|
GreenNight posted:Yeah, I even offered to create a VM for him that has all the admin tools installed that he can RDP to, but noo that would be a waste of resources. My boss wont use the AD users/computers snap in on his own PC for the same reason. Every time he needs to look at something he RDP into a DC to look. Except I showed him how to do a lot of the simple stuff through powershell and wrote a couple of scripts that give him whatever reports he wants and now he justs asks me to do it everytime.
|
#
?
Jan 7, 2016 18:56
|
|
|
|
| # ? May 9, 2024 07:26 |
|
|
mayodreams posted:And I just found out our level one help desk guys are logging directly into DCs to do AD management. loving seriously. mayodreams posted:Oh right. I totally read that wrong. The Struggle is Real today. I am demoting unused Domain Controllers to find that someone installed Chrome on them, most likely to bypass the IE security. welp. Our "senior" AD guy does that. Didn't know what RSAT was. After showing him, he still does it that way. I also found adobe reader 9 installed on all the DCs.
|
|
#
?
Jan 7, 2016 18:57
|
|
|
RDC Manager is the best worst-practice.
|
|
#
?
Jan 7, 2016 19:12
|
|
|
Moey posted:I also found adobe reader 9 installed on all the DCs. Sometimes this thread makes me die inside, whether it's american labour practices or this
|
|
#
?
Jan 7, 2016 19:14
|
|
|
I also found a bunch of porn urls in the browsing history of one DC.
|
|
#
?
Jan 7, 2016 19:19
|
|
|
Sickening posted:Sysadmin jobs are being taken by the cloud. Someone Sysadmins those boxes. But really, its not entirely true. Yes, cloud is a great go to for small, maybe some medium sized companies, but most medium to large companies still require having either a datacenter they rent or own under their own control.
|
|
#
?
Jan 7, 2016 19:23
|
|
|
CommieGIR posted:Someone Sysadmins those boxes. 
|
|
#
?
Jan 7, 2016 19:34
|
|
|
I'm irony/sarcasm impaired. But you wouldn't believe how many Developers look at me funny and go 'You need Sys Admins for cloud systems?' because the freaking hype over managed services and buzzwords has been taken so seriously.
|
|
#
?
Jan 7, 2016 19:36
|
|
|
uh isn't the cloud just magically everywhere and it runs my email?
|
|
#
?
Jan 7, 2016 19:38
|
|
|
CLAM DOWN posted:uh isn't the cloud just magically everywhere and it runs my email? You just click your heels together and say 'There's no place like someone else's datacenter'
|
|
#
?
Jan 7, 2016 19:39
|
|
|
CommieGIR posted:I'm irony/sarcasm impaired. But you wouldn't believe how many Developers look at me funny and go 'You need Sys Admins for cloud systems?' because the freaking hype over managed services and buzzwords has been taken so seriously. I run five digit numbers of server instances with one part-time guy on top of myself
|
|
#
?
Jan 7, 2016 20:12
|
|
|
CLAM DOWN posted:uh isn't the cloud just magically everywhere and it runs my email? I had a project maanger once who had a DBA for me so I could do a propf of concept on a new tool. When I asked him if he also ordered the servers the application and datbase should run on he looked at me as if hadn't ever heard of the concept of hardware. He really didn't understand why I needed a server to install the application/database on. I tried explaining it in several ways but he only started understanding it somewhat when I asked him: "what should I do with this cd you just gave me, throw it in the air and hope it installs itself in the cloud?"
|
|
#
?
Jan 7, 2016 20:18
|
|
|
Vulture Culture posted:If you're competent with your tech strategy you need two sysadmins and not twenty That's still two sys admins. For most Enterprise level companies, that's plenty.
|
|
#
?
Jan 7, 2016 20:26
|
|
|
GreenNight posted:Did I mention his normal network account is Enterprise Admin?  Seriously though my PT helpdesk guy did the same...
|
|
#
?
Jan 7, 2016 20:56
|
|
|
GreenNight posted:Did I mention his normal network account is Enterprise Admin? "Software slows done my computer, so I don't even want an Operating System"
|
|
#
?
Jan 7, 2016 21:09
|
|
|
Sickening posted:So we are going through a normal network security audit today and the auditor gave me a list of things I need to show proof for. I am going through the list and I got this. So it appears that my pants on head auditor says "domain controller" when he means to say "active directory". I figured this out when he was having a "clarification" meeting with me and I started to notice the pattern when describing other things. I tried to discuss with him on why fixing this in his checklists might benefit him and the customers he is auditing. So far he seems to be the guy who feels like he knows a lot about things when in fact he doesn't. I also exported out our firewall config for him and he sent it back saying he wants to see it live. We had a meeting where I presented it live on a projector and he was unhappy he didn't get to click through it himself. I asked if he gets to personally click around in other customers firewalls before and he replied "all the time". I can't stop chuckling to myself. At least he leaves soon.
|
|
#
?
