Technology As A Journey, Not a Destination

This week has been a struggle of getting Lion to play nicely with Windows Server 2003 based print queues.  After numerous visits to a variety of forums, trying everything from forcing them out with Workroup Manager to IP Printing, I have found a (somewhat) simple solution.

Scenario:  I would add a printer that was hosted on a Windows share, send a print job and the printer would act like it was going to print, then pause.

It usually would never prompt me to enter a username and password (as required with Windows Server, even when group EVERYONE can print.) and would just set the print queue to paused.  Having had an issue with Keychain entries not working, my first step was to delete any keychain entries for the printers, which made no difference.

The logs would be generally full of this type of error:

Backend returned status 1 (failed)
[Job 58] Printer stopped due to backend errors; please consult the error_log file for details.
[Job 58] End of messages
[Job 58] printer-state=5(stopped)

This didn’t help much because I was consulting the error_log file, and this was the error. I tweaked just about every imaginable setting, even attempting to add it via the localhost:631 web based CUPS interface.  No matter what I tried, I never got much further than this.

Eventually it dawned on me to check the config files using the command line.  One thing I noticed right away was that in the /etc/cups/printers.conf file, there was a line called AuthInfoRequired and the value was negotiate.  I had an old printer that was working that I had added prior to the Lion upgrade, and that value was set to username,password instead of negotiate.  Surely it can’t be this easy.  I made the change in vi, saved it, tried again and it still failed.  It then occurred to me that since I was modifying this file, I needed to restart cups.   Even after this, it never prompted me for the username and password, which made me believe it wasn’t the solution and I moved on.

Fast forward three days and it’s 3:30 on Friday afternoon.  I just kept going back to that printers.conf file knowing there had to be something with that one difference.  Nothing else I found in three days of working on this was different, that was the only piece.  I tried it again, and made sure I cleared out every Keychain entry for the variety of printers I had tried.  I completely cleared my printer list and started fresh.  Step by step, here is what I did:

1. Cleared all references to the printer out of Keychain.
2. Deleted the printer(s)
3. Click + to add Other Printer or Scanner.
4. Click the Advanced Tab.  (If Advanced Tab isn’t available, Control-Click in the toolbar and choose Customize Toolbar and drag the advanced button to the toolbar)
5. Under Type choose Windows printer via spoolss
6. In the URL, make it smb://servername/printername
7. Give it a Name in the Name: field.  I stuck with the same name just for kicks, but it shouldn’t make a difference.
8. Choose the printer driver/model and click Add.
9. Jump over to Terminal and edit /etc/cups/printers.conf and change the AuthInfoRequired negotiate to AuthInfoRequired username,password using vi or text editor of choice.
   
10. Save the changes and restart the computer
11. Print a test page and you should be prompted to enter Windows credentials.  Save them in Keychain and bask in the glory of a functioning printer.

If you are not familiar with how printers.conf looks, each printer is included in a section that will start with <Printer the_printer_name_here> and all settings between that tag and </Printer> apply to that printer.  If you have multiple printers, you may have to scroll through it to locate it.  The AuthInfoRequired is about three lines down, directly under the UUID field.

By now, you’re probably wondering why didn’t I just click Windows and add it there.  For whatever reason, when I did, it would eventually show the domain, but only one or two random computers.  Thinking it was taking a bit to scan the network, I let it sit and think.  Nothing.  Once the server happened to be one of the random computers that showed up, so I clicked the printer and added it with no problems, just as in Snow Leopard.  For whatever, reason it doesn’t work the same in Lion, especially (it seems) when the server is on a different subnet than the client machine.

As background of why I discovered this, we moved away from central print queues due to some networking/territorial disputes/politics on our Macs and moved to strictly IP based printing.  If the printer was not networkable, we would use direct USB connections.  We are now moving to a managed printing system that requires it to go through a server to track page counts for supply replenishment and billing.  We are also moving toward using PaperCut to monitor and eventually attempt to reduce unnecessary printing.  Both of these tasks require a hosted print queue.

