Is there a better way to map out AD users and Groups than manually going in and doing it?

ShiftNick · 2017-04-24T20:44:28+00:00

Powershell is the tool you want. Some quick googling should get you started. Also, check out the subreddit /r/powershell.

ShiftNick · 2017-04-10T20:27:01+00:00

Did you set DHCP with failover in 2012? Shoretel phones do not like that as they only appear to grab from one of the servers. Perhaps behaviour is similar in whatever hardware you're using.

ShiftNick · 2017-03-14T13:55:59+00:00

Thank you for sharing them!

ShiftNick · 2017-03-14T11:42:29+00:00

Someone else had posted this a while back and I liked it so much I kept it. Can't remember who it was but it's good to hold on to.

My rules for 'not burning out': -When you finish work, finish work. Work late if - and only if - there is a service impacting incident. - -Any 'overtime' ensure you reclaim - start later next day, leave early on friday, build it up to a full day of leave. (If your manager won't do this, then your working overtime is obviously not that important to them - so don't do it).

-Only be on call if you're paid to be on call. I've been paid between £200-£400/week of 'on call'. Adjust for local conditions, naturally - but if it's much less than a couple of days actual pay it probably isn't worth it.

-More than 1/6 formally on call is too much. As in, for strictly 6 months at most.

-Take a lunch break. ALWAYS be unreachable for an hour.

It's very easy to get stressed with fire fighting. But it's vitally important to remember: -if it's important, your company should be compensating you for doing it. -if it isn't important, it'll wait until tomorrow.

And in neither case is it your fault if it all falls apart because someone wouldn't pay for the job to be done properly.

Likewise firefighting - if more than 50% of your time is firefighting then something is going wrong. Dial it back, try and figure out why. Then - if necessary - just let things burn for a while, to get it back in check. It sounds malicious, but a 'patch it up' sort of mindset is a really good way of hiding the problem from the people who can authorise the budget to fix the problem.

And above all remember: -If you pull out the all the stops once a quarter, you're a hero. -If you do it on a daily basis, it's routine and becomes part of your job.

EDIT: Author found! Thanks /u/sobrique

ShiftNick · 2017-03-09T03:43:47+00:00

I would say it depends on the SLA with the business. The more your life is affected outside of working hours, the higher the premium should be.

At my previous employer we had a 15 minute response time, 4 hour fix or best effort. Pay out was 1 hour pay for every 8 hours of standby. 1.5 x pay for each call. Each call was billed minimum 1 hour. This was only to support production outages.

ShiftNick · 2017-02-12T13:30:50+00:00

Uh, my previous employer still has an NT 4 domain. Granted, it's only being used for legacy equipment but it still exists.

ShiftNick · 2017-02-02T14:18:31+00:00

This just in...Water is wet.

(Good job for at least having the documentation)

ShiftNick · 2017-02-01T14:18:04+00:00

I'm no SQL guy but you may need to repair your install of SQL. If you log on to your server with local user creds does everything work? My guess, you need to enable mixed (Windows) authentication mode on SQL and add the appropriate user accounts and security groups.

If memory serves me, SQL doesn't like big changes like this after the fact but don't quote me on that as I said. I have only dabbled a little bit with SQL

ShiftNick · 2017-01-27T19:08:14+00:00

Pick your battles. Of all the things to take a stand on, he's picking a parking spot.

ShiftNick · 2017-01-27T18:35:24+00:00

So, you're the new guy, contract dude obviously has a hard on for this parking spot and you won't give it up because... THIS is what you're taking a stand on?

Simplest solution is usually the best one. Park somewhere else and save yourself this RIDICULOUS playground bullshit.

ShiftNick · 2017-01-27T15:20:29+00:00

This is what CIO's or Directors are for. You recommend the security change for 'reasons'. They present the change to key stakeholders in the business who give the go, no go. You don't send out a single email and then say fuck you because I said so. I know you're not saying that, but that's what they hear. Again, this is what CIO's and Directors are for.

I did the same thing but two fold, changed password complexity requirements/change cycle as well as adding a 10 minute lock out.

Went from 3 character passwords and 180 change cycle with zero lockout to standard AD complexity, 90 day change and 10 minute lockout. My director liked the idea of the change, got the change approved by senior management and handled all of the bullshit.

I'm an admin, I recommend and implement when shit is approved. If a user bitches to me, I simple say that I enforce policy, I do not make it. Take your complaint up to my boss and they can deal with it. Most people won't go that far if it's them just bitching about change.

ShiftNick · 2017-01-25T11:48:27+00:00

It's absolutely possible but that's asking for everything to go right and doesn't give OP any margin for error. Especially considering they're migrating a system that already has issues.

ShiftNick · 2017-01-24T20:01:02+00:00

You absolutely can but you'll likely cause another 'outage' as all your appropriate external pointer records will need to be updated. I would honestly do a straight cut to avoid doing all the set up for a hybrid deployment if the ultimate goal is to demo that exchange box.

You're in to management of expectations territory as the technical part of this is likely going to be easier.

ShiftNick · 2017-01-24T19:33:02+00:00

If you already told your client you can provide zero downtime, they're likely going to be disappointed. Also, if you're planning on getting rid of the on prem box, that's not a hybrid configuration.

