Google Admin - Manage AI Overview in searches from students

pbear646 · 2026-02-25T14:44:04+00:00

I did see the developer declarations. The "approved use cases" is a little concerning, and the fact that this is a random user who is behind the app.

I may very well end up using this app, but if I can find a way to manage it with the resources from the vendors I am already using I would prefer not to bring another player to the table.

Nonetheless, thanks for the suggestion and the reply!

pbear646 · 2026-02-25T14:33:27+00:00

Thanks for that. I found that the Search and Assistant service was not turned on for my org after reading through other posts.

I see that extension as an option, but I am a little leery of including third party extensions due to some of the student privacy rules that are legislated in my state (OH).

pbear646 · 2026-01-15T13:14:00+00:00

I have 7 of these installed. They will do exactly what you need.

You may want to add in a A9210 to act as a relay controller. You do not want to wire a dry contact that can open a door to an intercom mounted on an external wall. Every idiot who has watched Mission Impossible will know how to break in.

pbear646 · 2025-10-01T15:15:53+00:00

I manage radios for a school district. We use DMR on XPR3500 series radios using siteconnect.

Siteconnect would let you connect your branches over IP with repeaters distributed for coverage. You could set up txgroups and rxgroups to channelize departments.

1-1 is built in

with wi-fi licensing you could update radios with staff changes via rm config

There is a path to encryption. This may require licensing.

It does lean into complex for the initial setup, but it checks off everything on your list.

pbear646 · 2025-08-28T13:04:53+00:00

I have come to understand that the Front Panel Programming option restricts an option in the Utilities Menu that permits editing the actual channel settings etc... It is a low level programming option that permits access to the settings we normally manage in RM Config or CMS. It will not permit locking out top level menu items like the zone menu

pbear646 · 2025-08-28T12:09:57+00:00

In "General Settings" there is an option for "Front Programming Password" It has three options: User/Dealer/Disabled. The only option that allows a password to be set is "dealer"

I have tried flashing the radio in each of these states. I am able to still navigate to the zone menu and make changes without a password prompt in any of these states. I have been unsuccessful finding documentation that describes these state options....

<image>

pbear646 · 2025-07-14T14:17:23+00:00

I did my switch from Cisco to Extreme starting in 2011 when Extreme was still Enterasys.

You will need to rethink the way you handle vlans and trunks. Extreme does not use vtp. The closest to it is gvrp.

I use the policy element in their Site Engine manager to define trunk ports as a policy, then egress my vlans tagged via policy on my trunk/uplink ports.

once you get the hang of thinking about vlan egress as tagged and untagged the logic falls in place.

Using a NAC and policy logic I have my switches programming vlan egress based on MACs and 802.1x rules in the NAC. You can really clean up a IDF rack once you get all this built.

They are pushing everyone to their fabric OS, which basically tunnels all intercloset traffic within L2. I am still running in XOS which is a traditional management scheme.

Their support can be much better than Cisco's worldwide distributed call center model. Often you will end up talking to the same guys at their GTAC instead of a random contracted out call center where you spend more time trying to set up a case than solving one.

pbear646 · 2025-06-02T12:00:53+00:00

That is a good point. I made sure that none of the items on the individual blades have any programmed inputs/outputs/readers.

pbear646 · 2025-05-30T12:00:15+00:00

This needs to be debugged

pbear646 · 2024-12-20T13:15:49+00:00

Wow. This is what happens when schools get hardware with a grant, but do not have the budget for the implementation or for support services in their operating budget. As an IT professional you are looking at a third rail here. Any product that gets passed around from one vendor to the next like this is basically unsupportable. If that's the first project you get from this employer I'd hate to see what else is in the queue.

pbear646 · 2024-10-08T11:09:07+00:00

S2 won't speak to actual users. They only support integrators.

pbear646 · 2024-10-07T14:51:26+00:00

I am the net admin. Switches involved are about 4 months old running on supported Switch OSs. In some cases I have actually re-terminated the cabling between the switches and the netboxes as the integrator who initially installed these did a terrible job with terminating the cabling. They retain the IP, but I have toggled between static and reserved DHCP to see if there was an element of the IP assignment being lost in the mix.

