Elementary School Tech Support

My son attends an elementary school that’s fairly advanced in what they’re offering in the way of classroom technology. The school allows students to bring in their own laptops, has a number of activities that make use of computers, and seems to be doing a good job of integrating this technology into the school environment.

But there’s a problem. The school encourages students to bring in their own laptop computers (and I think they have a supply of simple netbooks for any student that doesn’t want to bring in their own) but the school board refuses to help students get on the wireless network.

On top of that, the school board requires that student computers have up-to-date antivirus software (if Windows; Mac OS computers are exempt from that requirement). The board has configured the network to require a WPA key to get online, and to use a proxy server for access to the Internet (which isn’t unreasonable).

The proxy server is configured to check that the computer meets the antivirus requirement before letting the user log in to the network. This check is done by way of a software agent that the student must download and install onto their own computer. The agent listens on a number of TCP ports and reports to the proxy server whether the computer is “safe” and can be allowed onto the network.

Once the proxy server has verified that the computer’s antivirus is working and up to date, the proxy server lets the request get a little farther and prompts for a login. Each student has their own login, so that network traffic is traceable back to the originator. Once the student logs in – presto, they’re online.

Now, if you’re not already, think to yourself, “how many ways could this possibly go wrong?”

The principal mentioned that they were having some technology troubles and I volunteered to help. I’ve been by the school a few times now and each time there are more laptops waiting for me to take a look at. I’m amazed at the number of ways that this configuration can go wrong.

For example. Did you catch that the board requires that the computers have up-to-date antivirus software? And did you catch that the board requires that the student download a program and run it so that the proxy server can check to make sure the antivirus software is running? Some of the students had problems where the antivirus software had quarantined the security agent, and prevented the students from running it.

The network uses a proxy autodiscovery script to inform the clients where to locate the proxy server. But the autodiscovery pointed at the wrong server, so most computers needed to override it. This is a misconfiguration on the part of the school board and I’m hoping that can be resolved without too much trouble.

Some students would download the 32 bit version of the agent instead of the 64 bit version, or vice versa, and get an error message that they didn’t understand.

One system I looked at would bluescreen when trying to install the agent. The second time through, it installed, and the system got online no trouble after that. Strange.

Another system has a problem where the wireless status shows that it’s online, but the computer doesn’t have an IPv4 address. Windows seems to think the IPv4 stack isn’t bound to the wireless adapter. Reinstalling the network driver may fix that, but I’m afraid to try it without knowing for sure that the wireless driver will reinstall correctly – I don’t want to break anyone’s computer.

Another system, the local firewall was blocking the proxy’s request back to the security agent. The agent apparently requires ports 8192, 8193, and 8194 be open.

This is bad.

I can understand the school board’s reluctance to take ownership of problems on student laptops. But the combination of the proxy server, the antivirus requirement and the security agent requirement has created a system that users won’t encounter anywhere else and aren’t going to be able to resolve on their own.

But you know, I’ll bet there are a lot of techies out there that wouldn’t mind spending an hour at a school helping kids with computer problems. Many schools have equipment that they need help using, or could be making better use of if they only knew how. The question is, how to connect those dots.