Ask Slashdot: Getting a Grip On an Inherited IT Mess?

First time accepted submitter bushx writes "A little over a month ago, I assumed the position of programmer and sole IT personnel at a thriving e-commerce company. All the documentation I have is of my own creation, as I've spent most of my time reverse-engineering the systems in place just so I can understand how everything works together. Since I've started, I've done everything from network and phone upgrades to database maintenance with Perl, and thus far it's been immensely rewarding. But as I dig deeper, I notice the alarming number of band-aids applied by my predecessor, and it seems like the entire company's infrastructure is just a few problems away from a total meltdown. The big question now is, how do I, as a single person, effectively audit the network, servers, databases, backups, and formulate a long-term plan that can be implemented by one person? Is it possible? Where do I begin?"

Explaines a lot

[p43751]

You work at RIM?

Re:Explaines a lot

So you are asking him if he got a RIM job?

Re:Explaines a lot

[nschubach]

It doesn't seem to work anymore, but for a while they had "http://rim.jobs"...

Re:Explaines a lot

[youn]

http://steve.jobs/ does not seem to be operational either :).... I will probably get marked as troll by apple fanboys... still funny :p

Re:Explaines a lot

[barc0001]

Of course not, he said "thriving".

Re:Explaines a lot

RIM shot

Re:Explaines a lot

[CODiNE]

Sure, click here if you'd like a rim job too.

Re:Explaines a lot

[Yakasha]

http://steve.jobs/ does not seem to be operational either :).... I will probably get marked as troll by apple fanboys... still funny :p

Nah, couldn't find the +1 Troll.

They get such a bad rap... poor trolls.

Re:Explaines a lot

[isama]

It's a shame that link redirects to /career/ instead of staying at /jobs/...

Re:Explaines a lot

They're all busy over at http://rimming.Steve.jobs

Re:Explaines a lot

[CODiNE]

What's a shame is it got modded redundant.

Wonder if the mod heard a *WOOOSH* sound as they clicked the moderate button.

Re:Explaines a lot

[syousef]

It doesn't seem to work anymore, but for a while they had "http://rim.jobs"...

I thought about going to http://head.jobs/ but I'm at work and would prefer not to risk being fired if it works.

methodically and late into the night

[sentimental.bryan]

say goodbye to your life for the next year. hope you're getting paid to mislay it....

Re:methodically and late into the night

[mattventura]

This. From what I've heard, it often involves weekends too.

Re:methodically and late into the night

[DrgnDancer]

My guess is he's not... I'm immediately concerned by: "position of programmer and sole IT personnel" and: "thriving e-commerce company" together in the same sentence. The fact that this does not appear to be a small mom and pop with two or three servers making up the "e-presence" adds fuel to the fire. I'm getting the image of a fairly large company that relies heavily on it's web and e-commerce presence. And has one guy to take care of that. What happens when he's on vacation or sick and a server dies? What happens when the website has an issue and then *anything* else goes wrong?

There's no bullpen here, if anything, anything at all, breaks there's only one guy to fix it. Day or night. If two things break you're already triaging. Surely a "thriving" company can afford a backup to what is pretty clearly a business critical unit?

Re:methodically and late into the night

[datavirtue]

Judging from the questions, it seems he needs professional help. Seriously.

Re:methodically and late into the night

[tomhudson]

I'm immediately concerned by: "position of programmer and sole IT personnel" and: "thriving e-commerce company" together in the same sentence.

First thing to do is find out why. Why was there only one IT person, and why did they quit? Look through the junk on all the systems - if they were half-way intelligent, you'll find an external email address in some source somewhere. Ping them and ask what really happened.

Re:methodically and late into the night

[Lumpy]

"if they were half-way intelligent, you'll find an external email address in some source somewhere. Ping them and ask what really happened."

I have done this before.. the response was...

"Find another job and run, run as fast as you can. Oh and trust no one."

Re:methodically and late into the night

[gmack]

That's assuming the predecessor wasn't the problem. I have learned over the years that there are far too many tech types to prefer to be the only one that does a particular task and will make any excuse to management to make sure things stay that way. When these lone wolf types happen to not be as competent as they pretend to be they tend to themselves into too deep a hole so they either get fired or quit in frustration but when you talk to them it will always be some other person's fault.

I'm not saying management isn't at fault, they very well could be but don't assume that right off. The first step is to try and get a read on how good the predecessor was at their job otherwise he can get very misleading info.

