Our school's IT is dumb. I need help!

[Uzume]

I feel sorry for any poor bastard IT person who has to work at a school. Hope you guys get lots of holidays or something.

[Ryois]

Just now, zzrhardy said:

I feel sorry for any poor bastard IT person who has to work at a school. Hope you guys get lots of holidays or something.

https://gyazo.com/195ae064d93f3078d53aeab2999770b6

https://gyazo.com/7e154a354e27e3e6d1535b05201ae21e

[chiller15]

24 minutes ago, Ryois said:

I can't email a .eud domain or a .gov domain. Sure I get if students can't email a gmail.com, yahoo.com, or a public email. Plus there's the bathroom...

I've personally seen cases in the past where pupils from one school could email pupils from another 'rival' school and were arranging fights between them.

 

We don't let our students email other educational governmental domains either. There is simply no requirement to do so. The amount of pupils that may actually require this sort of access is extremely minute and not worth opening up that can of worms, as they can do this via other means, whether outside of school or a member of staff.

 

20 minutes ago, Ryois said:

About the passwords...

https://gyazo.com/78fde5c141b6e089c295bdb3f772ec06

this was in the Azure Portal. Which I can access via a student account

Whilst there won't be much you can do in the Azure Portal (certainly not being able to change any settings, as that requires admin access), you probably should be actively looking for loopholes to exploit. If you find them and tell the IT admins about it...fine...but to exploit...you'll only get your account restricted/blocked and/or get yourself into trouble.

 

Only this morning have I been instructed to block a student's computer access because they were trying to bypass our monitoring/restriction mechanisms.

[bcguru9384]

32 minutes ago, Ryois said:

I was born in May. I am one of the youngest in my grade. At least I'm not those students that are 3 years older than everyone else. 

i had to start a year late cause bday to turn 5 by was sep 1

i was born sep 3

and had another kid in my school(k-12 had 1100 kids total) had same bday and year

school would not make exemption for 2 days over so ended being near the oldest in class

baseball teammate grade above was like you though getting stuck being youngest

point is schools are stubborn to change

[bcguru9384]

14 minutes ago, chiller15 said:

I've personally seen cases in the past where pupils from one school could email pupils from another 'rival' school and were arranging fights between them.

 

We don't let our students email other educational governmental domains either. There is simply no requirement to do so. The amount of pupils that may actually require this sort of access is extremely minute and not worth opening up that can of worms, as they can do this via other means, whether outside of school or a member of staff.

 

Whilst there won't be much you can do in the Azure Portal (certainly not being able to change any settings, as that requires admin access), you probably should be actively looking for loopholes to exploit. If you find them and tell the IT admins about it...fine...but to exploit...you'll only get your account restricted/blocked and/or get yourself into trouble.

 

Only this morning have I been instructed to block a student's computer access because they were trying to bypass our monitoring/restriction mechanisms.

people do forget or are just oblivious to what the IT department can see

 

[leadeater]

On 10/31/2017 at 1:14 PM, Ryois said:

So at our school, the IT is clueless about what our teachers and students need/want out of our technology.

• First of all, we cannot change our password https://gyazo.com/e113ef17fdf965644b8fabaf16fd2199. Our passwords are six digit numeric only passwords.
• Secondly, students cannot email and we cannot receive emails outside our domain. Example my@gmail.com to myschool@assigned.email
  • other teachers that are not our teachers
  • other students
  • outside our domain
• Third, our website is absolute trash. It's not mobile friendly, it takes many clicks and going back to view a simple page.

 I need help on trying to communicate these problems with them. Should I try to talk in person with them or send them an email assuming I can email them or what? Other students are frustrated with these problems.

 

I have also worked for an IT support company that exclusively serviced the education sector. I've seen and carried out work in many different schools so got to see many different network setups (many bad) and governance policies put in place by schools.

 

For the first point having experienced supporting schools that do and do not allow students to change their passwords I would always recommend that students are not able to change their password. Problems with passwords wastes a lot of time and hurts all parties, it hurts the IT company since less work can be carried out, it hurts the student as it takes time to correct the issue, it can disrupt the teachers lesson plan which hurts the entire class.

 

Here in my country we have two major competing Student Management System (SMS) software companies and as part of these they are able to generate passwords for each student account, a teacher can also change the password in the SMS which will then flow through to Active Directory. You can see any staff member and get your password reset this way.

 

Poor password security is absolutely an issue you should raise this.

