Stop. Collaborate and listen.

I’ve been following reaction to a blog post on Twitter, by Mark Anderson the problem with technicians (@ictevangalist) http://ictevangelist.com/the-problem-with-technicians/ and a subsequent follow up from @jonwitts http://www.jonwitts.co.uk/archives/760 in defence of technicians.

Mark’s post describes the infuriation of teaching for staff when IT seemingly block their desire to embrace new technology. Jon agrees with parts of the post, but outlines difference and issues techs face in education today.

This isn’t a reply to either. More of a personal journey where I have been guilty of both doing too little and doing too much. Finding a balance, and a system that works. The main point however is one of mutual trust, and the impact that can have.

When I started supporting IT in schools 10 years ago, I was the bottom of the bottom of the rung for staff. Valued only in a brief moment when I fixed something, but only in a bit of pity. My £14k a year didn’t make me feel valued. I was young, and eager to please, and progress. I worked long hours,  but suffered at the hands of a work place bully in a system which didn’t allow for anyone to progress unless you were a teacher.

As is often the way, when I decided to challenge myself and leave my comfort zone, the school I was leaving panicked. Perhaps they realised what they were losing, a passionate, determined individual, or perhaps they just couldnt bare the hassle of retraining someone else. Suddenly, the offer of money was no longer an issue, a £4K a year rise to keep me couldn’t keep me. My new school matched an improved offer and off I went. 

Excited to develop myself from working in an atmosphere where I could do what I wanted when I wanted but not get appreciated, I was promised big things.
Sadly they didn’t materialise. Whilst not the worst move, the school I moved to valued staff even less, and crucially there was no ability to deviate, under my then manager, from changing toners.

At both schools, the result of not being engaged with or trusted was the same, staff not listened to nor given  The opportunity to interact with those higher up to harness the incredible power of IT to affect so many parts of a school. Those in higher places with responsibility for IT were not interested.  Those I worked with were overworked and demotivated from years of pushing and getting nowhere. To the point even when new leadership came in they were no longer prepared to fight and engage with new visions, but became locked into downward spirals of protectionism and mundane day to day task. 

Deviation from their set tasks led to worries about who would get blamed, or, who would do the additional workload as no additional TLR structures exists for support staff.

After 4 years, and a time where I concentrated on my own business and family life, it was clear, with a baby on the way, that it was time to move on. I am a confident, not easily scared individual who doesn’t get put off target. This pees off a lot of people who don’t like change. It excites me.

I left my job on a whim for no more money, just a title. But I was now network manager. The boss of the network. I landed with a headteacher who harnessed my passion, trusted my vision and developed my skills. Huge budgets, school wide changes. Instant impacts and overwhelming changes followed. That was 3.5 years ago.

Today, I am a member of SMT. Probably something I am most proud of and most shocked at. It’s not the title anymore, but the recognition that somebody in my role can make an impact and should be involved from the start in the decision making progress. That experts in their fields can and should be listened to despite the fact we are not teachers.

Teams have different strengths. Our SMT and separate SLT structure are ideal in that the leaders can lead (SLT) but the enablers are there to support them (SMT). We have teachers, but support staff are represented with the Senco, business manager and myself. None of the positions are token roles but are in place to enable teaching and learning to be the best experience it can be by harnessing the knowledge and passion of a wide range of staff.

In IT sometimes we have to say no. Mostly we say yes, all the time we should offer encouragement and ideas and workarounds if given the opportunity. And that’s the key thing in this debate that has been going on for years, that I experience even to this day across the 7 schools who sat down and listened to me. Who now rave about their support, but also the impact engaging wth us has made.

One thing I always insist on my team is the need to be professional, and treat others, no matter how hard that is after they insult you and your professional judgement, how you wish they would treat you. In any job that is the same I am sure, but sometimes I wish people could spend a day in our shoes, as much as I would love to spend a day in theirs. There should be no divide in professional respect between me and a teacher. 

