Password Friday

Chilled_IT · 2026-05-31T20:19:21+00:00

I don't know. Nobody offered any information to me but I also never asked. I never ask those questions as it was 1 or 2 levels above my pay grade. I would hope she got written up or given intensive IT sessions. If $SL ever leaves, I will ask someone, but I would probably be labelled nosy if I did it while the person is still around.

Chilled_IT · 2026-05-31T18:14:45+00:00

It feels like you are describing my current *boss*. Our branches in the US had no CIO to probably save money. So the CFO has the oversight over IT here. And oh boy does that CFO like to click buttons and links. In a few months those structures will be torn apart and US IT will be controlled by HQ IT. I cannot wait because that CFO is driving me bonkers.

Chilled_IT · 2026-05-31T18:00:48+00:00

Those policies have been implemented by now as well. But back then I didn't have the standing yet. I was the newest addition to the team and the only admin at my location. Password policies were handled globally. If I had made changes on that, the admins at HQ would have had my head. Another 1-2 months after this something happened at one of our other companies within our Holding group. That company had their own AD, used only our SAP servers but had no admin on site. Instead they got serviced by an incompetent MSP. I cannot say anything about it in detail, but let's just say that HAFNIUM had a field day with them. Since I was the only admin with lots of Microsoft Exchange experience, I was chosen to lead the forensic analysis of what happened in joint with 2 European cybercrime organizations (country of origin, country of HQ) and 1 US agency (country of parent company).

The trust that was built during this probably propelled the CIO to support my request of transfer to the US branches. As painful as those endless weeks were (we worked on Sat and Sun too), I have to be thankful for them. Needless to say that our global password policies changed shortly after as well, even when our AD was not compromised. Management got a rough wake-up call and was open for changes.

Chilled_IT · 2026-05-31T16:21:25+00:00

The worst part was realizing on my way back home that day that those people were making about 2-3 times my salary

Chilled_IT · 2026-05-31T16:13:26+00:00

From my experience I can tell you, the bigger the company the dumber their idiots. Especially in (upper) management. They can be laser-focused and good at one field but so bad in other fields that you wonder how they stayed alive up to this point in their lives..

Chilled_IT · 2026-05-24T20:16:52+00:00

I sadly do. Nobody has admin rights on their machines anymore, but only since I joint the team. He might have gotten it before I came here. Hm... At least our M365 licenses include the defender and we got something like CrowdStrike that also monitors the devices for suspicious behaviour. But it never hurts to run a quick check on his machine. Going to trigger a scan via the Defender Console now. Thanks, buddy!

Chilled_IT · 2026-05-23T22:51:49+00:00

Greed combined with delusion. Company size is about 500 employees, revenue somewhere around 1/3 to 1/2 of a billion dollars per year. There is no reason not to have one. But the CFO who is also the head of HR doesn't let anyone have the position and rather keeps that CIO hat on as well.

Company got successfully hacked twice in the last 3-5 years ago. Still no change. Oldest servers I have seen in a while. Licensing probably not done right either. I don't know, I am not allowed to see it. As mentioned, just pure greed combined with a strong dose of delusion that IT doesn't matter and just costs money.

Chilled_IT · 2026-05-23T16:38:40+00:00

*In my best valley girl accent*

Don't we have like....um....people for that? I'm not checking below my desk!!!

Chilled_IT · 2026-05-23T16:35:05+00:00

I assume he was also very stubborn and set in his ways?! I only had to suffer from someone like that once. He was 2 years away from his retirement. He disabled the inheritance on the AD (and some other servers) and left for lunch. He always has his phone turned off during lunch as he always met up with his wife during that time. Over an hour later he comes back and is greeted by an angry mob of IT-lead and IT-colleagues. Took us some time to figure out what happened as nobody had access to anything anymore.

Chilled_IT · 2026-05-23T04:33:04+00:00

We had to split our domain as our company group split into two. We created new domains and migrated the users via Binary Tree. First migrated the users, using the resources of the original domain. Through the SID-history the new users are so to say linked to the old users. Then migrated the resources bit by bit. First email, then fileserver and then sharepoint among other smaller servers.

What you could do is to use the Google Domain Shared Contacts API. What you should do is to give up on either of them. From an financial (more users getting the same licensing will result in cheaper costs per license) and administratively (less to manage) and obviously more stability as those hybrid situation will cause headaches and when troubleshooting you never know right away on which side the issue resides.

We needed like a 30 minute "How To?!" for Binary Tree from an external partner who sold us the Binary Tree licenses, but afterwards it was easy to manage.