 

For the second point that is much more restrictive email policies than I have seen or had to configure, I can see why they want it like that but it's not something I would put forward to a client to implement. Without getting in to too much detail that is very sensitive and I'm not allowed to give details on either I have been involved with multiple cases of misconduct by staff, teachers and students. Most of this involvement is around collecting and providing evidence to police and the teachers council, more than once I've given or seen evidence given that has gotten a teacher's teaching registration revoked. This is the worst side of the job but in light of these types of things you can see why schools may decide to put in place some rather restrictive policies.

 

The third point can vary a bit on what I'd say about this. Does this website get used for delivering teaching material to students? A Learning Management System. Or is this just the main school website used to present the school to the public?

 

If it's the first example and there are issues that effect your learning then raise these issues and make sure you put forward how it is effecting your learning. If it's the second example then while not ideal the impact to you is more minimal, still something worth mentioning but I wouldn't say it's a huge issue.

 

I will say putting together a professional website properly from start to finish isn't a simple and quick task. It's not a case of just using a wordpress website and a good template, that's not actually where the majority of the time and money is spent. The last time I convinced a school to get their website updated the going rate being charged to schools was around $5000-$15000 depending on the number of pages and customization required. This includes all gathering of required material, content to put on the website (text, images, categories etc) and training the required staff on how to use the CMS to update the site themselves.

 

Probably the best way to present your requests to the school is in writing delivered in person where you have a meeting to present and discuss your points.

 

Remember you are at school to learn, the IT resources provided are to be used for educational purposes and that is all the school is funded for if that even covers it. Things you might want to be able to do may not actually be necessary so I would think about why you want something before you ask for it, make sure you actually need it.

[leadeater]

On 11/1/2017 at 11:33 PM, zzrhardy said:

I feel sorry for any poor bastard IT person who has to work at a school. Hope you guys get lots of holidays or something.

 

On 11/1/2017 at 11:35 PM, Ryois said:

https://gyazo.com/7e154a354e27e3e6d1535b05201ae21e

A lot of the big work gets done when staff and students are not at school, often those days are the busiest times for IT staff.

[Ryois]

7 hours ago, leadeater said:

 

I have also worked for an IT support company that exclusively serviced the education sector. I've seen and carried out work in many different schools so got to see many different network setups (many bad) and governance policies put in place by schools.

 

For the first point having experienced supporting schools that do and do not allow students to change their passwords I would always recommend that students are not able to change their password. Problems with passwords wastes a lot of time and hurts all parties, it hurts the IT company since less work can be carried out, it hurts the student as it takes time to correct the issue, it can disrupt the teachers lesson plan which hurts the entire class.

 

Here in my country we have two major competing Student Management System (SMS) software companies and as part of these they are able to generate passwords for each student account, a teacher can also change the password in the SMS which will then flow through to Active Directory. You can see any staff member and get your password reset this way.

 

Poor password security is absolutely an issue you should raise this.

 

For the second point that is much more restrictive email policies than I have seen or had to configure, I can see why they want it like that but it's not something I would put forward to a client to implement. Without getting in to too much detail that is very sensitive and I'm not allowed to give details on either I have been involved with multiple cases of misconduct by staff, teachers and students. Most of this involvement is around collecting and providing evidence to police and the teachers council, more than once I've given or seen evidence given that has gotten a teacher's teaching registration revoked. This is the worst side of the job but in light of these types of things you can see why schools may decide to put in place some rather restrictive policies.

 

The third point can vary a bit on what I'd say about this. Does this website get used for delivering teaching material to students? A Learning Management System. Or is this just the main school website used to present the school to the public?

 

If it's the first example and there are issues that effect your learning then raise these issues and make sure you put forward how it is effecting your learning. If it's the second example then while not ideal the impact to you is more minimal, still something worth mentioning but I wouldn't say it's a huge issue.

 

I will say putting together a professional website properly from start to finish isn't a simple and quick task. It's not a case of just using a wordpress website and a good template, that's not actually where the majority of the time and money is spent. The last time I convinced a school to get their website updated the going rate being charged to schools was around $5000-$15000 depending on the number of pages and customization required. This includes all gathering of required material, content to put on the website (text, images, categories etc) and training the required staff on how to use the CMS to update the site themselves.

 

Probably the best way to present your requests to the school is in writing delivered in person where you have a meeting to present and discuss your points.

