17
Reddit’s r_k12sysadmin Credits: @r_channels @reddit2telegram
VMware Options to Change
Well I received some pricing for our vmware software and it went up to say the least. Now I am looking to see what we need to do. I know we could move over to hyper-v. Thoughts right now is how much of a problem is it to move functioning servers over to hyper-v what kind of headaches. Is there a better option? Looking for ideas and thoughts. I know some may say Proxmox I would like to have the option of support if needed.
Thanks in advance.
https://redd.it/1jvwwx0
@r_k12sysadmin
School Tech Policy/Budget for 100% FRPL?
I am so lost at what to do here.
Context: Tech Director. 1st year in the role. 1st time I have this position anywhere. United States, Minnesota. Urban school. Almost 800 students, 175 staff. 95-100% FRPL. One man department.
I'm told I "don't need to worry about the budget," but when SeeSaw and BrainPop stop working cuz we didn't pay our bill, I'm the one people are calling up.
I want a working budget, to plan for next year, but I'm told that's not realistic. "It's a living number at all times."
The school leader is flabbergasted that I spent $15k on Chromebook repairs in the first 6 months to get almost to 200 devices back on their feet, otherwise I would have 0% buffer. All the warranties are expired, we don't have any ADP, don't have hard shell/soft shell cases, and my admin tells me they don't think asking families for a $10 "Chromebook Fee" at the beginning of the year is going to go over well.
And mind you, this is in a CART based environment. The only thing I have happening are either $5-20 dollar accident repairs, or complete destruction of the device. 80% of the fleet was purchased in 2021 or before.
My supervisor is asking me why I don't have any extra headphones for testing season, when I documented that almost 300 have been destroyed out of the 775 student population, but if we put headphones on the back to school supply list that "would really inconvenience our families."
ALL of the staff and teacher's laptops have been EOL since 2021 or later, and now that most of them are stuck at Windows 10, and I want to upgrade to Chromebooks, but because of this tsunami of an upfront cost to migrate from M365 to GwfE, they're asking if we can just pay the "small cost" to Microsoft to "keep the Windows 10 devices on their feet a little longer," and do a slow rollout over the course of the next three years.
I understand, money is tight for a lot of people and for a lot of schools and for a lot of IT Departments right now. I get it. It just sucks. I look around and I see how everyone complains how we have all the "crappy" technology compared to their friends' school, and I'm trying to fix that. But how do I convince leadership that we can't keep footing 100% of the bill? Cuz if we do, we are never going to get out of this rut.
Am I being obtuse? Am I blinded by my privilege in this?
If you work in a high poverty district, please tell me how you do things. Do you just take the right precautions in order to foot the bill? (ADP, Extended Warranties?) Do you budget for 100% replacement/destruction with no over-sight back to the student/families? How are you calculating that?
https://redd.it/1jvvq8r
@r_k12sysadmin
Is there a way to force mirroring when connecting a CB to an external display?
I have been struggling with this one for a bit. The kids in my school need to connect their chromebooks to an external display (a promethean board) once a quarter for "demo day" where they show off their work.
I block chrome://settings
However, when they connect, the default behavior is that the external display is treated an an additional display which is difficult for 2 reasons: 1) it appears super tiny on the promethean, and there is no easy way to change the resolution, and 2) it is difficult for the younger kids to control their CB on a giant remote monitor. Far better for them to be able to look at their CB normally. If that make sense.
Is there a way to force the chromebooks to treat external monitors as mirrors of their CB?
https://redd.it/1jviwlj
@r_k12sysadmin
Avigilon
Any Avigilon pros around? I'm stuck with a problem. I have some cameras at a place that lag big time when I export the video. It makes people look like they're teleporting or have tails trailing behind them. It doesn't happen when I watch live, only when exporting. I've checked the camera settings for anything too high and searched for logs. Not sure what to do now. They're not on Avigilon cloud.
https://redd.it/1jvegtk
@r_k12sysadmin
Raspberry Pi - imager local admin rights
Hi,
History many many years ago we went no local administrator access to anyone in IT. We deploy software to our Windows environment centrally. Raspberry Pi - imager for windows requires local admin rights. I am wondering if any one has any solutions or maybe even different ways your SD allows the RaspBerry Pi to function in the network without local admin rights. (When it comes to Imaging the SD card) I have solved once the RaspBerry Pi is online what we are going to do. (Vlan segmentation and East/West Segmentation)
Allen
https://redd.it/1jvcd2s
@r_k12sysadmin
HTTPS sites not loading on student Chromebooks
This isn't an issue with Securly filter, Meraki, or Umbrella. Student devices can't load www.weareteachers.com without getting a security error in Chrome. Teacher and admin devices can load it just fine. Anyone else encounter sites like this? How did you fix it? Thanks.
https://redd.it/1jv8u8y
@r_k12sysadmin
"Missing" files after migration to M365 - How to communicate?
