How Many Admins Per User/Computer Have You Seen?

miffo.swe writes "I'm trying to find the normal ratio of technicians/support tech per user or computer in your average IT-shop. When searching around, I can't find that many examples or any statistics. We manage around 900 computers (mostly Windows XP) and 25+ servers (mostly Linux). There are around 2600 users of varying knowledge, mostly pretty low. I can't find any statistics on this, so real-world examples are very welcome since we do this with one sysadmin (me) and two sneaker techs. Are we seriously understaffed, or is this normal?"

Over 9000

Over 9000

Re:Over 9000

I'm 12 and what is this?

Re:Over 9000

[Verdatum]

But with the blast shield down I can't even see! How am I supposed to fix IT issues?

Re:Over 9000

[Nick+Number]

Your users can deceive you. Don't trust them.

Let go your professional self and act on instinct.

Re:Over 9000

[orsty3001]

Newfags...

Re:Over 9000

[TheCarp]

I think it comes down to "what do you mean by admins"?

The more you restrict what admins have to support, the more homogenous the environment, the better the ratio. The more you expect from them, the more complex the environment, the more you need.

Another factor to add in is tools. Does every machine have actual remote console? (and I mean console as in, I can sit there and watch the POST console). Do you have build servers and good backups, and tested procedures to do restores if a system needs a total rebuild on the spot?

My group is constantly compared in terms of group size to number of machines. Its maddening since we support 5 different flavors of unix (and VMS), some with ok tools configured and ready, some nearly "hand crafted". Then at least 3 different versions of each of those flavors. We can't seem to get projects approved to fix any of this (and god forbid we did it without a project!)

We are compared against a Windows group, that supports a couple of flavors of Windows, and has had automation tools to schedule and do work remotely setup for years. Of course they can admin more systems with less headcount... they have the tools and environment setup to do it!

Hell it took us almost 2 years to get project approval to set the machines for centralized auth through LDAP... and they wonder why we seem to need so many people for so few machines.

So frankly, I don't think the question has enough information to be answered usefully. There are just too many variables to be able to put up a good estimation of appropriate head count per machine. I can tell you though that standardization, automation, and redundant designs will decrease that head count.

As will properly trained/experienced admins (if we could only get them to send a couple of people to basic sun training we would be way better off... but we can't even get that. We have guys that have been effectively working on the level of entry level admins for years, who have never been able to get management to send them to a class).

-Steve
(who should post anonymously but, on some level hopes they will read this...)

Re:Over 9000

[Random+BedHead+Ed]

Hokey work ethics and obsolete tools are no match for a good Linux LiveCD at your side, kid. I've worked from one side of this industry to the other. I've seen a lot of strange stuff, but I've never seen anything to make me believe your all-powerful "instinct" can control your destiny.

Re:Over 9000

[lgw]

I suspect his statement is true in most large real-world environments: a proliferation of Unix server flavors, a rigidly standardized Windows desktop, and an SLA that only promises what the capabilities of the group policy system, and the Windows package management system, can deliver (there is no "Windows installer system": the Microsoft-official thing is the open-source WiX toolkit).

Depends

[slimjim8094]

The real question is are you always constantly working your ass off, fixing stupid problems - and therefore unable to do anything more productive? If so, then it seems you don't have enough people.

If you have a fully managed office, and you can remote in to all these desktops and fix everything really quickly - then you're probably OK.

Like most of IT, whatever works.

Re:Depends

[RobertM1968]

The real question is are you always constantly working your ass off, fixing stupid problems - and therefore unable to do anything more productive? If so, then it seems you don't have enough people.

If you have a fully managed office, and you can remote in to all these desktops and fix everything really quickly - then you're probably OK.

Like most of IT, whatever works.

That last sentence hits the head right on the nail...

The numbers really are determined by a lot of factors... if your business revolves around programming and engineering, and thus your workers are from those fields (as opposed to tons of avg computer users in a non computer/technical field), you are less likely to have serious issues that IT needs to address, thus requiring a smaller IT staff. And of course, what money IT is allowed to spend on initial setup and/or maintenance also determines the staffing size for IT. One can design a system that remote boots from the NIC and reinstalls everything to a machine specific image - or kicks the boot to the HDD if there are no problems making serious non-hardware issues trivial - if the money was there during the initial setup or a big upgrade phase... or one can fix the stuff the old fashioned way and go hands on (which requires more of an IT staff). Hardware differences also can determine staffing size. One of our customers had a problem with certain AMD XP machines when SP3 came out - required lotsa "hands on" fixing... other of our clients did not have those machines and needed no one and no help. Also, are the machines needed 24/7? Is there mission critical data on them (or no mission critical data anywhere - or mission critical data is on the server)?