Re:methodically and late into the night

[afidel]

Dude, for three years I was the sole server, network, and SAN guy for an S&P 500 company. If you can't handle a small e-commerce company with a handful of servers (we grew for 60 to 160 servers in those 3 years) then get out of IT. It took most of those 3 years to eradicate the poor work of my predecessor (hey, let's buy an $800 RAID card and then do Windows software RAID AND compression) but I eventually got there. It was a lot of work but I managed to keep it to 50 hours a week for most of that time

Re:methodically and late into the night

[lightknight]

Thank you. That sentence bothered me as well.

The only place I can see that possibly making any sense is if you were a genius level programmer, at the head of your own company, and had a net worth of more than a million. Since he mentioned at least one other person (predecessor) and talks about a position...I'm thinking not.

And dual-timing IT / programming for commerce is NOT a good idea, for any site with any traffic. You split those roles if you have that much traffic.

So, I'm guessing it's a LAMP shop, doing stuff that most (seasoned) programmers would run from.

Re:methodically and late into the night

[lightknight]

As opposed to management and their insistence that anyone is replaceable (except themselves) for pennies on the dollar. Sometimes, the lone wolf thing is just a HR-speak for "not a team player," sometimes it's a precursor to replacing someone with someone else who costs less.

 

Re:methodically and late into the night

If management let someone do that, it's still their fault...just for a different reason.

Re:methodically and late into the night

[xdroop]

What happens when he's on vacation or sick and a server dies? What happens when the website has an issue and then *anything* else goes wrong?

Oh, that's easy:

• He gets called in from being on vacation or sick;
• he gets to work uncompensated time to fix the problem;
• if he fails to either respond to the call OR fails to fix the problem, he gets fired;
• if he succeeds in fixing the problem, he gets threatened with termination should something else fail while he's "unavailable".

In fact, I'd lay odds that's how the vacancy occurred.

Re:methodically and late into the night

This is a horrible cliche to proliferate .... I am one of those lone wolf types, except I'm fucking good at what I do.

I don't want idiots like you screwing up my stuff.

Re:methodically and late into the night

[DrgnDancer]

It's not a matter of whether he can keep up with it, it's a matter of backup. Did you ever take a vacation? Not a "going on a trip this weekend" thing, a real week long vacation? How many times did you log in remotely? What if you got really sick? What if something broke while you were really sick? I'm not talking about, "gosh, I don't feel too good today I'm staying home and can log in remotely if there's a problem" sick, I'm talking bedridden or hospitalized sick. How important was it that your servers stay up 99.9% of the time? This sounds like a "Our servers are down, we're hemorrhaging money" kind of situation. I'm not saying they need a team of 15 people, but one extra guy who can fix the business critical systems because you have jury duty today is always nice.

Not to mention that he's also the programmer. So while he's ripping out, documenting and fixing all the IT his predecessor left him, he's also supposed to be building and maintaining the site and the backend code. Oh, and fixing the bosses lap top. Cause hey, he's the IT guy.

Re:methodically and late into the night

Yeah but "what you do" is probably World of Warcraft.

Re:methodically and late into the night

[afidel]

My backup was my boss who was technically competent, so there was that, but it's not like I've never worked a job as a one man show. You buckle down and do what you have to and make it so things don't break just because you're not around (yes, this requires budget, but I've been fortunate enough that anyone willing to pay me what I'm worth is also willing to invest in a solid infrastructure).

Re:methodically and late into the night

[MonsterTrimble]

Seriously, I want the story on this one.

Re:methodically and late into the night

[momnpopstore]

I worked for a Web E-commerce site that only contracted work out. The owner was the only employee. The site ran on Perl and the only documentation was the values of variables.No documentation on Function's inputs and outputs. The code was a mess. One perl script would include the previous perl script in the center of the code. This was bad when the scripts served related web pages. The owner was a big sales driven guy and had bought the perl code from a startup company numerous years ago. I was tasked to do cold calling of potential clients and making the code compliant with credit card laws. The company appeared big because of the number of clients but was not so.

Re:methodically and late into the night

[tnk1]

I don't think there is any doubt that under certain circumstances, one person could do a lot of work in what is, at it's heart, a set of automated processes to begin with. The problem here is that having one person do anything is a horrible idea. Even a small company should do it's best to have two IT people, or at least two people who know how to run the IT department if the company relies on their IT resources for their business. People do get sick or get hit by buses, or even have heart attacks on the soccer field while playing with co-workers after work. More often, they simply find other jobs and leave you with two weeks notice and that's not enough time to get the best transition, especially for the guy who runs "everything".