Sorry this is a long one. Thank you for your thoughts:
Our school is 90% Mac for almost all of the education staff, but we have a group of people in HR, Finance, and Audiology (plus some others) who require PCs for certain programs. For many, many years, we used an on-site Active Directory server with file sharing etc. We just made the move to Microsoft 365, and no one reports any missing files...except for two users.
The staff on the AD server had folder redirection (sorry if I'm not using the exact lingo) so that their home folder--we called it the P drive--was on the server. This included the documents folder, as well as, I believe, the desktop. I also think this was set up to keep a local copy on the C drive of the machine.
We had three different sessions for cut-over and migration. First was to take the BIG file shares from the on-prem server, copy them into SharePoint, and give users access through One-drive. This went fine. Next, they copied the contents of everyone's home folder (P drive) from the server and moved it into the respective user's OneDrive. We ensured that everyone was logged out and no files or folders were being accessed during this. Finally, the workstations were migrated into Microsoft Intune, out of our AD.
2 users are reporting files missing. These files seem to be from one folder, and it's all their most recent work from the beginning of the 24-25 school year. It's odd, because these folders have a cross-section of work from September through the present. It's not like every file before/after a certain date is gone. It's also odd because the migration process never included deleting anything. it was just copying directories to new places. We checked their OneDrive folders, we checked the now disconnected P drive on our on-site server, and we checked the user folder on the C drive on the laptops themselves. Each place as an exact copy of the directory, and they all match.
So, you're probably thinking what I'm thinking. This is 100% the users not understanding where they may have tried to saved their files. The evidence does not point to a failed migration or anything like that. The users however insist they accessed files the day before the migration, and now those files are missing.
Obviously, I can't just tell the users they are wrong and to leave me alone. I'm sure we all know someone who lost months or years worth of work. It's one of the worst feelings I experience in IT. I can't fix a problem, and one of the staff that I'm responsible for is extremely upset and has a lot of work to do to get back right again. Migrating to M365 cloud with OneDrive etc should actually mitigate a lot of these issues moving forward, but of course these staff are going to associate it with losing files. The evidence suggests they are either looking in the wrong place, or they didn't save the documents they thought they did. However, again, I can't just say that as a response. We're going to dig a little deeper but eventually I'm just going to have to say, "It's gone, I have no idea why, and I can't get it back." Any tips on communicating that? Honestly it would be easier if the laptop was thrown off a bridge or burned in a fire.
https://redd.it/1jujo1k
@r_k12sysadmin
We turned VPN off months ago, now HVAC wants to know why they can't access the VPN.
Closer the biggening of this year a Specilaist from Department of Public Instruction told us about a large amount of suspicious activities targeting our school. They collected data on our staff and attempted to gain access to our VPN. There were upwords to 65,000 login failures attempts from just two days.
We temporarily disabled the VPN and they gave us a 2FA option that would cost $70 a year. That is no problem, but tbh I haven't had a need for it since I started here last Oct. I also wanted to crack down on who was setup to access it since it seems past IT did not offbaord VPN access (from what I've seen since I had to update them on who should have access). Even if I did turn it back on, I would think I'd only want myself to have access. (I'm the only IT)
I get an email today from a HVAC tech saying they can't access our VPN to make changes to our HVAC system. What really gets me is that the gentleman shared in clear text his user and password for both VPN and the HVAC. Looking at this I realized he had the same credentials for the HVAC as myself (I need to change that now..). I am assuming he provided me the info he was given, and it gives the exact IP to access and install the VPN and all credentials in clear text.
I am thinking I am going to just need to make it a policy that they have to come in person. I know that might upset them, but I find this situation bizare.
I feel like it is a security risk to share credentails to an outside source like this. Am I wrong? Maybe the application engineer at the HVAC company is used to having this access at other sites??
I'd rather have a HVAC system that could be accessed without vpn access?
https://redd.it/1julo2z
@r_k12sysadmin
Adding online files directly to Google Drive
I am surprised that chrome has no way to do this.
One of my teachers has asked that I open up file manager (I am blocking file://) so that her students can download PDFs and other files, for the express purpose of uploading them to google drive.