We both have hard, demanding, complex, ever changing roles with constant pressure and changing goal posts. It’s not a completion to see who fails first or who we can frustrating the most. It should be how can we be inclusive and work together for a solution that propels our core business, learning for young people forward.
 I can’t teach. But I can do IT – you can teach but you don’t know the impact on your software or your idea on a bigger picture. Let’s work together and learn a solution.

Crazy times

This month has been like no other I have experienced in my role. In fact, there are days when I don’t even remember my role from a few months ago.

On January the first we start supporting our seventh school. Walkwood are a large middle school and we have taken on their technician. We have also taken on an additional apprentice as an admin role.

To add to this fast moving expansion (we only took on another first at half term) we are moving to a new office as well to house our ever expanding team. Organising this has been quite a complex task on top of everything else.

I have also been at the forefront of designing and creating life without levels mark sheets in SIMs for three schools, and then adapting parents reports to take he new data. The mark sheets I have developed started with the assistant head at my home school, and we have quickly been outsourced to other schools looking for similiar. 

I enjoy collaborating like this, knowing I have made a sizeable impact by implementing these systems, but I can’t say I enjoy the setup. In our current office we are all in one room in a noisy building, making concentrating very difficult. Leaving me to work late on into the evening when quieter or even at weekends. 

Further hassle has been in the form of getting a lease of a SAN, our second. First was trying to understand the entire hardware setup which would enable us a higher throughput from our hypervhosts – we are experiencing lots of issues with our Veeam backups, impero and sometimes even file access. We are also coming close to our 4tb limit, so we could do with some more space. All this in addition to the 60gb SSDs in our standard machines filling up and needing some new, making the order quite important. But having to understand and triple check a legal document for the lease is slowing it down. Still, better safe then sorry.

At another school, we are working on social media campaigns and purchasing more and more hardware, hopefully tonight we will have a budget agreed!

At our first schools we are redesigning websites, finding solutions for aging projectors and looking at tablet solutions for them. Infact this Friday we have a couple of suppliers coming over to showcase a range of tablets to our schools. 

To top it all off tomorrow is a chance to use our new LED lights for the first time for the Christmas show.

All this on top of the daily grind. Around 160-180 tickets a week. 

So it is all go. And there is a little update.

Long time no blog! Let’s start from the start…

  It’s no surprise I haven’t kept to my blogging, I moved into my own house in September, I have been trying my best to help my 2 kids fit into new schools and nurseries and on the rare occasion I am not working or being a single dad I have been testing out dating websites. They suck, by the way.

Anyway, personal stuff aside, what have I been up to?

Team expansion

We were a little worried when one of the middle schools we support decided to become an RSA Academy, however because of how happy the SLT is there we actually got another first school which now shares an executive head with the middle school and now run the IT for them both!

This was really exciting for us as it meant we would have the challenge of piggybacking the new school onto one of our current networks. 

 Challenges included using a single exchange, two sims installs on one network, setting up smooth wall for both sites and quite a few more.

Pleasingly it went very well. No major issues.

We then heard from a larger middle school that we had approached, and come January we will be supporting them, taking the total to 7 schools. We will also be employing more staff and other exciting changes. There could be more in the pipeline as well before Christmas. But 7 is enough for now…!

There have been lots of other exciting work stuff, and some in the pipeline but won’t mention them all now as I struggle to blog as it is! Safe to say a new SAN is on its way and lots more Windows tablets. But also details on upgrading to Windows 10 at 7 schools! As well as other stuff I cannot disclose yet! 

Apple Watch and iPhone 

  So I bought an Apple Watch. And I upgraded to an iPhone 6 as well. Despite the upgrade via Carphone warehouse being one of the worst experiences of my life, I am really happy with both.

I have never been an Apple fanboy. I find their products over priced and missing features that other phones have as standard. 

However I was across Eco systems, Windows phone, ipad, Windows laptop, Apple TV and it just wasn’t working for me. 

I decided that being able to sync usage from my iPad and my iPhone was more important then these devices being able to interface say with my laptop. I would never edit documents on my phone or tablet, but I would like to share purchases between my mobile devices and my Apple TV. 

