Dmills Posted July 14, 2014 Share Posted July 14, 2014 Set your playout mac to export an NFS or samba share to your other machine, then you can just log on to the second machine as whatever user makes sense at the time and drop files into the network drive exported by the playout machine, if the export is from the playout box then the files will end up on its local disk (Which is happymaking from a reliability perspective, lower the NFS or samba daemons IO priority so it does not starve the running playout). Playout can otherwise remain off the network (In fact such could be a totally separate subnet, complete with separate network interfaces, do it right and IT would probably never notice). Judicious use of chown and chmod on the export will make any files dropped there by any user readable by the playout user on the mac, or just run playout applications as suid 0. Oh, and PLEASE stop teaching students that asking for some playout from the internet 5 minutes before showtime is acceptable, those guys are a pain in the arse when they leave school and start working (Apart from anything else, how do are you supposed to sort out the rights issues on that sort of timeline?). 73 Dan. Link to comment Share on other sites More sharing options...
bruce Posted July 14, 2014 Share Posted July 14, 2014 (Speaking as someone who manages University data networks) Many sites will quote "the JANET rules" as a get out. It's always easier to lay the blame elsewhere - I've done so myself. But the bottom line is that your University - don't know which one it is, but happy to have a private chat by Pm if you want - has a responsibility to ensure that it has fully auditable records of who was using every machine, and when. Yes, that's in the JANET rules, but it's almost certainly something that's part of your institution's security policy, and something your auditors will demand. JANET - and your University network - are private networks, as defined in UK law by the Telecommunications Act. To be a private network, you CANNOT offer unauthenticated visitor access - if you did, it'd be public! Any network administrator who allows free unaudited unauthenticated access is either mad or incompetent. It used to be relatively common, but much less so today. So you need to sit down with your network administrators and have a reasonable conversation with them. Coffee and biscuits help. Explain the problem. Listen to their concerns. . Ask them what they are doing about visitor access and guest access (not the same thing!) Find some common ground, and move forward Link to comment Share on other sites More sharing options...
durian Posted July 14, 2014 Author Share Posted July 14, 2014 just a word to thank you very much for all your advice, tips and comments. so much help, thank you chelgrian: we want to put our ETC Ion on the network for ipad control.... not sure how that will resolve itself yet. Dmills, thankyou but that wont work for us. Bruce, thankyou, we are going to sit down next week and talk through the implications imposed on us. As the technician for the space I have bought all the detials of how it will affect us to the heads and IT and lecturers. They now have to sit and decide how they proceed as the changes will impact on the way we do things. I dont mind how they resolve it as long as Ive got what I need to run the space for induction week and all its varying content......... thanks again to everyone, you have given me a variety of options I can offer to the people concerned about how they want to proceed, happy days Link to comment Share on other sites More sharing options...
timsabre Posted July 14, 2014 Share Posted July 14, 2014 chelgrian: we want to put our ETC Ion on the network for ipad control.... not sure how that will resolve itself yet. You really don't want to do that... just buy a £20 wireless access point and set up a hidden wireless network just for the console. You don't need to go through the rigmarole of trying to connect it to a proper network just for ipad control. If you're having trouble with your Mac connection they will just freak if you try and connect some weird device like a lighting console. Link to comment Share on other sites More sharing options...
durian Posted July 14, 2014 Author Share Posted July 14, 2014 We did consider that and purchased a router to do exactly that. Sadly I have to involve IT and they stopped it, insisting their network was better.Despite the fact there is zero wifi in the space! Link to comment Share on other sites More sharing options...
timsabre Posted July 14, 2014 Share Posted July 14, 2014 We did consider that and purchased a router to do exactly that. Sadly I have to involve IT and they stopped it, insisting their network was better.Despite the fact there is zero wifi in the space! Why do you have to involve IT? They won't know. (Unless they read this, oops)The main problem with connecting it to the network is you need a static IP, not to mention they'll want it to have a network login which I think is impossible (I have been through this with an Avo desk). Link to comment Share on other sites More sharing options...
bruce Posted July 14, 2014 Share Posted July 14, 2014 Sadly I have to involve IT and they stopped it, insisting their network was better.Despite the fact there is zero wifi in the space! I would expect that the reason they blocked it was that they need to keep control of the wireless spectrum. With 802.11b, there are only 3 useable frequencies. Building an enterprise network with that constraint is nigh on impossible even if you have complete control of the spectrum. With random other devices on random channels, there's no chance... Talk to your network people. There are ways to make this stuff work. Link to comment Share on other sites More sharing options...
chelgrian Posted July 14, 2014 Share Posted July 14, 2014 We did consider that and purchased a router to do exactly that. Sadly I have to involve IT and they stopped it, insisting their network was better.Despite the fact there is zero wifi in the space! Why do you have to involve IT? They won't know. (Unless they read this, oops) The main problem with connecting it to the network is you need a static IP, not to mention they'll want it to have a network login which I think is impossible (I have been through this with an Avo desk). Erm yes they will. The reason they don't want it is not that their network is 'better' it is that there are only 3 non-overlapping frequencies available in the 2.4GHz Wifi spectrum and you require 4 colours to colour a 2D map such that no two colours touch, the 3D version of the same problem which is what you have for WiFi roll outs is provably insoluble. The main problem with connecting it to the network is you need a static IP, not to mention they'll want it to have a network login which I think is impossible (I have been through this with an Avo desk). Note the Ion doesn't need a static IP, at least in the latest software it's perfectly happy with DHCP, however it would be advisable to have a reservation such that it gets the same IP address each time that is to say 'pseudostatic'. However it gets more fun if you want to use ETCnet3 as the Ion only has one network socket you have to talk to both the nodes and the Wifi network over the same network interface, however I won't go in to that one as it doesn't sound like you are doing it. Putting a random extra Wifi access point in blurting out at full power at best will cause problems to other networks in adjacent spaces and at worst will cause the university mob to come round heavy handed after their RF monitoring and planning software has detected another Access Point causing problems with the wide area system. What I have is a private network served off a separate SSID on the university access points which is locally terminated in a private VLAN which has our show network on it. This is half statically addressed for fixed things like our Ion and M7CL-32 and half dynamically addressed for client devices running the remote control software for the various bits of gear. The show network in general has no external network access however we do allow a very few things through the firewall such as speaking to the university Microsoft key management server. In fact we are serving 4 different SSIDs for different things connected to different networks from our access points. Obviously getting the university to provide enough access points to cover the space may not be trivial. Please don't assume that the IT people are stupid, they are just so used to people not understanding or not even wanting to try to understand the reasons behind their rules that they don't even bother explaining any more. I suspect if you sit down with them and explain exactly what you need ie 'I need to be able to run apple software update on this mac' .. 'I need this Ion on a private network with no internet access and Wifi access to it from stage' then if they aren't actively prevented from helping by their management then they will help. Link to comment Share on other sites More sharing options...
timsabre Posted July 15, 2014 Share Posted July 15, 2014 I was trying to make a little joke about them not knowing... I get involved in installing a lot of odd things that need to go on a network and IT depts seem to fall into two groups, those based in-house who know what they are doing and will help once they understand what you need, and those who are subcontracted to an external company who are hard to communicate with (sometimes with overseas call centre) and have absolutely no interest in helping with something that doesn't fit into the usual categories. Unfortunately I always seem to be stuck with the second type. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.