-
Reddit’s r_k12sysadmin Credits: @r_channels @reddit2telegram
New ChromeOS Bypass Exploit
There's a new Chromebook exploit that will allow students to access a browser window without forced extensions through kiosk apps. For the time being, it can't be fully mitigated unless your district turns off all kiosk apps.
A partial fix can be done by adding to the "Blocked URLs" list under Kiosk settings in Google Admin. You can find it under Devices->Chrome->Settings->Device->URL Blocking (under the Kiosk setting header). Add the following to the block list-
google.com
github.com
chrome://extensions
chrome://inspect
javascript://
view-source:
and anything else (eg. Youtube.com, discord.com, etc) you want blocked while in Kiosk apps.
https://redd.it/17v85n9
@r_k12sysadmin
PSA - New Version of Jamf Self-Service released won't connect to our Jamf Instance anymore.
https://redd.it/17vd7h8
@r_k12sysadmin
Backup and Phishing protection
My district might be moving fully to Google Workspace in the new year. My district admin tasked me to look at backup and phishing solutions. I reached out to Kaseya and I liked their Spanning 360 product. It included backup, phishing, bullpish, and dark web monitoring. The pricing was about $7,000 per year. But I lost my rep and the new one is an idiot.
So I'm looking for recommendations for another vendor(s) that offer a good solution.
These are links to the products I was looking at.
https://spanning.com/
https://www.graphus.ai/
https://www.idagent.com/products/security-awareness-training/
https://redd.it/17v3hno
@r_k12sysadmin
Apple School Manager & Google Workspace
Hi, everyone. I recently enabled ASM federation with Google Workspace. It's working great, but now I am hoping to enable account syncing. The only issue is I can't see a way to enable it on specific OU in Workspace. I don't need and definitely do not want every user to sync into ASM.
I am assuming it's not possible based on the set-up, but I wanted to ask that question here.
https://redd.it/17v3mbo
@r_k12sysadmin
Greystep/ASB works Java
Anyone know how to get asb works to work with one of the open source javas out there?
We want to wipe Java off our environment to avoid the licensing issues.
https://redd.it/17v65ao
@r_k12sysadmin
New ChromeOS Bypass Exploit
There's a new Chromebook exploit that will allow students to access a browser window without forced extensions through kiosk apps. For the time being, it can't be fully mitigated unless your district turns off all kiosk apps.
A partial fix can be done by adding to the "Blocked URLs" list under Kiosk settings in Google Admin. You can find it under Devices->Chrome->Settings->Device->URL Blocking (under the Kiosk setting header). Add the following to the block list-
google.com
github.com
chrome://extensions
chrome://inspect
javascript://
view-source:
and anything else (eg. Youtube.com, discord.com, etc) you want blocked while in Kiosk apps.
https://redd.it/17v3nmf
@r_k12sysadmin
Microsoft Translate - Chromebook
Has anyone used Microsoft Translate Android app on Chromebooks? Our ENL students need support with translating various items and the tech director requested trying this.
What would be the limitations? What works and what doesn't in the Chromebook environment for Android apps?
https://redd.it/17v19md
@r_k12sysadmin
Episode 143 - We discuss "IT department responsible for non IT things" post
New episode is out - https://k12techtalkpodcast.com/e/episode-143-tickle-mark-s-fancy/
The main topic revolves around a conversation on the K12SysAdmin subreddit about IT departments being responsible for non-IT tasks:
https://www.reddit.com/r/k12sysadmin/comments/17pv37i/any\_other\_it\_department\_responsible\_for\_non\_it/
https://redd.it/17uq81k
@r_k12sysadmin
Teacher wants to make a class website
Is there a free platform that a teacher can use to make a really basic website for her class that she can upload pictures to? She pretty much just wants to share it with the parents of the students. Thanks!
https://redd.it/17u9qdw
@r_k12sysadmin
2FA for elevated credentials prompt on a Mac with AD-based accounts?
Hey all! My district is implementing Duo on the Windows side of things and are less than thrilled to find out that the app doesn't work the same way on Mac Computers. Duo only prompts for 2FA at the first sign-in and then it doesn't prompt again.
On the PC side, everytime the computer asks for elevated credentials to do something, it prompts for Duo 2FA. Does anyone know of a tool/app that could be leveraged similarly on Macs? Our Jamf rep said Jamf Connect doesn't work this way.
​
https://redd.it/17sg0px
@r_k12sysadmin
Well, at least the ways they're breaking the devices are interesting...
