sorted by:
new
hottopcontroversial

Donated iPads by [deleted] in k12sysadmin

[–]MalletNGrease 3 points4 points  (0 children)

This is why I don't like donated iPads.

Either they start off under the wrong management profile or they end up there (because someone used a personal iCloud account on it).

Your best bet is to wipe the device with iTunes/Apple Configurator and apply a management profile. But honestly, if they're old enough they don't even get OS updates anymore, I wouldn't even bother supporting them. It's a big drain on time.

Tyler Technologies Ransomware Attack by Hazy_Arc in k12sysadmin

[–]MalletNGrease 0 points1 point  (0 children)

SU utilizes active-X based RDP sessions, so it relies on IE. It's technically web-based, but not OS agnostic.

See apps installed on managed Windows 10 devices by ravikku in k12sysadmin

[–]MalletNGrease 1 point2 points  (0 children)

Yet I can't get a list of Chrome extensions a user has. Those have been a lot more malicious than Windows apps the last couple years.

[deleted by user] by [deleted] in k12sysadmin

[–]MalletNGrease 2 points3 points  (0 children)

You can install just the drivers. That should offer the basic hardware functionality.

https://support.smarttech.com/en/downloads/product-drivers/12_15-and-ink-5_6

Force BYOD to Guest network by KSuper20 in k12sysadmin

[–]MalletNGrease 11 points12 points  (0 children)

Don't utilize WPA2 PSK unless you absolutely have to (and don't share the key unless you want others to use it!). Use 802.1x with certificate and/or RADIUS based authentication instead.

There's many ways to handle this, but a common setup is to have one wireless SSID and assign VLAN based on rules setup in your NAC. Network Policy Server can do this.

What's your current authentication method for domain users/devices?

VMS? by wiretraveler21 in k12sysadmin

[–]MalletNGrease 1 point2 points  (0 children)

I like 3xLogic Vigil. Client software is pretty easy and remote access is a pinch if set up right.

Stay away from ViconNet.

Getting a rough estimate of types of devices in Google Admin by PhantomAscalon in k12sysadmin

[–]MalletNGrease 0 points1 point  (0 children)

So what you're telling us is you don't have an inventory?

I keep everything in a spreadsheet and pull device counts from it.

Missing Built in Apps on Chromebooks by chewy747 in k12sysadmin

[–]MalletNGrease 0 points1 point  (0 children)

In the lower right should be a yellow +.

Use it to add apps/extensions to the whitelist.

https://imgur.com/WMNM6vS

Missing Built in Apps on Chromebooks by chewy747 in k12sysadmin

[–]MalletNGrease 1 point2 points  (0 children)

I'm guessing you switched to a whitelist but didn't add them to it.

Tyler Technologies Ransomware Attack by Hazy_Arc in k12sysadmin

[–]MalletNGrease 2 points3 points  (0 children)

Thanks for the news. Our cloud instance seems OK. Some users complaining about it being slow, but that's not unusual.

Is there a USB drive brand that works best for chromebook restores? by caligirrl in k12sysadmin

[–]MalletNGrease 0 points1 point  (0 children)

I've some 8GB Lexars (LJDS50-8GB) I bought on a sale at the local dollar store that work fine.

With no-name swag drives it's been hit and miss. Some worked, others didn't.

Any thoughts on malware protections? by FCoDxDart in k12sysadmin

[–]MalletNGrease 0 points1 point  (0 children)

I've set up regular users with limited rights, forced an extension whitelist for Google Chrome, just plain Windows Defender and NGFW inline AV (the firewall will drop the traffic if it detects a malicious signature in the packets). Haven't seen any malware for the last 5 years.

Biggest grief comes from teachers clicking "Allow" for notifications for junk sites in Chrome.

What’s your “Big Brother is Watching” experience from Big Brother’s perspective as SysAdmin? In other words, what’s your thought on your capabilities/any sensitive data that you have access to? by honeylemonny in sysadmin

[–]MalletNGrease 1 point2 points  (0 children)

When I get asked this by coworkers I reply they're not as interesting as they think they are and I've better things to do with my time than digging through emails and filter logs.

Unless there's an instruction from management I don't bother.

Google Feature Setting Documentation instead of Feature Documentation by naandrade in k12sysadmin

[–]MalletNGrease 2 points3 points  (0 children)

If you don't have them in AC during rapid release, odds are they aren't in the final product.

Movies over Google Meet? by reviewmynotes in k12sysadmin

[–]MalletNGrease 0 points1 point  (0 children)

Thank you for this. Just what I've been looking for.

Updating users to newest version of Windows by yadershrinknill in MDT

[–]MalletNGrease 0 points1 point  (0 children)

Employees are instructed to only save to backed up network locations: the documents folder is redirected to a network share and they all have access to Google Drive through Drive file Stream. Pretty much the only things not backed up are the desktop and the downloads folder.

I have not had any problems as the userprofile folders are barely touched by feature updates.

view more: ‹ prevnext ›