The Oft Frustrating Job of a Sysadmin
I_Love_Pocky! writes "Sysadmin Co. is a hilarious site built by some sysadmins at an ISP to help them vent their frustrations with dealing with non-tech types. This site is gives a hilarious picture of the daily frustrations of dealing with the inept. I am interested to see if these stories strike a chord with other admins out there."
Then again, I have found that treating my userbase as people, and not as trained monkeys, tends to have better results than trying to be mister 31337 BOFH.
I worked support for a long time. I don't think the users are inept...I think they just have other interests besides computers. I mean, if a brain surgeon or nobel prize winner calls for help on setting up dialup networking, are they a idiot user? I don't see doctors making websites about what idiots we are when we call them for medical advice.
I have a PhD cust who spends like 400 a month for ISDN as opposed to DSL (it is available to him) and I always shamefully get his transferred calls:
PhD: Look I know what I'm doing I have a PhD and I'm telling you your system is erratic
Meanwhile the guy has his modem set to dial his own phone number AND HE USES CAPS ALL THE TIME so his username/password is almost always the issue. This after I've spoken to him like umpteen who knows how many times. He also has a T1 at his company and always calls:
PhD: my router isn't working and I'm getting very tired of your company doing this to me.
Meanwhile he disconnects his routers to put on wireless switches, faxes, jams phone cords in his ethernet ports, tries to jam his T1 cord into his phone, tries to make calls through his T1 you name it. I have no pity for people you have to explain things over to a trillion times. Users suck
MoFscker
The most dangerous sysadmin is the one who believes that he's dealing with inept people when the real ineptness is found within. Whole corporate IT policies are dictated by these people *all* the time.
At one place I worked, not only could you not install your own software by default, but in fact had no access at all (much less write access) to most of your own C: drive.
So, just a matter of curiosity, you think that it would be better to run an environment where any user can install unlicenesed software and delete critical system files? How about get infected with a virus, and due to thier heightened access it's able to delete the OS. To be perfectly honest in today's IT world, you can't trust the people using the systems with any sort of access that can affect the system itself.
Unfortunately that goes double for the "technically inclined" users. Sure, you may have have a top notch, dual processor, 5 gig ram desktop at home running 200 different operating systems on a souped up wireless network but you don't know THIS environement. Things are different in a large network environment, and if it's not your job to run it, you probably don't know all the rules. I have had to spend more hours than I care to count fixing something some developer broke because his manaager forced us to give him administrative access on his machine. It's rarely that the person isn't technically capable, but that they don't know how our systems are set up. It's easy for someone to make a mistake when they have access to things they don't understand.
It is by no means an insult to your technical abilities to lock your machine down. It is simply the only way for the sysadmins that are responsible for your system to ensure that it's working properly.
I'm sorry if I seem a little testy, but I just spent 2 weeks screwing with virus damage because certain users have access to things they don't need. This post just hit a well timed nerve...
So Pure. So Simple.
It's Art
"It is a greater offense to steal men's labor, than their clothes"
Programmers as a general rule think they're the shit, even when they're not. Just like in my world of system administration there are five "paper" MCSEs and CCNAs for every one real system or network admin, there's five dumbshit programmers who only got into the field for the money for every true geek programmer. And these dumbshits think that since they spent three or four years in some school learning how to program, they're naturally qualified to do *my* job as well.
The fact that you find it strange that you didn't have access to your own C: drive is a typical reaction, but there's a good reason for it. That's not your C: drive. That's my C: drive. Who has to rebuild it if you fuck it up? Who has to troubleshoot it when your shit stops working on you and you call for support? Who gets blamed for you not being able to meet your deadline because your computer mysteriously crashed? Me. The sysadmin. I do. I'll get blamed even if I can prove you intentionally deleted the kernel just to keep from having to work towards your own unreasonable deadline, because they'll blame me for giving you improper access against company policy, even though I did it to you as a favor because you claimed you needed that access in order to meet your important deadline.
