iChatting across subnets

We’ve had iChat set up on our macs for a while, making use of Bonjour to provide a zero- configuration way for teachers to communicate around the school. We now have a second site and teachers wanted to be able to iChat between sites but it wasn’t working as Bonjour doesn’t easily work across two different subnets (especially if LGfL are involved!). So instead I set up iChat Sever on our Lion Server.

It was mainly straightforward, once I had figured out how…

Turn on iChat server on the Lion server. Involves switching it to on. It sets up a Jabber messaging server.
Set up the login details using Workgroup Manager. There is a manifest called ‘iChat.Jabber’ which gives you a managed client settings already set up.
When a user logs onto the Mac, their credentials are used to log onto the iChat server. This requires an AD or OD setup, which meant a few issues when it came to the experimental ditched directory Macs. I had to set these machines up manually using the user’s network logins.
Initially, the iChat window doesn’t show any ‘buddies’, which renders the service useless at school because teachers wouldn’t know each other’s iChat accounts. Lion server promises the ability to add all users as buddies automatically, but this only seems to work if you’ve got an Open Directory setup (i.e. all user accounts are on the Mac server rather than elsewhere). Instead I had to log each user into iChat and then run the command ‘sudo jabber_autobuddy -m’ in Terminal on the Lion server. This adds everyone who has ever logged into the iChat server onto everyone’s buddy list.

It seems to be working fine, with the teachers across two sites particularly finding it helpful.

Erasing SMART Ink

One of the features of Smart Notebook 11, the latest version of the software used to run Smartboards, is a featured called ‘SMART Ink’. It’s an evolution of the previous functionality that allowed you to write on any window using the Smartboard pens. Previous versions just put a big picture frame over to allow you to write, which was great for full-screen applications but not so good for windows that move around. To get around this problem, SMART released SMART Ink, which ties the writing to a specific window, which can then be moved around the screen. Which is all great in theory.

However, in practice it results in lots of ugly green boxes sitting in the title bar of every single window you have open, and even every little dialogue box as well. And then when you move the window around, it doesn’t gracefully move with it but rather jitters around, destroying all the hard work Apple engineers have done in giving silky-smooth-graphic-card-accelerated windowing.

But not only that, it also seems to generally slow the Mac down, as acknowledged here and here by SMART. Not very smart.

Several people have suggested ways to remove the software, which I have roughly followed. It basically involves removing the ‘SMART Ink’ login item from System Preferences > Users & Groups > Login Items and then killing the process using Activity Monitor. It’s a bit of a faff to go computer to computer, but seems to have had a good impact on speed.

Macs and Antivirus

Yesterday I noticed that the top free app on the Mac App Store was a piece of antivirus software. Very depressing.

Why is it depressing? Now I know there have been a few virus scares on the Mac recently, but on the whole OSX is much more secure than Windows. The problem with antivirus software is that it slows down a computer as it continually checks files and processes for errant behaviour. I’ve noticed that some of the Macs at school run quite slowly compared with my own MacBook Air, particularly with startup times. I suspect that the wonderful SMART software and drivers might be something to do with it, but probably Sophos antivirus is too. I’m under the impression that using Sophos is required by LGfL, but maybe it’s not. And it’s not as if all the iPads can run Sophos either…

…so maybe I’ll try removing Sophos and see what happens then. Am I being foolish and crazy?

WebDAV

My problem is that I, deep down, hope and expect software and technology to work easily and first-time. One day I shall learn…

Our other task for today was to try and set up a WebDAV share on our windows server for our new iPads. Unfortunately we couldn’t get it to work, although our amazing technician is looking into it

I did manage to setup a new WebDAV share on our Lion server though. I was having trouble accessing it until I discovered the correct URL for the WebDAV share. It should be something like this:

http://hostname/webdav/sharename

The Lion share will work for windows and Macs too, so I’ll just add another share point to each user’s desktop called ‘ipad’ or something. It’s not ideal that it’s separate to our ‘school’ shared drive, but hopefully we’ll get the Windows WebDAV working before too long.

Setting Up iPads pt.1

Yesterday I finally had the time to start setting up the iPads at school. Yay!