My first thought is... what? Why not just add them directly to drive from whatever webpage they are on, but when I tried to do it myself discovered that this isn't a thing.
How do you handle this situation? Is there a method of adding files directly to drive that you favor, or do you just unblock file:// ?
https://redd.it/1juiosc
@r_k12sysadmin
NYS CBT Testing Down?
We are getting lots of errors on the Nextera Secure Browser, Our local RIC's status page is showing All Good. Anyone else testing today and experiencing issues? Various issues, but at the login screen lots of "Something went wrong, try again"
https://redd.it/1jucl92
@r_k12sysadmin
Episode 208 - Live from CoSN 2025!
https://k12techtalkpodcast.com/e/episode-208-live-from-cosn-2025/ and all major podcast platforms
We travel to the Emerald City this week to hang out with the great folks at CoSN! This podcast episode, recorded live at the CoSN conference in Seattle, offers interviews with participants, organizers, and presenters. Topics centered around the human aspect of AI, cybersecurity, and some amazing innovations from school districts around the county!
https://redd.it/1jtv4d4
@r_k12sysadmin
Cafetorium Setup
Hello peeps,
We are rethinking our audiovisual setup for the cafeteria, which doubles as our midsize auditorium.
The current setup is a good size projection area (from a laser projector) centered on a stage that takes the mid section of a long wall. This leaves the guests who sit on the sides, especially those closer to the front, at a funny angle to really see whatever is being presented.
We want to improve the experience, so I am wondering what kinds of setups you have, or you would look into if you were in our situation. My first tendency is to get a couple of flat panels from classrooms when needed, but I think we want something more permanent.
So, big TVs, more projectors, LED walls ,... How do you guys deal with you auditorium needs?
Thanks in advance
https://redd.it/1jtqodw
@r_k12sysadmin
Respondus - Using Read&Write Screen Reader - Screen Greys Out
Is anyone else using Respondus LockDown browser? We're having trouble using Read&Write on PC with it – it is supposed to let us use the screen reader. When we select the screenshot reader tool, we get a grey screen and can't select any actual content on nor see the exam. Has anyone else experienced this? Did you find a workaround? I've tried this on a few machines, so I'm thinking it's a config side thing we're missing.
https://redd.it/1jscor9
@r_k12sysadmin
Cheap Android or Chromebox for interactive whiteboard / projector?
Has anyone experimented with building a cheap general purpose Android or Chromebox for use with interactive whiteboards and projectors, that allows people to use the display without an external laptop or tablet?
Our budget is very tight, so I am looking for something that can vaguely compare with the built-in Android options of the $3000+ interactive displays but work with a basic 1080p projector and a 15 year old SmartBoard SB680.
Apparently it is possible to run Android on a Raspberry Pi 4 or 5, which may work for this purpose, permanently plugged into HDMI and a USB port on the touchscreen.
Though this may not work if the projector, display, or interactive touch device doesn't have support for multiple separate USB touch interface connections. I don't know if it's possible for a Raspberry Pi to serve as a USB passthrough touch interface, for an external device such as a laptop.
https://redd.it/1jrijww
@r_k12sysadmin
Well, this is a first with a student Chromebook
I've never come across this issue before and would love some feedback. We have a few students where certain google searches will automatically trigger the results page to open the first result. Someone noticed it when a student searched for "Michelle Obama" it seemed to bring up the go guardian restriction page. Upon investigating, I noticed that Michelle Obama's instagram is the top result for that search. (We have social media blocked).
Other searches are fine with no issue. I have cleared cache/cookies and history. I have reset Chrome and also wiped the device and re enrolled the student and I am still coming across the issue. Has anyone experienced this issue before?
EDIT: I have realized that this is ONLY happening when the top result is a webpage blocked by Go Guardian. very strange.
https://redd.it/1jrfroz
@r_k12sysadmin
If you handle student devices, wash your hands
https://redd.it/1jvxrgp
@r_k12sysadmin
Updating Adobe acrobat
I used to just push out the msi contained in the exe but now that pushes out version 15. I’ve tried a bunch of sites on how to deploy, I tried pdq deploy but it’s not working right, we are too big and the computers are on/off all the time plus connect through a slow over used WiFi. I have sccm and can push adobe out through that but how do you guys keep Adobe updated so you don’t have to manually do it every couple of weeks? I have 15,000 end devices I need to keep updated. Apparently it’s top priority Adobe acrobat reader stays updated.
https://redd.it/1jvkpla
@r_k12sysadmin
Workspace User unable to join external Google Group?
