Skip to main content
Sign In |
  Help (new window)

Information Tech Blog

Go Search
FUSD
Fresno.K12
Board of Education
Community
Departments
Families
Schools
Staff
Students
  

Categories
Category 1
Category 2
Category 3
Other Blogs
There are no items in this list.
Links
Photos
Archive
Archive (Calendar)
FUSD > Departments > Information Technology > Information Tech Blog

10/27/2009

Enabling OCS and UM using the STS tool

 

Provisioning OCS access with STS (Hey, it's acronym soup!)

You can now enable or disable Office Communicator R2 access, and Exchange Unified Messaging Access, from within STS, beginning with STS version 1.380 and higher.

Office Communicator allows the user to:

  • Chat with other FUSD staff members via Instant Messaging
    (coming soon: you'll be able to chat with anyone having a Windows Live! account)
  • Place and receive phone calls using your PC's audio, to both internal and external phone numbers
  • Place and receive video conference calls to small groups of people (1-3)
  • Conduct Live meetings (voice/video/desktop sharing with up to 30 people)
  • Arrange voice conference bridges through Outlook (a toolbar plugin required)

External callers can dial 457-6180 and speak the name of the OCS user they want to reach.

Unified Messaging (UM), works together with, but does not require OCS. It allows the user to:

  • set up a traditional voicemail box, using Exchange as the back end
  • Use the same 5-digit extension as OCS
  • Receive voice mail messages in Outlook

Users aren't required to use Outlook to access voicemail; it can be set up to work the "familiar" way through a phone only.

You can provision users for OCS, but not for UM, or vice versa. They are independent features.

To use these STS functions, just use the following STS commands:

  • enable ocs for "John Smith"
  • enable voicemail for "John Smith"
  • disable ocs for "John Smith"
  • disable voicemail for "John Smith"

OCS Use Cases

The scenarios we envision for people to use OCS at Fresno Unified are the following:

  • Use OCS only for Instant Messaging chats
  • Use OCS for PC-to-PC voice and video calls, but not for "traditional" phone calls
  • Us OCS as a secondary internal phone extension (with forwarding to cell phones or other numbers)
  • Use OCS as their primary phone extension, by forwarding a 'desk phone' directly to the OCS extension
  • Use OCS as the primary phone extension, with a USB-connected handset attached to their PC

About OCS extensions

We have set up a pool of 5-digit internal phone extensions in the range 50000 - 59999 for use with OCS. Certain blocks of this 10,000 number range are reserved for us to implement special calling features (50000-50010 and 59500-59999). When you enable OCS for a given user, the STS command does a table lookup against a SQL database to find the next available unused OCS extension. It uses a "gap filling" algorithm, so it will find any unassigned extensions that exist within the already assigned number range first, and thereafter start sequentially assigning extensions from the "top of the list". When you disable a user for OCS, the extension they were using will be "returned to the pool", with the result that the next person to be enabled for OCS will get that same extension. The philosophy for OCS extensions is that you would be assigned one when you start working for the district, and that you would keep that same extension throughout your career, even if you move between sites. Therefore, we don't anticipate a huge amount of "churn" where new people will get extensions that used to belong to someone else. Even so, the notion of a "phone number" is an anachronism that is slowly going away. If you use OCS to call someone internally, you find them by typing their name in a search box, or by speaking their name to an automated attendant. The importance of a "phone number" is therefore reduced; what is more important is the existence of a SIP address (it looks just like an email address, e.g. SIP:first.last@fresnounified.org . By making the SIP address the same as the email address, I can "call" someone just by knowing their email address, which I can deduce if I know just their first and last names.

Posted at 1:43 PM by Eric Tilton | Permalink | Email this Post | Comments (0)

10/5/2009

Managed vs. Unmanaged Computers in the Classroom

There have been reports from certain schools that domain-joined student laptops experience long delays--six to 10 minutes or more--on startup. This article explains what is behind these delays, and what can be done to remedy the problem.

The principal difference between "domain joined" and "non-domain joined" computers is that the former are managed computers, whereas the latter are unmanaged. It is the fact that the affected student computers are managed -- not that they are domain joined -- that is the cause of the startup delays. The reason is that a managed computer in our environment is configured to do at least two things that an unmanaged computer is not: (1) download antivirus ("malware") updates, and perform malware scans; and (2) download Windows updates, and apply them. Both of these operations are extremely important in a large enterprise network such as FUSD's. Without performing the necessary updates and scans, computers will become riddled with malware which can degrade network performance across entire campuses, or even the District as a whole.

