Modernising the infrastructure of a village primary school
By Colin Chaplin
Waldringfield Primary school is a small village school in Suffolk, serving about 100 pupils. Like all walks of life, its use of IT is growing and vital to its success, not only to manage the school business, but as a teaching aid.
As an IT pro, you’ll probably encounter scenarios where you can see IT is not being used or managed to its full potential, and just with a little application of expertise, drastic improvements can be felt. This is the tale of such a scenario.
The school has around 40 laptops. These were not centrally managed and any setting change or software update required a visit to each laptop. Half of the machines ran Windows XP and if you’re reading this, then you probably know the problems with that!
WiFi was provided by a handful of home-style WiFi access points dotted throughout the school which struggled to work reliably with the amount of machines and also had problems providing a good signal through the 200-year old school walls. This network had grown ‘organically’. A new high speed broadband line had just been installed, but little benefit was being felt, which is a particular problem as much educational material contains streaming video and is delivered via the web.
No sticking plasters here
This definitely felt like an environment that could be improved; not just a sticking plaster here or there, but a full scale IT transformation that would deliver a robust, modern platform that would allow the school to go further, using ICT to improve teaching whilst not increasing the administrative overhead. Clearly with very tight budgets, pragmatic decisions and some innovative approaches would be required.
I presented my ideas to the school management, and with the support of them and the governors. I covered not only what I was proposing, but a background to myself professionally and the principles of how the solution would be developed - to professional standards - understanding that the main operation will be done by non-IT professionals and technology deployed only to meet a need.
Overall school infrastructure
The school was already subscribed to a Microsoft license subscription model, what many of us in the commercial world will be used to as a convenient way of managing license spend and accessing new software. In education this is called EES and provides great-value licenses, and as it turned out the school was already licensed for Windows 10!
It’s all about networking
The first task was to deploy an enterprise-grade Wireless solution. Cutting edge equipment was not necessary, so a mixture of wheeling and dealing on eBay, and donations of networking equipment solved this; 10 HP Wireless Access Points and a controller, offering up to 300Mbit connectivity and (crucially) designed to cope better with volume than small home routers. Gigabit switches were obtained to ensure everything ran at high speed, albeit perhaps not with the super-performance of brand new enterprise class switches. Recognising the simplicity rule, the temptations to get exotic with VLANS and routing was resisted; after all the school had got-by with cobbled-together 8 port 100Mbit switches.
The next item to be tackled was the Microsoft related infrastructure. At the time this was implemented, the ability for Azure AD to provide full Active Directory services wasn’t available, so to enjoy the management features provided by group policy, an on-premise domain controller was required.
In 1874, schools weren’t built with a communications room and there was no obvious location for a server. Further to that, no servers were available. Two PCs were. These were situated in secure areas in different parts of the school, and the addition of multiple hard disks and RAID controllers provided a level of resiliency. On these, Windows Server 2012 was installed, with DFS-R replicating all data across both. The servers also act as DNS and DHCP with the new clustering feature in 2012 R2 used to make DHCP allocation easy.
As the whole solution is built with the cloud in mind, there’s a good chance it will be a temporary measure.
One of the servers has WSUS, MDT and WDS installed. Windows deployment services then allowed PXE-boot-to-working machine in less than an hour. All customisation and configuration is done with Group Policy so changes can be made quickly and reflected on the machines within minutes, rather than waiting for weeks for error prone manual intervention.
Spiceworks is used to provide auditing and reporting of the estate, alongside WSUS to ensure machines are safely patched and audited.
The final piece of the infrastructure puzzle was Windows 10. A fairly simple Windows 10 build was put together based on the guidance on the MDT webpages, which installed all the common software on all the machines and a number of education titles.
Laptops at home in charging cabinet
A simple group policy structure recognising the need for differing policies for pupils and teachers ties it all together. Pupils get a more focused, simplified environment whilst teachers enjoy more freedom and more services setup automatically like printers.
A simple drive letter structure was setup, an H: “home drive” per user account, an S: drive that all school users can see but only teachers can write to, and a private network share just for teachers, all based on the DFS-R replicated shares.
The basic-but-works software deployment facility in Active Directory is used for new software that is required to be deployed across the estate.
Finally, time was taken to tweak the software using group policy preferences so annoyances like first-run dialog boxes or auto update prompts were turned off.
Documentation and guidance
Documentation and guidance was also an important deliverable. In part, this was because a commitment was made to follow good professional standards but also to recognise that over time others will have to understand and interact with the solution.
Some refreshed machines were required to replace the laptops running Windows XP which were simply too old. With limited space and devices, the laptop use-case is something that the school wished to maintain. With very tight budgets, careful consideration was done weighing up new-but-modestly powerful machines against second hand yet more powerful. The conclusion reached was to use sturdy, refurbished ex-corporate laptops to ensure enough performance for flash games and HD video/webcams as well as have a TPM for Bitlocker.
When a NAS device fails
Whilst the project was progressing but still not fully live, a NAS device failed. Due to the flexibility of Server 2012R2, this was not an issue. A Hyper-V virtual machine was setup on one of the servers to mimic the NAS device and Hyper-V replication used to replicate the VM to the other server for a degree of resilience. Data was then restored and service resumed within an hour!
As important as building the technology is explaining how it works and what it can do – the fact that files could be held securely on the server yet automatically synced to the laptop and accessible offline is a fairly simple concept to an IT pro, but was a revelation to some staff members. As was the fact by using a proxy.pac they no longer had to turn off proxy server to browse the web at home. Done well, IT infrastructure tends to go unnoticed but that doesn’t mean it can’t make peoples lives just that little bit easier.
Kevin Speirs, Deputy Headmaster said "We're finding that Windows 10 operates a lot more smoothly than the older operating systems, and no matter what the pupil or staff member is used to, the user interface is familiar and easy to work with. I can take delivery of some new educational software in a morning, and by the afternoon it's on all the computers and available to use. It allows us to really use ICT to improve our pupils learning journeys and allows Waldringfield Primary School to exploit new educational resources as they become available."
Minecraft for education
Microsoft have recently announced Minecraft for Education, and with a modern platform that can quickly take advantage of it, the school are looking to see how this can be used not only to improve collaboration and creativity, but to teach subjects like history and sustainability.
Next steps on the agenda are to see how the back-end systems can be improved by using Office 365 and using the cloud to go ‘serverless’. There is now an appetite in the school for what IT can do for them, rather than it being a necessary evil.
The work has led to some interesting design decisions and taxing problems; some more taxing than a solution for a 30,000 user company. Some technologies I had significant expertise in, others I was aware of but normally would leave to others, so there were certainly aspects learnt on the job.
As I shared these problems and challenges with various IT Professional colleagues a common theme appeared: that everyone was enthused with what I was doing and liked the idea of doing a similar project. So the question is – when are you going to make your IT pro skills felt in the community?
- Do more with Azure - With new computing capabilities decreasing costs and increasing flexibility, many IT professionals and developers find themselves able to try new things. Discover and experiment by building your first workload on Azure.
- Azure AD Core Skills Jump Start
- Using PowerShell for Active Directory
- Understanding Active Directory