|
TheParadigm posted:Wait. We have a ticket system, and until recently what we have had gets the job done in a clumsy way, but recently it’s been a mess. My issue is I can put in a request and it functionally disappears for days or weeks, then resurfaces when someone in the change department notices it’s past a date. The issue I have is that I can’t put in: I need <thing> by <date>, I have guess or make up the schedule of the group/person who will do the change and hope it’s right.
|
#
?
Jan 8, 2020 16:15
|
|
|
|
| # ? Jun 4, 2024 21:52 |
|
|
I always thought HR was where the most talentless people would go to. Then I learnt about change and service management.
|
|
#
?
Jan 8, 2020 16:21
|
|
|
CitizenKain posted:We have a ticket system, and until recently what we have had gets the job done in a clumsy way, but recently it’s been a mess. My issue is I can put in a request and it functionally disappears for days or weeks, then resurfaces when someone in the change department notices it’s past a date. The issue I have is that I can’t put in: I need <thing> by <date>, I have guess or make up the schedule of the group/person who will do the change and hope it’s right. Sorry man, I'm kinda with the change board here: Without knowing when you will do the work, how can the change board know whether or not what you're doing will impact the business? My CAB would say the same thing: "I can't approve this because you can't tell me when it happens, and I'm not willing to blindly approve your work without knowing exactly what gets impacted."
|
|
#
?
Jan 8, 2020 17:20
|
|
|
Raerlynn posted:Sorry man, I'm kinda with the change board here: Agree. Get the people who will perform the change to set aside the time required to do the work, sufficiently far ahead for business to plan ahead of any downtime, and for the CAB to process it. Then submit it to the CAB. If it gets disapproved you can free up the time block.
|
|
#
?
Jan 8, 2020 17:36
|
|
|
They are going to clone the main file server and place the clone at the new office across town. Well, they did that already, but it takes 20 minutes for rsync to go all the way through 2TB of stuff So they are making a list of all the file shares/dirs, and which is going to be the master (here or the new location) Then they will make an rsync job that continuously runs for each share, going in whichever direction is 'correct' I can hear the hard drives crying already.
|
|
#
?
Jan 8, 2020 19:03
|
|
|
What even is DFS-R Oh wait, needs a domain.
|
|
#
?
Jan 8, 2020 19:09
|
|
|
Thanks Ants posted:What even is DFS-R Came to post exactly this. Some insanity just can't be stopped. Willful ignorance falls under this category.
|
|
#
?
Jan 8, 2020 19:19
|
|
|
klosterdev posted:Today I found myself going down the DNS rabbit hole as an immediate response to my thinking to myself "there's no way it's DNS" So it was DNS...
|
|
#
?
Jan 8, 2020 19:24
|
|
|
CitizenKain posted:Either there is a really great prank brewing between me and our change management department, or they are just out of their goddamn minds. Stop caring. All of the issues you describe are not-your-team-nor-you loving up. When you can't do something because not-your-team-nor-you hosed up, just escalate it and let your boss know. You've done your job. If others can't do their job, it's not on you to make them do it.
|
|
#
?
Jan 8, 2020 19:27
|
|
|
Our CIO has decided that details of every Group Policy change now need to be emailed to all IT staff. 
|
|
#
?
Jan 8, 2020 19:29
|
|
|
Hungry Computer posted:Our CIO has decided that details of every Group Policy change now need to be emailed to all IT staff. Is it like an automated diff or does it actually have to be written out and poo poo?
|
|
#
?
Jan 8, 2020 19:31
|
|
|
Schadenboner posted:Is it like an automated diff or does it actually have to be written out and poo poo? Automated. Any approved group policy related change in the change management system is now sent to everyone regardless of scope.
|
|
#
?
Jan 8, 2020 19:33
|
|
|
Hungry Computer posted:Automated. Any approved group policy related change in the change management system is now sent to everyone regardless of scope. I mean, it's dumb but at least it's not much of a time-sink and can probably be ruled-and-foldered pretty easily?
|
|
#
?
Jan 8, 2020 19:35
|
|
|
Good way to completely numb people to the process so they become unable to spot potential problems coming
|
|
#
?
Jan 8, 2020 19:35
|
|
|
Thanks Ants posted:Good way to completely numb people to the process so they become unable to spot potential problems coming All communication is inherently good and valuable. Corrolary: More communication is more gooder and more valuabler.
|
|
#
?
Jan 8, 2020 21:31
|
|
|
Thanks Ants posted:Good way to completely numb people to the process so they become unable to spot potential problems coming This my main concern with it. Most of the emails are going to be low impact pre-approved changes like "Edited the Firefox Pop-up whitelist in x GPO assigned to Y student lab OU because the vendor changed their url". Actually all changes are virtually pre-approved because I've been assigned as the person approving group policy change requests, and I'm also the person who implements about 90% of GPO changes. But at least changes are properly being recorded now, until today group policy wasn't part of the change management process and I just kept my own logs in OneNote.
|
|
#
?
