RE: New to Group and Chromebooks (WiFi)
Keith Mack
I’m going to speak to the WiFi question. With Chromebooks you can restrict device login only to users of your domain. If student logs into a Chromebook they have to use their GaFE credentials as we lock this down in admin console. You can also tweak user settings to retain login and usage data on each Chromebook in admin console.
I don’t really see an advantage to using AD for authentication of WiFi for Chromebooks. But, we’ve never had students in AD other than some generic logins for grade level use. On our K-8 campus we have 200+ Chromebooks, 60 netbooks, and about 50 iPads (all in shared environments).
You can set up automatic WiFi connections for Chromebooks. We have AeroHive APs. We use Meraki only for managing iPads and there is ability to preset WiFi connection with this MDM as well. So the big change in thinking might be to managing devices not users. This is Apple’s new mantra for enterprise deployment (at last!).
With our Chromebooks we found out that they worked lots better using 5Ghz band, but left on their own would always connect to the 2Ghz band. It was an ugly mess. So we have a hidden SSID called Chromebooks that is setup in GaFE Device Management Console. Chromebooks have to connect to it first. We set this SSID to only broadcast on 5Ghz band (and also tweaked a couple other things). Chromebooks and users (and admin) are all happy.
If you have individual student authenticate to WiFi you likely lose the ability to control and manage network for good of devices. I couldn’t have a student profile setup to connect only to 5Ghz as my netbooks don’t have that band on their WiFi card. The same might be true for personal devices if you allow students to use AD credentials to connect these.
I might also note that I also set up separate credentials for Netbooks and iPads so as needed I can tweak things to keep them running better. Haven’t done anything with this yet, but it’s there in case the need arises.
I’m embracing the need for us to manage each “type” of device we invest in. I didn’t come from a heavy reliance on AD to manage anything so it probably made it easier for me to make the change and it has worked well for us so far.
Thanks,
Keith Mack
From: k12ap...@googlegroups.com [mailto:k12ap...@googlegroups.com] On Behalf Of Randy Jackson
Sent: Wednesday, June 24, 2015 3:04 PM
To: k12ap...@googlegroups.com
Subject: New to Group and Chromebooks
First thank you to the moderator for accepting me to the group. Over the past few years we have deployed windows based laptops at my school district, but of course with cost and lacking of funding we are looking at implementing Chromebooks in the future. I have purchased an initial group to use as a mobile lab to test implementation and how hard it is going to be to replacement my windows laptops with the Chromebooks. I have the management software in place and have my settings in place, but of course my head is spinning being use to a Windows Environment on integration and authentication.with these devices.
According to the Google Tech support person I spoke with, there is not a way to authenticate my users through my Windows AD when they are logging in to the Chromebook, yet I have seen some vendor software that says it can help. Not being familiar with any of this, I am reaching out for advice/assistance. Like many, my AD has users divided into organizational units based on (Student, Staff, Administrator) and the association with the OU is associated with levels of access through our firewall/web filter (Teachers having more access, students being blocked from the "Fun noneducation" stuff). Right now, all of the accounting logging into the Chromebooks are going straight into the guest/default filtering group. Suggestions?
Secondly, we use a Meraki/Cisco wireless infrastructure. Through that I have a setting where it requires users connecting to the wireless network to enter their network credentials, which then authenticates them through our active directory. This works great for our windows laptops. With the Chromebooks I am facing an issue with this, the device is maintaining the wireless network login credentials. So is student 1 logs in to the chromebook and then logs in to the wireless network, they sign-in under their credentials. But later Student 2 uses the same device, it automatically connects to the wireless network not requiring login credentials for Student 2, because it has saved the information from Student 1. I have gone back and forth with Google support and Cisco support with each telling me it is an issue with the other. Any advise on how I can get this corrected?
--
--
You received this message because you are subscribed to the Google
Groups "Google Apps K12 Technical Forum" group.
To post to this group, send email to k12ap...@googlegroups.com
To unsubscribe from this group, send email to
k12appstech...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/k12appstech?hl=en?hl=en
---
You received this message because you are subscribed to the Google Groups "Google Apps K12 Technical Forum" group.
To unsubscribe from this group and stop receiving emails from it, send an email to k12appstech...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
Bjorn Behrendt
- Student-CBs ~ Student Chromebooks, 5ghz only, on it's own Vlan, and restricted to only Chromebooks to be able to connect to it, no password required.
- School-5ghz ~ 5ghz, and on the schools primary Vlan, hidden,
- School-2ghz ~ 2.4ghz and on the schools primary Vlan, hidden. We use this just for Chromecast devices, as they only connect to 2.4, and being on the same Vlan means that teachers can access them, but not students.
- School-mixed ~ The standard mixed connection, for general devices
- Public ~ This has a splash screen and is throttled.