 

Remember you are at school to learn, the IT resources provided are to be used for educational purposes and that is all the school is funded for if that even covers it. Things you might want to be able to do may not actually be necessary so I would think about why you want something before you ask for it, make sure you actually need it.

Point A: If we can't change passwords another county can why isn't it a random or harder to crack password? 

Point B: Yeah I get that I can't email other students another county can but why can't we email other teachers? I need to be able to email teachers about clubs and organizations.

Point C: It's mainly to have a county website to welcome new people to the county and it's the homepage of all of the PCs and laptops. I wish they would have the homepage set to like a different page or our office365 homepage. We use Chrome education so it wouldn't be hard to change the homepage. Our school's website is trash... see attached photo. http://www.<ourschoolhere>.net/?DivisionID=12691&DepartmentID=13082 

[leadeater]

50 minutes ago, Ryois said:

Point A: If we can't change passwords another county can why isn't it a random or harder to crack password? 

I did say to bring that up with the school, it should be a better password. I'm just saying from my experience it's much easier to support a school when students cannot set their own passwords and there is far less problems like 'I've forgotten my password', if it's in the SMS which the teacher already has open they can just pull up the student record and issue them their password again without needing to get anyone from IT involved.

 

55 minutes ago, Ryois said:

Point B: Yeah I get that I can't email other students another county can but why can't we email other teachers? I need to be able to email teachers about clubs and organizations.

No idea, include that in your list of issues and explain how it impacts you and other students. Generally I have mostly seen issues raised by students that have been able to show how it impacts their learning/education get resolved. Something might seem pointless and needlessly restrictive but unless it's actually having a negative impact and can show it there is little incentive to address it.

[2FA]

As someone who works in IT at a K-12 school, everything you complained about except maybe one doesn't impact a thing in regards to your education.

 

1. Passwords: I highly doubt you have data saved on your student storage share that would be compromising if someone broke in. The software you mentioned doesn't compromise anything either. Student accounts don't have very many permissions anyways. (Someone mentioned staff being able to access accounts, IT can just manually reset the password anyway and set it to whatever they want, that counter argument was entirely moot)

2. Password resets: You shouldn't be needing to reset your password for reasons above. If another student abuses your account, they get all computer privileges taken away.

3. Profile customization: Not worth setting up for a high account turn over organization such as schools, especially since I'm not even sure you can sync customization across a network.

4. Email: You shouldn't be emailing outside the school domain, but the teacher limitation is bogus in my opinion.

[Ryois]

7 minutes ago, DeadEyePsycho said:

As someone who works in IT at a K-12 school, everything you complained about except maybe one doesn't impact a thing in regards to your education.

 

1. Passwords: I highly doubt you have data saved on your student storage share that would be compromising if someone broke in. The software you mentioned doesn't compromise anything either. Student accounts don't have very many permissions anyways. (Someone mentioned staff being able to access accounts, IT can just manually reset the password anyway and set it to whatever they want, that counter argument was entirely moot)

2. Password resets: You shouldn't be needing to reset your password for reasons above. If another student abuses your account, they get all computer privileges taken away.

3. Profile customization: Not worth setting up for a high account turn over organization such as schools, especially since I'm not even sure you can sync customization across a network.

4. Email: You shouldn't be emailing outside the school domain, but the teacher limitation is bogus in my opinion.

I can't even pin Chrome to the taskbar, now that's stupid. Want to set Office 365 as a startup page? Nope, you gotta pin it so its tiny on a tiny screen. On Point 1 I rarely store stuff on my school OneDrive I try to use my personal google drive; it's safer, it doesn't lose my essays, I control who sees it, and more. 

Edited November 2, 2017 by Ryois
alt-tab and enter whoops

[BuckGup]

If it's under a domain like that you can use telnet to spoof an email from the principal and send it to every student

[Ryois]

5 minutes ago, BuckGup said:

If it's under a domain like that you can use telnet to spoof an email from the principal and send it to every student

It is under a domain; jcboe.local and another private domain

although it would be hard because of validation and such.

[DarkSwordsman]

You obviously know more about this issue than your IT department. What I would do is write down a list of issues and propose changes that make sense and offer to help fix them if you have the skills to fix them. If not, at least they will know the issue and maybe consider changing it.

 

I also suggest at least getting the signatures of people that prove it's an issue. Even better would be to propose a meeting with all of them. I know the way that it works at my University is that if there's a network issue, multiple people need to report it besides one for them to do more than send a field agent out to record your issue and do basic methods.

