The Nome Public School District (NPSD), or the Nome City School District, serves students grades K-12 in Nome, Alaska. The district staff previously leveraged Open Directory® (OD) to manage user authentication to their fleet of MacBooks®, but recently began adopting Chromebooks® to save money and take advantage of the free tools offered by G Suite for Education™. OD doesn’t integrate natively with G Suite, so the district’s Director of Technology, Jim Shreve, started looking for a better solution.
- Organization: Nome Public School District
- Size: Approximately 800 combined teachers and students
- Location: Nome, Alaska
- Problem: Needed an affordable solution to manage user authentication for Mac and Windows devices, provision accounts for G Suite and Chromebook users, and leverage emerging cloud-based technologies
- Goal: Find an affordable directory that worked with their IT environment
Although Apple® products served the school district well in the past, Shreve said acquiring them became cost-prohibitive.
“We’re starting to switch a lot of our student devices to Chromebooks because of the cost difference more than anything,” Shreve said.
After switching to Chromebooks, he realized Open Directory was not as flexible as the school district needed it to be. He needed a directory that was scalable with user authentication and supported more LDAP and SAML SSO connections. He also wanted a solution that let him take advantage of RADIUS and emerging technologies.
“We needed to hammer everything into OD, which was painful,” he said, “and so at that point, we started looking around for other solutions.”
NPSD had used Apple products and Open Directory for many years, but Apple deprecated many of its features. This made it difficult to mass-create user accounts, and it didn’t include services like RADIUS and VPN.
“As they deprecated additional services, it would change what we were able to do and how long it took to do it,” Shreve said.
His department leveraged Jamf for Mobile Device Management (MDM) and to supplement deprecated policies. They also used it to restrict features, but they had to manually enter user information into OD separately. Although that process worked, it was time-consuming. Shreve wanted a solution that was more streamlined.
As such, he looked into Active Directory® (AD), but quickly determined it was not a good fit.
“We were concerned about purchasing an AD server, standing it up, doing all the maintenance on it, and also maintaining all those user accounts and everything else,” he said. “I thought, ‘We can plug all this stuff in, but we’re going to be the ones that have to double those connections and make it all work.’”
The implementation, maintenance, and manual labor costs did not justify the use of AD for NPSD.
“When you add up the server costs, delivery costs on servers to Nome, Alaska, and all of the licensing, it’s going to put you around $20,000,” Shreve said. “With Active Directory, we need a replica in case something happens. That doubles the equipment replacement cost when it comes time to upgrade those servers.”
A cloud-based solution was preferable for those reasons. Shreve pointed out that, “By the time we put numbers to the paper, it was cheaper to go with JumpCloud®, and it offers a heck of a lot more capabilities.”
JumpCloud in Action
Shreve uses JumpCloud’s holistic approach to IT resource management to accomplish more in a school year without overstressing the budget. The features he values most are G Suite Sync, user management for Chromebooks and lingering macOS and PC platforms, provisioning/deprovisioning or suspending users, and RADIUS authentication for select staff members.
G Suite Sync
NPSD staff had been leveraging G Suite for Education to make up for the declining relevancy of their OD instance. The process for integrating that with JumpCloud and replacing OD was highly efficient using JumpCloud’s PowerShell tool.
“With JumpCloud, I was able to download all user information from Google and quickly manipulate it for the PowerShell module,” Shreve said. “Within four hours, I had all our users loaded into JumpCloud and ready to go.”
Shreve can manage users created in G Suite just as easily as those created in JumpCloud thanks to a lightweight sync, as well as JumpCloud’s intuitive interface.
Shreve added all the existing users, and he now provisions new users in JumpCloud, which adds them downstream. “We don’t have to worry about Google because JumpCloud automatically provisions the Google account.”
User and System Management
JumpCloud allows Shreve to ensure that users are only able to access the devices they’re assigned to.
“We’re actually going in JumpCloud, locating individual users, and assigning them specifically to their system or a group of systems,” Shreve said. “You don’t have to worry about a user losing their work when another student grabs their 1:1 assigned computer by mistake.”
This secures user data with unique sets of credentials so others can’t meddle in their files without authorization.
Provisioning and Suspending Users
With JumpCloud’s streamlined provisioning features, Shreve and his team can grant users access to multiple applications in less than an hour.
“Provisioning to eight or nine different applications used to take an hour or so per user. Now, you establish the account in JumpCloud and users are provisioned within 20-30 minutes.”
The Suspend User option also allows him to manage transient users more efficiently.
“I love the Suspend User option,” Shreve said. “We have a lot of students who are transient in this area. They’ll come in to Nome, go to school for a couple of months, and then go back to their village and attend school there before returning a month or two later. Suspending that account for a little while and then just bringing them back online is a huge time saver for our department.”
Due to Nome’s remote location, bandwidth and cellular signal are scarce commodities for NPSD.
“We’re looking at leveraging RADIUS through JumpCloud for the teachers,” Shreve said. “Depending on your carrier, there’s basically no cellphone service in some of our schools. Your phone is just a brick unless you’re on the WiFi.”
The intent is to provide an exclusive WiFi network for faculty so that, in case of emergencies, they can use their cell phones without needing to worry about bandwidth restrictions.
JumpCloud more than filled in the gaps Open Directory left NPSD with. Now, the school district staff uses JumpCloud as its primary directory, integrating it with G Suite for Education and spending less time and money overall than they would have with on-prem alternatives.
“Going by the industry standard, you’d need to replace AD servers every five years. The cost would then exceed what it’s costing us for JumpCloud, and that’s not even including the time spent on implementation and maintenance of the servers, user accounts, and external connections.”
Shreve and his team now have more time to focus on researching and implementing IT resources with high value to the classroom. “I have been super busy the last month or so doing research on what we use for our instructional delivery for the classrooms,” Shreve said. “We’ve been using interactive boards with projectors and now we’re looking at moving up to interactive displays.”
By streamlining NPSD’s IT needs through JumpCloud, the admins are able to complete work that has greater impact on their faculty and, critically, on their students.
IT admins in education face the unique task of provisioning and deprovisioning large waves of users every year, managing a mixture of systems, and — in the case of Nome — innovating ways to keep users online despite network challenges.
“I’ve been very happy with JumpCloud,” Shreve said.
He added: “It’s already saved us a ton of time on provisioning, deprovisioning, and password resets. We used to spend roughly 600 hours a year doing nothing but that. With JumpCloud, I would be surprised if we even spent 100 hours on the same tasks. That’s huge!”