Before the era of mini-notes, desktop computers could be left on at night, set to enter "sleep mode" at night, or could be "awakened" over the network using a Wake-On-LAN signal sent from a server. In each case, the computers would be able to download updates and apply them, or perform antivirus scans, during off-peak hours. As a result, when students wanted to use these computers, they were already "primed" and ready to go.

With the mini-notes, there are two problems:

(1) The usage pattern in the classroom is completely different than it was with traditional PCs. In a computer lab environment, computers would typically be left on, and students would go to the lab to use computers that were already running. In today's mini-note computers-in-the-classroom environment, teachers tend to keep the laptops locked up in computer carts or cabinets until just before the students want to use them; and they are either configured to "power off" when the laptop lid is down, or else the teacher manually powers the laptops off before stowing them overnight.

(2) Mini notes lack "Wake-On-LAN" technology that could be used to wake them up at night for updates and antivirus scans, and they are also mostly wireless networked, which compounds the problem further--because wireless wake-on-LAN is still very rare.

The result of these two problems is that when a teacher takes the mini-notes out of storage and hands them to the students, with the expectation that students can just "turn them on and go", the computers are just beginning their update and scan sequences, and are sluggish to start up because CPU loads are high. This is to be expected, because managed computers need to perform updates and antivirus scans. Because the computers are shut down and stowed at the end of class, there is never a long-enough window of time during which the computers are both "awake" and "idle" for them to perform the necessary updates. Even if the Windows configuration is set to delay updates and scans so that they don't happen immediately on power up, there will still be a problem: if the machines are shut down before updates can be applied later on, Windows will eventually still schedule scans and updates for the next power up cycle, regardless of whether there should be a startup delay or not.

There are at least two solutions to this problem. First, teachers can be advised to either turn the computers fully on an hour before students arrive, or leave them on overnight or over the weekend. This can be done right now, and doing so would eliminate the startup problems. However, this solution consumes power unnecessarily.

Alternatively, I.T. can configure mini-notes NOT to power off when the lids are closed, but instead to go into "sleep" mode. As long as the mini-notes are being charged overnight, this poses no real problem, because they will charge fully whether they are in sleep mode or fully powered off. However, because there is no wake-on-LAN feature on either the HP 2133 or the ASUS Eeepc mini notes, they also will need to have "scheduled tasks" defined that will wake up the machines during off peak hours so that they can run updates and scans and then "go back to sleep". Some desktop PC's have "timers" in the BIOS that allow wakeups to occur at scheduled times, but alas, the mini-notes lack this feature as well. However, we have tested "wake the computer from sleep to perform this task" settings in Windows Scheduled Tasks, and fortunately, this does enable a mini-note to wake up from sleep mode.

Why didn't we do this initially? Well, setting power features was not possible through Active Directory Group Policy ("G.P."), until very recently. The reason is that it is considered a Windows "Preference", which was not formerly addressable through G.P. As a consequence, these settings would have had to be configured by hand. However, with Windows XP Service Pack 3, there is a now a tool called 'Group Policy Extensions' that allows the setting of "preferences" which were previously unreachable through group policy--including the behavior of the power buttons and lid settings. We have quietly been "pushing" this Group Policy Extensions update out via Windows Updates for several months, so the vast majority of mini-notes should be able to be controlled by it. It also required Server 2008 Active Directory services, which we deployed a few months ago.

The plan, therefore is as follows:

1.) Using Group Policy Extensions, force the mini-notes to enter sleep mode on lid closures or power button pushes (but "push and hold" will still force the power completely off.)

2.) Using standard Group Policy, push out a scheduled task that causes mini-notes to "wake up" randomly during a window of time each night.

3.) Once awakened, force the computer to perform windows updates, malware updates, and malware scans.

4.) When complete, send the computers "back to sleep."

With this change, the problem of computers being "unresponsive" right when students want to open them up and start using them will be a thing of the past. Furthermore, having the computers resume from "sleep" instead of booting into Windows from a cold start will dramatically speed up the start time. Both of these fixes will contribute to a much more positive classroom experience for both teachers and students.

Posted at 7:23 PM by Eric Tilton | Permalink | Email this Post | Comments (0)

9/22/2009

What’s The Scoop with You-Tube?