Jan 7, 2016 21:21
|
|
|
You guys have separate elevated accounts? Everyone in the IT department here gets added to the Domain Admin group on day one.....
|
|
#
?
Jan 7, 2016 21:28
|
|
|
Moey posted:You guys have separate elevated accounts? Everyone in the IT department here gets added to the Domain Admin group on day one..... I have and I still separate them. It just makes sense to do so.
|
|
#
?
Jan 7, 2016 21:41
|
|
|
Sickening posted:So it appears that my pants on head auditor says "domain controller" when he means to say "active directory". I figured this out when he was having a "clarification" meeting with me and I started to notice the pattern when describing other things. I tried to discuss with him on why fixing this in his checklists might benefit him and the customers he is auditing. So far he seems to be the guy who feels like he knows a lot about things when in fact he doesn't. Idiot auditors like the guy you got undermine the credibility of the whole auditing process and industry. Has he managed to run a Nessus scan and bring up every asinine non-applicable to your environment point yet? I mean the scan said it was bad so you have to do something to fix it!
|
|
#
?
Jan 7, 2016 21:41
|
|
|
BaseballPCHiker posted:Idiot auditors like the guy you got undermine the credibility of the whole auditing process and industry. He is sitting on the guest wifi doing jack poo poo atm. If I caught him snooping his day would just be cut short. This is a small time audit and we don't have an agreement that he gets to pen test or anything on that level. He has gotten on my nerves so much I am not sure how close I would be to calling the cops on his way out. I get being pedantic sometimes. But if you are going out of your way to be pedantic at least be right.
|
|
#
?
Jan 7, 2016 21:50
|
|
|
Sickening posted:I have and I still separate them. It just makes sense to do so. I agree with you here, was just showing how unique my environment is. Gotta love tier 1 folks getting in over their heads because of this.
|
|
#
?
Jan 7, 2016 22:08
|
|
|
Moey posted:You guys have separate elevated accounts? Everyone in the IT department here gets added to the Domain Admin group on day one..... 
|
|
#
?
Jan 7, 2016 22:11
|
|
|
Moey posted:You guys have separate elevated accounts? Everyone in the IT department here gets added to the Domain Admin group on day one..... And they log into workstations with those creds? Every single program they run has domain admin now. I used to do this with my RSAT box and got bitched out extremely hard for it
|
|
#
?
Jan 7, 2016 22:30
|
|
|
Moey posted:You guys have separate elevated accounts? Everyone in the IT department here gets added to the Domain Admin group on day one..... That was my last job. It was kind of nuts when you think about it.
|
|
#
?
Jan 7, 2016 22:43
|
|
|
Literally on day one, new guy coming in to answer the phone can do whatever the gently caress he wants. They all think I am nuts for making new security groups and granting access based on those. Also using service accounts is some sort of voodoo that they don't believe in.
|
|
#
?
Jan 7, 2016 22:54
|
|
|
Moey posted:Literally on day one, new guy coming in to answer the phone can do whatever the gently caress he wants. I do like it random stuff breaks because entire systems were run off the personal ad account of an ex employee. At my first sysadmin job, accounts weren't disabled and the passwords weren't changed from fear of what they might break.
|
|
#
?
Jan 7, 2016 22:56
|
|
|
Moey posted:
Sounds like the dev who reset one of my applications production service accounts so he could use in the dev and test environments and locking out the actual production environment. Still can't believe he did not get fired over that (or even a warning for that matter).
|
|
#
?
Jan 7, 2016 22:58
|
|
|
Sickening posted:I do like it random stuff breaks because entire systems were run off the personal ad account of an ex employee. At my first sysadmin job, accounts weren't disabled and the passwords weren't changed from fear of what they might break. After our last sysadmin/network guy left, I disabled his account. About 12 different things broke. Also discovered he had some apple cert generated for MDM with his direct work email. Every time that needs to be renewed (until I replace it), I have to add that address to my account.
|
|
#
?
Jan 7, 2016 22:59
|
|
|
Just use one service account for everything. Easy!
|
|
#
?
Jan 7, 2016 22:59
|
|
|
CommieGIR posted:That's still two sys admins. For most Enterprise level companies, that's plenty. That's also far fewer than most Enterprise level companies employ, because they are generally run terribly inefficiently. The issue isn't that the sysadmin job will be a thing of the past, it's that far fewer people will (should) be required to do the same amount of work, and the rest of those people are going to have to find some other "marketable skill" to remain employed. Cloud/automation are productivity multipliers, and an excess of productivity isn't worth much to a business, whereas lower costs are, so the excess is going to get laid off.
|
|
#
?
Jan 7, 2016 23:16
|
|
|
Moey posted:Literally on day one, new guy coming in to answer the phone can do whatever the gently caress he wants. This is my hell. Three years trying to get separate accounts for Domain Admin at the very least. I have additional credentials to the Enterprise Admin account and until this day I thought that it was the only account with that permission but just checked and saw 2 of my co-workers regular accounts in the group. At least with the service accounts I've been able to add them to any of the systems I'm looking after and maintaining.
|
|
#
?