[Ryois]

7 minutes ago, The Dark Swordsman said:

You obviously know more about this issue than your IT department. What I would do is write down a list of issues and propose changes that make sense and offer to help fix them if you have the skills to fix them. If not, at least they will know the issue and maybe consider changing it.

 

I also suggest at least getting the signatures of people that prove it's an issue. Even better would be to propose a meeting with all of them. I know the way that it works at my University is that if there's a network issue, multiple people need to report it besides one for them to do more than send a field agent out to record your issue and do basic methods.

When a tech comes over to fix a teachers problem they use a scripted workflow and they don't do the senseble way or even thr correct way. We have other people who raised an eyebrow when I told them how unsecure their password is and how easy it was to crack it. 

[DarkSwordsman]

10 minutes ago, Ryois said:

When a tech comes over to fix a teachers problem they use a scripted workflow and they don't do the senseble way or even thr correct way. We have other people who raised an eyebrow when I told them how unsecure their password is and how easy it was to crack it. 

I mean, to be fair, many schools that have these systems just want them to work whether or not they are effective. I don't blame them for just leaving a system that works, but the issue is that it's not effective. They are not willing to change, and as a result, the school reduces its quality. 

I'm assuming you're going to High School, right? I will tell you that when you get to college, nothing really changes, however, Universities are usually more prone to change from an audience than High Schools are.

[Ryois]

Just now, The Dark Swordsman said:

I mean, to be fair, many schools that have these systems just want them to work whether or not they are effective. They are not willing to change, and as a result, the school reduces its quality. 

I'm assuming you're going to High School, right? I will tell you that when you get to college, nothing really changes, however, Universities are usually more prone to change from an audience than High Schools are.

Our tech department makes dumb decisions, a sata3 m.2 ssd in laptops?! Epson 99+wh for each classroom with a core i5 and a nvidia coprocessor? Storage and edge servers at 11 schools? Although I love our 120/120 internet speeds. One thing that will never probably be changed, allowing students to bring in personal iPads and laptops.

[DarkSwordsman]

3 minutes ago, Ryois said:

Our tech department makes dumb decisions, a sata3 m.2 ssd in laptops?! Epson 99+wh for each classroom with a core i5 and a nvidia coprocessor? Storage and edge servers at 11 schools? Although I love our 120/120 internet speeds. One thing that will never probably be changed, allowing students to bring in personal iPads and laptops.

Your school is way farther ahead than mine was, lol. 

 

The reason High Schools don't want you to bring your own stuff is so you don't get distracted and pay attention. The sad thing is that most High Schools aren't willing to fail you because they either want to good ratings from good grades or they don't want to have students recycling through the system because they keep failing. What they should do is make the classes harder classes and give the students the same freedoms that college students have. The last three years of High School were boring because they weren't challenging enough and the school had a lot of ridiculous policies.

[themctipers]

On 10/31/2017 at 10:01 AM, Eduard the weeb said:

my school is like this 

 

Are password are our birthdays and cannot be changed.

 

Teachers are given to shitty laptops. 1 a old I-3 laptops either Clarkdale or Sandy bridge I think and a chromebook which I am using now.

 

they block websites at school but at home they don't block anything and are school assigned accounts cannot even be changed just the basic letter Gmail account no background and nothing can be used for the email and the emails don't work with are personal so on project we have to use are school assigned becuase almost everyone only has Apple emails instead of gmail.

 

 

Also no hangouts.

nothing is blocked  unless you count anything that's not web traffic. (so 80 and the one for SSL)

so far ive only seen one teacher use a laptop, and it was a 1st gen i5 machine with a dying HDD. 

 

23 minutes ago, The Dark Swordsman said:

Your school is way farther ahead than mine was, lol. 

 

The reason High Schools don't want you to bring your own stuff is so you don't get distracted and pay attention. The sad thing is that most High Schools aren't willing to fail you because they either want to good ratings from good grades or they don't want to have students recycling through the system because they keep failing. What they should do is make the classes harder classes and give the students the same freedoms that college students have. The last three years of High School were boring because they weren't challenging enough and the school had a lot of ridiculous policies.

ah, america..

 

glad so far my teachers work on a 'you respect me with that, ill let you fuck around on it'

so, don't pull out your phone and game in class, but do check notifications / time / send one message during talks

 

except for one.

no phones.

there's no clock..

it feels like complete shit having that one freedom taken away. can't even check the time, cant send a quick boop, can't even fuck around waiting for other people to finish their work, which is very frequent

 

[Warboy]

Well, atleast it isn't as dumb as my HS IT was. They called me a hacker because they left CDROM as boot priority (this was back in 2005), so I used a bootable linux CD to load a OS and bypass their web filters.