Hi there,
We use Google Workspace (plus), and I have a user getting an error trying to accept an invitation from an external user account. The Groups For Business service is on for their OU, I don't see any other settings that would affect this capability. Posting a screenshot of the error they get when they click the Accept Invite button from their email below. I have a ticket in with Google support but who knows when they'll respond.
screenshot of error
https://redd.it/1jviha5
@r_k12sysadmin
Single user Chromebooks
We're experiencing significant challenges in a few of our middle schools with students misusing Chromebooks: using proxy sites, logging into each other's accounts, swapping devices, embedding files, and similar issues. We're in the process of implementing several solutions to address these concerns. However, I'd appreciate your insight on one specific point:
Is there an effective method to enforce a true 1:1 Chromebook-student assignment without placing every student into an individual OU? I understand that loaner devices and carts would naturally belong to separate OUs, but I'm specifically referring to the general student population within a building.
Thanks in advance for your advice and suggestions!
https://redd.it/1jve7zs
@r_k12sysadmin
Intercom system with secure access
We are building a new school and want to put in an intercom system for calling directly into the main office. This system needs to be secured in some way, as we cannot fully rely on our students not accessing it. Sigh.
Anyway, we are looking for this system, and I'm very green on options that are out there. Ideally this would be a quick calling panel from the classroom that will ring the secretary hunt group. Wall recessed is best for us, and obviously we're looking at an SIP solution to integrate into our phone system.
Has anyone done anything like this? Do you have any other recommendations in mind?
Thank you for your time.
https://redd.it/1jv7czt
@r_k12sysadmin
Experiencing Imposter Syndrome / Advice?
Can you give me a little advice on how to combat Imposter Syndrome? This is my first position in IT out of college, I have 10 years working experience otherwise in Telecoms sales, and Management, as well as customer service. I have a home lab, a B.S., and by all accounts the school is very pleased with my work.
I don't feel like a sysadmin. I am still learning AD and GPO, and still learning powershell and implementing things as I go. I feel like a T1/2 tech and an IT Manager bundled in one.
How do I stop feeling like a fraud? Lol
https://redd.it/1jv7idh
@r_k12sysadmin
Another Fun ChromeOS 134 Discovery (Downloading Extensions)
If your Download Restriction settings are set to "block malicious downloads and dangerous file types", Chrome starting in Version 134 will block any Chrome extension as a dangerous file type. Rolling back the OS or lowering to only "block malicious downloads" both solve the issue.
I have reached out to support and after about 6 weeks of back-and-forth they finally were able to recreate on their end. Haven't heard a peep since.
https://redd.it/1junas2
@r_k12sysadmin
Special Episode: PowerSchool CISO, Mishka McCowan
https://k12techtalkpodcast.com/e/surviving-a-cyber-nightmare-inside-powerschools-response-strategy/ and all major podcast platforms
Join Josh, Chris, and Mark as they host an exclusive interview with Mishka, the Chief Information Security Officer (CISO) of PowerSchool, following a significant cyber incident that changed the landscape of K-12 cyber-security. Discover the human side of crisis management, starting with Mishka’s initial reaction to the attack and learn about the rapid response to contain the damage.
The discussion delves into PowerSchool's decision to be transparent with affected districts and hear practical advice on vendor assessments and the importance of internal security measures to minimize future threats. Reflecting on the lessons learned, Mishka discusses the steps PowerSchool has taken to bolster its security infrastructure and maintain an open communication channel with its clients.
https://redd.it/1jujgpv
@r_k12sysadmin
Google Meet Room Streaming
We are moving forward with adding a Logitech Tap + Google Compute device to an existing Rally Plus deployment. What I'm trying to figure out is how do we allow live stream to youtube for a meeting started with a room appliance?
https://redd.it/1jugeko
@r_k12sysadmin
Security Watch - 4/4/25
On K12TechPro, we've launched a weekly cyber threat intelligence and vulnerability newsletter with NTP and K12TechPro. We'll post the "public" news to k12sysadmin from each newsletter. For the full "k12 techs only" portion (no middle schoolers, bad guys, vendors, etc. allowed), log into k12techpro.com and visit the Cybersecurity Hub.
VMware Licensing Shake-Up
Broadcom is making sweeping changes to VMware’s licensing model starting April 10th. The
minimum core requirement per CPU jumps from 16 to 72 cores, dramatically increasing costs for
servers with fewer cores. On top of that, delayed license renewals will incur a steep 20% penalty.
These updates are expected to hit small and mid-sized businesses hardest, and could drive a shift
toward alternative virtualization platforms.