And so on... inotherwords, there are a ton of factors that determine staffing needs for IT. It could be one person per 10 or one person per 100, etc.

Thus, slimjim8094's statement really does sum it up nicely...

Like most of IT, whatever works.

Re:Depends

[Junior+J.+Junior+III]

The real question is are you always constantly working your ass off, fixing stupid problems - and therefore unable to do anything more productive? If so, then it seems you don't have enough^H^H^H^H^H^H the right people.

A good SA can come in and make a lot of these stupid little problems go away, never to return.

These sorts of problems can also be caused by bad management exerting too much control over the admins, or admins with weak people skills trying to please everyone rather than prioritize and do the right thing.

When asked to do something, to you just go ahead and do it? Or do you require things like justifications, business cases, funding, staff, etc? If management can just ask anything of the IT staff, they will do so, and it will feel like you're being walked all over, and that you're overworked. If you have some basic sanity checks and make those requirements before a project can be greenlighted, you'll find that your job can be a lot easier. Doing this also makes planning happen before you get midway through a project and find that different stakeholders have different opinions on what should be done next.

Re:Depends

[sammy+baby]

IT Administrators are there to do what they are told. Admins who think they can 'demand justifications' are just jumped up losers who are envious of people doing real work that they are simply not smart enough to do.

Sorry, but this is utter bullshit. I speak as an engineer in a development department who frequently needs to work with IT administration.

Keeping the shop running is a cost of doing business. But that doesn't mean it isn't appropriate to try to do some kind of cost containment or planning on it. Believe me, I've seen enough bonehead mistakes to know that if our development group ran our IT infrastructure, it would be a total shambles. (Not to say that I love it as it is, but at least it's mostly functional.)

I have no idea how it is where you work - maybe your IT department is jacked up crazy, or maybe you're just a peon sulking because you didn't get your shiny new test environment. But once your workstations and users start to number in the thousands, you can bet your ass that you'd better have a good plan to deal with them. That means budget, manpower, and authority, for someone in the group.

As for the original post: if nobody who is actually in the IT group has the ability to set a budget, let alone the ability to hire and fire within reason, you are utterly boned. If I would prepare to flee.

100 to 1 is about right

[alen]

we're at around 1200 users and around 8 help desk people to support them all. 2 DBA's for 30 some MS SQL servers and 3-5 admins for 200 some windows/^nix servers. some people double by helping users in their office

Re:100 to 1 is about right

[Penguinisto]

Mine's good for a laugh in some ways: 1200 users at our main site, 200 at our sales office. Manufacturing/sales environment, just barely out of start-up mode, with a ton of legacy crap laying around from an acquisition. Mostly Windows environment (boss drank the koolaid and asked for seconds), though Oracle and most of the critical infrastructure bits (esp. the Internet-facing ones) now run on RHEL, Fedora, or FreeBSD (courtesy of the DBA and myself). About 80% virtualized on the back-end.

We have: 3 Admins (Sr. SA --me-- included), a CCIE, three help desk folks (slated for two more in 2010), three dedicated production floor tool/computer techs, a DBA, a SharePoint guy, 3 programmers, a BI guy, and (laugh if you must - I do) 4 managers and a CIO. The majority of these folks came on board in 2009 (myself included).

We're pretty well covered at first glance... and if it wasn't for the constant flood of projects, coupled with an insufficient budget and the world's absolute dumbest executive management alive (simply read: "no downtime of any kind allowed, period"), we'd be sitting pretty.

It boils down to the admins, techs, and the help desk covering most of the workload (esp. the one at the sales office, since she doubles as help desk down there - and yeah, I know, it's fucked up that way). The help desk handles the basic stuff (which is a godsend, since this time last year we only had one help desk guy). The CCIE handles the network and the phones (VoIP - best thing since sliced bread). The DBA handles about 15 MS SQL Servers and 10 Oracle DB's.

A lot of keeping things sane has to do with building a basic infrastructure that works. For instance, when I showed up, the existing servers were badly overloaded and barely running, with zero redundancy. Now, either site can turn into a smoking crater, and the other would (with one exception thanks to bad programming design :/ ) continue running just fine.