The IP based printing works flawlessly.  With my Snow Leopard machines, moving to the Windows print queues has been painless and worked (so far) without any problems.  Part of the problem with our old way of managing them had to do with some integration issues with the Macs.  Over the course of the past few months, I believe we’ve solved most of them.

I was surprised to a new little button in iTunes a few days ago called iTunes Match.  I have not heard much of this other than it being an add-on to the iCloud offering. I have not been one to jump on the bandwagon of storing music in the cloud, so that is probably why I have not paid much attention to it.  However, I have been sufficiently impressed with iCloud except that I did not read a warning message and deleted a bunch of my contacts by accident.  Luckily, I know most numbers and addresses so I was able to rebuild it.  That aside, the idea of syncing my music with iTunes quality, DRM-free tracks is appealing.

Back Story

The bulk of my music collection represents CDs we have ripped, most of which were not ripped all in the same month or year, let alone in the same format or bit rate.  In fact, we would do a song here or there, a whole album here, another song there and so on.  It’s also possible that it was done on multiple computers at different encodings and with different formats.  For instance, one song on an album may be AAC, while another is MP3, and yet another may be (shudder) WMA.  For quite some time we were a mixed OS household – a couple of Windows XP machines and Ubuntu.  It didn’t start out being on portable players, it was more of having a song available as we sat at the computer and didn’t want to hunt for a CD.

The same goes for purchased music.  Through the years I have purchased music from a variety of sources online.  Some has been shackled with DRM and some in mp3 format, again, all in different bit rates and volumes.

Through the past few years, we have been through a variety of mobile devices and eventually became a strictly iPod and Apple household.

The Apple Household

We are completely Apple, right down to an Apple TV and a pair of iPhones.  I know that some do not like the complete integration of everything media-related into iTunes, but I actually find it very useful.  In my past computing experience with other devices, it was a multi step process to get media onto the device. One of the aspects of iTunes that I love is that I can plug any of my devices into it and it will sync what I tell it to do.  Everything is in one place and I find that simple and wonderful.

The Conversion

I took some time to prep my library and made sure that everything was what I wanted to match and available in the cloud.  There were some tracks that I had downloaded from free samples, artist mailing lists and various other (legal) sources.  Some of those tracks are very good and I would like to have them available in iCloud, but not all.  If nothing else, this prompted me to clean out the junk in my iTunes library.

The experience of scanning my library was pretty simple and took only a few minutes.  It went through about 3100 songs and matched all but about 250.  Some of those were just not available in iTunes, but some of them did have corresponding tracks in the iTunes store.  I hit Google and found a variety of solutions, but this one in the Apple community forums offered the solution that worked for me for the majority of my match problems.  On the second page is a suggestion to convert to AAC for those that are simply not fixed by deleting and re-adding.

One thing that I noticed is that the meta tags seemed to make a difference in the matching.  From what I read on various sources before I started this, it seemed as though they didn’t make a difference so I didn’t pay a lot of attention.  However,  I had one album that just would not match and I realized that there was a typo in the album name.  Once I fixed that and added to iCloud again, it worked like a charm.

Getting back to my hodgepodge of track bit rate and format, I was particularly excited about the ability to re-download music in the higher bit rate in the AAC format.  It brings me back to the first time I was burned by DRM.  I can’t even remember which service it was – it’s long gone now – but it was in some Windows Media DRM format.  Long story short, I got an e-mail that my music was going to stop working unless I burned it to a CD.  So I did, and then re-ripped it to mp3.  As you can imagine, the tracks sounded like crap.  As luck would have it, this particular album was one that I could match and download in the original quality in DRM free AAC format.

I have a couple of CDs that were in 128 bit encoding, but I cannot re-rip them because the original disks have been damaged in one of our moves.  It’s not music I listen to frequently, so really not worth re-purchasing.  Again, this is going to be great to make the format of my music library more consistent and high quality.  That alone is worth the annual price and the time.  I am sure I will also appreciate it at work or when we are traveling to have access to our entire iTunes collection from our mobile devices.

All in all, I think this is a great service and will be sharing my thoughts as I use it more.

Today I had to make a very difficult decision.  At the beginning of the year we updated most of our student computers in one building to OS X Lion.  Our district participates in the Apple program to get the latest updates for all Apple software and the move to Lion was a natural step.

