|
A Pinball Wizard posted:We just switched over to a new system that sends automated e-mails when a ticket is created or closed. Also since it's a new system there are tons of duplicate tickets. There's no way to merge tickets, so you have to close one and note on it that it was merged with ticket number whatever. Close both tickets.
|
# ? Feb 15, 2017 15:46 |
|
|
# ? Jun 3, 2024 22:03 |
|
Sefal posted:
hhahahahah you think places like that mandate password changes?
|
# ? Feb 15, 2017 16:04 |
|
Sefal posted:
Yes but you see, they want to have access to everyone's everything to make sure things are being done right!
|
# ? Feb 15, 2017 16:07 |
|
D34THROW posted:The IT guys set our domain passwords for us and we're not allowed to change them. I live in a SOX audited world. This is insane.
|
# ? Feb 15, 2017 16:22 |
|
The way you know your IT is done right is if you actually have problems fixing problems when <part of IT> is out sick. Not even kidding. As in literally unable to fix because of access rights, not too incompetent.
|
# ? Feb 15, 2017 16:25 |
|
SEKCobra posted:The way you know your IT is done right is if you actually have problems fixing problems when <part of IT> is out sick. Not even kidding. Sounds like you are understaffed and don't have enough backup people. Everyone system should have a primary and a backup person. A third guy is also nice to have. Like maybe your ERP guy is the backup exchange guy and if Exchange guy is out sick he fixes exchange stuff.
|
# ? Feb 15, 2017 17:05 |
|
pixaal posted:I would hope it's in a keepass but based on the fact that this doesn't make any sense at all I'm going to assume excel file and they don't care. You have incompetent internal IT. I find most people in IT don't know what they are doing and half your job is damage control for their loving up. They are almost always above you too. It's outsourced to Intelitech EDIT: They also gave me the domain administrator logon when Sissines was setting up a scanner to scan to my computer over the network. I still have it just in case and still need to use it from time to time!
|
# ? Feb 15, 2017 17:07 |
|
Sefal posted:
I took over a one-man IT operation at my previous job. He had everyone's passwords for everything in an Excel sheet. It took about 2 years for me to get people to stop forwarding me their new passwords whenever they changed them. The guy I replaced now works for a bank as an IT Manager.
|
# ? Feb 15, 2017 17:10 |
|
Haha backup people. When I go on vacation I have to tell HR because they're not allowed to hire people when I'm out of the office.
|
# ? Feb 15, 2017 17:19 |
|
I work in a small software company and we have one sysadmin, the only passwords he has are for the phones so that he can fix the call rules that people keep putting in which break the entire phone system for all 30 of us in the office.
|
# ? Feb 15, 2017 17:19 |
|
I believe we should treat passwords like how the banks do Train the user to know that IT will never ask them for their password.
|
# ? Feb 15, 2017 17:43 |
|
Sefal posted:I believe we should treat passwords like how the banks do Yes. People try to tell me their password or hand it to me on a post-it all the time. I am seen as a little weird because my response is typically GET THAT THE gently caress AWAY FROM ME RIGHT NOW. Most of them just don't get why its an issue.
|
# ? Feb 15, 2017 17:51 |
|
AlternateAccount posted:Yes. People try to tell me their password or hand it to me on a post-it all the time. I am seen as a little weird because my response is typically GET THAT THE gently caress AWAY FROM ME RIGHT NOW. Most of them just don't get why its an issue. I still remember the CEO at my first jobs password, since I had to change it back so many times, and log into his computer for him so often. That was 15 years ago.
|
# ? Feb 15, 2017 17:54 |
|
AlternateAccount posted:Yes. People try to tell me their password or hand it to me on a post-it all the time. I am seen as a little weird because my response is typically GET THAT THE gently caress AWAY FROM ME RIGHT NOW. Most of them just don't get why its an issue. All the time here to Its years of bad password practices that I'm slowly trying to fix. I really wish AD had some form of "Log in as User" option that left an audit trail that would allow me to do user-specific things without needing them to log in for me.
|
# ? Feb 15, 2017 18:01 |
|
pixaal posted:Sounds like you are understaffed and don't have enough backup people. Everyone system should have a primary and a backup person. A third guy is also nice to have. Like maybe your ERP guy is the backup exchange guy and if Exchange guy is out sick he fixes exchange stuff. We do have two people and are supposed to be three, so it's not an issue. I'm just saying that if everyone were out sick and a process isn't possible anymore it means things work. If everything can be circumvented it doesn't work.