Ticket:
> So... A student wanted to try hatching an egg and kept it hidden and "incubated" in the classroom for a while, but it cracked and spilled on Lamar's chromebook"
Gimme your weirdest break, or your best puns about this one :) Happy Friday.
https://redd.it/17s7dxk
@r_k12sysadmin
Google sharing requests
Is there a way to restrict students' ability to request access to documents. Short backstory: student moved sites and is still requesting access to documents from teachers at his old site.
https://redd.it/17rl0zi
@r_k12sysadmin
100E 2nd Gen AST woes.
Is anyone getting these devices turning off from overheating, and the system still stuck in a process? Hot to the touch even after appearing "off". Firmware 117-118. Might have something to do with pending updates/failed updates.
What has fixed it after this: unplugging the battery for awhile and letting it cool. Unfortunately some are heated so long before they get to me that I can't get them to power on anymore probably due to prolonged heat.
​
Just want to know if anyone else is experiencing this. I have tickets open with Google and reached out to Lenovo. Thanks!
https://redd.it/17riehh
@r_k12sysadmin
Securly Issues
Has anyone else been experiencing Securly issues lately? I noticed, we cannot see any current Activity in filtering, only the day and everything prior...and it's only a few students, not the entire org. Filtering does not appear to be blocking anything either. Support hasn't been getting back to me.
https://redd.it/17rf2zp
@r_k12sysadmin
Deleting Google suspended users in bulk with criteria applied?
It doesn't seem like it's possible (I'm having Google check into it), but is there a way to delete suspended Google users in bulk where certain criteria is applied to it (e.g., delete suspended accounts where last sign in was Jan 1, 2023)? If there's a 3rd party product that can do this, I'm open to that as well.
https://redd.it/17r2zw5
@r_k12sysadmin
Google Translate as Proxy - still a thing?
A few years back we blocked Translate due to the ability to use it as a proxy to avoid content filtering. Somewhere along the way, I was asked to allow it again, and it's never been re-blocked. How are you all handling that? From what I can tell with some brief googling, it IS still a thing.
https://redd.it/17v4emw
@r_k12sysadmin
Our CS Teacher just received notice that Replit Teams for Education is being deprecated starting TOMORROW. Any alternatives? We need something that will allow students to work on Chromebooks
https://redd.it/17vdt8n
@r_k12sysadmin
Working without purpose
I have been getting more into Philosophy recently, and it sort of has me wondering what exactly my purpose is when it comes to my current career.
​
Am I here to Educate people on how to use technology better?
No, because I have been told that if we attempt to train anyone they will submit a grievance that we tried to train them.
​
So am I here to improve processes?
No, because I have identified the failed procedures and asked if we can do them in a more efficient manner, outlining how we should do them in the future, but instead I simply have to do the processes in the old manual way because there is too much red tape to improve anything.
​
So am I here to resolve issues proactively?
Not unless it can be solely repaired by IT as the moment you need to ask any other department to do their part of the job, it doesn't get done and causes unrest in that department (how dare they ask us for help).
​
So am I here to drive myself crazy? Am I here to just survive?
​
A quote that got me thinking... "A clever man looks to change the world, but a wise man looks within".
​
I am struggling with understanding how to go about IT without trying to change anything for the better. If we can't change the world, or even a process that would save everyone time and money, I can certainly look within but I don't exactly know what I need to change about myself. Do I just need to not care that we could be doing so much better but we are never going to? What would you feel if you were in my shoes?
https://redd.it/17vak3f
@r_k12sysadmin
Need guidance on audio equipment setup
I posted here in K12SA a few weeks ago about converting audio from our 3CX SIP phones to our analog PA system.
I have very little experience with audio equipment. I'm pretty good at matching up the shape of the connectors, but I'm not sure how to match up the proper output on X to input on Y.
I just snagged an old 2N SIP Audio Converter from eBay, but I'm not sure how to connect it to our PA amplifier. They don't both have any of the same jacks. Please advise.
Pic here.
https://redd.it/17v4orr
@r_k12sysadmin
Hardware virus story?
Hey all - we had a hardware issue this week that prompted an old memory about hardware viruses and I can't seem to find any references online. The story goes something like this - a PC maker (Dell, HP, etc.) started noticing issues with their laptops at the corporate office. Staff would have no issues connecting to projectors in each of the conference rooms and then they'd stop working (100% failure). The company kept replacing laptops until they realized a projector cable in one of the conference rooms was damaged and 1 pin was bent; every time a laptop was plugged into that cable, it bent the pin on their laptop. Eventually, it spread throughout a large portion of the company.