As a general rule, most sysadmins will give you only the bare minimum level of access you need to do your job. And if it's at all possible to get away with giving you less than that, we'll do it. We don't do it because we're facist rules nazis. We do it because too often it's our own ass if we don't. The last virus our company got was brought in by the development team, because we trusted them to know how to install virus detection software on their systems and know how to update the .dat files regularly, and it turned out that trust was severely misplaced. Who got blamed? We did. Not the ignorant programmers. We got the blame for not taking care of the systems we were told we could trust them to maintain.
So, yeah, if you don't have access to your C: drive, it's because the sysadmin doesn't trust you. But don't take it personally. He/she doesn't trust anybody. There may yet be hope. If you can prove your geekdom sufficiently to your local SA, you can usually earn some trust that way. We may be a totally paranoid lot, but we know true brothers and sisters when we meet them. If you can earn our trust we can usually see our way clear to bending the rules for you a few times. But don't cross us. The first time you make your SA work all weekend to fix up a mess you made of a server due to your code running at some level of access you shouldn't have been able to run it at in the first place, you'll get shitlisted, and good luck getting back in his/her good graces after that.
Then again, maybe your entire systems admin staff are a bunch of paper admins and aren't true geeks at all. If so, I'm sorry. There's not much you can do.
-- Dave
Making fun of dumb people since 2009
Whenever I hear something like this, I cringe. If you asked a UI designer for the probable intent of "dragging a program shortcut to a backup device," what do you think they would tell you?
It can only reasonably mean one of two things:
1. Back up this program, or
2. Back up the user files associated with this program.
The principles in UI design should be:
1. What is a list of all the tasks a user might want to do?
2. What is a list of all the ways a user might try to interact with the UI?
3. Is there a complete and logical mapping?
If there are undefined cases, then the UI is broken. If there are cases where an interaction has multiple intuitive meanings, the UI is broken. If the common functions are not accessible by intuitive interaction, then the UI is broken.
Why is it perfectly acceptable for a set of software in common use by millions of people to have an utterly broken UI?
I understand your point of view, believe me. You just want to get something installed so you can get some work done. I'd probably let someone like you have more leeway...once I was truly convinced you knew your shit.
Some of my most bitter work experiences have been caused by wannabe sysadmins creating a big mess for me to fix. When you manage to surmount cut budgets, prima donnas, politics, shoddy product and manage to get things working at least on a minimal level, you don't want anybody screwing around with the machines. It invariably generates hair tearing. I have to do things like explain to indignant teachers "No you can't install that software you brought from home.
"But I paid..."
"For a copy that is licensed only your home machine. Unlicensed software could get us sued......"
"Well I don't see why..."
A few of those and few more who insist on local administrator access to their machines (and you know they don't know jack shit) and you start wanting to rein in the worst of the chaos.
I know Policy can go too far but some of the worst problems are caused by someone who took aim at their own feet with a shotgun and managed to blast a few innocent bystanders in the process.
The pit crew of an auto racing team runs around fixing things. Abused things, damage that could be avoided if they took the keys away from the drivers. But, guess what? That's their job, fixing things, and its essential to the success of the team.
AMEN brother! Speak on it!
You make me proud! How many times did I have my ass handed to me for doing my job?! Back in the day I did an enterprise level Norton Antivirus roll out. In 1 week over 50,000 virus infected files were found, and they told me to TURN IT OFF because they didn't like the fact that laptops were getting scanned at lunch. (They go home at night, when else can they be updated or scanned!)
And so I followed the direction, and 2 weeks later I was handed my ass along with the I Love You virus.
GOD DAMN IT!
I have had to spend more hours than I care to count fixing something some developer broke because his manaager forced us to give him administrative access on his machine.
Riiight, its so easy to develop drivers when you dont have root...
Anyway- I'm not saying your dev's not dumb- perhaps he is. If he was good enough he wouldnt have to ask you for root, he'd take it.( single user mode- or use one of the infinite windows local privilege escalation exploits )
I just wanted to say though, that having run into stingy netadmins before, what good are they if they prevent work from getting done? Your job is supposed to be providing facilities- not denying access to them.