Having problems reaching You-Tube from District computers? Here's a recent email that exchange that sheds light on the problem, including alternatives you can consider.

 

Patrick,

I apologize for the frustration you experienced.  The problem, however, is a bit complex.  Because FUSD receives almost 90% of the costs of providing Internet and communications services through the Federal E-rate program, we are required under Federal Law to have a content-filtering appliance in operation.   If we are found not to meet the stipulated filtering requirements, we risk losing the Federal funding, which amounts to several million dollars per year. 

Because of this requirement, we use an appliance called "Fortinet", which is a special device that performs Internet content filtering at the very high data rates used by the District (we have a one Gigabit/second connection to the Internet.)  Recently, there were changes made by Youtube itself to the way it secures its content for adult material.  We have been in contact with Fortinet working on a way to resolve the particular issue you are experiencing with YouTube.

Again, I apologize for the frustration, however we do offer other "pre-screened" streaming video sources with thousands of videos containing educational content (e.g. http://unitedstreaming.com, now owned by Discovery. ) If you would like more information on what else is available, please contact Patti Patrick in the Instructional Technology and Innovation group. 

 Eric Tilton, Manager, Networks and Engineering
 Information Technology Department, x50013
 Fresno Unified School District

------     

From: Patrick Casey
Sent: Tuesday, September 15, 2009 2:11 PM
To: contentfilter
Subject: Teacher us of youtube

To whom it may concern,

Can you please tell me why I have access to youtube, yet none of the videos can be accessed one on the site?  Youtube is a valuable teaching resource—with movie clips from Shakespeare productions, other literary works, poetry recitals, songs with thematic connections to literature.  It is ridiculous that these valuable resources, these enhancements to the curriculum and to achievement cannot be utilized by conscientious teachers.

I've written previously, and received no reply.  Please do not dumb down the smart classroom. 

Thank you for your time and consideration. 

Sincerely,

Patrick M. Casey
Hoover High
Language Arts Department

 

Posted at 4:14 PM by Eric Tilton | Permalink | Email this Post | Comments (0)

9/13/2009

Password controls in AD
If you didn't cheat, you should have found this reference:
 
 
Which you can test, using Quest Active Directory Powershell commands, like this:
 
$mysettings = ( get-QADObject "eric tilton" -IncludedProperties UserAccountControl | %{$_.UserAccountControl} )
 
$mysettings = <make some change>
 
set-QADObject "eric tilton" -ObjectAttributes @{UserAccountControl = $mysettings }
Posted at 2:18 PM by Eric Tilton | Permalink | Email this Post | Comments (0)

9/1/2009

Windows 7 Upgrade directions
To upgrade to Windows 7, follow these steps:
  1. Download the Windows 7 ISO file.
  2. Install the VirtualClone Drive utility. This will let you "mount" the Windows 7 ISO file as a virtual DVD drive.
  3. Right click on the ISO file and choose "Mount using VirtualClone Drive"
  4. Run the Windows 7 upgrade by clicking 'setup' on the virtual DVD drive (if it doesn't autostart.)
  5. after Windows 7 is installed, run the following two commands in a command prompt window using right-click 'Run As Administrator' to register your Windows 7 license and activate:

slmgr -skms termserv8.staff.fusd.local
slmgr -ato

Posted at 10:24 AM by Eric Tilton | Permalink | Email this Post | Comments (10)

6/22/2009

DHCP database corruption

The majority of the new DHCP scopes for wireless are flagged with errors. Expanding several of them one at a time reveals that the address pool attribute is blank (it should contain the range of addresses for the scope) and the default gateway Scope Option is missing.

Posted at 2:53 PM by Eric Tilton | Permalink | Email this Post | Comments (0)

6/12/2009

OCS R2 basics

Instructions for using the new Office Communicator R2 version

Download the new Office Communicator R2 from the IT page (there's a link at the bottom of the download area)

After Installing…

Change your sign-in address to first.last@fresnounified.org
Your username/password will still be STAFF\shortname, etc.
if you see any login prompts.

Change the Connection Options to use Automatic Configuration.
To get there, click the down arrow, and Tools-Options

Then click 'Advanced…' next to the sign-in address field (which should be first.last@fresnounified.org)
Select 'Automatic configuration' here.

To see what your 5-digit internal extension is, check your
Call forwarding settings—you'll see your number here.

