A big mess

Just started a new job. I am the senior desktop guy\systems admin.... This place is a mess. No standardization, no policies, no rules. Its a free for all.
Looking for some good tips on where to start? Should I start with inventory, naming standards, etc? I have worked with messy environments but this place is really bad. I am not sure where to start =(
I am trying to basically standardize, clean up, update, and just put everything in order. Any articles, hints, ideas, suggestions, links, would be greatly appreciated.
23 answers Last reply
More about mess
  1. how many computers are we talking about?
  2. What exactly is it you're trying to do? what first?

    I would start with names, from there you can set up your OUs and GPOs in Active Directory and push things through that way, but you need to know what the machines are first.

    We have computers named by location, then a number. IP adresses the same:
    ie 192.168.location.number.
    reception 1:
    reception 2:
    engineering 1:
    engineering 2:
    PR 1:
    PR 2:
    and so on. And if you have more than 255 machines in an area they occupy 2 adjacent subnets.
  3. What are they running? Server 2003/2008? If so then start with Active Directory and start making Generic Groups for each department to reel them in some and then investigate individual access.

    Also right now if you don't have web filters/AD in place expect some backlash when all the users start complaining about things they use to have access too.
  4. I am afraid to piss off the wrong people here. Law firm and there are number of pissy people. Its just under 200 users. About 30 servers.
    Old IT guy was sharing passwords like its normal. All users have local admin rights. No standards on things such local admin passwords, all files are locally stored, no software or hardware standardization. I guess my issue is that I know how to get all this done, but I am literally the only IT guy (have a network engineer consultant) and they just want me to get all this stuff straitened out and I would love to do that but they are very resistant to any kind of change.
  5. One way to approach the situation would be make a list of the changes to be implemented and list the reasons why and the advantages and disadvantages. Some of the IT power words like Security, Data Loss, Time, and Money work wonders when talking to management keep that in mind.

    once you have the list in place, approach the person in charge (Owner, office manager, department manager) and have a meeting on how to implement changes. Without support from higher up you will be the jerk of the Office; therefore, use the management and make them take the blame.

    Make sure that it is communicated to the employees that it is the company that wants the changes and not IT.
  6. Emerald, thank you very much. That sounds like very sound advice. I am going to start planning. The "Main" guy is very reasonable but not tech savvy. He does like techy words and I will basically make him an offer he can't refuse. Thanks for everyone's help!
  7. Its Windows 7 (Some XP) and all servers are 2k3 with Exchange '03.... I can't even begin to touch back end until I am 100 set on the front end here.
  8. Data Theft is also a great power word
  9. Information Security / Information Awareness are your friends here, it can be used to explain just about every single change you need to make. The enemy of security is disorganization, the more organized things are the more efficient / effective security measures are.

    Also used things like "Best Business Practices" and "Industry Standardization", just about all "recommended" procedures on technet / MSDN can be considered industry standards. Also I'm assuming you have zero "fault tolerance" nor any "disaster recovery plans". Those make ~very~ powerful arguments for standardization, no business owner / manager in their right mind wants to fathom losing business data due to something like a HDD crash or water damage. Just imagine case files being gone off someones computer because they contracted a virus that spread throughout the office and severely impacted the ability of your office to lever its IT assets to increase profitability.
  10. They have have fault tolerance\dr but im def going to address that in the near future... so far i need to get rid of a milion little hubs on almost all workstations (enough wallports\switchports) but for some reason only using one port at each station with a hub.... whatever... i dont know what their reasoning was, its going to take some time to clean this mess. ive always worked in larger environments with plenty of people doing good and bad things but at least it was more or less organized. This is my first sysadmin job and its going to take a few months just to understand what they have here. I am using Spiceworks to temporarily manage inventory and for helpdesk purposes. I guess, i'll start at the beginning, otherwise it all seems overwhelming! again, thanks for your tips and suggestions
  11. Good start on getting rid of the hubs, get some switched and maybe a wirerack if you don't have one.

    Have to give some points to Emerald, hard to take change until you start mentioning how bad things could get. Data loss, theft, ect.. really good words to use. Just make sure you keep a informative tone. You don't want to sound intimidating or like your scalding a child when you give a report to management. Even if you make good points they may push you aside.
  12. thanks darkwolf... that last part about sounding intimidating is what is concerning me. i am writing up everything and hopefully in a week or so will submit it to the director of operations. a girl who works here ( i know her from before) suggested that i start as if i was starting from the beginning. i wish it was that simple. its such a mess that i first i have to fix *** then start from the beginning. nothing is centralized and no one knows what software they are running, whats purchased and whats not.... anyway, im just overwhelmed a bit.. not even a matter of me not knowing or understanding the problems but i guess when there is too much *** to do and you dont know where to start, start at the bebinning. thats where im going to start.... with time this will all get better and i might even enjoy working with super hot and surprisingly sweet ladies =))
  13. Dude, if you don't take the bull by the horns and do your job you might as well find another place to work.
  14. There is a old situation that has the same answer as yours.