In the beginning I noticed some problems with Wifi staying connected.  My computer would randomly drop the wifi connection and sometimes just seemed to just “hang” a bit.  I knew from experience that with the first version of a major software upgrade sometimes you have to put up with a few bugs.  All in all, though, it was a good trade because I really did (and do) like Lion.

Shortly after the problems seemed to increase in frequency, 10.7.1 came along that had a fix to supposedly solve the wifi issues.  For the computers I used regularly, it did solve them.  For others, we had a few workarounds such as PRAM and SMC reset, removing the network and adding it again, changing the location, adding odd DNS entries, believe me, we tried them all.  For most machines, various gyrations of this solved the issues and they have remained trouble free.  Once in a while I run into issues where my computer will not connect after waking up, but that is the exception.

We had some lingering issues with student MacBooks (which are different models – Late 2009) and sometimes entire classes would be put on hold because of the issues of this dropping wifi and the inability to log in.  It has finally reached a critical point because the MacBooks are just not getting used because they don’t work.  This was a critical problem because this was why we decided on Apple for our student computers, they were very low maintenance and reliable.  For the past two years, they have been and I have become quite the Apple snob.

Today, I sat during an entire period and discovered the login issues we had in one particular class were due to corrupted mobile accounts on the local computer.  That was a simple fix, delete the mobile account, have the student sign on again to re-create the account and we were back in business.  Certainly, this is not the best situation, but one with a simple fix. The computers stayed connected during the entire hour and we thought we had a solution.  I was pleased because I thought we had finally resolved it.

The next class period rolled around, and the wifi disconnected on most of the students before they could even log in.  What makes this more difficult is that the wifi would reconnect if I logged in with the local administrator account.  However, when you rely on a directory server to authenticate network users, that doesn’t do a whole lot of good.  Determined to figure out why Lion was doing this, I pulled out every one of the machines and tried to update them one last time just to make sure that we were on 10.7.2 and all new updates.  Long story short, I couldn’t even stay connected long enough to complete downloading updates.

After about 30 minutes of this, I made the decision to take them all back to Snow Leopard.  I imaged about five computers, tested them out, and no problems whatsoever.  I was not at all surprised, but I was extremely disappointed.  I feel like we are going backwards and I don’t know what other option we have.  Just limping along like this is not an option.  It doesn’t seem to affect anything and nothing has changed with our wifi infrastructure.  The common problem is Lion and there is just no way around it.  We have made a significant investment in technology and it all needs to work like it did before.  When a student grabs a notebook, they should open it up and log in.

Today I imaged the entire 30 machines in that cart back to Snow Leopard and we will make plans to do the same for the remaining 60-90 machines that have Lion.  I had already determined that our XServe would not be making the jump to Lion any time soon because the server version of Lion is not what I had hoped.  I had such high hopes for our student computers and the ability to use some of the features in Lion.  I remain a Lion fanatic on my work and home computers, but for our students, not so much.

Apple, if you read this, I am begging you to figure this out.  There is no explanation I can see, and the forums are full of this same type of complaint.  Nothing has changed with hardware or configuration and yet we see these problems.  I will be here waiting for a fix and be the first one to try it out.

Over the past two weeks, my team and I have had the opportunity to get some training using Apple’s professional development program.  We have one more two-day session next week.  This is an excellent resource and I cannot speak highly enough about Apple’s Professional Development program.  It’s not cheap, but it’s well worth the money. For us, we are wrapping up some spending of technology training dollars that was part of a grant I obtained.  Initially, I had wanted to include several teachers in this training to increase the amount of people to help build a training program.  However, I ran into the same problem I have had for most of the year: getting time to get teachers in a training environment is all but impossible.  I understand the difficulty in taking teachers out of the classroom.  For these two sessions, there simply weren’t enough substitutes to go around.  This time of year is busy with other training throughout the district.