Jan 8, 2020 22:11
|
|
|
Hungry Computer posted:This my main concern with it. Most of the emails are going to be low impact pre-approved changes like "Edited the Firefox Pop-up whitelist in x GPO assigned to Y student lab OU because the vendor changed their url". AD Audit software that records every AD / GP change and boots it to a log server with reporting capabilities. Easy recording! Everyone should do this, and something like MEs ADAudit+ is cheap as poo poo to implement.
|
|
#
?
Jan 8, 2020 22:34
|
|
|
Raerlynn posted:Sorry man, I'm kinda with the change board here: But I’m not making the change. I need the department who is responsible for the hardware to do it. But I can’t put in just a “Do this by x date, or do when available”, they won’t hand it to that department unless I make up a date. Like the shortcut change, a user wants a published shortcut in their desktop to open in Chrome instead of IE. It’s a Citrix environment, so the user can’t do this themselves. So my ticket is “Hey Citrix group, can you make this change?” In theory, this would go to their group, they would decide the when, they do it and it’s marked as done.
|
|
#
?
Jan 8, 2020 23:28
|
|
|
CitizenKain posted:But I’m not making the change. I need the department who is responsible for the hardware to do it. But I can’t put in just a “Do this by x date, or do when available”, they won’t hand it to that department unless I make up a date. Like the shortcut change, a user wants a published shortcut in their desktop to open in Chrome instead of IE. It’s a Citrix environment, so the user can’t do this themselves. So my ticket is “Hey Citrix group, can you make this change?” In theory, this would go to their group, they would decide the when, they do it and it’s marked as done. The Citrix group should handle the entire change request then, why is this going through you at all?
|
|
#
?
Jan 8, 2020 23:30
|
|
|
Inspector_666 posted:The Citrix group should handle the entire change request then, why is this going through you at all? This. From what you're describing this is 110% not your problem.
|
|
#
?
Jan 8, 2020 23:44
|
|
|
Inspector_666 posted:The Citrix group should handle the entire change request then, why is this going through you at all? Because the link is pointing to a webpage of a device I manage. Which doesn’t make sense, but I lost argument too.
|
|
#
?
Jan 8, 2020 23:45
|
|
|
Your change process is hosed if changing a shortcut on a published desktop needs to attract the same scrutiny as some core network change.
|
|
#
?
Jan 9, 2020 00:36
|
|
|
Ours varies wildly based on (the weather? their sleep?) on how much scrutiny they put on small, insignificant changes. When they were being particularly insufferable we submitted a change ticket to replace the batteries in the wall clock and they got super mad, going straight to the director levels that we aren't taking them seriously. 
|
|
#
?
Jan 9, 2020 00:47
|
|
|
Shouldn't time change be automated? 
|
|
#
?
Jan 9, 2020 01:01
|
|
|
less than three posted:Ours varies wildly based on (the weather? their sleep?) on how much scrutiny they put on small, insignificant changes. I'd say you were taking them exactly as seriously as they deserved. $Job-1 had a similar byzantine structure in place. Some things were tickets/service requests. Some things were standard change requests. Some things were normal change requests. A little light bribery on the change management team did wonders for actually getting poo poo done. $Job is "Hey boss, I'm gonna gnarfle the garthok. I already cleared it with Internal Apps. Cool? Cool."
|
|
#
?
Jan 9, 2020 01:01
|
|
|
Our change advisory can get into moods as well. I once had a 5 minute, non-impactful, standard business hour change relegated to a 2 AM maintenance window a week away, just because the window existed. I've taken the malicious compliance route rather than fight it. Fighting only makes them more ornery. When the admin team couldn't get their new server online for a week I let them know who to direct their complaints to.
|
|
#
?
Jan 9, 2020 01:03
|
|
|
I spoke to our Network Engineer earlier, who was the only guy at work this week who was a part of the team that interviewed our new Systems Engineer. Apparently there are no misconceptions about his abilities. He is expected to be a helpdesk tech and the lowest guy on the totem pole despite making twice what our current sysadmins do. Sucks for them but cool that everybody is on the same page I guess. I kinda wish I could go back to resetting passwords for my current salary though. No. Actually, I don't.
|
|
#
?
Jan 9, 2020 03:51
|
|
|
GnarlyCharlie4u posted:I spoke to our Network Engineer earlier, who was the only guy at work this week who was a part of the team that interviewed our new Systems Engineer. Nepotism or blackmail?
|
|
#
?
Jan 9, 2020 04:28
|
|
|
Neither. GREAT timing. 2 years and zero hires later I think my boss is really feeling the pressure and isn't able to use the excuse 'we don't have enough people' anymore. After losing most of our talent we haven't been able to keep anyone for a reasonable amount of time. Boss/manager tend to drive them out as they're sorta difficult to work for. And I guess we couldn't hire him to be anything else because we don't have any other vacancies besides 'Engineer'
|
|
#
?