    How do you eat an elephant?

    One bite at a time.
  15. Congratulations... You have a job!

    To keep it you must put on your politician's hat and find out where the power and authority is in the company.

    It may be your boss, or someone else. The higher you can get, the better.

    You need the authority to make changes, and there will be resistance and changes. You need support to be able to make them stick.

    Pick a small project first that will ruffle few feathers and is assured of success.

    Document what you are doing in an email to your boss, or the chief, and send a copy to his boss, if you can.
    Same thing when you ask for something, always send a copy to someone. That way, you avoid the "you did'nt tell me" excuse and the like.
    The key to getting things done is the second copy.

    ---good luck---
  16. Double Rainbow Post. What does it mean?!
  17. While all the advice offered works, I wouldn't say any of it is great advice for you to start with.

    First things first. The employees make the company money. We never work in an ideal environment and coming from the outside to the inside you will always see plenty of things to fix from our perspective. The employees come first because they generate the money.

    I would say do this:

    Schedule meetings with individual managers to discuss where their pain points are. What can be done better, what are the headaches, etc.

    Reality of it is you're new and probably have a little budget or nothing at all. Spending money coming in the door is not something they'll tend to trust you with.

    Schedule those meetings, find out what needs improved on their end. Attack those problems as you can. This will also help you build the case on replacing equipment and changing the infrastruture. No one likes change and to have some new 'hot shot' coming in saying we can do this and that better, blah blah blah.. they see 'spend money.'

    Fix the pain points. Stop all the bleeding. By that I mean focus on how a computer is deployed to the end user. Make it standard. That starts solving problems through attrition of computers.

    Follow those two steps and now you know what the problems are and your users are starting to be on the same page software-wise.

    The big thing to understand is that this is going to be a 2-3 year project. You need to replace equipment with the right equipment. They won't just cut a check, so you need to create a budget and present that to say next year we are going to need to do all this. Keep it realistic though. While replacing all the hubs is nice, you would need all new cables or additional lines run for other devices. That all costs money and the gain may be marginal. Spend the money you are provided as best as possible.

    Budget to start replacing computers that are over a certain age old. Maybe replace 1/5th of the computer every year. Easy to budget, no computer is over 5 years old, etc.

    Get the employees working. From there, that will provide you the ability to start cleaning up the back office applications and servers. The powers that be will see the improvements and hopefully hear less about the issues.

    *On top of starting with the employees, you will be able to better understand the business and how it works. This will help you understand the role you are to play in the company and how the company works with IT.

    If you do not have a budget created, you should work on that as well. Instead of walking up unexpectedly with a request for replacement equipment, work out a budget that you can start planning to replace items. By doing this you may not be able to replace those hubs in 2011, but in 2012 you can do that because you have budgeted the expense.

    Nothing happens over night. In your situation, everything you do will need to add some kind of value to the company. Putting in the request to spend money for additional cable runs and longer cables to remove the hubs is ideal for you, but can you quantify to management how spending that time and money will add value and save the company money? Probably not. Budget for it so it isn't an unexpected item.

    Start with the employees and fix the issues that you can. Once things are settled you will want to design the perfect environment for the office to operate in. From there, you will need to develop the roadmap on how you will get there. That roadmap will very likely span 3 or more years. Present that three year roadmap to management and 1) you show commitment and long term vision 2) they can visualize it and get on board with you 3) You did your homework, planned it out, and your vision of IT not only meets the business needs but also helps move the company forward.

    Many ways to approach these situations. I spent 5 years going into companies doing this exact kind of work. Start with the managers and employees, they're the ones who deal with the same issues day in, day out. Management will put a good word in for you, let the others talk you up to the higher ups and you will be on your way to resolving the issues and have a lot of work to do.
  18. Get a ticketing system in place so you can stay organized! GOOD LUCK!!
  19. riser said:
    While all the advice offered works, I wouldn't say any of it is great advice for you to start with.

    First things first. The employees make the company money. We never work in an ideal environment and coming from the outside to the inside you will always see plenty of things to fix from our perspective. The employees come first because they generate the money.

    Golden words :), couldn't agree more.
  20. Status update?
  21. Feylasocal, I can feel for you - a year ago I got stuck in the same sitaution, first job as SysAdmin, thought the job posting said Net Admin and I think what they expected was a Desktop Admin. Also no documentation, standardization, licensing/software purchases, etc - previsouly IT had been sort of an 'add-on' responsibility that got handed around other full-time positions (ok, they had 1 IT guy before me but he lasted 2 weeks and got fired). From this past year I can give my observations and advice, but I'm sure more experienced people have already provided theirs as well. I'll try to put my advice in short-form (post-writing note: that short-form sort of failed, and they ended up in no particular order after #2 or #3)

    1. Learn whats on the network - nmap, nbtstat, net view, AD, DNS, wireshark (could be a little riskier for you - its a law firm, and I'm not sure if your entire environment is hubs, or if it is mostly switched and just some users use hubs) - and google, and your regular web browser are useful for learning what is what. (that last one because often you can determine what something likely is by it's web interface if it has one)

    2. Learn about the systems and software on the network. Odds are you haven't seen everything they are running, there is just too much different tech in IT to know all of it from all the different vendors, so grab the guides online for whatever you happen to have running. They're almost exclusively PDF and text searchable, and they can save you in a heart beat, or save you hours of googling to reduce that knowledge down to reading 5 pages in the manual (yes, RTFM).