The biggest thing I missed on my Windows phone was apps. And the quality of apps. In no small part, the main reason I left Windows phone was how shite the Facebook app was.

I love the Windows phone OS and Windows 10 on phones will be great, but there are not enough apps and those that are there simply don’t work. 

So anyway, I got it. And after being disappointed initially win the the battery, I am sat here writing this post on it. Turning off some of the background tasks has meant battery can easily last a day now.

The Apple Watch is an indulgence for me. Let me be clear, it serves no real purpose. I could do everything better on my phone then on the watch.

But that doesn’t mean I want too. I enjoy having the notifications on my wrist. It saves me time, it stops me checking my phone all the time and it looks pretty cool.

There are some nice features on there which I will review in the future as well. I was looking at android wear and an android phone, but I am glad I made he choice to apple. It costs me nothing extra a month, infact I get more, for less!

The watch did, however leave a nasty burn on my skin, I presume it was a bit too tight but I am still surprised at the state of the burn. Something I am defiantly keeping an eye on!

  
Anyway, that’s the end of my short update. Hopefully now I have the app on my phone I may well post more. Maybe. 

Why Student Advantage is more then just free office

Free office! For pretty much every youngster and educator in the UK. Crikey, what a deal!

It’s definitely something that gets parents and staff’s attention, with office costing circa £90 for home and student, it is a significant saving, and with the cross device usability (you can install on 5 devices including tablets) it is very appealing.

Clearly this is a great ploy for Microsoft marketing  – staff and pupils will now be hooked on the familiar and standardised programs for the rest of their lives. And as a result, business, where the big bucks are, will continue to invest in the product

So, aside from making sure schools are training the next generation of office users for the Microsoft coffers – we should look into why this is something that all schools should roll out…

And first off, it’s not for staffs benefit. Yes, they will probably create more with Microsoft products in the classroom, because they have improved access to the programs – which are, lets face it, the best around.

Actually, the fact is – in our case anyway – staff will probably not use free office for work as much as using the remote desktop, it will be faster sometimes to use office, but its just another tool we provide to make life as easy as possible for them. They have actually been using Office for free for years of course, in school. This just increases access.

No, the real benefit is for pupils. The ability to access their one drive, and do work on any device available to them is a game changer. The software will be the same as at school, so familiar, and work will be easily accessible. Single sign on means setup and access is simple. Web based version of office mean they don’t even need to install software.

Most pupils these days have tablets, and not laptops – well, office works on these as well now.

This ability for pupils, no matter what their financial situation to all be on an equal pegging for using technology to complete their homework is a great thing for schools to be offering. I know not all have internet, or a device – but the vast, vast majority at least have access.

This follows the route we have taken in school with our development plans, ICT is no longer just about dedicated IT rooms, it is making technology available for all when they need it, in easy to access, familiar way. We did it with our tablets, deploying some 380 odd which has made  huge impact to teaching and learning in school, and this roll out of office to pupils at home (along with their ability to use remote desktop) means we are, as much as possible, making IT easy to use at home for pupils. And that’s the key bit, making it easy. Remote desktop for pupils? Not at year 5. Office, which their parents set up to take advantage of, and instant access to save to school with no logging in or addresses? That’s easy!

Finally, as a MAC of 4 schools, this is something we are looking to roll out, because the biggest plus will be one drive and sharing documents, without having to join domains and all sorts. I will write about that more in the future, when I have had a chance to think it through, but the idea is an exciting one. And all this, under EES, at no extra cost.

 

 

O365 and SSO

Recently I decided that I wanted to give all my users the free office they can get under EES Student Advantage. I had looked into this before and it was one hell of a nightmare to set up I thought, looking at the poor Microsoft documentation, and my own lack of understanding.

Ultimately I wanted to do the following:

  • Have users be able to login to O365, using their local domain credentials
  • Only allow them access to OneDrive and to download office (we have local exchange 2013 here)

So here is what I did, with some of the bits I did wrong removed. I am hoping I can remember it all.

1) Get the licences

I had to get my EES supplier to add the licences I needed, so Luke at Millgate got this set up (well, he didn’t, someone else who has an idea of anything more then sales did!)