Jan 9, 2020 04:50
|
|
|
It's getting pretty dire in my area, I interviewed a guy yesterday who had been "working in IT" for 15 years, mostly with the one company, had senior in his title, nearly hitting 6 figures at his current job and he was applying for a level 2 helpdesk position. After some real softball questions I figured out pretty quick he had never touched AD, Group Policy, never even shared a folder or printer, barely had any comprehension on what a router did beyond "allowed internet access" and at about that point I gave up and pretty much ended it there. From what I could gather his job for the bulk of those 15 years has been to watch a webpage and make sure it didn't go down, and if it did maybe he'd restart the IIS service on a server and if that didn't work then escalate it to someone else. That was my best pick out of ~50 resumes 
|
|
#
?
Jan 9, 2020 07:13
|
|
|
There are two older guys who started at my work recently, both of whom have 15+ years of experience. Both of them are colleagues of mine doing the same job I do. Guy #1 is rad; his prior job was something like seventeen years running a helpdesk for a dental CRM platform. Guy #2 I'm not sure what he did before, but he consistently forgets basic poo poo like how to reset a password.
|
|
#
?
Jan 9, 2020 08:26
|
|
|
Inspector_666 posted:The Citrix group should handle the entire change request then, why is this going through you at all? At Initech, he takes the specs from the customers and he brings them down to the software engineers.
|
|
#
?
Jan 9, 2020 13:25
|
|
|
Boss's kid flattened the DB server he spun up a few weeks ago, formatted the 6x240GB disks as one big raid 10 like I told him to in the first place (it was previously 3 RAID 1's of 2x240GB) but then he went and made 220GB partitions anyway
|
|
#
?
Jan 9, 2020 15:01
|
|
|
Your department wants to talk about some changes they want to the HR site, and you want them live on Monday? :popcorn:
|
|
#
?
Jan 9, 2020 15:20
|
|
|
Our changes are being audited by change management. Which is all well and good except our weekly reboots count as changes and we aren't supposed to approve our own changes. What will happen? Who will prevail? Will I care (no)?
|
|
#
?
Jan 9, 2020 15:24
|
|
|
Our on-call DBA was upset with me calling him over a login failure for the sa account, which was apparently part of nightly pentesting nobody bothered to tell us about or make a ticket for, so we had no way of knowing it existed. Then he told me to ignore all failed login attempt alerts for that server at all times, when we've been instructed to immediately get the DBAs whenever we get one of those. So with zero documentation he wants me to ignore a potential security breach on a particular machine in perpetuity. Of course I told him that I would need to get that instruction from my manager. Is that universally understood as a polite "gently caress off" or is that just me that uses it that way?
|
|
#
?
Jan 9, 2020 15:50
|
|
|
It is a gently caress off, but it's also your only reasonable course of action. If you don't get instructions like that in writing it's your rear end on the line when it goes wrong.
|
|
#
?
Jan 9, 2020 15:54
|
|
|
22 Eargesplitten posted:Our on-call DBA was upset with me calling him over a login failure for the sa account, which was apparently part of nightly pentesting nobody bothered to tell us about or make a ticket for, so we had no way of knowing it existed. Then he told me to ignore all failed login attempt alerts for that server at all times, when we've been instructed to immediately get the DBAs whenever we get one of those. So with zero documentation he wants me to ignore a potential security breach on a particular machine in perpetuity. It seems pretty self-evident that if someone who isn't your manager is telling you to ignore a directive from your manager, then at the very least your manager needs to be aware of and OK with that so that you don't seem negligent and/or insubordinate when they find out about it. Preferably an important policy exception like that would be in writing.
|
|
#
?
Jan 9, 2020 16:27
|
|
|
Yeah, despite this being my highest paid job ever we're definitely the peons in the ops center, so we'll get pushback for our requests like "let us know when you're taking systems down for maintenance and when the maintenance is done" and sometimes get stuff like this where they want to make exceptions for something without actually going through the proper channels. I haven't had too much interaction with my manager due to working nights, but she seems like she's big on making sure everything goes through all of the proper procedures and gets really pissed off at the slapdash ways people are used to doing stuff around here. She just started less than a year ago herself. So I let him know that I needed to hear that from her and put a note about it in the email we send out every shift to let the team know about issues we had. My last job was very much a "get it fixed by any means necessary" place so it's taking some getting used to, I'm trying to get myself in the mindset where I follow procedures even when I don't think it's going to work / be efficient, because the only way to get procedures to change is for people higher up the chain or customers to complain about it, and breaking protocol just gets them congratulated when stuff gets done quickly but leaves my neck on the line if it goes wrong. So it's like malicious compliance, except it's not actually malicious, because sometimes the best way to get things to run smoothly long term is to let them be bumpy short term. That last job is also why it didn't even occur to me that a database not recognizing the sa account might not be an emergency. I know best practice is not to use it, but my last job was supporting 25 year old software that required the sa account to be active with full admin privileges.
|
|
#
?
Jan 9, 2020 16:53
|
|
|
|
| # ? Jun 4, 2024 21:52 |
|
|
22 Eargesplitten posted:Our on-call DBA was upset with me calling him over a login failure for the sa account For some reason, every time I see "sa" I think SomethingAwful, not Server Administration and I literally have to redirect my thinking from, "why are they talking about sa accounts?"
|
|
#
?
Jan 9, 2020 17:24
|
|