|
# ? Feb 15, 2017 18:03 |
|
Ticket for a printer at another site has been open for 5 weeks. No one can print to it. I told the site contact about this issue when I noticed the printer office a day or so into the issue, nothing was done I sent another "hey what is going on" as the print queue kept building. 2 weeks into it one of the users sends me an email in Spanish I ask for the printer to be factory reset as I can't reach it by IP someone is going down to the site anyway (it's ~5000 miles away) on week 3. I get in contact with that person he says the printer was sent back here 4 weeks ago. The time line is off it hasn't been offline that long but okay the printer isn't there so I have to wait for the container to come by boat. Today the person that was at the other site asks me about the printer in question and they sent a label printer not the "paper printer". The problem turns out to be some user found a USB cable plugged it into the printer and then plugged their computer into the printer which shut the network port off. I was told to not clear the printer queue enjoy your 7,000 print jobs that are multiple pages each! e: this is the site's only printer I have no idea how they lasted this long without a printer. pixaal fucked around with this message at 18:13 on Feb 15, 2017 |
# ? Feb 15, 2017 18:04 |
|
Siochain posted:All the time here to Its years of bad password practices that I'm slowly trying to fix. I really wish AD had some form of "Log in as User" option that left an audit trail that would allow me to do user-specific things without needing them to log in for me. Yeah. that would be pretty good. but I find it's helpful to invite the user to come to you and do it together (let the user do the work and guide him) that way, the user has some more familiarity with the app/device.
|
# ? Feb 15, 2017 18:04 |
MF_James posted:hhahahahah you think places like that mandate password changes? Forcing users to change passwords with a complexity requirement that they are allowed to pick is so pointless that I don't know why people even bother. If people care about security use 2FA or it's just pretending to care. They will use sticky notes or figure out some retarded system for keeping track of their password which defeats the purpose.
|
|
# ? Feb 15, 2017 18:07 |
|
Nuclearmonkee posted:Forcing users to change passwords with a complexity requirement that they are allowed to pick is so pointless that I don't know why people even bother. If people care about security use 2FA or it's just pretending to care. Previous admin got them in the habit of picking random letters and numbers to add to the end of their password corner of every monitor is a sticky not with something like J5D1 which is the end of their password but if you don't know the start (probably their kid's name) it's not too useful. I haven't stopped the habit because it's way better than the alternative of them writing the full password and hiding it under a keyboard.
|
# ? Feb 15, 2017 18:09 |
|
Nuclearmonkee posted:Forcing users to change passwords with a complexity requirement that they are allowed to pick is so pointless that I don't know why people even bother. PCI compliance in my case.
|
# ? Feb 15, 2017 18:16 |
|
Nuclearmonkee posted:They will use sticky notes or figure out some retarded system for keeping track of their password which defeats the purpose.
|
# ? Feb 15, 2017 18:17 |
Collateral Damage posted:Unpopular opinion; It's better that users keep their passwords on a piece of paper in their wallet than using "Password123!" as their password everywhere. Whatever stupid thing they pick to replace it will be just as bad and pointless. Usually complexity requirements will preclude them from using their AOL password anyways and their corporate account name will likely not match that username either. Flatscan posted:PCI compliance in my case. This is one of the "we must pretend to care because it's the rule" scenarios. edit: also you can use freeRADIUS with google authenticator and have 2FA for free if the place you work doesn't want to pay for RSA tokens or whatever (they never do). Nuclearmonkee fucked around with this message at 18:31 on Feb 15, 2017 |
|
# ? Feb 15, 2017 18:24 |
|
Collateral Damage posted:Unpopular opinion; It's better that users keep their passwords on a piece of paper in their wallet than using "Password123!" as their password everywhere. Depends if primary attack vector is physical or not.
|
# ? Feb 15, 2017 18:32 |
Siochain posted:All the time here to Its years of bad password practices that I'm slowly trying to fix. I really wish AD had some form of "Log in as User" option that left an audit trail that would allow me to do user-specific things without needing them to log in for me. I run into this almost every week when I deploy a new PC, and maybe this isn't the right thread for it but I'll ask anyways. I prefer to login to a new PC under the user's account before deploying it, mostly to make sure the USMT went fine and their Outlook archive can get downloaded. In doing this though, we have to reset their password everytime. Not that that's an issue for me, but I'd love to have an automated way to do that poo poo without having to log in with a user's credentials and just take care of it automagically?
|
|
# ? Feb 15, 2017 18:43 |
|
Collateral Damage posted:Unpopular opinion; It's better that users keep their passwords on a piece of paper in their wallet than using "Password123!" as their password everywhere. Those RSA tokens are great because they add a whole extra layer of security, without the user having to remember anything and you can't compromise them. Apart from my colleague who was always forgetting his, so he cable-tied it to his laptop.
|
# ? Feb 15, 2017 19:00 |
|
Siochain posted:All the time here to Its years of bad password practices that I'm slowly trying to fix. I really wish AD had some form of "Log in as User" option that left an audit trail that would allow me to do user-specific things without needing them to log in for me. Heck yes. #1 most desired feature right here.
