+ Post New Thread
Page 1 of 3 123 LastLast
Results 1 to 15 of 45
General Chat Thread, IT Teachers and Computer rights in General; Hey guys, I'm a Network Manager at a fairly small special school in Durham, we only have about 65 machines. ...
  1. #1

    Join Date
    Mar 2009
    Location
    Darlington
    Posts
    5
    Thank Post
    1
    Thanked 0 Times in 0 Posts
    Rep Power
    0

    IT Teachers and Computer rights

    Hey guys, I'm a Network Manager at a fairly small special school in Durham, we only have about 65 machines. The head give me strict instructions last night to change all our administration passwords and change the IT teacher from an Adminstrator back to a normal staff user due to a few complains he has had against this particular teacher. When the head explained the situation to the teacher he has kicked up a massive fuss and send numerous letters to both the school governors and his union.

    He also mentioned that if we were a main stream school we would require 2 administrators is this true?
    so i was just wondering, Do the IT teachers in your school have admin rights? and also how many administrators do you have in your school?


    Thanks
    Ian

  2. #2

    nephilim's Avatar
    Join Date
    Nov 2008
    Location
    Dunstable
    Posts
    12,027
    Thank Post
    1,631
    Thanked 1,925 Times in 1,420 Posts
    Blog Entries
    2
    Rep Power
    435
    You should have 2 administrative accounts as a standard practice incase you are off ill, and it should be assigned to either the Head of IT or your next in line, whichever is appropriate in your case. I have 2 accounts, one of which is mine, the other is my bosses.

    But in the grand scheme of things, I am the only one who does the administering!

  3. #3
    apoth0r's Avatar
    Join Date
    Apr 2007
    Location
    Northants
    Posts
    1,221
    Thank Post
    151
    Thanked 180 Times in 132 Posts
    Rep Power
    52
    IT Teachers are not part of the administration setup, they are teachers so there is no reason/need for them to have Admin rights.
    They do not control the network, they teach the curriculum, so like any other teacher they should have a teacher account.
    If you were not there then I would say fair enough, but as you are the network manager and responsible for the network you shouldn't grant them permissions on the basis that if he cocks things up, it's on you.

  4. #4
    alan-d's Avatar
    Join Date
    Aug 2005
    Location
    Sutton Coldfield
    Posts
    2,414
    Thank Post
    360
    Thanked 256 Times in 187 Posts
    Rep Power
    75
    IT teachers have the same restricted rights as other teachers.

    What you could do is have your 2 admin accounts but disable one which could be enabled by the HT in the case of your absence. All he needs is an mmc - right click - enable and possibly change the password. You then disable it on your return.

    Just a thought

  5. #5

    Michael's Avatar
    Join Date
    Dec 2005
    Location
    Birmingham
    Posts
    9,262
    Thank Post
    242
    Thanked 1,572 Times in 1,252 Posts
    Rep Power
    340
    I've come to the conclusion there are some (a minority) of ICT teachers who are control freaks when it comes to permissions/access rights and they haven't a clue what they're doing but they want access anyway?

    I usually take the approach and say you have one account for teaching (just like other teachers) and an admin account in the event a particular task requiring admin rights is needed. The majority have agreed with my justification and reasoning but a few ICT teachers unfortunately do not "get it".

  6. #6

    russdev's Avatar
    Join Date
    Jun 2005
    Location
    Leicestershire
    Posts
    6,926
    Thank Post
    709
    Thanked 552 Times in 367 Posts
    Blog Entries
    3
    Rep Power
    204
    You do not need two accounts but you do need a note of the admin account in a fireproof safe.

    Russ

  7. #7
    Pyroman's Avatar
    Join Date
    Sep 2007
    Posts
    1,209
    Thank Post
    433
    Thanked 140 Times in 105 Posts
    Rep Power
    73
    I'm in a small school aswell and i have the only administrator account my ICT coordinator wanted admin access but i flat out refused as he has no need for admin access and would only mess things up. I have the account name and password written down in an envelope in the safe that is only to be oped in the event of my death

  8. #8
    Diello's Avatar
    Join Date
    Jun 2005
    Location
    Kent, England
    Posts
    1,064
    Thank Post
    112
    Thanked 228 Times in 128 Posts
    Rep Power
    74
    IT Teachers should NEVER be administrators (apart from in a very small school where the Network Manager and IT Teacher are the same person, very rare these days). If there are not two IT professionals in the school, have a second administrator account given to the Head in a sealed envelope for use in an emergency.

    He can scream to his Union/Govs if he wants, but he'll get short shrift, and that's before you even get started on the Data Protection aspects of a classroom teacher having unbridled access to everything!

  9. #9

    TechMonkey's Avatar
    Join Date
    Dec 2005
    Location
    South East
    Posts
    3,292
    Thank Post
    226
    Thanked 406 Times in 303 Posts
    Rep Power
    162
    We have a couple of admins plus account details in the fireproof safe with other details and keys incase a freak accident takes teh whole IT Dept out & an external contractor needs to come in.