Posted at 1:01 PM by Eric Tilton | Permalink | Email this Post | Comments (1)

4/21/2009

Posted at 7:47 PM by John G. Quinto | Permalink | Email this Post | Comments (0)

4/17/2009

Performance Point installation 'gotchas'
Getting  MicrosoftPerformance Point 2007 SP2 installed properly is one of the most challenging  tasks I've encountered.  The documentation is murky or downright misleading at times.
 
One of the tools you'll need to use with Performance Point is Business Intelligence Development Studio (BIDS).  Without this tool, you can't build OLAP cubes for Performance Point.
 
We had lots of trouble trying to get this component installed using the normal SQL 2005 Enterprise installer processes.  Even if you explicitly select the BIDS module in the 'Advanced' installation mode from within the Workstation Components, and the SQL installation *appears* to complete, the BIDS module does not actually get installed.  The program path c:\Program Files\Microsoft Visual Studio 8\ does not have the expected components, in particular, devenv.exe
 
Solution:
  1. Install SQL 2005 Enterprise as you normally would.
  2. Download the SQL 2005 Developer edition (this is not documented in the Performance Point setup procedures).
  3. Expand disk  1 of the installation setinto a folder named "Servers".
  4. Expand disk 2 into a folder named "Tools".
  5. Do NOT run setup.exe
  6. navigate to <installdir>\Tools\Setup
  7. run vs_setup.msi.  This doesn't appear to do anything, but it is installing the Visual Studio 2005 environment and shell, You must wait patiently for it to complete before you do the next step. You will see a dialog box pop up when its complete.
  8. run the following command line:

    start /wait  setup.exe /qb REINSTALL=SQL_WarehouseDevWorkbench REINSTALLMODE=OMUS
  9. You will need to manually create a shortcut, if you want one, for Business Intelligence Development Studio. Point it to c:\Program Files\Microsoft Visual Studio 8\Common7\IDE\devenv.exe

 

Posted at 5:03 PM by Eric Tilton | Permalink | Email this Post | Comments (0)

3/25/2009

Digital Portfolio Installation Guide

Digital Portfolio Installation Guide:

 

Teams:

There will be four teams:     

 

Team 1: John & Ricky

Team 2: Eric & Anthony

Team 3: Doug and Steve

Team 4: D. and Allan

 

Each Team will take the corresponding school Zone from the Digital Portfolio Database. Classrooms at E-Rate eligible schools are noted as "E-Rate School" in the Notes filed. These classrooms get the E-Rate Cisco AP. Other classrooms will get legacy APs.

 

Each team will be assigned a group of classrooms at various school sites. You will need to do the following tasks:

  1. Install the Access Point in the classroom
  2. Update the Digital Portfolio Participants database
  3. Update the Access Points Database.

 

  1. Install the Access Point in the classroom

As a rule, install the AP with the power cord. Power Injectors are limited. Where possible, use a POE port on the IDF switch. 14' patch cables are in the cold room. Use tie-downs to secure the exposed cables.

 

  1. Update the Digital Portfolio Participants database

The Digital Portfolio Participates database has list of classrooms that need access points. This database can be filtered by ZONE. When an AP is installed, check off the Wireless Survey and Wireless Ready columns. To the right, in notes, put any notes applicable for the classroom. You can make it easier to find you classrooms by filtering ZONE=x, Filtering for Wireless Ready =NO and Sorting by School.

 

  1. Update the Access Points Database

The Wireless Access Points Database is the list of Access Points. The APs are grouped by boxes in Alternate Location, and Zone in TITLE. Filter the database by either TITLE or Alternate Location to make finding the AP easier. You will need to edit the records to show the location of the radio. Update the school site and room fields for each radio installed. All issued radios are in the database. Do not add new records to the database.

 

When Not to install a Radio.

The E-Rate radios will be part of the larger E-Rate AP deployment. The goal of the E-Rate AP deployment will be to install an AP in approximately every other classroom. If you have a situation where two adjoining classrooms are Digital Portfolio, and coverage for one classroom is adequate from adjacent radios, you do not have to put a radio in the Digital Portfolio classroom. In that case, note the location of the radios being used in the comments filed of the Digital Portfolio Participates database.

Posted at 1:43 PM by John G. Quinto | Permalink | Email this Post | Comments (0)
1 - 10 Next

 ‭(Hidden)‬ Admin Links