My team and I have all of this valuable information, resources that would really help teachers in their classrooms.  All we would need is an hour here or there to be effective.  Besides money, time is the other scarce resource.  Earlier in the year, I provided some after hours training opportunities for our staff.  It was a total of 8 hours, two hours per evening and we provided recertification credit.  We did not have many takers, and the second round of classes, we only had one or two people enrolled.  I opted to take a different approach and create some video tutorials and post them in our district Moodle.  If a person went through all of the material I created, they would be able to get the same information as we covered in the class, possibly even more.

It occurred to me that these video tutorials were a very powerful medium.  I was able to obtain some video equipment so we can produce some high quality professional videos.  Now the hard part is getting people to find time to watch them.  It is especially difficult this time of year as the weather warms up.  When my day is done, all I want to do is work on my new blog, so I completely understand.  Lately, my interest in technology in my downtime has faded significantly.  I know it’s because it’s beginning to warm up, the days are longer, and my passion for growing food is renewed by the time of year.

I’ve been struggling to figure out two problems, one personal and one for work, but both nearly identical. It’s a question of backups. At home, I have an Apple Time Capsule that backs up automatically using Time Machine on all of our Macs. This works great and is completely effortless on my behalf. If my computer were to crash or fall in the bathtub tomorrow, I would be secure in knowing my data was protected. Forever the pessimist, though, I asked myself what if the house burns down or is carried away in a tornado? Then I would be out everything. I have had this nagging desire to have an offsite backup solution for quite some time. Previously, I would burn DVDs of family pictures and other memories and take them to the home of a relative periodically. Sometimes months (or a year) would elapse before I would add to the collection, so in the event of a catastrophe I would be completely out of luck.

I kept hearing advertisements for some of these third party sites like Carbonite and Mozy. I love the idea of automated offside backup, but just have a distrust of dumping all of my personal data off to the cloud and having no control over it.  For my work it’s easier to accept because most of what I do is a matter of public record anyway.

CrashPlan was another provider that I heard several times. I downloaded a trial version and was fully expecting to just bite the bullet and sign up for the hosted offside backup and wait the months it would take for a complete backup to take place over the Internet.  What I discovered, however, is that CrashPlan lets you back up to other computers over the Internet for free.  The backup is encrypted on the drive and in transit (according to them) and you can build your own automated offsite backup.  So here is what I did:

1. I backed up to my 2TB External Drive on each of my home computers. It took several days.
2. I installed Crashplan on my work computer and added it to my CrashPlan account, but not backing up anything on it.
3. I then took the hard drive from home to work. Using the process to copy a backup archive, I made my work computer a destination for my home computers.
4. I then removed the local folder destination on my home computers so that it wouldn’t report a failure.

All three of my home computers now do automated offsite backup to the hard drive on my desk.  It took some time for that initial backup on each computer, but that was the bulk of the time.  Seeding the backup by doing it locally saved months of uploading, and probably a nasty letter from my ISP since it represented about 1.5TB of data.  For me that solution didn’t cost anything extra because I already had the 2TB drive.

Now, on to the backup solution for work.  CrashPlan offers a Pro solution as well, and provides server software so you can host your own backups on site.  I see a possibility for this as a solution to some of our mobile computers, but for now, it’s going to solve the tape backup dilemma.  We still back up to tape, and someone takes that tape home on a rotating basis.  This works, but an automated solution would be much simpler and expandable.  Since we have a good network connection between our buildings, bandwidth would not be an issue.

So here is my solution:

1. I took an old PC desktop computer and installed Ubuntu 10.04 LTS, and enabled the remote desktop option so it can be headless.
2. Purchased two 2TB Hard Drives (~$150 each) and attached them to the PC, formatting them for Linux.
3. Installed CrashPlan Pro (part of a 30 day trial) and modified it to use those two external drives as storage.
4. Install CrashPlan Pro client on server and set the backup to automate.

Once the initial backup completes, I’ll move this setup to the network closet at one of the other schools.  I realize that if a fire or tornado wipes out both of our schools, well, we would have some data loss.  However, if this were to happen, the data loss would probably be the least of our problems as a school district.  Our Student Information and accounting systems are all hosted offsite, so all that would be lost is Active and Open Directory, network home folders and some share points.  I think it’s a risk that’s reasonable.