I've seen this troll before on a related topic. What this 'admin' fails to realize is that the company computer network does not exist for the purpose of providing system administrators with power trips and an empire to control. It exists to provide value to the company. How much value does it provide when programmers need to ask the network monkey to come and change a setting so they can compile something? How much productivity is lost because people don't have the ability to install so much as a new font? If you can't run a network where you have a centrally monitored anti virus and firewall system along with a good data backup/recovery methodology, which does not require keeping the system completely locked down from everyone, then find a new job. Most admins for companies large and small have this figured out. Why don't you?
In one case I had a program printing a rather large amount of data to a lineprinter. Since the buffer on such a printer is not that large it would hang while waiting for the printer to do its thing. Users complained (and rightly so), and I put in a thread to make the printing fully asynchronous. Next I was told by my boss that threads were unacceptable, since "they cause crashes".
Well, I can imagine how a highly complex multithreaded application can run into problems, but a simple worker thread, with a simple interface to the rest of the application, well-protected by a mutex, is perfectly safe. But no; in some unspecified project in a long-forgotten past there had been a Problem (the details of which were of course, long lost) and as a result I was not to use threads since that ancient project, written by someone else in another part of the world, might somehow contaminate my program and cause the same problem here. Yeah, right.
In the end I was saved by the bell - by the time my manager found out the project was already into acceptance testing (and doing just fine), and removing the thread would obviously be A Change, which would necessitate a new expensive acceptance test cycle. Since it never caused problems, the offending thread was allowed to live.
Of course at this time (five years later or so) everybody remembers that there was a responsiveness problem in a _PRE-RELEASE_ version of the software. That problem was fixed BEFORE RELEASE, and has never resurfaced. But with each new release we are still diligenty checking for "recurrence of responsiveness problem", because, hey, you cannot really trust those programming types right?
Don't misunderstand me here: actually I don't mind we are checking for a known old problem. What gets me is that nobody remembers what that problem actually was, or that we solved it about an hour after it was detected. What is the value of doing such a test if you do not know what you are testing for?
And of course this is just the tip of the iceberg. I have, at times, been forbidden to use threads, exceptions, templates, multiple inheritance, sockets (!?), and various other C++ features on account of all of these "causing crashes". One boss made me promise never to reuse code because that way I would also "reuse all the bugs".
It has became something of a hobby of mine to track policies to their initial event, and more often than not you find some minor problem (that could easily be solved, and more often than not _was_) has been blown out of all proportion, becoming a guiding principle for entire departments or even companies. And if nothing else, that's pretty sad...
So could the system admins here please realize that us users just want to do our work, with as little hassle as possible? Try to make that possible, hard as it sometimes is. And remember, while you are important to the company, so are your colleagues. Yes, even that cute secretary who opens every single attachment and whose best two attributes are sticking forwards (you could think of here as the "morale officer").
And could the users, in return, perhaps treat their sys admins as real people? Because, you know, they are. Next time you have a computer problem, call your system guy over, _honestly_ tell him what happened ("I opened the attachment"), and then offer to get him some coffee while you are waiting for him to fix your machine. A bit of appreciation goes a long way to establishing a good working relationship, and it will guarantee you get a top response time in future problems.
Sure, but the analogy breaks down in a networked environment: Yours isn't the only car for which they are responsible, and they *all* have to work. In addition, the damage caused to a racing car is the natural result of its environment and use.
In a workplace with an IT staff, you aren't responsible for fixing your computer, they are. I've rarely seen a situation where locking down a computer, when done properly and with attention to the task(s) which that computer is to perform, hampers the user. The few times that it has, rectifying the problem is easily accomplished.
Most times, the people that resent not having full access to "their" computer are exactly the ones that shouldn't have it in the first place, either because they lack an understanding of how it fits into the rest of the network, are by nature inclined to play around with it and cause headaches for those that have to correct the resulting problems, or both.
User failures happen just as often as hardware failures, I've found, and even the most intelligent user doesn't necessarily have the knowledge needed to ensure that changes made to the PC that has been assigned to their use won't adversely impact others.