New High-Severity Vulnerability in VMware Tools
A newly discovered vulnerability in VMware Tools for Windows (CVE-2025-22230) allows low privileged users in a guest VM to perform high-privilege operations. With a CVSS score of 7.8, and
no workarounds available, this vulnerability highlights ongoing security issues, as VMware
continues to address multiple zero-days and critical flaws. Immediate patching is strongly advised.
Massive Oracle Data Breach Raises Eyebrows
Oracle may be in the midst of one of the largest breaches of 2025, with a hacker—alias
“rose87168”—claiming to have exfiltrated credentials and sensitive data for around 6 million users.
Oracle denies the breach, but publicly available evidence and rising backlash tell another story. If
you use Oracle services, rotating credentials now is a smart move.
Chrome Zero-Day Exploited in the Wild
Google confirmed a Chrome zero-day vulnerability (CVE-2025-2783) being exploited by a group
called ForumTroll. The exploit uses Chrome’s Mojo IPC component to escape the browser sandbox
and execute remote code. So far, it’s been used in targeted attacks against Russian users via
phishing emails. Users are urged to update Chrome and reinforce security training immediately.
Stay informed, stay patched, and stay ahead of the threats.
https://redd.it/1jtxbsl
@r_k12sysadmin
Will the Lenovo 14e Chromebook 8GB N200 cut it for teachers?
I am about to make the final decision to order 30+ of these machines. I have a demo right in front of me, and I am impressed by the build quality.
I am a bit torn on the N200. The device seems to be holding up alright. I tried pushing limits, by opening a ton of tabs like Gsuit apps and youtube. I know it isnt a very powerful processocer, but most teachers dont need anything crazy. The art teachers won't be moved to Chromebook anyways.
We do have an option to add i3 to these machines, but that will add about $50 more per unit from my understanding. So $1600+ more to the order.
Any thoughts?
https://redd.it/1jtstoe
@r_k12sysadmin
Old Chromebooks - An Immediate Update Is Required
First off, I just work here, and I've been tasked with managing this embarrassing mess, and I have no authority to refresh our fleet.
We have grades 1-2 running on 2017-manufactured Dell Chromebook 11's, maxed out at v93. I've been screaming from the rooftops for a few years now that we MUST refresh our hardware, but again, I just work here.
Now, these devices are all popping up with "An immediate update is require" messages. We're unable to "update" via the device's GUI, and it requires us to flash the device with a USB recovery key one by one. After "updating" these devices, they remain on v93. Now, after flashing hundreds of devices manually a few weeks ago, it's starting to occur again.
I've taken steps in the appropriate device OU's in GAC to disallow auto-updates as well as extended auto-updates for these devices. From what I've found online, it may not matter and Google may force "immediate updates are required" simply because of how old the version of ChromeOS is. Google's support chat has been less than helpful, and unable to provide us with any guidance or reasoning as to why this now keeps happening.
Has any one else here faced a similar issue? Any ideas on how to get the bleeding to stop?
https://redd.it/1jtowb6
@r_k12sysadmin
Google Workspace Term Process
We currently do not any have a real process in place for when Teachers/Staff leave and I'm trying to put one together.
I was curious what process everyone else uses. What do you do with their email and drive files and stuff? Any tips and tricks or handy GAM commands?
TIA
https://redd.it/1jrheqa
@r_k12sysadmin
Generative AI in Google search results is triggering Securly filtering. Anyway to disable it in the admin console?
It seems something has changed in the new 134 chrome update and now Google's generative Ai is throwing up block pages for simple searches. For instance: if a student searches "what are houses in the water on stilts called" I get a block page because gemini seems to be querying quora which is blocked by category. This doesn't happen on older chrome/chromebook versions.
I'm going to call Securly today, but is there any way around this through the admin console? Pretty insane to me that an "experimental" feature is turned on for everyone in an enterprise setting without a way to switch it off in mass.
https://redd.it/1jrfaoo
@r_k12sysadmin
Jesus take the wheel!
Just had to work with tech support for software for a digital sign. the company told me "you know, we don't support windows 11".
"so what DO you support?"
"Windows 7,8, and 10"
"you do realize 7 and 8 are long expired and 10 is about to expire?"
"yeah, we recommend you don't have your computer on the internet"
SMH
finally I had to give him remote access to control my computer. His name is Jesus. So I got this message
"Jesus would like to control your screen"
I had to fight not to yell "Jesus... take the wheel!"
https://redd.it/1jrepf5
@r_k12sysadmin
