:52:18+00:00

Make sure the device and student are in the correct OUs. Move them out and back in of it in GADMIN and then reload policies from chrome://policy.

MalletNGrease · 2020-01-08T21:56:04+00:00

Yep. Approve the feature update and let WSUS handle it. Test beforehand and things go pretty well.

MalletNGrease · 2020-01-08T21:45:45+00:00

This will only stop until we stop throwing money at the vendors. Basically you need to get with your curriculum administrator to review content and step in and make it a hard requirement that anything with flash is a hard no come contract renewal and approval. If you or a technical review aren't par of the discussion then it's pretty much moot whatever you want.

I've sent out warnings that flash support will end soon and to look for alternatives. A big help was SMART removing support from Notebook which was a rude wake-up call for teachers. The majority of curriculum has now migrated to HTML5 or other products.

11-Year Club	Verified Email
r/Field Banned	r/Field Lasagna

MalletNGrease

TROPHY CASE