  10. #10
    alan-d's Avatar
    Join Date
    Aug 2005
    Location
    Sutton Coldfield
    Posts
    2,414
    Thank Post
    360
    Thanked 256 Times in 187 Posts
    Rep Power
    75
    Quote Originally Posted by russdev View Post
    You do not need two accounts but you do need a note of the admin account in a fireproof safe.

    Russ
    If one account gets currupted how do you fix it?

  11. #11

    localzuk's Avatar
    Join Date
    Dec 2006
    Location
    Minehead
    Posts
    17,810
    Thank Post
    517
    Thanked 2,469 Times in 1,913 Posts
    Blog Entries
    24
    Rep Power
    835
    We have a total of 3 admin accounts - myself, my manager (bursar) and the normal domain admin account. The domain admin password is also kept in the fireproof safe.

    No teachers, be they IT teacher or the head teacher have an admin account.

    There are many reasons that they shouldn't have those privileges such as the Data Protection Act, the fact that the more people who have such accounts, the more likely a password falls into the hands of someone who shouldn't have it, the increased risk of serious damage to the network.

    Also, by having those rights, there could come a time when the head or someone would turn to them and ask them to do something 'adminy' which they are not allowed to do under their contract. So it is in the teacher's best interest not to have it!

    Best solution with this is to ask them to explain *why* they want such privileges.

  12. #12

    bossman's Avatar
    Join Date
    Nov 2005
    Location
    England
    Posts
    3,942
    Thank Post
    1,199
    Thanked 1,069 Times in 760 Posts
    Rep Power
    330
    @spiderz:

    No other person should have admin rights but yourself, you should have 2 admin accounts in case one admin account for some reason cannot be accessed.
    You as the network admin are responsible for the smooth running of the network and you should heed the request given to you from your Headteacher as he is legally responsible for the school.
    If you feel the Headteacher is acting in an unreasonable way towards a fellow colleague then you have to go higher.

    All written records are to be put into the school safe.

  13. #13

    Join Date
    Aug 2005
    Location
    London
    Posts
    3,156
    Thank Post
    116
    Thanked 529 Times in 452 Posts
    Blog Entries
    2
    Rep Power
    124
    Quote Originally Posted by Diello View Post
    IT Teachers should NEVER be administrators (apart from in a very small school where the Network Manager and IT Teacher are the same person, very rare these days). If there are not two IT professionals in the school, have a second administrator account given to the Head in a sealed envelope for use in an emergency.

    He can scream to his Union/Govs if he wants, but he'll get short shrift, and that's before you even get started on the Data Protection aspects of a classroom teacher having unbridled access to everything!
    Remember that this is a very small school so it is likely that a non-IT person would need "second admin".

    If the head has said that the second person shouldn't be this teacher then it stops there - the IT manager (whatever their title) should absolutely accept that instruction.

    Just out of interest, what bit of the DPA says a teacher is less likely to be trustworthy in terms of access to data than a member of the IT Support Team?

  14. #14
    mb2k01's Avatar
    Join Date
    Jan 2007
    Posts
    1,138
    Thank Post
    189
    Thanked 230 Times in 195 Posts
    Rep Power
    92
    I'm suprised at some of the replies here.
    As far as I'm concerned there should be one main "domain administrator" account - ideally not called "administrator" by the way - such any easy thing to avoid and prevent 50% of a potential hackers job to be already done!

    Once you have that one overall adinistrative account, it should only ever be used by the SINGLE person with overall top-level administrative control of the network - and even then, not as their main day to day account.

    All other administrative users should have delegated access to required services (so if you have a technician needing to backups give them "backup operators" etc etc)

    This fireproof safe idea is something I don't operate, but am 50/50 on. The only time it would ever need to be utilised is if the entire network admin team were blown off the face of the earth - in which case the server room they are based next to would have gone with them!
    In some schools (especially smaller ones) I can see it being a good idea - as long as there was clear understanding it wasn't to be used without written authorisation from the actual administrator or the headteacher.

  15. #15

    plexer's Avatar
    Join Date
    Dec 2005
    Location
    Norfolk
    Posts
    13,666
    Thank Post
    659
    Thanked 1,625 Times in 1,454 Posts
    Rep Power
    422
    Hmm I'm sure the union will not help him much surely the workload agreement means that teaching staff are not allowed to perform IT administrative duties?

    Ben

SHARE:
+ Post New Thread
Page 1 of 3 123 LastLast

Similar Threads

  1. Replies: 13
    Last Post: 30th June 2009, 04:23 PM
  2. Local Admin rights for teachers..
    By kylewilliamson in forum General Chat
    Replies: 13
    Last Post: 13th June 2009, 09:07 AM
  3. Computer hangs at 'Applying Computer Settings'
    By crc-ict in forum Wireless Networks
    Replies: 8
    Last Post: 25th April 2008, 10:29 PM
  4. digital rights
    By russdev in forum General Chat
    Replies: 0
    Last Post: 28th July 2005, 02:37 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •