130

And here comes the last part of my story so far.
After deploying the domain, configuring PCs, configuring the server, configuring the switch, installing software, checking that the correct settings have been applied, configuring MS Outlook (don't ask) and giving each and every user a d e t a i l e d tutorial on using the PC like a modern human and not as a Homo Erectus, I had to lock my door, put down my phone and disconnect the ship's announcement system's speaker in my room. The reasons?
- No one could use USB storage media, or any storage media. As per security policy I emailed and told them about.
- No one could use the ship's computers to connect to the internet. Again, as per policy.
- No one had any games on their Windows 10 Pro machines. As per policy.
- Everyone had to use a 10-character password, valid for 3 months, with certain restrictions. As per policy.
For reasons mentioned above, I had to (almost) blackmail the CO to draft an order enforcing those policies in writing (I know it's standard procedure for you, but for the military where I am it was a truly alien experience). Also, because I never trusted the users to actually backup their data locally, I had UrBackup clone their entire home folder, and a scheduled task execute a script storing them to the old online drive. Soon it became apparent why: (for every sysadmin this is routine, but this was my first experience)
- People kept deleting their files, whining to me to restore them
- People kept getting locked out because they kept entering their password WRONG for FIVE times IN a ROW because THEY had FORGOTTEN the CAPS lock KEY on. Had to enter three or four times during weekend for that.
- People kept whining about the no-USB policy, despite offering e-mail and shared folders.
The final straw was the updates. The CO insisted that I set the updates to manual because some PCs must not restart on their own. The problem is, some users barely ever checked. One particular user, when I asked him to check and do the updates, claimed he did that yesterday. Meanwhile, on the WSUS console: PC inactive for over 90 days.
I blocked the ship's phone when I got reassigned.
Phiew, finally I got all those off my chest! Thanks, guys. All of the rants so far remind me of one quote from Dave Barry:

Comments
  • 22
    As a former sysadmin and domain admin, this sounds about right.

    Users are utter morons who see their devices as, not their tools, but as someone else's overly-confusing tools they don't have to learn or care about.
  • 2
    @maushax Of course, clients USE your code and/or services
  • 0
    Have my +1 for using UrBackup :D
  • 0
    @maushax and sometimes managers with no understanding of systems yet they know everything
  • 0
    @bladedemon actually most clients do not. They sell your product to their clients. They do not use your product but they're still users.
  • 3
    Putting windows on military shit means that microsoft can shut down whole military operations by just releasing updates...
  • 4
    @Gregozor2121 Updates were one of my many unofficial duties there, as sysadmin. I had a second Windows 2012 R2 server installed to my laptop via VirtualBox (my laptop runs linux) and a test VM with Windows 10 Pro. I tested the batch of updates on that before uploading them to the main server.

    It was an extra unpaid 1-4 hours each week, just to ensure that the updates were safe. My main problem was that, with those updates I also uploaded the virus definitions for Windows Defender. That was the reason I was so furious about them not updating.

    Once I left, they shut off most of the services and security policies. I just wait until the next inspection. Then... popcorn time! (yes, I am a vengeful guy when it comes to things I warned and was ignored)
Add Comment