The first job was to get the wifi going. We’re putting in Ubiquiti’s UNIFi wireless access points, which seem pretty good but also very reasonably priced. They have ceiling-mountable access points which can then be configured by a web-based controller you install somewhere on your network. All the points aren’t in yet, so I just had one sitting on the table in the room I was in. I couldn’t get the controller to work for a while, but thankfully our amazing technician got it working (something to do with conflicting ports).

I could then begin unboxing iPads. They came in bigger boxes of 5, so it was a case of entering the serial numbers on a spreadsheet, labelling each one and then making a big pile of the smaller, white boxes. Opening the first few is fun, but it does get a little tiresome after a while!

The next step was to use Apple Configurator to do a simple bit of setting up, mainly just to set it so that a custom wallpaper and iPad name appears on the lock screen. To do this, I had to use the ‘supervise’ mode, which means the iPad can only be connected to the one Mac which you’re running Apple Configurator on. This could be a real pain with syncing carts and iTunes, but I’m planning on running a completely ‘cloud’ setup, requiring no wired syncing, so this should be ok.

I didn’t manage to figure out how to deploy configuration profiles at this point, as I was hoping to set up wifi using a configuration setting rather than doing it manually. I didn’t finish them all though, so I might try that when I finish setting up the rest of them.

Here’s what’s left to do:

Create all the relevant Apple IDs (one per class)
Create @me.com email addresses
Decide on and download the apps on one iPad per class
Backup that iPad to iCloud and then restore it to the other iPads in the class set
Put on Parental Controls to stop apps being deleted
Set up iWork apps with an internal WebDAV server
Setup classroom macs so that downloads from iTunes automatically install on the class iPads
Put in cases and deploy!

Not too much really!

Deploy Studio and Gigabit Switches

Deploy Studio is a wonderful piece of software that lets you make a system image from a Mac and then deploy it to loads of other Macs from your Mac server. I’ve just upgraded 16 iMacs to Lion like this, taking only about 10 minutes per machine (perhaps 20 minutes per machine if you’re doing 5 at the same time). All you have to do is netboot (hold down ‘N’ when you turn on the Mac), which makes the computer boot up from Deploy Studio on the server. Then you choose the image you want to deploy, and then it does it all for you. Marvellous. It even automatically binds it to the relevant directories as well.

And with gigabit ethernet, this process really is much faster that it used to (possibly even 10x!).

Toucan set this up for us, of which I am very appreciative.

Giving up on Profile Manager

The promise of Lion’s Profile Manager seemed good: a nearly free way of managing all the macs and iPads on your network, pushing setting etc over air using Apple’s Push Notifications.

Except I can’t get it to work. The issue is that when you try and enrol an iOS device, it complains that the certificate is invalid. I’ve searched hi and low on the Interweb for solutions, and even tried out a few. However, the result has been even more of a mess, as far as I can tell!

45 iPads arrived at school today, just waiting for me to set them up ready for September. I was hoping to use Profile Manager as part of the setup process, but I think now I’ll just have to make do with Apple Configurator and iTunes. Hey ho.

Maybe more joy will be to had with Mountain Lion Server?

These guys at Amsys seem to have gotten it going, if anyone’s interested.

Ricoh Printer Driver Fix pt.II, Or How It Might Not Have Been Such A Great Idea To Upgrade The Server When Teachers Are Writing And Printing Reports

One of the wonderful technicians from Toucan came and upgraded our Mac Mini server to OSX 10.7 Lion on Monday. It went pretty well, with only a bit of a glitch with the Snow Leopard machines needing to be rebound. We tried setting up a script to this automatically, but this only worked on about half the machines so I still had to go around and make sure people could log on properly.

However, I also discovered that this had pretty much broken the previous fix for the Ricoh printer/copier, resulting in the copier spewing out reams and reams of gibberish. This was compounded by the fact that it is report-writing season, which requires much printing at the best of times. Not good.

The problem boiled down to printer driver issues, more specifically that not all the Macs had the same Gutenprint drivers installed and so defaulted to the generic driver instead of the correct one. Fun.