The next step is to make sure the system works - it isn't always perfect, but it gives you time to get stuff done (N.B. I'm on vacation this week - for the first time since I started working for these folks :) ).

Finally (and this is a weak point in my case), you need a management with actual cojones. They're the ones who have to stand up to everyone else and demand justification, budget, and etc. for any project that comes down the pike. They also need to be able to either get downtime windows that you need, or insure that there is redundant resources to allow for said downtime.

Support/user ratio

[SoundGuyNoise]

Here's what we've had at different jobs:

Internal Corporate Helpdesk - 6800 users, supporting every application on desktops, 10 support techs during the day, 1 on nights and weekends.

Website support: 10,000 users, supporting general usage of just 1 website. 4 techs, regular business hours only.

Re:Support/user ratio

[Bigjeff5]

Sounds about on par with my group. If you have the right infrastructure, like a centralized software location for installs, you can quite easilly manage hundreds of applications without requiring aditional overhead. Generally when a windows app breaks you can fix it with a re-install, and if that takes 30 seconds then it's no big deal.

We have an outside help desk that only seems to be able to handle the most trival of problems, for everything halfway serious we do it. We have several hundred applications to deal with, and until recently it was no big deal at all (corporate overlords decided to manage all software installs globaly, so now it takes 20 minutes to install a piece of software, dumbasses). Anyway, we have about 5 guys supporting 4-5,000 users across three locations. I figure you could add another 2-3 guys worth of support and take away the nearly useless helpdesk, putting us right in line with the GP.

And that's with our hands tied behind our back a bit with a crappy ticketing system and users with semi-free reign of their machines.

That's only desktop support though, for server support we have a lot of servers (it has to be close to 100) and another half dozen to a dozen server admins, as well as a local carrier handling our phone support.

Re:Support/user ratio

[Xugumad]

> Website support: 10,000 users, supporting general usage of just 1 website. 4 techs, regular business hours only.

Envious. 7,000 users; 1 full time person and 2 half-time. Oh, and we're also expected to the develop the underlying application, not just make keep it up and running... ...actually, we're primarily meant to be developing it, and support isn't expected to be a major part of our job...

Re:Support/user ratio

[StrategicIrony]

I've run about 700:1 ratio before. Of course, we were 2400 staff and 4 techs. It wasn't too bad because first thing in the morning, one of the techs would make sure we always had 3-5 good running PCs in spare for each type of image in the building and we solved a lot of problems with "swap the machine". A tech could create 5 images in less than 20 minutes of real "desk time" using my network deployment setup.

When an organization staffs that way, nobody gets to bitch when the answer to most problems is "re-image" because we found out that doing more detailed troubleshooting for anyone under Director level, or one of the few critical technology people simply put us too far in the hole time-wise to get anything else done. It's faster to tell them to copy their data to the network, then go down and make sure they did it right and swap the machine. They can copy the data back after we set up their email. Max time on a support call that way was ~15 minutes and solved ANY problem.

We actually managed to move an entire building of people from one place to the other in our spare time at that position as well as deploying wireless and doing about a dozen other things. It wasn't a sweatshop - it was actually one of the nicer places to work I've been to.

We were running a wide variety of apps, which we solved by having 3 standard images that provided a substantial coverage of everything. Once the image was built, there was never any reason to install "apps" because they were on the image. There were two or three that weren't included that had strict controls on who could use them, but they were 1-2 minutes to install.

if you can standardize the hardware and application images, this 680:1 isn't insane at all.

Re:Support/user ratio

[StrategicIrony]

Oh yeah,

People who were "trouble" users learned really quick that jacking with their system caused them to get a fresh image and removed all their fiddling.

They often quit messing things up after the second or third swap. Total time lost.. about an hour, total.

Re:Proper Planning

[ColdWetDog]

Admins? Admins?

Why, in my day we didn't have Admins.

We had to unbox the machines ourselves, plug EVERYTHING in. We even had to figure out interrupts by ourselves. And don't get me started about trying to snake the coax around the building.

Kids these days. Spoiled rotten. Don't even have to get up to turn the record over.

Grump.

Too many chiefs and no indians

[grapeape]

Right now its 4 offices around 120 employees and just me...oh and I forgot (or selectively blocked) a former client who keeps calling me to pick up after their new "IT guy" who is supposed to save them money. If they were all in one location I could probably juggle it better but as it is I'm starting to burn out.

Re:Too many chiefs and no indians

[Penguinisto]

* Remote desktop and VPN are your best friends. Learn them, live them, love them.

* No need to forget the former client. Instead, tell them that your consulting rates are $150/hr at a 10 hour minimum fee per incident, with a 150% premium on weekends and holidays. That usually shuts them up in very short order. If you actually prefer to get some scratch/business off of them, drop the 10-hour minimum to 2 or 3, and only budge on the rates if you know that the going rates locally are lower.

* Your employer had better be paying for gas and travel time, plus wear+tear on your vehicle (if they haven't already supplied you with one of their own), and don't forget the tax write-off on the car if you're using yours.

My dept is 'prox 600 computers/3 techs

[Nimey]

This is party due to our lack of automation - Active Directory's not got much penetration outside our area, we haven't got automatic package rollouts/updates, no out-of-band management, and there's no planning WRT buying computers; each dept will buy a machine as funds & needs dictate, with input from us.

The three of us are desktop support. That doesn't count the sysadmins & netadmins.

Re:My dept is 'prox 600 computers/3 techs

[Fireye]

Lack of AD doesn't prevent automated OS updates. You can implement WSUS without AD, which will take care of many critical OS updates, it just requires that you alter some registry settings and ensure the users have the latest Windows Update client.

What are you really asking?

[jimbobborg]

I've seen one sysadmin per 70 Unix servers and one sysadmin per 30 Windows servers. That's a general guideline for SERVER systems. Desktops are another matter. I've yet to see a serious roll out of Unix desktops, so I'm going by Windows systems, but one help desk tech per 50 systems is what I've personally seen as optimal. More Windows PCs per tech and the help desk gets overwhelmed. Less than that and they sit around and play games most of the day. This is assuming that you push updates over the network, not go around and manually update each PC.

Re:What are you really asking?

[Bigjeff5]

1 tech to 100 users seems extraordinarily high, I've never worked in an environment with that many support techs. I've worked in a locked-down environment with about 3,000 users and 5 help desk personel as the sole non-server support, and I've worked in an environment with 5 desktop techs for about 4,000 users (not very restricted) with a remote help desk for trivial matters (anything that takes less than 5 minutes to fix, basically). I currently work on a separated network for the second company, I'm the remote support for about 500 users and I make sure the engineers don't break the 10-15 servers under my control. There are a couple union guys that handle any physical work, but it is definitely not the major portion of their work, and there is no other support outside of the union guys and me.

Your environment has to be a complete mess if you need 1 desktop tech per 100 windows machines. I could see it for a Linux setup if it's your first go of it, I imagine your IT department would need a few years to streamline things to get that number down, but really, windows is easy. If you need that many you're probably doing it wrong.

Re:Proper Planning

[teslafreak]

If you have employees, there is a need. The best implementation is still not fool-proof.

I think you're understaffed.

Government facility:
3000+ PCs
2600+ users(yeah I know we have more PCs than users)
200+ servers

6 Server Admins (understaffed)
2 Network Admins
2 Telecom Admins
3 Infrastructure techs
15 Helpdesk Technicians (overstaffed by about 5)

47 other IT employees for software support/dev staff and management staff

Small Shop

[g0bshiTe]

We have a small shop, we support around 150 users, all on XP boxes, 2 Windows Servers, and 2 Linux Servers, we have 3 of us in our shop including the IT Manager.

It Varies

[jeffy210]

It usually varies every place I've been between the quality/age of the hardware and the competency of the users. Additionally it depends on how automated the system is, and whether there's a dedicated support staff. Small places I've been I've find you can do about 45-75 comfortably... It was a bit stretched when it reached 100:1

Just my $0.02

150: 1 is Decent..

[ironwill96]

You have more than double that so i'd say you are pretty understaffed. I saw a video once that was actually pretty intelligent in talking about standard support ratios. Basically, there isn't a "standard" the answer is almost always "it depends". You start with your userbase - how tech savvy are they? How many applications are you supporting? What kind of hardware do you have? How many remote supporting tools do you have to use? Each of these answers adjusts the support ratio up and down and sometimes something as low as 75:1 is needed and other times 300:1 is just fine.

Still, in the place I work now we have 600 machines and 40 servers or so (most virtualized) and we have 13 IT people (with 1 open position right now). This includes 1 helpdesk person, 2 programmers, 2 systems support personnel (they support specific software we use), 2 hardware techs, 2 network analysts, 3 systems engineers, a secretary, and the boss.

What's a "Sneaker Tech"?

[ZarfMouse]

Google doesn't have any relevant hits for this phrase (except this article).

Re:What's a "Sneaker Tech"?

[Tsar]

Google doesn't have any relevant hits for this phrase (except this article).

Obviously you don't know how to search. I found a job posting for a sneaker tech right away.

Re:Proper Planning

[fuzzyfuzzyfungus]

It also depends on what your implementation needs to do:

If you have a bunch of call-center drones, with rigidly standardized desktops, pretty much the only admin time should be on the servers, the occasional hardware failure, and pressing "reimage" if something goes hairy on the client end. If you are logging a lot of client-side admin time, you have a problem.

On the other side, if you have a load of free-spirited and independent academics, who have-their-own-computers-thank-you-very-much-and-no-thanks-for-meddling, then your admin time will be on the servers, and on whatever IDS you are using to segregate those users who have a relaxed attitude toward antivirus technique.

If you fall somewhere in the middle, though, with lots of employees who are unprivileged peons working on institutional computers; but who (in order to do their jobs) frequently need user-specific software, customizations, and various access tweaks, you'll be doing a fair bit more client-side admin.

1:5000

[nurb432]

Was the ratio i had when i was managing an entire assembly plant's IT operations. Yes i was working my ass off.. 24/7 operation as well.

Where i am now, its more like 500:30000 ( ok, not a true ratio, but i wanted to include the total number too, since its pretty high. )

A lot depends on what industry you are supporting, your user base, and your budget.

Power of Scale

[kenp2002]

The larger the corporation the more per\user per\server to admin. Theseare my observation sover the last 12 years in my career:

For small corporations (less then 1 million) I usually see about 1/800 ratio for support\end user and 1/50 for servers.

For medium corporations (greater then 1 million but less then 80 million in revenue) I usually seea bour 1/2000 ratio and 1/150 for servers.

For large corporations (greater then 80 million) I see about 1/3800 and 1/250.

Support metrics are usually driven by "Call Times" including resolve times and hold times so depending on the scale of the businesses and nature it isn't so much support/staff ratio but rather hold time\support ratio. ITIL was crafted specifically to facilitate outsourcing Incident Management (password resets and all that less then 15 minutes crap) to lower cost, drill down labor and maintaining low hold times versus Problem Management which is the higher skill set.

Server ratio is largely due to "bucketing" of servers\apps to an admin resource (Think along the lines of an Account Rep). A.k.a Bob handles Apps A,B, and C along with Servers X, Y, and Z. So depending on the corporation you can have anywhere from 2-8 apps assigned to a single admin. Each application may maintain upwards of 5-12 servers depending on the size of the application. Smaller enterprises tend to have smaller "buckets". A typical LAMP stack may have 1-4 app servers, 1 NAS, 1 batch server, and possibly it's own database server. As you get larger those buckets share other buckets so you may have a team that handles just apache and another that handles just MYSQL\POSTGRES\etc. Those buckets can be huge. I have a team of 8 DBAs managing right now 2307 database instances. That is roughly 289 server instances per DBA. A simple table update may take 12 minutes for a structure update to process so median process time may factor into staffing requirements when concurrency isn't an option based on outage windows. Databases are virtual servers usually with a SAN hosted on hardware that is managed by another team but you can get the picture. By specializing administrative roles you can increase the nubmer of server or services supported by a person (power of scale) so the ratio of servers per tech tends to rise the bigger the corporation. In addition more expensive, comprehensive tools, become accessable to larger corporations (TIVOLI framework for instance.)

Based on your description you should need:

2 Call Center Incident Management crew
2 Problem Management crew
1 Senior Network Adminsitrator\Network Architect
3 Junior Network Administrators
    1 of which is responsible for security\auditing
    1 of which is responsible for maintenance
    1 of which is special projects
    All three should rotate these roles quarterly or annually as well as rotate 1 as a Problem Management staffer (the non-special project members)

So your total support crew should be about 8 people. You may also for off hours support want to outsource to a location 12 or 6 hours offset based on your location. (6 hours makes meetings more practical as you can usually get a meeting when one group is just getting in and the other is just getting ready to leave.)