[Bcat00]

On 10/30/2017 at 8:22 PM, BadluckBrian said:

Ouw schools push off managing ouw websites, and ouw IT depawtments awe a single pewson. Well, in my one school we awe the IT depawtment. I think you should talk to them and make a few wecommendations, but it also sounds they awe wather nyew. If they awe nyew, dont be wude about it, with school wegulations its vewy difficult to set up a good system quickly

i have never seen such a poorly written response before. My god, it takes some skill to bypass autocorrect to create what you did.

[kagarium]

Previous school IT assistant here.

 

Students should be able to change their passwords. We had issues with students using other peoples accounts to do things they weren't supposed to. One of these incidents even involved the police coming in and locking down our school. Since then we started allowing password changes, and actually forcing password changes every semester (6 months). All passwords had to be a least 6 characters, and contain at least 1 number or symbol. It's not super secure or anything but its enough to keep people from using other peoples accounts. If someone forgot their password, they just had to go to the library or main office, where they could reset the password via active directory. The student then logs in with a default password (123456), and is forced to change it before they can get to the desktop. All of this was done with active directory, and synced with our google cloud management services, and the nutrikids lunch service. This way, students had the same usernames and passwords for Windows login, Chromebook login, google service (drive, gmail, etc.), and for their lunch accounts. Made things much easier on the IT end of things, as it was all done through one service.

 

Our student emails were set up to only work within the school domain. The elementary and middle school did not have e-mail accounts. High school did. They could e-mail any teacher or faculty member, or any other student, or any other trusted domains we set up (for example, the lunch service, other services our school used such as easybib, and any domains associated with our google cloud services). This wasn't really our choice, as the state of Connecticut board of education demanded it, although it probably saved us plenty of headaches. The students could also set up mail forwarding so they could send all their school emails to their personal inbox for their convenience, and were also allowed to set the email up on their phones if they preferred.

 

Most school websites are pretty much garbage. Ours always had been, and we never really cared because no one every really complained. We had some spare budget leftover one year and decided to hire a company to rebuild our website, and it turned out decent enough. Good enough that it worked on mobile, and it looked fine on both. It was never really a huge concern however, and for the IT department it really shouldn't be. Believe me, there's enough work to worry about internally than trying to deal with a stupid website that 5 people end up using.

 

That's just my 2 cents on my experiences working in the field. 

[Thermosman]

On 10/30/2017 at 8:14 PM, Ryois said:

So at our school, the IT is clueless about what our teachers and students need/want out of our technology.

• First of all, we cannot change our password https://gyazo.com/e113ef17fdf965644b8fabaf16fd2199. Our passwords are six digit numeric only passwords.
• Secondly, students cannot email and we cannot receive emails outside our domain. Example my@gmail.com to myschool@assigned.email
  • other teachers that are not our teachers
  • other students
  • outside our domain
• Third, our website is absolute trash. It's not mobile friendly, it takes many clicks and going back to view a simple page.

 I need help on trying to communicate these problems with them. Should I try to talk in person with them or send them an email assuming I can email them or what? Other students are frustrated with these problems.

school IT is about as hopeless as it gets

[Snipeon]

Well, you can always try and compromise the whole network. Just do it anonymously, make sure you do not use any data or such for your own personal profit, and make sure it would be easy to know that you have compromised the whole system. They would have no choice but to take action. Or they can take the other route and just ignore it... Well, still a worthy bet.

[Excelsior]

The School IT and the management is to blame.  But blaming won't get you far.  Nothing will.  When my friend and I volunteered to develop a web app for the inter-college fest thing and the website for that event,  all logic and common sense were thrown out the window. I realised that teachers, system administrators sometimes have over-inflated ego.  Schools and the IT department at the school don't really care what the student's opinions are.  They have their own way of doing things and not bothered of how archaic that may be.

The school I went to had as usual, restricted access to the internet.  What was stupid however, was the fact that the bandwidth for the ftp server in the school was limited.  Couldn't download the Android SDK from the school, nor the deprecated version on the ftp server either.

 

Only thing you can do is to do things on your own.  Use computers at your home.  Get open source software if you want something done and talk to the faculty who might be slightly technically inclined.  They sometimes do help.