After the 30 day trial, we will purchase 5 seats for CrashPlan Pro.  There is a discount for educational institutions, and for that small fee we will no longer have to swap tapes.  The great thing about CrashPlan is that it will just run in the background and is automated.  It’s just one more thing the machine can do.

Here are some handy tips for those schools that do not have dedicated staff.

“Don’t:”

1. Trust salespeople.  About anything.  Ever.  If you remember none of these rules, write this one down and never forget it.
2. Buy a complete, all in one, web 2.0, interactive, fully intuitive, interactive learning and blah, blah blah from a company promising it for your web solution.  You can have a web site up and running for around $20 a month that will look professional and just about anyone can do it.
3. Buy hosted e-mail.  Google Apps for Education is Free.  7+GB of mail, hundreds of users.  Plus you get access to all of the other amazing features of Google Apps, too.
4. Care about Search Engine Optimization (SEO) – see Rule 1.  You can help your search engine rankings in ways that won’t cost anything.

“Do”

1. Consider Google Apps for Education
2. Hire a “techie” for questions.  Even if it’s only a couple of hours, you will make much better decisions if you have some knowledge of what those salespeople are trying to sell. (See Rule #1 above)
3. Consider Free/Open Source Software
4. Create social media sites for your school – Facebook and Twitter.  They are a fantastic (and free) way to communicate with your community and students.
5. Look at what other schools are doing.  You can learn a lot from others in your similar situation.  Many times, someone else has already made the mistakes that you are considering making.

It’s always exciting to be at the beginning of something new.  Our school district is embarking on many new areas, some exciting and some scary.  Whether it’s the technical side of implementing programs, or the being a part of the logistics of making sure it all works out, I just love new activity.  As I’ve said before, I’m not a teacher by trade, so the whole academics side of things is a new process for me.  However you look at it, though, change is unnerving for many people, regardless of their background.

On the one hand, you honor successes of the past and build on them.  On the other hand, you have to take a critical look at the past performance and be willing to face inadequacies and shortcomings in order to make the corrections.  It’s sometimes easy with technology to get caught up in the “if we just bought this” or “if only we had money for that” game that sometimes you can let it consume your strategy.  If that happens, instead of focusing on correcting the things you can, you get stuck in a defeatist attitude.  Even with what we have, it can always be better.

As I look at the many shortcomings of our technology infrastructure, I see that we have all of the makings of something great.  I was thinking a lot about it today in particular, since it was one of those days when everything seemed to be just itching for conflict.  I’ve been running this game of trying to tweak things just right, make adjustments here, and little corrections there.  I know others on my team have been doing the same thing.

Today it became even more clear that sometimes you just need to have a fresh start.  It really solidified my decision to make my task over the course of the next few months to take a look at the services, functions that we need and focus on making them work.  At some time – summer or a break – we’re going to shake the etch-a-sketch and just start drawing again.

Crazy, I know.  However, we’re reaching that critical point where the tweaking is taking as much time as a rebuild.  We’ve got workarounds for our workarounds when a simple redesign would solve the problem.  I think part of it is battling several years of patches and duct tape solutions that just build and build and then become entrenched ways of business.

Rather than spend energy focusing on workarounds, I want to spend energy building something great.

The cluster environment is settled – Rocks.  Here are a few pictures of the progress so far:

A couple of projects have taken my attention this week.  One of which is nearly complete and that entails some cleaning of our technology items.  The amount of “stuff” that’s accumulated over the years has reached a point where it needs to be thinned signifcantly.  Some is just recyclable junk that has no useful purpose left in it. Some of it, however, is reusable for students or families that don’t have computers at home.  How that will work out is yet to be determined, but it’s on the table.

The second project deals with content filtering for our schools.  We use a product that is included in our hosting.  It’s perfectly fine and does the bare minimum, but not robust enough to meet some of the demands that are on the horizon.  I’m not one for censorship, but schools and libraries are required by federal law to filter “obscene” content.   What it determines is obscene is sometimes at odds with common sense and I know that the students can find whatever they want on the Internet if they are determined.  I have had it demonstrated to me how easy it is to bypass these filters with just a few mouse clicks.