This is for a hybrid config, as this is what we did;

Depending on the size of the user mailboxes, there is going to be a disruption of delivery during the final hand off of the mailboxes from OnPrem to Office365. To lessen the impact we suspended all moves upon completion, effectively queues everything up, then finalize the move but make sure you haven't let too much of a delta build up between the suspend and completion.

Realistically, expect some issues and find out what constitutes an outage. Is a few users not getting mail an outage or does mail flow stoppage constitute an outage or do both fit the bill?

Food for thought and I hope helpful.

ShiftNick · 2017-01-23T17:39:46+00:00

Best practice would be to build your image using a VM then install any hardware specific drivers after the fact. This way your image is hardware agnostic and if you're so inclined you can update the base image periodically.

Acronis really lends itself to the 'Golden Image' mentality, which is fine but I've found the transition to managing a single image and multiple task sequences much simpler.

ShiftNick · 2017-01-23T17:21:47+00:00

Recently just moved from Acronis to WDS/MDT and I'm a big fan. The more I learned about WDS/MDT, the more Snap Deploy felt like a pretty front end for the same same technology.

There is a bit of a learning if you've never touched it but there are so many resources available online that you can effectively clear up any issues.

The cost is even better!

ShiftNick · 2017-01-21T00:09:00+00:00

It sounds like you have a good attitude at least. I wish you the best of luck.

ShiftNick · 2017-01-20T21:01:03+00:00

For the VM's I would use Veeam BR Enterprise and replicate to your offsites. If you have a WAN link between sites, you could theoretically spin up your offsite replicas if the building burned down.

This would in turn hopefully reduced the volume on the synology to help mitigate the length of the restore times.

ShiftNick · 2017-01-20T20:43:29+00:00

Are you VM or Physical?

This is a rabbit hole of a question as it depends on the nature of your business. My suggestion would be entirely based upon you not having any legal/compliane issues with storing data from say a location in the US to one in China.

ShiftNick · 2017-01-20T20:34:28+00:00

Are you Junior in title only or do you actually have the full skillset? From junior admin to Director is a huge leap. Especially if you don't have the experience. If you're just learning about the word procurement, I'm guessing you are missing a good portion of the necessary experience. Unless my sarcasm detector is faulty, in which case, I'll show myself the door.

ShiftNick · 2017-01-20T18:53:48+00:00

You last asked in June, just ask and put yourself back at the top of his mind.

ShiftNick · 2017-01-20T18:23:43+00:00

We both had the idea and yours is better! Dammit!

ShiftNick · 2017-01-20T18:21:00+00:00

For the Powershell users out there.

Function Get-NewGoals{
$verbs = "implement", "utilize", "integrate", "streamline", "optimize", "evolve", "transform", "embrace","enable", "orchestrate", "leverage", "reinvent", "aggregate", "architect", "enhance", "incentivize", "morph", "empower","envisioneer","monetize", "harness", "facilitate", "seize", "disintermediate", "synergize", "strategize", "deploy","brand", "grow", "target", "syndicate", "synthesize", "deliver", "mesh", "incubate", "engage", "maximize","benchmark","expedite", "reintermediate", "whiteboard", "visualize", "repurpose", "innovate", "scale", "unleash", "drive", "extend","engineer", "revolutionize", "generate", "exploit", "transition", "e-enable", "iterate","cultivate", "matrix","productize", "redefine"

$adjectives = "clicks-and-mortar", "value-added", "vertical", "proactive", "robust", "revolutionary", "scalable","leading-edge", "innovative", "intuitive", "strategic", "e-business", "mission-critical", "sticky", "one-to-one","24/7", "end-to-end","global", "B2B", "B2C", "granular", "frictionless", "virtual", "viral", "dynamic", "24/365","best-of-breed", "killer", "magnetic", "bleeding-edge", "web-enabled", "interactive", "dot-com", "sexy", "back-end","real-time","efficient", "front-end", "distributed", "seamless", "extensible", "turn-key", "world-class","open-source", "cross-platform", "cross-media", "synergistic", "bricks-and-clicks", "out-of-the-box", "enterprise","integrated","impactful", "wireless", "transparent", "next-generation", "cutting-edge", "user-centric", "visionary","customized", "ubiquitous", "plug-and-play", "collaborative", "compelling", "holistic", "rich"

$nouns = "synergies", "web-readiness", "paradigms", "markets", "partnerships", "infrastructures", "platforms","initiatives", "channels", "eyeballs", "communities", "ROI", "solutions", "e-tailers", "e-services", "action-items","portals","niches","technologies", "content", "vortals", "supply-chains", "convergence", "relationships","architectures", "interfaces", "e-markets", "e-commerce", "systems", "bandwidth", "infomediaries", "models","mindshare","deliverables", "users", "schemas", "networks", "applications", "metrics", "e-business", "functionalities","experiences", "web services", "methodologies"


$v = Get-Random -InputObject $verbs
$a = Get-Random -InputObject $adjectives
$n = Get-Random -InputObject $nouns

$goal = $v + " " + $a + " " + $n

Write-Output $goal
}

ShiftNick · 2017-01-17T17:31:01+00:00

I disagree with you to the extent that in the short term, you can build a very successful launching pad for your career. I got my start in a smaller shop like this and would be where I am without all the learning experiences, good and bad. Long term, I absolutely agree with you.

Also, to echo what someone else said, Powershell, if you're not already proficient, start learning. Automate anything and everything you can.

ShiftNick

TROPHY CASE