Jan 7, 2016 23:57
|
|
|
Sym posted:This is my hell. Three years trying to get separate accounts for Domain Admin at the very least. I have additional credentials to the Enterprise Admin account and until this day I thought that it was the only account with that permission but just checked and saw 2 of my co-workers regular accounts in the group. Yeah, all the stuff I manage run off service accounts and permissions are granted to specific security groups. Anytime I come across something that isn't mine that is setup dumb, I let them know they should fix it. Slowly but surely things are getting better.
|
|
#
?
Jan 8, 2016 00:02
|
|
|
When I was a Sys Admin a few years ago, my boss was killed in a traffic accident. It sucked because he never documented anything, but we managed to cobble together most of what we needed to do day to day in the next week or so. 28 days after his accident, a whole bunch of critical systems stopped working. Because his password expired. We've gotten better since then. Separated out elevated accounts, cleaned Domain Admins down to like 8 people from ~30. But I will never forget the day my dead boss got revenge from beyond the grave.
|
|
#
?
Jan 8, 2016 00:38
|
|
|
Tuesday I had my retarded user moment. So one of our Exchange servers just hangs for whatever reason and doesn't fail the database over like it should. Initial culprit is suspected to be Storage, but the Storage Vendor rep is adamant it isn't and produces logs to demonstrate it. Then the host's local RAID drives and controller are suggested, but that made no sense to me. My suggestion that perhaps it's something to do with the OS or Exchange were met with denial. Someone else thought it might be VMware Tools, and in a monumental fit of stupidity I agreed to remove VMware Tools and reinstall it in case the update from last month corrupted the application. I completely forgot that if you remove VMware Tools you are also deleting your NIC information, and even if you reinstall VMware Tools you aren't getting that poo poo back. On top of all that the server went into super slow-mo, where it took 15 minutes to open up Network and Sharing Center, another 15 minutes to go to the NIC properties, and 5 minutes to change the settings to static IP and fill in the appropriate blanks and change the adapter configuration to the correct settings. I was there for 3 loving hours, for something that should have taken 5-10 minutes tops. When I get in the next morning my desk is plastered with images of Boromir (aka Sean Bean) in his classic "One does not simply ride into Mordor!" pose, only this time it says "One does not simply remove VMware Tools!" I caught poo poo for it all day (justifiably so), but most everyone did so in jest, even going so far as admitting they wouldn't have even had a clue what to do to fix the problem. The commander just shrugged her shoulders later the next day and said it's a learning moment and we move forward. She also commended me for my patience and willingness to do what it took to get the server back up and running, so that took some of the sting out of it. Future recommendation is that VMware Tools is to never be uninstalled, only repaired or upgraded unless the situation is seriously hosed up and all other options have been exhausted.
|
|
#
?
Jan 8, 2016 00:52
|
|
|
Didn't know that, is that the same circumstances with Hyper-v integration tools?
|
|
#
?
Jan 8, 2016 00:58
|
|
|
What's a good way to get the benefits of versioning with the ease of passing a Word document around? My boss and I work in geographically separate locales so we're often passing Word documents back and forth and tacking on/updating the _v# on the end of the filename. I know you can track changes with Word documents but as far as I know there's no way to see the evolution of a document, just the most recent changes.
|
|
#
?
Jan 8, 2016 02:32
|
|
|
Karthe posted:I know you can track changes with Word documents but as far as I know there's no way to see the evolution of a document, just the most recent changes. 
|
|
#
?
Jan 8, 2016 02:38
|
|
|
Which is why you always remove that data before you send the doc to a client. (Nobody does this). Edit: I'm a big fan of Quip for this kind of thing. (Collaboration on docs)
|
|
#
?
Jan 8, 2016 02:42
|
|
|
Tab8715 posted:Didn't know that, is that the same circumstances with Hyper-v integration tools? No. The drivers for the Hyper-V vNICs are built into the Windows OS (It's good to be the OS Vendor AND the Hypervisor Vendor) so nuking the guest tools doesn't nuke the NIC. It does a ton of other annoying things but those are more annoying than crippling in my experience. To skip back to the Cloud is magic talk. Had a customer today shocked that Replicating a VM to Azure would necessitate time and bandwidth equal to copying the *ENTIRE* storage to the internet *GASP!*. They suddenly had to rethink the entire project timeline.
|
|
#
?
Jan 8, 2016 02:58
|
|
|
|
| # ? May 9, 2024 07:26 |
|
|
Finally called my old boss back and passed on the job offer to go back. It just doesn't make sense to give up my benefits which include 6 certs this year including VCP. I can't exactly get in to upper management anyway due to my lack of 4 year degree so that career track is going to be a giant headache. I'll stay on my current track for network admin, senior admin, architect which I should be able to schmooze my way through with certs. And with all my spare time WGU looks really enticing.
|
|
#
?
Jan 8, 2016 04:35
|
|