While I admire the resourcefulness of our students, I am also in a position where I must take steps to mitigate these easy, but creative, workarounds.  Whether or not I agree that this is the right thing to do with my time aside, the most obscene thing I’ve seen in the past week is just how much a robust solution costs for a school district.  If I didn’t know any better, I’d think people passing these laws had some financial interest in content filtering appliances and services.

I am completely turned off by the prospect of spending tens of thousands of dollars upfront and then subsequently forced into annual licensing agreements.  In this time of budget shortages, teacher layoffs, and a necessity for more technology, it pains me to spend anything on censorware.

Thankfully, there exists Free/Open Source software to meet these needs.  Rather than invest tens of thousands and be on the hook for annual renewals, it makes more sense to spend a couple thousand and never have to pay a fee again.  So this has been my task these last few days, finding and tweaking a solution on a test system.  It seems promising and just in need of some tweaking and should be ready to go when we have some downtime.

On a bright side, our cluster seems to be on the way to becoming a reality.  Yesterday they got the master system up and running and today they were able to image one of the compute nodes.  It seemed like a simple process, or at least they made it look simple.  I am always impressed by these two guys and what they create.  Check out the blog they made.

I am known to those who know me as someone who doesn’t particularly care for DRM, or as DefectiveByDesign calls it, Digital Restrictions Management.  I’m not sure how the R stands for “Rights” because it seems more restrictions that rights.  I suppose I have the right to play it in the narrow confines that I am given, and as such, I should be thankful and not complaining.

I am reminded, once again, why I love the Mac and it becomes obvious why the iTunes store is such a success.  Here’s how it goes if I decide I want to purchase (or rent) media on my iPod:  I go to iTunes, purchase (or rent) it, plug in my iPod, wait, and then watch.  No finding files, usually no required software update, it just works, the vast majority of the time.  Same goes for Audible, both when I had a PC and on past Mac purchases.

But I digress.  What started my adventure tonight is that I recently discovered  that my local library offers audio books through a service called Overdrive.  I’ve heard nothing but good things about it, so I decided to give it a shot. I browsed through several selections and was so glad to see they were all compatible with iPods.  I selected a title that I wanted to hear, created my account, signed in and downloaded the software.  I attempted to download the audio book and was presented with an error that this particular title could not be played on my Mac.

No worries, I just want to transfer it to my iPod anyway.  Nope, there’s no way to do this.  Ok, well there’s an App, I can just download it there, right?.  Oh no, only mp3 formatted audio books, nothing that contains WMA DRM can be used on the iPod.  Well, that makes sense since WMA is a Microsoft format.  Ok, well it said I could play it on my Droid, which I think will play WMA, so I found the app and downloaded it there.  Nope, can’t download from the app there either.

Feeling a little annoyed, but determined to not let this thing beat me, I fired up my virtual Windows machine.  I downloaded the program, installed it and attempted to download my audio book.  Nope, no dice, I have to upgrade to Windows Media Player 11.  I went through that process, fired up the program again and was informed I had to upgrade Windows Media Player security plugin from with within the overdrive console.  Ok, so I did that, clicked through the dire ActiveX warning that this could be a potentially malicious piece of software and let it complete.

Now my book has finally downloaded, I’m ready to click that “transfer” button that’s taunting me.  Oops, I have to plug in the iPod.  I figured I didn’t have to sync it, I could just copy whatever file to it. Well, of course that won’t work because my iPod is formatted for Mac, and iTunes told me I had to format it for Windows.  As much fun as that sounds to completely lose all of my music for this one book, I opted to try an old iPod that doesn’t get much use.  It worked ok and the audio book has now been transferred to my iPod.  In theory, I should be able to listen to this book now.

Thankfully, I shouldn’t have to go through that process every time.  I should now be able to just download the audio file into Windows and sync it up.  So that, at least, is the silver lining.

I did notice, however, that there’s an option to burn this book to a CD.  Since I don’t have any CD-R media available, this was not an option.  However,  I see a potential flaw in their iron-clad DRM scheme here, which most anyone should be able to see if you think about it.

Maybe I should just renew my Audible account instead.