These Show up as Online Service Activations in VLSC – and you need to have a MS account ready set up to import them into. I actually found it really hard to find the link to sign up for education accounts – but here it is:

https://go.microsoft.com/fwlink/p/?LinkID=403742&culture=en-US&country=US

From this page: https://products.office.com/en-us/academic/compare-office-365-education-plans

You get trials for 30 days of the full blown plan (E2/E3) but they are not actually what I wanted, I don’t want full O365. When you activate your Online Service from VLSC it creates new plans for staff and pupils which only gives them access to download the software and One Drive.

The rest of this will probably work for setting up full blown O365, but I haven’t trialed it. It certainly will get the users in.

2) Getting your domain sorted

Start this one early. You need to get some DNS or MX records done on your domain to prove your ownership, its straight forward stuff, but you cant sync users and do anything without it. Once logged into the 0365 control panel (login.microsoftonline.com) select domains and follow the instructions.

At this point, I strongly suggest setting up a user that is not someone who will be migrated over from AD at any point, for instance, I setup an admin2

3) Sorting out the Sync and SSO

So bloody complicated.

  • If your domain is a .local or similar, or it doesnt match the your external domain, you will need to add an additonal UPN: https://technet.microsoft.com/en-us/library/cc772007.aspx
  • You will then need to change the UPN users will use – you can do this in bulk in AD (select a load of users, right click etc), and it has no effect on anything else (or at least hasn’t so far)
  • Choose a server to be your ADFS Server, that is not a DC, if you run a remote access server, with HAP or RDC (or both) with its own SSL already in place, great. You need an SSL to do all this wizardry.
  • Install the ADFS role on this server. Best practice is to work through a ADFS proxy as well, but, well, I didn’t. Note: if you are installing on Server2008R2 you will need to download ADFS 2.0 – so don’t install the role. Install the role if Svr 2012R2
  • Install the Windows Azure Active Directory Module for Windows PowerShell – login to your admin on 0365 > users > Manage SSO and its number 3
  • On another server download and install DirSync – the software that will Sync your AD to the cloud: https://technet.microsoft.com/en-us/library/jj151800 – this is pretty straightforward, but, you will need to redo it if you mess up anything such as change passwords, or setup the wrong domain or something. Once done, you should see users appear within 10 minutes.
  • Back on your AFDS server, run the AFDS powershell – these are the all important commands you need to follow to setup the link etc
  1. Open the Microsoft Azure Active Directory Module for Windows PowerShell.
  2. Run $cred=Get-Credential. When this cmdlet prompts you for credentials, type your cloud service administrator account credentials.
  3. Run Connect-MsolService –Credential $cred. This cmdlet connects you to the cloud service. Creating a context that connects you to the cloud service is required before running any of the additional cmdlets installed by the tool.
  4. Run Set-MSOLAdfscontext -Computer <AD FS primary server>, where <AD FS primary server> is the internal FQDN name of the primary AD FS server. This cmdlet creates a context that connects you to AD FS.
    noteNote
    If you have installed the Microsoft Azure Active Directory Module on the primary server, then you do not need to run this cmdlet.
  5. Run Update-MSOLFederatedDomain –DomainName <domain>. This cmdlet updates the settings from AD FS into the cloud service and configures the trust relationship between the two.

Remember when it talks about a domain, you want the UPN that matches your external domain, not your internal one.

Finally – to get SSO working accross browsers: http://www.powerobjects.com/2012/11/02/adfs-and-single-sing-o-cross-browser/

I am not a great tutorial writer I am afraid, but hopefully this might put all the links and the general process in a useful place.

Schools and social media

I am a big fan of social media. I have been on twitter since 2009, facebook from before that and I enjoy posting updates.

I like to share with family and close friends on facebook, particularly with 2 young kids and brothers who live a long way away.

I love how twitter allows me to interact with big brands and interesting individuals. I have sorted so many problems out by tweeting social media teams it is now my first port of call if I have an issue. It is also a geat professional development tool.

