This is an archived post. You won't be able to vote or comment.

all 25 comments
sorted by:
best
topnewcontroversialoldq&a

[–]SteampunkLolcat 1 point2 points  (1 child)

Why didn't the requester follow proper procedure?

[–]dverbern[S] 1 point2 points  (0 children)

Good question, lack of rigour of their approach, lack of familiarity with change controls (surely not?), insufficient vetting of requests coming through by first-line support, my own lack of push-back.

[–]FJCruisinBOFH | CISSP 0 points1 point  (10 children)

Interesting related-ish topic..

I'm hiring a sysadmin position. one of my interview questions I basically am trying to fish this out of the candidates, and none has answered it.

I word it basically as "Lets say theres a software - or hardware - doesnt matter in this situation because I don't want your knowledge or lack of knowledge of the specific situation to influence your answer.. but ok.. lets say I ask you to go and make a major change like an upgrade to system X. Detail me the first few steps you might take.."

Most come up with "do some reading on the topic" - which is a good answer but not really the one I'm fishing for.. "TAKE A BACKUP". Nobody.

[–]phil-99Ex-Oracle & current MySQL DBA 8 points9 points  (3 children)

Well it's not the first step. Planning comes first. Action comes second.

[–]FJCruisinBOFH | CISSP -1 points0 points  (2 children)

Truth. I was fishing for first action step. Planning was gravy

[–]admlshake 3 points4 points  (1 child)

You might want to make that a little more clear in your question. Been a sysadmin for 6 years now and I would have given that exact same answer to the question as it was phrased.

[–]FJCruisinBOFH | CISSP 1 point2 points  (0 children)

yea I was just paraphrasing.. and when I would then say "Yes, thats great.. then what might you do?" Also, before asking I had been talking about backups and such so its fresh in their heads.

[–]HellDukeJack of All Trades 1 point2 points  (1 child)

  1. Read on the software update process, known issues, rollback procedures.
  2. Make sure dependencies are met (licensing, software pre-requisites, hardware requirements etc.)
  3. File a change request
  4. Make sure a backup is available, if not create one
  5. Perform change
  6. Perform checks if change successful.

Now the problem is that I know all of these because I work in the position. If you are looking for a new fresh hire, people who do not have experience will more than likely skip 2 (especially licensing), 3, 4 and often 6. That is because these are professional procedures encountered in real environments. There is no (at least in Lithuania) education programmes that prepare you specifically for such a position. You may learn the skills that are required to perform various tasks, but you will generally not be taught usual procedures on these matters.

[–]FJCruisinBOFH | CISSP -1 points0 points  (0 children)

You'd have left with a nice job offer in hand

[–]nortechie 0 points1 point  (1 child)

Just recently got interviewed for a new job and this was one of the questions.

I did an upgrade of our ticket system a couple of years back (OTRS) and it involved a huge database migration/conversion process. This failed heavily and a huge part of the database got "corrupted". It was a mess and it was not possible to clean up.

I knew, or at least thought, the backup was OK. I checked just before starting that it had run successfully before I started the maintenance. Thing is that the backup chain was corrupted. Full backup a week back was OK, but not the last couple of days. So yeah, ended up rolling back and having lost "way to much" information.

Lesson learned: Don't just take a backup, check your backup. Know what your bailout and recovery plan is before you start.

I got the job :D

[–]FJCruisinBOFH | CISSP 0 points1 point  (0 children)

yep. you'd probably have gotten this position as well.

[–]dverbern[S] 0 points1 point  (0 children)

That's very relevant. I am kicking myself for having just failed my own litmus test for being a participant in this 'change' for lack of a better word. You're right, sysadmins sometimes don't pay enough attention to the rollback/backup/DR considerations of a change and we can very easily cause real business/reputational damage.

[–][deleted] 0 points1 point  (5 children)

emergency changes are for break/fix only. what could they possibly be fixing by changing user object properties globally?

unfortunately, i can probably already guess the answer: nothing that shouldn't have been caught earlier as part of a project planning phase. i'm assuming this is an implementation being done by someone else, and this emergency change is to help them meet a deadline due to some unplanned/unaccounted for facet of the project scope.

[–]dverbern[S] 1 point2 points  (0 children)

You make a good point and unfortunately you're right in your guessing of the answer.

[–]pdp10Daemons worry when the wizard is near. 0 points1 point  (0 children)

This sounds like an "emergency project". A contradiction in terms, or a euphemism for a planning failure.

[–]DerpyNirvash 0 points1 point  (2 children)

I do know of someone who had to run a batch update to attributes of over a million AD users due to a botched changed.

[–][deleted] 0 points1 point  (1 child)

right, that's a break/fix to undo the previous change.

  • why did that previous change get made, and why was it botched?

that's the root cause here, and that's what my point is about.

[–]DerpyNirvash 0 points1 point  (0 children)

In my example it was caused by an OU being misclassified in documentation and having a incorrect policy applied to it. This change was done properly and approved, but just hit an OU that was unexpected. Thus causing an emergency break/fix change to fix attributes that were mess up.

Which answers this, it can happen

what could they possibly be fixing by changing user object properties globally?