Re:Proper Planning

[mirkob]

If a dept feels they're understaffed, they must first evaluate the workload and determine if the implementation is unnecessarily causing extra work . Then correct the root issues (possibly hiring contractors for the interim) and reevaluate.

unfortunately the core problem is the fucking stupid users, no way to smat them up, nor to sack them...

the second problem is the presence of more than 100 different programs, about 2 to 15 are to install in every single station in seemly random assortment that vary wildly depending on the single user...
no way to solve that either.

the third is a continuous spawning of new programs or functionality to implement the week before, so that you hastily put something up, than have to spend 5 time that time to correct, expand, modify, document ecc...
all between a problem and an emergency

without those 3 problem there would be less than 1/5 of the problem... end personal needed.

now there is 4.5 tecnician, and 2.5 administrative to manage about 50-60 servers (half linux half win) and about 500 users on windows pc

1 IT staff per...

[Spazmania]

You need 1 IT staff (helpdesk, sysadmin, etc.) per:

20 Windows servers
50 Linux servers
100 full time computer users
1000 part time computer users

Re:Proper Planning

[petes_PoV]

If you are able to remove completely the users internet access (that's totally: not just during work hours) so they can't screw up their machines with stuff they download, knowingly or not then the support burden, costs and insecurity drop massively.

Of course, reducing the number of support calls is not necessarily in the interests of the IT support people, who will therefore get cut. Even if it does improve overall quality.

It's not that simple

[nixdroid]

The number of admins needed in any shop depends on many factors, especially automation and duplication. In an ad-hoc environment where users are given free rein, you will need lots of admins. If management will support restrictions on users, the admins are creative and the necessary tools are purchased, then the job can be handled by a few astute individuals. If anyone knows of such a shop...

Re:Still valid?

[Bigjeff5]

I do the non-physical work on about 500 users and computers, and 15 or so servers not quite by myself (a couple union guys do any physical work). I spend most of my day browsing slashdot with little to do, other than maintaining those servers, or when something goes seriously wrong on a machine. That's because the vast majority of the user's machines are locked down pretty hard (many don't even get icons on their desktop), and they only run a couple programs, which means there is almost nothing for them to screw up. The engineers tend to get themselves into more trouble, since their machines aren't locked down, but there are only a handful of them so it's no big deal (and they are smart, so they often fix their own problems).

It pretty much all depends on your environment. I could envision a case where 200 users, 50 computers, and 2-3 servers per head is ideal, but in most well-run environments that would be extreme over-kill. Bump it up to about 500 computers and 10-20 servers per head and I think you're in the average ballpark for a decent IT group, and you could raise that a bit more if everyone is in the same building. These days it's rare to have more than one user per computer.

Depends on how many windows stations removed

[SgtChaireBourne]

It depends on how many Windows desktops you are able to replace with Macintosh OS X, Solaris or Linux. Seriously. Windows isn't around because of it's technical merits.

I have worked in help desk environments in the past for a Windows / Macintosh / Solaris computing environment. The Solaris users largely took care of themselves, but contacted us for some settings information, like establishing the right settings for Kerberos, LDAP, AFS, or SMTP. The Mac users outnumbered everyone else by at least 4 to 1. However, it was the Windows users that wasted about 80% of our time for drop in help. Even cloned setups on identical hardware had different problems. Drivers were a big one. For phone calls, it was a bit higher in number of Windows user contacts but a bit shorter in duration for each one.

I did family tech support for years until I had enough and bought anyone who was willing new Apples. Only my mom took me up, but her support calls dropped off to nothing within days and now we can talk about other things for a change.

I've visited and toured libraries and schools using LTSP. One of those was stuck with some windows machines. The effort to keep the few Windows machines going was about, from their statistics, about 14:1 compared to LTSP. That ratio would probably been higher if they had even higher ration of Linux stations. The others cited even more favorable rates.

Getting rid of Windows is mostly a psychological problem. First, users have to become familiar enough with computers to be able to do their daily tasks. Having knowlegeable staff on the spot to nudge in the right direction is essential, as is encouraging peer support. Then they need to keep access to the Windows machines and try to do on Windows what they can do on computers. Then they eventually decide on their own, 'fuck it' regarding the Windows use and drop it without looking back.

The real question is are you always constantly working your ass off, fixing stupid problems - and therefore unable to do anything more productive? If so, then it seems you don't have enough people.