When it comes to schools however, it is a different story. I have launched facebook and twitter pages at three schools I support, and all have had fantastic success. A free way of interacting with parents, on a platform that has usage statistics like no other.

I was sat in an induction meeting for my sons new school on Thursday, and the school was raving about its website. I have been on its website, it is okay – but I can’t say I will return to check the news.

The reason? Websites are boring. I will visit it when I know I need to know about something, but not just to check it. I check my facebook though, all the time -so why don’t more schools embrace it?

You can put out  message and instantly people see it, can react and interact with it. It is free to boot!

At Bede’s we have nearly 700 facebook subscribers, and another 200 twitter followers, at a first school I support, some 200 parents follow it, and at the high school I used to work at, some 700 parents.

But the real interest for schools should be the engagement levels. Bede’s posts residentials as an event, allowing parents to ask questions, leave comments and like pictures. Engagement is incredibly high, and those parents then remain on our friends lists and get all future updates.

We actively encourage parents to talk to us via facebook, and it means we control our online presence. When the school account says something, everyone knows it is the truth, not word of mouth. Parents actually point any parents spreading untrue rumours, or who are simply not sure of something, to our pages for us and the right message gets put out.

The reasons behind schools not embracing is either, in my experience, leaders who do not engage with facebook or twitter on a personal level, and so are scared of it, and ill founded fears for safeguarding.

Many people worry about putting photos etc onto facebook and twitter, but happily share them on their websites. The simple fact is, when a photo is online, its online. That’s why robust procedures need to be in place to make sure that the photos that do go online are appropriate.

You do of course, need to be careful, a trustworthy person needs to manage and react instantly to anything on there that may escalate. You have to engage with users and provide a real insight to your school for the best results.

For years parents have wanted to look  at the inner workings of the schools their kids attend, and schools have wanted parents to play bigger roles at home to their children’s days at school -so imagine knowing what your child has done before they walk in the door does!

In these days of tightening budgets, an effective social media presence is free, and its ability to reach out to parents instantly and on mass is priceless.

 

Exciting things.

We have whole school enrichment days at our main schools, normally it means all IT is booked out, and the network is just creaking. We don’t always have a direct input – but this is good – staff are confident to use the technology and plan with it themselves.

However, the upcoming enrichment day is one we are heavily involved in – and I am looking forward to it because we are doing some exciting things with IT kit to enhance the day. The theme is communication.

So we start off with a whole school radio station  – beamed lived from our office, on a MAC running NiceCast – and with staff tuning in around the school with VLC player – pupils will have access to Spotify and an expensive Snowball microphone to create 15 minute shows throughout the day, with a lunch time request show played live to the field and into the hall.

11265610_10152793891401691_3347506271467140059_nAnd secondly, we are rolling out skype and webcams into every classrooms – we have recently been linking up with some partner schools abroad via skype, and want to showcase this way of communication to pupils.

Both are exciting use of technology to enhance the day and I know my team and I are really excited to work on it, so much so, that we set up skype between our school ICT support offices, and then wondered why we even had our weekly meetings, when we could be online and connected all day!

Making people listen

I had a fun job this half term – I had to migrate SIMs from SQL 2008 to 2014 – as the next SIMs release doesn’t support it.

Unfortunately the timing wasn’t great, recently we have had a few issues – and in the middle of some staff doing reports via remote desktop.

The migration didn’t go to plan, and it resulted in a night of downtime, as I disabled the server to stop people somehow, magically, loose data (I knew it was impossible, but didn’t want to risk it!)

Being the holidays, it threw into light our ability to communicate with staff during the holidays, or even out of normal school hours when things go wrong. These days our systems, across all 5 schools are used pretty much at all hours, I have seen staff logged on till 1/2am – and some start again at 5/6am – I have seen staff logged in on christmas day!

Our ability, therefore, to communicate outages (particularly in holidays when we complete maintenance and I am loathed to send out all staff emails that many will not read and disregard – and therefore they can think they can do the same with more important future emails) is especially important.