    3. Attempt to standardize. Once you have standardized configurations, you can plan changes and anticipate their effects with good certainty - in an environment with a great deal of entropy in the configurations, their will be a great deal of entropy in the results of your efforts to make changes. This could be exceedingly difficult for you, as you said there is no standardization of hardware.

    I went about things the old-fashioned way at my location, building an image for every model of desktop we used (there were roughly eight) and then went about imaging all 50 or so machines (with a couple of test groups first, of course). After the imaging, I estimate my user support requests declined at least 80%.

    Also, look for any manual configuration settings that could be applied via group policy, preference, or login scripts if needed. This will help reduce configuration entropy and errors, and will add the some limited self-healing ability to your configs - drive mappings and necessary application files are a good start, as these have a tendancy to get changed or deleted.

    4. Attempt to lock-down user privs. This goes a fair ways towards dropping the amount of user-support, as it prevents users from breaking a lot of things in their day-to-day doings (not just them, but whatever software, sites or updates they happen to run as well)

    5. Get something like spiceworks, and make the necessary configuration changes to your clients to improve network vision and track your environment. My only complait/caveat about this is that I couldn't actually get it to work reliably to determine workstation configs until after I imaged them and knew exactly what they looked like anyways! Centralized AV reporting is great as well, and centralized logging will help you track other events on your network - spiceworks has some of this, but often a vendor-specific solution will integrate more tightly with their product to provide better stats/monitoring/reports, and it will probably even be free.

    6. Scour any documenation/information available. Contact vendors you know you've used in the past and ask for any information they can provide on purchase history, etc. We're still discovering licenses no one knew we had (an unexpected windfall).

    7. Gain credibility - make suggestions and make smaller changes, and use them to build your credibility before pushing for bigger changes - you'll notice almost all of what I listed above was technical-only. Changing the corporate environment and atmosphere will require some clout, and people don't tend to respond very well if in your first month of being there you tell them they have been doing everything wrong and need to change it all.

    8. Document as you go. You'll be learning a lot in the first few weeks and months (and it will likely continue), and it can be easy to get overwhelmed - having somewhere you can put down your thoughts and observations to reflect on and reference later can be critical. I put a lot of this on the computer at first, but pen and paper can often be more intuitive/handy.

    9. Once you know the basics of the network, put into place at least the basics of security on your network devices - ssh, MAC Address limits on ports, BPDU Guard (not sure what they call this for other vendors, but basically it ensures only workstations connect to wall jacks), changing any default passwords you find on devices and other 'safe' measures (that won't break anything running on the network). This small investment yields an exponential increase in your security posture almost instantaneously.

    10. Not network specific, but "know your man" - know who you can talk tech to, who wants laymans terms, who needs layman's terms but is impressed when you talk tech then explain in plain language, and who might have any tech experience or at least sympathies in your user base. That last group can be a great help when you are looking to test something, as I find they're generally more enthusiastic, easier to communicate with, and provide better feedback. This can also go for management - if you know a particular member is keen on the tech stuff, you can use them as a voice in that circle of higher-ups, representing your concerns and ideas when they might otherwise not get heard, and they might just help convert the tech talk to business language instead (I always thought ROI and TCO were business terms).

    Theres a great deal of other advice I am missing, I'm sure, but I can't go on forever. If you have any other questions obviously post them here or feel free to message me direct and I'll help if I can. Sorry if not much of this was new or applicable - I hate to say it but I didn't have the time right now to read the entire reply thread and try to conribute too.
  22. One last thing I forgot - always remember what you are really in is customer service - the users are your customers, and you want to keep them happy. If the users are happy (management are your users too), they will be more receptive to your changes and embrace the chance to take part in them more readily. A big part of this is communication. If you are making a change that will effect their environment, communicate this to them, make sure they understand the basics of what is happening and what the effects will be, and ask if they have any questions. Do your best to answer those questions, and try to minimize the impact and shock from the changes for them. And try not to put them through anything you wouldnt want to go through yourself - we had a user lose 3 months of email here (the last three months) and while management shrugged it off as not important (and from their perspective of company-threatening, it wasn't) it certainly wasnt a walk in the park for that user and wasn't something I'd want to go through, and was horrified when they lost it (evil PST files 1, me 0).
  23. It sounds as if the situation is horrible out there, but you are already provided with such good suggestions so I would just say keep your spirits right and go on....
Ask a new question

Read More

Management Desktops Systems Business Computing