As an IT person, I appreciate your level of workmanship for keeping things together yourself, but your boss should have been fired for allowing you to run things yourself. It's not a matter of having the skillset to pull it off yourself, its a matter of continuing operations and work-life balance. Maintaining staffing levels is not your responsibility, but I hope that you didn't believe that it was a good idea for you to be by yourself either. Your company got lucky that you were competent and didn't leave prematurely, but you aren't supposed to run successful companies on luck.

Re:methodically and late into the night

[BitZtream]

After reading your post ... I call bullshit.

A quick check of the S&P 500 shows that you'd have to be in several places at once to work as the only guy at any of those companies, and that 160 'servers' would be far lower than ... well ANY of them actually have, probably by an order of magnitude at least.

Re:methodically and late into the night

[afidel]

Whatever, we were on the S&P 500 at the time (got removed after we went from ~$7B valuation to ~$3B). We are a REIT and so we have fairly small IT needs relative to the size of the company (peak of ~850 employees, and as I said $7B valuation with revenues of about a half billion a year). We have offices in 36 states and four countries but only have centralized IT operations at our HQ and our DR site.

Re:methodically and late into the night

[lorenlal]

Those humans and night elves aren't going to go kill themselves....

Re:methodically and late into the night

Small operations like his are common. I'd guess he is a reasonably capable person. Where his world and yours differ, is that he's a jack of all trades (master of none)... because that's what that kind of business requires.

Yes, in a larger company, you'd hire an Exchange pro, an AD pro, a networking pro, a programmer or two and a couple techs that are slightly more generalized guys to manage backups, the server room and help desk. The unfortunate truth is that specialized individuals are rarely any good outside their specialty... which is unhelpful to a small business that can't afford a stable full of tech talent.

I know, as I've been this guy. It's brutal work but can be pretty satisfying. Every day your work is different. But you're never an expert at one particular thing and you're never paid like someone who specialized early on.

Re:methodically and late into the night

[Gazzonyx]

+1.

Re:methodically and late into the night

First thing to do is find out why. Why was there only one IT person, and why did they quit?

If there was only one, I'm betting it was a real small shop run by somebody who thought they could pay a local computer geek $10/hr to run everything, and the guy left the second he found a job that paid what the work is worth.

Re:methodically and late into the night

I wouldn't be surprised if that's what you get from any former lone gunman that was let go. We do everything and we're paid less than a guy that just runs the backups at a larger company. As such, we're the one that gets shit on whenever anything [breaks | falls short | costs too much | aggravates someone]. That's the nature of what we do and we know it going in.

And from my experience, "everything" means anything with a battery or a power cord. Paying the bill for the post meter to configuring the phone systems to making sure the company mobiles work with exchange to remote users VPN connectivity to negotiating the contract for your data carrier to updating the website. If something is wrong, it's because you didn't do it before someone noticed. If something breaks, you did it.

In the meantime, to everyone else, you'll always be that guy that just clicks a mouse and makes as much as someone important... like a sales guy.

Re:methodically and late into the night

[Ransak]

What if you got really sick?

I call this the 'Hit By A Bus' scenario. If you're hit by a bus in the next five minutes can the business carry on without you? If the answer is no for any reason then the business has major problems.

Re:methodically and late into the night

[NetNinja]

I sure hope you are making 200k a year. You are letting them take advantage of your youth, sure in the end you will gain that experience but at what expense? No time for yourself. No vacations and on call 24 x7 to wipe everyones noses? Dude you need to leave those jokers right now.

Re:methodically and late into the night

[Anarke_Incarnate]

The pride and arrogance in this trend of "I am god" here is sickening. I was part of a 2 man crew on a company of 40 people and it sucked. I got called on my way to vacation, on vacation and on the way back. I was called when ON the doctor's table. I left, and while I value the learning opportunities I was given, it is no way to run a company.

If a company does not value IT and the efforts put into maintaining it, then they are bleeding you and deceiving themselves.

Re:methodically and late into the night

[luis_a_espinal]

Thank you. That sentence bothered me as well.

The only place I can see that possibly making any sense is if you were a genius level programmer, at the head of your own company, and had a net worth of more than a million. Since he mentioned at least one other person (predecessor) and talks about a position...I'm thinking not.

