City of Neumünster

Central IT concept for relieving teachers of IT tasks

In 2017, Neumünster decided to develop a central operation and administration concept for school IT. Up to now the schools have used few or no standardized IT applications. For the future, the IT should be provided centrally at the school authority and in the data center of the city’s IT department. The aim of the project was to relieve the schools from most of the administrative tasks involved in IT support and to create a uniform IT landscape that could be maintained and supported. After the IT department had evaluated various solutions, the decision was made to use UCS@school. The solution was to be operated centrally on the city’s servers and the schools were to be able to access it via a fibre optic ring to which all the city’s schools are connected.

UCS@school’s identity management provides each teacher and student with a digital user identity

The first step was to set up a central directory service with the Samba / LDAP-based identity management system (IDM) of UCS@school. It stores a digital identity with a uniform user name and password for all teachers and students. By using WPA2 Enterprise, each user name can be assigned its own password and access authorization via the UCS@school user management. A controlled authentication of all users of the school WLAN is possible via the RADIUS server that is integrated in UCS. The school network was also secured by firewalls and access by web content filters (including parental controls) was regulated very fine-grained to meet the regulations of the protection of minors.
UCS@school is operated on a physical server and around 15 virtual machines in the data center of the city’s IT.

Online school portal ensures easy access to IT services

By means of the user administration of UCS@school and the integrated LDAP, the IT administrators of the municipal IT department in Neumünster can now set up access to individual services connected to UCS@school for users and groups, such as schools, classes or courses, at a central location. The guiding principle was that all IT services would be provided centrally by the school authorities instead of the schools or individual teachers having to procure and operate applications themselves. This would lead to a proliferation of the IT landscape that could hardly be supported and maintained which in turn would also include a security risk with regard to operation and data protection.
An online school portal based on UCS@school provides easy access to the IT services. Teachers and students can access this portal from anywhere, log in centrally with their login data and use the services provided for them.

Integration of Nextcloud, ONLYOFFICE and Moodle in UCS@school

These services include the groupware Open-Xchange, which provides a professional e-mail account, calendar and central address book for around 1,000 teachers. As long as there is no federal solution, the IT department in Neumünster has decided to provide this service itself for the time being.
The schools in Neumünster also have access to the private cloud solution Nextcloud, which is also operated centrally on the school’s servers. It serves as cloud data storage and back-end storage for the Moodle instances operated in the schools. Integrated in Nextcloud is the office solution ONLYOFFICE, which provides text, table and presentation applications online and for collaborative editing. Britta Haupt, project manager at the city’s IT department: “It was important to us to offer an alternative to using Microsoft’s Office365 and to keep all user data on our own servers and thus under our own control.”
The municipal data center also operates instances of the Moodle learning platform for 13 schools which schools can access via the municipal intranet. While the content is managed by the schools, the IT staff ensures the connection to the LDAP of UCS@school via an interface available in Moodle. User administration is thus enabled.
Teachers and students* can conveniently log on to a large part of the IT services, for example Nextcloud, Moodle and Dudle, thanks to their integration into the LDAP of UCS@school. Via a one-time single sign-on at the school portal they can use the services.
Particularly during the school closures caused by Corona, access to the above applications has increased massively. Since sufficient server capacities were available in Neumünster, this rush did not cause any problems.

Possible connection to federal state solution in Schleswig-Holstein

The solution implemented by Neumünster proved to be a real blessing in the context of the school closures during the Corona crisis. It provided a wide range of digital services that made home schooling a reality.
At the same time, Britta Haupt emphasizes that the IT infrastructure in Neumünster offers standardized interfaces that allows the connection to other future offerings, such as the state-wide school portal planned by the state of Schleswig-Holstein. For example, it would be an interesting scenario to be able to import user data from a state-wide directory service in order to reduce administration efforts in the city and increase the quality of the data stock. Until this is implemented, however, the city is glad to have its own solution working.

Further projects in planning

As the range of services for the users in schools shall be further expanded, the IT managers are currently also checking solutions such as the Facebook alternative HumHub, the video conferencing solution BigBlueButton, Jira as a helpdesk, task and project planning system and the Wiki “Confluence” as a documentation and knowledge database system. They are also looking for a data protection-compliant mobile device management (MDM) solution, as the connection of mobile devices to the school network will become increasingly important in the future. A connection to offers of publishing houses would also be interesting in the future, but here the city wants to wait for a state solution.