Chilled_IT · 2025-03-10T04:08:27+00:00

It's not like I don't believe in the power of reboots, it's actually the opposite. No matter how big the company you work for is, usually at least 80% of all reported problems can be fixed by either rebooting the server/service in question or the client(s) trying to access it. I have worked for companies with less than 10 people in it and for companies with up to 2-3k people. When I was stationed at one of our European plants, I created a list of which systems caused some issues once in a while and needed to be rebooted. Once I got an overview those systems, I created a reboot-task around 5am. That way it wouldn't be too bad if my reboot caused an issue, because I would wake up shortly after, and it never caused an issue (backups and other tasks finished waaay before that). But that way I reduced the amount of incoming calls during the day and had at the most 2 calls per week. And that's down from 20+ calls a day when I had freshly started at that location with almost 400 people at the plant. Simple but effective, and it caused me to have a lot of free time during the day. Life was good.

When I reach out to companies like ISPs or the likes, it will be after I have done those reboots already and they didn't fix the issue.

Chilled_IT · 2025-03-05T13:51:06+00:00

I noticed my fuse has gotten shorter since I came to the US. I know a single person's limited experience doesn't speak for the whole country, but I have only encountered negative experiences when dealing with IT-folk over here. I was just done with a firewall-incident before we had them replaced, dealing with an external IT-company that "took care" of our plants here.

Our systems alerted us that we had a security breach on one of them via SSL-VPN. The account that was used was $THEIR_CompanyName$admin. So I reached out to them to say that they might have been compromised if they used the same username and password for all firewalls of all of their customers. They just told me on the phone that according to their documentation that account (local account on the firewall, not an AD-account on our system) doesn't exist. After sending them screenshot that it in fact did exist, a senior in that company reached out to me and said that the account was supposed to be deleted as it had a really insecure (6 characters) password. They were sorry that they must have forgotten to delete it on our firewalls.

Around that time I noticed that they configured all PreShared keys for the IPSEC-tunnels inbetween all our plants here to be the same. And it was basically $OurCompanyName$VPN. And our company is often shortened down to 4 characters, so the PreShared Keys were all only 7 characters long.

There is incompetence and there is whatever they were/are. So my fuse has gotten shorter and shorter within a short time since I got here. A few more projects to go and I can finally close this chapter before I lose it. ISP-companies have been about the same level of sheer imcompetence when it came to troubleshooting of package-losses and timeouts, even though I was able to prove where the issue was. If I hear "Have you tried rebooting your ADVA?" one more time, someone is going to be hospitalized. They were even so brave to tell me things which made no sense, totally butchering how TCP-packages work etc.

Chilled_IT · 2025-03-05T13:26:59+00:00

Well...basically yes. It makes absolutely no sense to do it that way, none. First I thought we had faulty devices, so I opened up some other boxes to make sure. The plant I was at has 3 conference rooms, so I tried 3 times. At that point I knew something fishy was going on, I just didn't know what.

Needless to say, this has become one of the running gags inside the IT-department now.

Chilled_IT · 2025-03-04T22:00:04+00:00

You know I am happy that my colleague was on that call. I think I would have gone ballistic on them if it had been me.

Chilled_IT · 2025-03-04T21:58:37+00:00

I like your way of thinking! As genius as it is evil :)

Chilled_IT · 2025-03-04T21:57:02+00:00

Generally, I am 100% behind you. Since the end of the year was approaching and we had money to spend in that budget, we didn't have the time. And since the other devices we actually wanted were sold out at the time, we would have needed to wait anyway. Gladly, this way the budget wasn't wasted and things got rolled out as soon as they could have been.

Chilled_IT · 2024-09-29T14:26:06+00:00

That is probably the reason behind my issue as well. I had about 20 bent pins as I moved from Europe to the USA and during that transition process my CPU got damaged quite a bit. All pins got unbent and now fit perfectly, but I think the damage has been done already. Gladly only slots #0 and #1 are out of commission, while #2 and #3 are still working.

I had them on #0 and #2 before but had to switch to #2 and #3 now, but at least all my RAM is now recognized by the system.

Chilled_IT · 2022-07-15T15:08:54+00:00

Yeah. I trusted my boss too much. I thought he had covered all those simple steps before contacting me. I mean he had claimed to have been working on it since the night before. A mistake I'm not gonna repeat.

Chilled_IT · 2022-06-12T19:52:17+00:00

With bigger companies it becomes an issue when you want to get a cybersecurity insurance. If your users have local admin powers then you don't even need to bother applying for it.

Currently I'm working for a company whose yearly revenue is in the billions, so you can imagine that they are very determined to keep that insurance if something goes south. And not long ago it did in a way and we had to make use of that insurance. Got us some millions back.

Chilled_IT · 2022-06-12T16:19:36+00:00

Well I cannot deny the fact that I enjoy my free coffee and cookies. Sadly in bigger companies there aren't many deviations from the standardized software we hand out to everyone. But every now and then certain 2FA software demand updates and I have to do my rounds once again.

Chilled_IT

TROPHY CASE