|
# ? Feb 15, 2017 19:14 |
|
Windows will never have a masquerade function. Microsoft is fundamentally opposed to it. It would be nice though. It would also be nice if their administrative tools actually you know.. Worked. There's no reason that an administratively forced password change should be subject to time requirements. It'd also you know be nice in TYOOL2017 if there was a way to administratively log a user out of a domain joined computer. But that isn't an option either
|
# ? Feb 15, 2017 19:53 |
Wibla posted:The strict password rotate rules that are in place aren't nearly as effective as people think. Nuclearmonkee posted:Forcing users to change passwords with a complexity requirement that they are allowed to pick is so pointless that I don't know why people even bother. If people care about security use 2FA or it's just pretending to care. This. >0 people will still use "password", then "password1", etc, but far more people will do this if you make them change the thing constantly. My interest in using a long, complex password is inversely proportional to how often you make me A) type it in on a phone and B) trash it and remember a new one. Annually and I'm not fighting a 1.5 inch wide keyboard to put it in? OK, it'll be some variant on "poster lock beef 3#919ab&991e883006f#144cec#e8a89" and probably on paper in my wallet until I have it down cold. Monthly and I have to put it in daily on a phone? You get "Aaaaaaa1" because I have poo poo to do.
|
|
# ? Feb 15, 2017 19:56 |
|
spog posted:Those RSA tokens are great because they add a whole extra layer of security, without the user having to remember anything and you can't compromise them. or the people that put them in front of web accessible unsecured webcams.
|
# ? Feb 15, 2017 19:57 |
|
When I went to university and worked their helpdesk part time to pay for rent/food/booze, our password requirements changed from the normal upper/lower/number/special to include cannot contain words longer than 2 letters found in the dictionary. We had manifesto length complaints from faculty, staff and students.
|
# ? Feb 15, 2017 20:29 |
|
cage-free egghead posted:I run into this almost every week when I deploy a new PC, and maybe this isn't the right thread for it but I'll ask anyways. Yep, this is where I would love it. We have a TON of software with user-specific setup poo poo (I'm trying to get to newer versions which are less stupid but, hey, you work with what you've got). Along with outlook, etc. And sometimes it makes poo poo harder - so I'll just reset their password (with their knowledge), login/do my thing, then force change on next login and get them back to work. Masquerading would be so, so nice.
|
# ? Feb 15, 2017 20:36 |
Takkaryx posted:When I went to university and worked their helpdesk part time to pay for rent/food/booze, our password requirements changed from the normal upper/lower/number/special to include cannot contain words longer than 2 letters found in the dictionary. We had manifesto length complaints from faculty, staff and students. Those are the best particularly when they say "I can't use $dogs_name+$street_address which I use to password everything including these twenty services which were all hacked in the last year or two and now I can't remember my password thanks to you ."
|
|
# ? Feb 15, 2017 21:21 |
|
Sefal posted:I believe we should treat passwords like how the banks do The Danish Solution: Use the National online ID for logging in. We've had 0% password sharing after implementing it, and scores of requests for new users that somehow suddenly needed access to protected systems despite having been employed in the same position for years. I guess people won't share their logins when it's the same username/password they use for their online banking/tax/healthcare/everything. (More about "NEM ID" here. If people are on the local LAN we only require username/password. If they're remote we use the 2-factor. The system itself scans for suspicious activity and may occasionally require 2-factor on the LAN too - if that happens and people have forgotten their key-card they can get a new one from our "Citizen Service Desk" with proper identification. We're Da Gub'mint, so it's not like we're closed when employees need it. )
|
# ? Feb 15, 2017 22:33 |
Ok that works in communist europa but here in 'murica a national ID is the mark of the beast dontcha know. Can't have that.
|
|
# ? Feb 15, 2017 22:49 |
|
Nuclearmonkee posted:Ok that works in communist europa but here in 'murica a national ID is the mark of the beast dontcha know. Can't have that. Best case it leads to everybody writing their SSN down on a post-it stuck to their monitor.
|
# ? Feb 15, 2017 22:58 |
|
cage-free egghead posted:
Bank of America
|
# ? Feb 15, 2017 23:01 |
|
Anyone have experience with "Microsoft Teams"? Apparently it's their answer to Slack. We've been using a combination of Skype for Business along with (classic) Skype since our SfB doesn't have persistent chat rooms. One of the do-gooders on the desk suggested Teams to the network guys and it looks like they're pushing it down next week, and may be force-uninstalling classic Skype as a result. The only thing I've seen about Teams so far is that it has a built-in meme generator. If that's any indication about the direction they're taking...
|
# ? Feb 15, 2017 23:26 |
|
Okay, here's a bit of a fun one. Just got a ticket from a user because powerpoint was misbehaving. On their title slide, which they have used for all the department's presentations, organization's template, there's your standard code:
code:
code:
|
# ? Feb 15, 2017 23:40 |
|
Sunblood posted:Anyone have experience with "Microsoft Teams"? Apparently it's their answer to Slack.
|
# ? Feb 16, 2017 00:15 |
|
|
# ? Jun 3, 2024 22:03 |
|
There ought to be a system where, when an employee swiped their id to clock in, it printed a slip of paper with a randomly generated password that would automatically expire when they clocked out. Lost the slip of paper, clock out and clock back in. Want to change it to something human-readable, haha gently caress you. At the least, take user choice out of the equation and have all passwords be machine generated. Why yes, I expect you to memorize an arbitrary string of letters, numbers and symbols, it's part of your job description (listed under 'mandatory requirements for employment') and if you're not capable of it then you're not qualified to work here.
|
# ? Feb 16, 2017 01:16 |