There's an inherent arrogance in your post, which is probably why you posted AC: You think that your job *requires* full access to "your" computer. That's doubtful, but possible - and if it were, a rational conversation with your IT staff should establish that.
And here's the sentence that confirms your arrogance for me: "Abused things, damage that could be avoided if they took the keys away from the drivers"... normal use of a computer doesn't include abusing it in any manner.
Sure, there are things that might involve "abusing" the computer - driver development and testing come to mind as one example. But if you're doing that, it's very unlikely that the PC that is assigned to you for that task is locked down.
It's more likely that you're a user that discovered that he/she doesn't have full access to "their" computer, resent what you think impugns your technical knowledge, and worse, prevents you from using "your" computer for things other than those for which it was assigned to you. Here's a clue for you: They didn't target you specifically when they locked down "your" computer.
Well, probably. It's possible that they *did* target you, because you proved that you couldn't be trusted not to abuse full access to it. If that's the case, good for them, I say.
To paraphrase your opening sentence: You're making that incredibly naive assumption that you need full access to "your" computer, and that not having it somehow hampers you from using it to perform your job duties. Guess what? It's not likely.
Just my opinion.
-dj
I'm pretty sure you are misunderstanding what he meant by "produce nothing valuable". This is extremely different from "is not valuable to the company"; "produce nothing valuable" means "creates nothing that can be sold to the customer for profit". The point being that an IT department's sole purpose is to make life run more smoothly for everyone else. Having a stable network servers no purpose by itself; no company's buisiness plan is "We'll set up a company that has a really good IT department, and hope that we magically make money" (excluding, of course, IT consulting companies).
So the point is, being a BOFH means you are doing the opposite of your job; making life harder for the revenue-generating people. The BOFH mindset is "I, and my network, are the most important thing". The good IT mindset is "Making sure that I, and the network, make the things that create profit easier is the most important thing". Sometimes it may look like an IT department is being a pain in the ass; if it's for a greater overall good, then great, but if it's only for the IT department's good, then the IT department is failing.
That doesn't mean that the IT guys should be treated like crap, or given no power/respect; as you say, they often serve a vital role in the company. But unless they are fulfilling that role, they are 100% dead weight, or worse.
I've rarely seen a situation where locking down a computer, when done properly and with attention to the task(s) which that computer is to perform, hampers the user.
Probably because you're not the user.
The few times that it has, rectifying the problem is easily accomplished.
Yes. Something along the lines of "Tough. That's the policy," with arms folded and $DIVISION_VP phone number on speed dial usually seems to work with little effort.
Most times, the people that resent not having full access to "their" computer are exactly the ones that shouldn't have it in the first place, either because they lack an understanding of how it fits into the rest of the network, are by nature inclined to play around with it and cause headaches for those that have to correct the resulting problems, or both.
Ah, yes. IT people know all and the developers are only there to make IT's job of keeping the cubicles the proper shade of gray more difficult.
Nice and adversarial. Just the way corporate management likes it. That way, when you have a good, smart programmer, management will always be able to find someone who will say "they aren't a team player because they changed their start menu" as support to fire them and destroy their career.
Just for reference, most programmers are far FAR more clueful than assumed by most IT people. Everything else is just a pissing contest.
But if you're doing that, it's very unlikely that the PC that is assigned to you for that task is locked down.
This presumes a level of management cluefulness that is unknown in normal space.
It's more likely that you're a user that discovered that he/she doesn't have full access to "their" computer, resent what you think impugns your technical knowledge, and worse, prevents you from using "your" computer for things other than those for which it was assigned to you.
And most IT people have discovered that some user is screwing up "their" computer, resents what they think impugns "their" policy and worse, prevents them from having total control over "their" computer for things other than those for which "they" think it should be used for.
That's why there are no such policies in this company. When I discover such a policy, I overrule it and throw it in the trash. If the people who build things that we sell need something, they'll have it by lunch, period.
Business isn't willing to pay for products, innovation and careers, so we get brands, mortgage commercials and layoffs.