In the independent city of Jena in Thuringia there are 27 schools run by the municipality. Our IT department at the Jena Media Center supports around 12,500 students and 1,700 teachers in elementary schools, community schools, high schools, three vocational schools and a special-needs center. Ten employees now work at the media center, including three school supervisors and individual supervisors responsible for infrastructure, Linux administration, mobile device management (MDM) and software distribution. They take care of the information technology supply and equipment of all schools run by the municipality.
Table of Contents
Digital Pact as Starting Point
Although the demand for such support has increased noticeably in recent years, there was not enough money to fund it for a long time. That is why the Digital Pact spilled in the country at exactly the right time for us. This was the long-awaited starting signal for our project, a reorganization of school IT in Jena, and the cooperation with Univention.
In this blog post, I would like to describe in more detail how we proceeded in Jena, what requirements we had, what the corresponding solution looked like, and why we ultimately chose the open source solution UCS@school. In doing so, I would also like to address minor and major challenges that occurred during the course of the project and outline how we met them.
Initial Situation and Concept Development
Before deciding to use UCS@school from Univention, we were struggling with a decentralized IT infrastructure with separate school servers and a uniform IP network structure at all locations without central software management. Individual configurations with additional accounts for each user were necessary for central offerings such as groupware, Radius and the Moodle learning management system (LMS). Temporarily, the two of us were responsible for thousands of devices at the 27 school locations – a truly colossal task that could only be managed through uniform systems with a school server at each location as well as high workloads.
Despite the good equipment in Jena, the time and staff expenditure for separate server administration were too high in the long run. We had been aware for some time that we needed to switch to a different system if we wanted to have a modern school IT system. Until then, this change always failed due to the lack of investment funds, which were then available to us thanks to the Digital Pact. Compared to other subsidies, this not only included investments for the expansion of the IT infrastructure and the WLAN but also state and federal funds to purchase technical support.
To apply for funds from the Digital Pact (for the individual schools and on a global scale for Jena), it was necessary to develop a meaningful concept, which we presented to the city council. Part of the concept, besides refurbishing and re-equipping the school sites, was the establishment of a larger support team that would reliably take over the maintenance of IT at all sites. In addition to the basic concept, we developed sound planning including required capacities and concrete implementation steps, which, together with the financial resources, now enables us to start afresh in Jena’s schools.
Requirements for the New IT Solution
In the run-up to the project, we asked ourselves what the new network structure should look like, which IP addresses we need for which systems, how students and teachers use the WLAN (via vouchers or authentication by radius) and how the user names should be structured. This is something one should consider before launching a project, and it would be best to discuss it with the teachers as well. We decided to use IP addresses structured in sections of 10 and 15, a “surname.first name” structure for the user names, and to identify teachers responsible for media at all school sites. The latter work together with us to complete the respective application for the Digital Pact, are available as contact persons for simple IT questions and, ideally, also provide first-level support on site.
It was then essential to decide in favor of continuing to operate school servers and against setting up a central server. The key factor here was to enable a certain level of fail-safety to withstand the traffic of the approximately 2,000 additional mobile end devices (iPads, notebooks) with a 1-gigabit connection to the Internet.
From these preliminary considerations and other specifications, several requirements for the new IT solution emerged:
- Open source software (OSS) instead of a proprietary offering
- Uniformity of the system at all locations
- Low training requirements for teachers and students
- ID management and LDAP functionality for all devices
- Stability and possible extensions
- Covering needs for school server functionality, cloud, groupware, Radius, Office 365, Apple ID, etc.
The Decision for Univention and UCS@school
UCS@school met all these requirements and also convinced us with a large number of open source extension options as well as an appropriate price-performance ratio. Since we now had the funds for the project implementation thanks to the Digital Pact, we did not hesitate any longer and eventually embarked on the path towards a modern IT for Jena’s schools with Univention in 2019.
To be more specific, we chose a school server domain for the school board, groupware with Open-Xchange (OX) as well as Nextcloud with a connection to the school network drives for students and teachers, and the use of the ID management of the domain for the LMS Moodle. We also implemented a helpdesk portal for tickets, PC and device logins, LDAP usage for managing printers, clients as well as active components including central software deployment at all school locations. Additionally, we provide students and teachers with a FAQ with answers to frequently asked questions together with user rules and privacy policy. Our Ukrainian students will find links to help them get started in a German school.
General Benefits of UCS@school for Schools and Teachers:
- Centralized management of accounts, schools, classes, networks and permissions, as well as integration of additional third-party solutions for file sharing, office or email programs, teaching-learning software and other educational applications
- Secure use of private smartphones and tablets (BYOD)
- Focus on ID management in the pedagogical environment and an intelligent rights concept for access to digital learning platforms, IT services and digital media
Challenges in the Course of the Project
To some extent, our initial euphoria was thwarted by the many decisions we had to make. After all, a new IT solution means a lot of work – despite the overwhelming advantages. With UCS@school, there is no prefabricated system. Instead, we were able to freely choose from various options and design the IT infrastructure entirely according to our personal gusto. Another challenge concerned the changes the conversion brought with it, especially for teachers and students, who had to get used to new procedures at first.
Before the conversion, teachers could use an interface to create student accounts and students could log in themselves. The new IT solution, however, only provides for importing data via the school administration programs. Instead of a global DHCP server in each school with IP addresses for all the devices used, only defined devices that we purchase and manage ourselves are now permitted. All other devices are not assigned an IP address or are redirected to separate networks. Such conversions presented rather minor challenges that were easily overcome with support from our side. So today we can say: The decision for network separation has proven itself.
Elsewhere, we were able to keep the familiar components for teachers, such as OX for the e-mail system. Overall, the conversion to a network spanning the entire school and a new connection for the school’s IT proceeded without any major problems. Although we experienced some delays due to disrupted supply chains, we had no doubts about our decision to use UCS@school. Nowadays, we can go live with additional services with much less effort, making them immediately accessible to teachers and learners. Nevertheless, we recommend planning sufficient time for such a large project and employing people who are already well versed in Linux.
Conclusion & Outlook
Using UCS@school, the costs for the school board are predictable and reasonable. It is now easier to make new applications centrally available and usable for everyone. Likewise, the uniformity of our chosen solution reduces training costs.
At present, we support 4,000 PCs, 1,500 notebooks and 1,500 iPads as well as servers, switches and APs at school sites. Since more and more end devices are pushing into the infrastructure and performance is suffering as a result, we plan to switch from a 1-gigabit line to a 10-gigabit line in the next few months. In the future, server capacities will also be adjusted and user trainings will be intensified. Furthermore, the Apple School Manager is to be connected and a BigBlueButton integration, as well as authentication with Office 365, are to be implemented.
Taken as a whole, this project has taken the entire school IT in Jena to a new level. The system is now professional, scalable and centrally manageable and monitorable. The range of services offered to schools has been significantly expanded. At the same time, new and improved offerings create greater demand among schools, which in turn benefits the desired digitalization. All in all, it is a process that involves a great deal of work, places high demands on the expertise of the colleagues at the Media Center, and provides the opportunity to equip school IT securely, with high availability, and in a modern way.