​
I mention this because I remember it being linked to research on how diseases were transmitted between a human population. I want to find it because my IT coordinator ran into a similar issue this morning with Chromebooks and I wanted to show him the original story from \~10-20 years ago. Does this ring a bell for anyone?
https://redd.it/17v5uip
@r_k12sysadmin
Letting guests present wirelessly
We have a small Meraki network, and many teachers have chromecasts and Newline Interactive panels that can be cast to wirelessly, but only from the Teachers' Wi-Fi connection. The Visitor network isn't on our LAN for obvious reasons, so they can't utilize the chromecasts or Newlines. I'm getting some feedback from teachers that there should really be a plan in place to allow guest speakers to be able to utilize the backbone of chromecasts and Newlines for their presentations. Would that require setting up separate devices on the Visitor Wi-Fi, or is there a way to share our existing architecture without allowing outside laptops on our LAN? Thanks.
https://redd.it/17v34kv
@r_k12sysadmin
Add domain
I need to purchase a new domain to make emails, but am not sure where to add it. I am going to buy the domain via godaddy. We have no on-prem ad and only use Microsoft entra and office 365. When I add the domain do I need to add it to microsoft entra or office 365? This will not be a primary domain and we will create emails using this domain. Any help is appreciated. Thank you.
https://redd.it/17uuhte
@r_k12sysadmin
Episode 143 - We discuss the "Facilities Management/IT Ticketing Platform" post
New episode is out - https://k12techtalkpodcast.com/e/episode-143-tickle-mark-s-fancy/
The main topic revolves around a conversation on the K12SysAdmin subreddit about IT departments being responsible for non-IT tasks: ttps://www.reddit.com/r/k12sysadmin/comments/17rem44/facilities\_managementit\_ticketing\_platform/
https://redd.it/17ufnop
@r_k12sysadmin
Microphone Recommendations
Hello fellow sysadmins,
Do you guys have any recommendations for a microphone to use for student events in a gym?
Essentially, I am looking for a microphone that picks up a more than average amount of ambient noise, but is still decently high quality. I would like it to be able to clearly pick up sound from 5-7 students at a time if they were standing shoulder to shoulder and it was in the center of them. Is there a good microphone that would be able to to do this, or is the only solution to get multiple microphones for them?
Any help is appreciated, I'd be the first to admit that I am not an expert at audio.
https://redd.it/17tdli0
@r_k12sysadmin
Alma Experience
Our school uses Alma and is having some trouble with some features with it. Is there anyone here who has experience using Alma and could provide us with some direction? Thanks!
https://redd.it/17s8ygj
@r_k12sysadmin
GoGuardian Alternatives
So, like many of you here, GoGuardian has decided to arbitrarily triple their price on us for renewal to meet their 2k arbitrary minimum. So we are considering the following competitors and would like to hear your positive or negative experiences with each:
* Classroom Spy
* NetSupport School
* Impero Software
* Deledado
* Lanschool
TIA!
https://redd.it/17rvzx3
@r_k12sysadmin
I was today years old when I found out about Lenovo Pro Discount program
So this is what a sales rep told me unprompted when I was quoting out a server with them for a new security SAN.
Sales Rep: "So the discount is going to be 7% off the sales price on the site"
​
Me: "Why such a bad discount"
​
Sales Rep: "Because this is your first purchase with Lenovo Pro. It's based off of how much you've spent with Lenovo. Base is around 7% depending on timing. Then if you spend 10k it's around 10-15 depending on timing for all subsequent purchases and if you spend 50k it's 30-40% off on subsequent purchases".
​
Me after cursing under by breath for 5 minutes: We've spent over six figures over the years on Lenovo products but through resellers.
​
So thought you'd all like to know. We bought chromebooks this year that we wanted to buy through Lenovo but they told us to buy through CDW-G as they had a contract with them and they had more stock for around 50k. I'm trying now to get that retroactively applied.
​
​
https://redd.it/17rl1vm
@r_k12sysadmin
Online PreACT bandwidth requirements
I am working on some capacity estimates for several of our online testing platforms, but I'm unable to locate any documentation on per-student/device bandwidth requirements for the online PreACT test. Does anyone know what they are or captured any metrics during that test?
https://redd.it/17ri6t0
@r_k12sysadmin
Facilities Management/IT Ticketing Platform
What are your districts using for its Facilities/Maintenance/IT system? We are going to be looking to get one that hopefully covers both depts. I've looked at IncidentIQ and it also has facilities reservations and an HR product which are both a nice plus. Another one I've seen some things on is FMX but I haven't done any demos.
Whatever system you are using what are the pros/cons of it? Would you recommend it?
We are currently just using freshdesk for tickets and had been using Akitabox for maintenance for \~year but they had a hard time justifying the cost for it's limited functions/customizability so it will no longer be used.
https://redd.it/17rem44
@r_k12sysadmin
Another proxy to block
https://cloudflareapps.com/apps/0VJ1mCYqPTh4/install
Add it to the pile of dead bards
https://redd.it/17r1avz
@r_k12sysadmin