Setting the 'right' staffing levels, then depends on how much you can clean up the computing environment. I for one am offended that so much money and time is wasted just trying get the M$ stuff to work as well as its competitors. I would much rather see the same number of staff hours used not for support but for improvement and making things faster, easier, more productive. Before Windows, IT used to save effort rather than a live demo of the Red Queen's Race!

Re:Proper Planning

[dem0n1]

Smart companies see IT as adding value

Except most companies see IT as a cost center and the way to cut costs is to cut staff then tell the users they have to take more responsibility for their environment.

Facebook: 1 engineer per million users

[miller60]

Jeff Rothschild, the vice president of technology at Facebook, said in a recent presentation that Facebook has 230 engineers supporting data for more than 300 million users. He says Facebook seeks to maintain a ratio of one engineer for 1 million or more users. Facebook is vague about exactly how many servers it has, saying it's "more than 30,000." But at 30,000 servers and 230 engineers, that's a ratio of about 130 servers per admin.

Microsoft says it has automated its data center operations to the point where its admins can each manage between 1,000 and 2,000 servers. That matters, as the company may pack more than 300,000 servers into its new container data center in Chicago. It expects to support that facility with about 30 employees, including admins and facility maintenance staff.

Re:Facebook: 1 engineer per million users

[Capt+James+McCarthy]

Jeff Rothschild, the vice president of technology at Facebook, said in a recent presentation that Facebook has 230 engineers supporting data for more than 300 million users. He says Facebook seeks to maintain a ratio of one engineer for 1 million or more users. Facebook is vague about exactly how many servers it has, saying it's "more than 30,000." But at 30,000 servers and 230 engineers, that's a ratio of about 130 servers per admin.

Microsoft says it has automated its data center operations to the point where its admins can each manage between 1,000 and 2,000 servers. That matters, as the company may pack more than 300,000 servers into its new container data center in Chicago. It expects to support that facility with about 30 employees, including admins and facility maintenance staff.

"Number of servers per admin" is to limited to be properly measured, even in your examples. Can one admin manage 5000 *nix boxes that are all identical, running a clustered web server? Sure. Given the proper engineering and tools, it's very possible. Now throw in a bunch of other applications that users request or a business requires and now you will need more staff. Also, supporting a bunch of pizza boxes or supporting one piece of heavy iron can make a difference is trying to measure this number. I know of a couple of folks who admin one box. Granted, they are either a large SUN and IBM hardware, running databases, web servers, and numerous applications, but look at their job requirement in a slanted way and it would look as though they are responsible for only one system. While another admin can have a couple of thousand desktops all identical and simple. And their value would still be relative to whomever the users are.

Re:Lockdown

[Bigjeff5]

Sounds like you're using wrong, then.

We use Citrix as a barrier between sensitive networks. We have a corporate network, a buffer network, and a sensitive network. Citrix servers sit in the buffer network allowing users on the corporate network to access the sensitive network without having any direct link between the two. It works pretty well, since we can lock down the buffer network to only allow the citrix connections and a few outside connections for things like AV and MS updates.

As far as using Citrix to do real work on a day to day basis without such high security requirments, I've always thought it was a terrible idea. My company wants to do more of it though, and I can't understand why. A new laptop is about $600 and should last 2-3 years. Support per laptop is probably another $100 a year, for grand total of $900. I can't see the extra bandwidth and citrix licensing used up by a user working off of a citrix connection costing less than that over three years. Plus the fact that the user still needs a laptop, and if you make him buy it himself he's just going to charge you more for his services. So the only potential savings really is in software licensing, but if the users are working day in and day out on the same apps, always using up a citrix connection, then you aren't really saving anything as you still need that many licenses. It makes no sense to me, and you've drasticly increased your server side support needs.

Re:Proper Planning

[Abstrackt]

Sheesh, I remember token ring. Slickest thing since sliced bread.

Till the token fell out anyway. Then you had to send some noob PFY out to search for it under the desks. Hours of entertainment with that one.

Re:Proper Planning

[benjamindees]

This is exactly the way to think about IT. End-users are not your "customers" or "clients", and your role is not to serve them. They are your competitors. Your job is to eliminate them, and to replace them with whirring, glowing rooms filled with triple-redundant servers flawlessly executing fully-normalized databases and millions of tiny shell scripts.

Middle managers are your natural enemies. Their interests are to increase warm bodies and to monitor butt-in-seat time. Treat them with cautious scorn.