Our school website is hosted externally by Vidahost, so we are able to set up a status page on there, to allow staff, students and even parents who use Insight, access to see any issues. The page, as well as letting us write updates, pings key services to check availability, a quick way for staff to see if it is us – or them!

After updating the page recently with a few issues, I decided to update the pages design, to simplfy it – http://www.st-bedes.worcs.sch.uk/parents-information/service-status/ and to remind the staff of its existance.

A lot of staff emailed me directly, bypassing even the helpdesk, and this is not helpful. Our aim is to provide fast and efficient support, to do this – my team need to see issues that are reported. People have holidays or specific tasks, that may mean they are not on the helpdesk, but there is always someone there managing it – if things are sent to me, they will be dealt with as and when I can, and normally just me forwarding them to the helpdesk.

I wonder in business if this would actually happen. School’s want, nay, need professional IT support to move things forward for them and get best value from the people they have there, that is why many are not outsourcing. When teams put in procedures and resources – we now need to work with staff to make sure they understand why they should use the systems, ultimately it means a better service to them.

 

 

 

 

Tales of woe: Exchange, SAN and Smoothwall failures

What a week.

It all started last week, when our exchange server just decided to stop working. One of my techies was updating SSL certificates as Chrome is sending warnings that it is out of date. A fairly simple process – but it turns out changing the SSL certificate raised issues from where we removed the old exchange server incorrectly after decommissioning it when upgrading 2010>2013 – causing IIS not to work, so no activesync, no autodiscover, no OWA.

Luckily, once we worked out where the issue lay, a bit of digging in ADSI edit and IIS manager and issue resolved. Phew.

Onto the next challenge, one of the Volumes on our cluster is down to 9% free, some 200GB, it decreases a fair bit each week, on investigation I think it is out Smoothwall server, a new VM, which is now logging.

So the next job was to move Smoothwall to a dedicated machine. Two reasons – I was fairly sure the logging and requests would be hammering the SAN and ISCSI links, and also if I located the physical server near the Virgin box, it would reduce the traffic accross the network, as the VM box is in a different building.

As smoothwall was a VM on our 2008r2 cluster, I exported the server, and then tried to import and boot on the new 2012R2 Dell mini server I had got, only to find you can’t do that. For future reference, 2008r2 needs to either go 2008r2>2012>2012r2 – or forget exporting, and copy and paste the files directly.

A weird gotcha, but a lesson learnt. Box worked today, upgraded the RAM a bit tonight, and then moved into front server room, minimal downtime, but the move did mean a late night, 12:30 finish last night

On Friday the week before, triumphant after the hassle with exchange I was doing easy jobs – one was to get the serial of the SAN to enable a supplier to quote on a JBOD (as I say, cluster storage is filling up!). When logging in to the SAN, which admittidly I don’t do very often, I noticed it was ‘degraded’ – DotHill’s very speedy support identified a faulty controller, which they replaced today.

Only problem being, the controller they replaced (a refurbished product) has failed. Luckily we have dual controllers, so no immediate danger, but a very annoying issue none the less, awaiting a reply and replacement now.

So, an eventful week – but I am focusing on the positives > Exchange sorted quite quickly considering the weirdness, and now old server all gone. The SAN’s failover has worked, twice, the failover cluster, failedover and Smoothwall is on it’s own box, on a VM so can easily be moved again.

At least it’s not been boring!

How to fix Error code: 0x81000037 when using Windows 7’s Backup and Restore.

I have a few private clients that I have setup Windows Backup on to send data to a NAS drive. All works fine, until I get hit by an email saying backup isn’t working.

Twice now, it has turned out to be the same error code, and an error about not being able to read from the shadow copy.

The backup was not successful. The error is: Windows Backup failed while trying to read from the shadow copy on one of the volumes being backed up. Please check in the event logs for any relevant errors. (0x81000037).

I spent an age trying lots of different fixes – but the issue is NOT with your backup drive or location – its actually your PC/Laptop, and probably your anti virus. In my cases, it has been down to Security Essentials, a quick clear of the infected items (History > View all) and the backups work a treat

More info here: http://www.pagestart.com/win7br0x8100003701.html