The solution was as follows:

Make sure all the macs had the latest Gutenprint installed, as this is the driver Workgroup Manager was instructing Macs to use. Apple Remote Desktop made this easy.
Log onto each Mac remotely and do a test print, checking if the correct driver was being used.
If the wrong driver was being used, I then had to log in as an administrator and reset the print system, forcing the Mac to use the driver instructed by MCX. To do this, you open ‘Print & Scan’ in System Preferences, right click on the list of printers and then select ‘Reset printing system…’.
Log in again as a managed network account and check it works.

I’m sure if I was a scripting kinda guy, there could be an easier way to do this. But it did work, albeit rather long-windedly.

The moral of the story? Make sure your Ricoh printer come with a Postscript driver card installed!

Simple

“It used to be ‘simple when you know how’ but now it’s just ‘simple.'” That’s how Abdul Chohan from Essa Academy summed up making use of the Apple ecosystem in his school (AppleTV, iPod Touch, iPad and Mac). However, watching one Apple Distinguished Educator (ADE) try and demonstrate an iPad workflow to a room of beginners made me think that using iPads in schools is not always as easy as one might think.

The South London Apple Education Leadership Summit was pretty good fun though. It was held at the Kia Oval, with fantastic views of the cricket ground (and cricketers) as we drank coffee beforehand on a sunny balcony. Great hospitality and very friendly delegates.

The events started with an Apple spiel, explaining Apple’s commitment to education right from the beginning and how the iPad is part of the disruptive post-PC world. I’m not sure quite how true the historical sketch was, but I liked the comparison to the introduction of the printing press (One book per student? Are people crazy?). There was also the emphasis of the 4 sources of content for the iPad – web, iTunes U, iBooks and App Store. I am eager to get my hands on iTunes U a bit more once we get some iPads in!

Then came a case study from the principal of Fitch Green Primary in Essex. She showed loads of clips and videos of the impressive work children had been doing with Apple devices. It was very inspiring (sickeningly even!). She talked about the importance of getting children to think and mentioned how the National Curriculum has, in a sense, deskilled teachers as they don’t have to think as much. Perhaps.

Joe Moretti, an ADE, then talked us through lots of different apps we had on our (Apple-supplied) iPads. The wireless USB microscope was pretty cool.

A brief introduction to a new purchase programme then followed, which allows parents to contribute to a school hire-purchasing iPads. This includes a very comprehensive insurance package as well. Might be something to look into…

Before and after lunch was a hands-on workshop about the iPad from another ADE. I went to the ‘introduction to the iPad’, which was I think aimed at those who had never really touched an iPad before. It was quite helpful for seeing how to introduce the iPad to members of staff. There were quite a few questions about the practicalities of deploying iPads and quite a lot of confusion about getting files on and off iPads. DropBox was promoted highly as a solution to this, but it still seems pretty fangled to me. Maybe I need to look into it more.

One thing that particularly interested me was a mac app called Reflection. This allows an iPad to be mirrored to the screen of a Mac, wirelessly. It’s only $15 and could well be a cheaper solution to an AppleTV. My concern with the AppleTV is that it’s adding one more layer of complexity with the projectors – switching sound sources on amps, changing the projector channel etc. If it works, that would be awesome!

The event closed with a talk from Abdul. He covered much ground to what he said in January, but put in a bit more detail about how they use the iPod touches that they have deployed to every child. What struck me was how they always ask ‘why’ when evaluating traditional education technology (such as the über-expensive IWB) and spend the savings they make on Apple kit instead. Nice.

I came away feeling that it was a useful time, but now I think I want to go to a more super-technical Apple event. They did say they would be trying to organise one, so we shall see.

10.7.4 URL Spring Fix

Annoyed about the spring loose in 10.7.4? Want to see that lovely spring icon in your dock when you drag a URL there? Here’s how to copy to all your machines using Apple Remote Desktop:

1. On a Mac not running 10.7.4, the missing icon lives in /System/Library/CoreServices/Dock.app/Contents/url.png. Use Finder to navigate to it (se Go > Go to Folder…).

2. On Apple Remote Desktop, select the Macs you want to fix the problem on, click the ‘Copy’ icon and then drag that file into the ‘Items to Copy’ box.

3. Choose ‘Same relative location’ in the ‘Place items in:’ box.

4. Set ownership to ‘Inherit from destination folder’.

5. Copy!

Marvellous.