Your major challenge is to quantify your work as it relates to deferred costs and increased productivity, and to demonstrate this benefit to executive management. This will require a quick typing finger, elite charting skills, and a deft touch on the laser pointer.

By the way, how many middle managers did you have to kidnap and drug before you were recognized by executive management?

Re:well...

[Tekfactory]

You can create OUs of users in your location, and only apply GPOs to those users.

You don't have to Bork all the field offices with a GPO. Now domain security policies I'd watch out for.

I've grappled with this very question for decades

[mschuyler]

The statistics are poor. We're in a mixed-use environment with mostly Windows for users and mostly Unix variants for servers, including HP-UX, BSD, Solaris, and Linux. The best data I have ever been able to come up with is one tech per 100 units. I've never counted routers, switches, hubs, and wiring in this, though I think you could make a good case to add them in. Some of those are a lot more onerous to configure than a garden variety PC. One thing that helped us was a standard-build PC. Store all data on backed up dual servers so if a PC breaks, you can replace it with an 'identical' PC easily and quickly. We kinda screwed up originally because we were IP rich with eleven Class C networks, so we used IPs to identify PCs and hard coded them, and also used one Class C per building, which was a big waste. It was a bit of a challenge to move to DHCP allocation when our Class Cs began to fill up, but we managed to avoid a lot of subnetting for a couple of decades. You probably couldn't get away with that these days.

Unix desktops. Oh, the happy memories....

[BenEnglishAtHome]

I've yet to see a serious roll out of Unix desktops...

I have. We had two SAs who handled everything on that rollout. I was one of the two. We installed and maintained all software (that was written and pushed to a central server by a different staff). We installed and maintained all equipment, both field and server room. The standard setup was each group was 10 to 15 people. One secretary used a desktop and everybody else had a laptop. All laptop users got an individual laser printer for home use. Each group had two impact printers for forms and one networked laser. Each group connected to their own database server. There were three additional servers that controlled other functions. Every single machine ran SCO OSR 3-point-something. Hardware was IBM for everything.

Us 2 SAs did everything. It didn't matter how small or large the problem, from replacing a USB-to-ethernet dongle to rebuidling a server (I could fully build a server, pulling spare hardware, imaging from tape, and restoring all databases from online backup in under two hours. We had that shit wired, I tell ya!) to taking calls from people who didn't know how to turn off the reveal codes in WordPerfect, we did it all.

Everything that could be scripted was. Our morning checklists and reports took a half hour, tops. On a good day, that was all we had to do all day. On the worst of days, we might work hard. But bad days were rare. We could take our vacations and know that no matter what shit hit the fan, the one of us who was on-site could handle it. We had the wonderful luxury of being able to walk around the user groups and ask people if they needed anything. They almost never did.

Our total user base was about 300 people. So I'd say if things are designed right, 2 people can handle 300 easily.

Of course, there were 25 or so admins and desktop people on the Windows side of the house, taking care of about 1200 users. They ran around looking like they were doing important stuff all the time. And I guess they were. Their stuff broke so much, they were constantly being rewarded for rescuing some project from the jaws of disaster or fixing some irritating problem that had plagued their users for years. Those poor sods hid in their cubicles most of the time; they didn't dare walk among the user population for fear of someone throwing something at them or, at minimum, being constantly harrassed by users pleading "Could you take a quick look at this?"

Our users just did their jobs, working on hardware and software that just worked, reliable as gravity (well, nearly) with no drama at all.

You can see what's coming, can't you?

The higher-ups started wondering aloud why those two SAs over in the corner never seemed to be running around in a panic fixing things. "Don't they have any work to do?" The higher-up attitude toward the Windows guys was completely different. Hell, I remember one of them getting an award for recovering data from a crashed server. They actually rewarded the guy with a certificate and a little ceremony because he had backups, something we took for granted in our little world.

Obviously, it couldn't last. All our apps got re-written to Windows. All the Unix stuff got ashcanned. Our user population got folded in with everyone else and forced to use the standard Windows-image machines.

And we now run around putting out fires with no time to catch our breath.

Man, those were the days. 1 to 150 was a breeze. Nowadays, deskside support is at about the same ratio and we're always on the verge of burnout, always working harder, always falling a little further behind. As much as I love my work (and I do, dearly, love helping alleviate the pain of a user who can't get their work done until I fix something), I'm *seriously* looking forward to retirement.