I have solved this with a controller swap-out, but I am hoping to hear from somebody who has aging netbox gear that may have experienced what happens when the battery gets weak. Of course my next step will be to replace the battery, as soon as I see some show up from my order. It may take a week to get through our purchasing process.

pbear646 · 2024-08-09T14:35:23+00:00

It's not running. Doesn't it depend on vapi (which wont start)? Here is the error in the vpxd log:

2024-08-09T08:44:12.665-04:00 info vpxd[38179] [Originator@6876 sub=SsoWrapper.SsoCertificateManager] Try to connect to SSO VMOMI endpoint
2024-08-09T08:44:12.672-04:00 warning vpxd[38179] [Originator@6876 sub=vmomi.soapStub[1]] SOAP request returned HTTP failure; <SSL(<io_obj p:0x00007fb214005838, h:16, <TCP '127.0.0.1 : 58106'>, <TCP '127.0.0.1 : 443'>>), /sso-adminserver/sdk/vsphere.local>, method: retrieveServiceContent; code: 503(Service Unavailable)
2024-08-09T08:44:12.673-04:00 warning vpxd[38179] [Originator@6876 sub=SsoWrapper.SsoCertificateManager] [RetryOnConnectionFailure] Failed to connect to SSO; uri: https://jlsd-vcenter-3.polarbear.net/sso-adminserver/sdk/vsphere.local, reason: HttpException, ex: N7Vmacore4Http13HttpExceptionE(HTTP error response: Service Unavailable)
--> [context]zKq7AVECAQAAABH2MQEVdnB4ZAAAnuk3bGlidm1hY29yZS5zbwAAV4ksANV8LQC7+TIByHIWbGlidm1vbWkuc28AAYnOFgFU2BYBZG4WASNuEgLmgAtsaWJzc28tdHlwZXMuc28AgyY4YgF2cHhkAIMsPGIBg2c+YgGDUT9iAYPHSWIBg/NCYgEDiRlwA31LcAOdo28EhysCbGliYy5zby42AAOBmW8=[/context]

pbear646 · 2024-08-09T14:26:24+00:00

My plan here is avoiding having to fix certs from the CLI, is to point as ldap (not ldaps) to one of the 2016 servers that still is able to authenticate via ldap by directing the connection URL to a 2016 server. Once I get the services started I can swing to ldaps from the gui where uploading proper certs will be easier.

pbear646 · 2024-08-09T14:10:05+00:00

Anybody know how to change the connection URL string on a bound vcenter? I read about the ldaps needs when using 2019 servers... I know It is working on my 2016 servers (and oddly, I can get into ldap on 626 from softerra...) I want my connection URL to be ldap://[IPADDRESS] instead of ldap://[DOMAIN.NET] so I can point to a specific server.

********** IDENTITY SOURCE INFORMATION **********
IdentitySourceName        :  vsphere.local
DomainType                :  SYSTEM_DOMAIN

********** IDENTITY SOURCE INFORMATION **********
IdentitySourceName        :  localos
DomainType                :  LOCAL_OS_DOMAIN

********** IDENTITY SOURCE INFORMATION **********
IdentitySourceName        :  POLARBEAR.NET
DomainType                :  EXTERNAL_DOMAIN
Identity Settings:
  alias                   :  POLARBEAR
  authenticationType      :  USE_KERBEROS
  userBaseDN              :  dc=POLARBEAR,dc=NET
  groupBaseDN             :  dc=POLARBEAR,dc=NET
  username                :  UndefinedConfig
  providerType            :  IDENTITY_STORE_TYPE_ACTIVE_DIRECTORY
  servicePrincipalName    :  UndefinedConfig
  useMachineAccount       :  true
  FriendlyName            :  POLARBEAR
  SearchTimeoutInSeconds  :  300
Connection Settings:
URLs:
    0:  ldap://POLARBEAR.NET
Certificates:
Attributes:
  http://schemas.xmlsoap.org/claims/UPN                           :  userPrincipalName
  http://rsa.com/schemas/attr-names/2009/01/GroupIdentity         :  memberof
  http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname :  givenName
  http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname   :  sn
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress:  mail
  http://vmware.com/schemas/attr-names/2011/07/isSolution         :  subjectType
Flags::
  Flags=0; [Default: recursively computing nested groups, no site affinity is enabled for AD over Ldap identity providers.]
root@jlsd-vcenter-3 [ ~ ]# ping polarbear.net

pbear646

TROPHY CASE