And dual-timing IT / programming for commerce is NOT a good idea, for any site with any traffic. You split those roles if you have that much traffic.

So, I'm guessing it's a LAMP shop, doing stuff that most (seasoned) programmers would run from.

^^^ This.

Re:methodically and late into the night

All this sounds perfectly normal to me. I'm always the only IT person. The previous IT person (if there even was one) never did any handover or documentation. All the systems would be woefully out of date, and everything would be teetering on disaster. Thats why they hired an IT person now, after all.

Re:methodically and late into the night

[Jane+Q.+Public]

Absolutely. I once found myself working on a web project that had been through 3 previous developers -- and it wasn't even that big of a project -- but of course I did not know that when I took the job. If I had known the history of the project, I probably would not have taken it.

I ended up trying to reverse-engineer a huge mess, without really being given the time to do so. They kept me busy making stupid little changes to the graphics, when it really needed some serious underlying code work.

Then, out of the blue, they sprung a deadline on me of like 4 days, AND they wanted to release on a holiday. I said "No way. I would need at least another week to get this working properly." I did not get the week. PLUS they kept making changes up until literally the last hour, PLUS guess who got blamed when things -- inevitably -- did not work right?

I was glad to get the hell out of there. As -- it turned out later -- were the 3 developers before me.

Re:methodically and late into the night

Companies like General Dynamics might have 160 servers in a single location which acts in may ways independent from the corporate headquarters. Perhaps thats what he means.

Re:methodically and late into the night

[corbettw]

It's an ecommerce company. The only way they sell products is using computers, network, and software. It is beyond comprehension that they have a single person to do all of these tasks.

Re:methodically and late into the night

This post is total bullshit. 160 servers for an S&P500 company? What is this 1975?

Re:methodically and late into the night

[isama]

But if it's still early in your career and you aren't sure yet of what to specialize in this may be a great way to find what you like.

Re:methodically and late into the night

[afidel]

Heck it would have been lower but we needed 24 Citrix boxes just for our ad-hoc reporting tool (developing reports in JDE is too damn slow and expensive). Today it's closer to 360 but that's mostly because VM's have made is so much cheaper that we spin up multiple development environments on demand.

Re:methodically and late into the night

[Pharmboy]

The thing is, the guy who had the job before probably said goodbye to his personal life, thus goodbye to the job as well. Being the "only" IT person in a "thriving ecommerce company" is family (ie: me) and I completely understand all the band-aiding. It would be swell to be an expert at everything, but I'm not. It would be great if I could talk the owner into spending more or hiring more, but I've tried and it won't happen. I will say this, I *HAVE* talking him into paying me tremendously, so all and all, it is a good deal.

There is also a degree of job security if you do your job well enough that stuff doesn't break too often, since there is no underling to take your place, and the next guy will have just as big of a bitch as you are having now. So enjoy the challenge, make sure you are compensated for your time, and be prepared to work a lot and learn a lot.

Re:methodically and late into the night

[AdamWill]

Yeah. This. My first thought was 'don't even try. Go to your boss with a thorough list of all the problems and explain that they're going to need more people to fix it'.

Recognizing when a job is simply too much for you to power on through like a superhero is an important ability.

And even if management says 'nope, can't afford it' - your ass is now covered when you inevitably cannot manage to fix all the problems and something falls over in three months time.

Re:methodically and late into the night

[racermd]

I'm likely commenting too deeply for the person that asked the original question, but my advice seems to fit best here. What the company needs is an IT manager, whether hired directly or outsourced.

Firstly, assess the corporate attitude towards hiring (competent) staff directly and buying or leasing hardware directly vs. purchasing outsourced services. Once you know where that conversation leads, you'll have a better idea of how to address the larger problems that only a bunch of time (and usually money) can solve.

If the former, start the interviewing process ASAP. What you're looking for is self-starters that really do know their stuff. Take a handful of real-world scenarios, change some of the minor details a bit, and ask candidates what they'd do in that situation (or if they've encountered something like it before). Don't take them at their word, ask them to back it up with details of their own. Also, since you're going to wind up spending money on staff, you're probably going to be spending money on tools like new systems, software, and basic architecture hardware. Use an appropriate procurement process (and make sure it's followed) to meet your specific needs.

If the latter, like I and many others here suspect it is, be sure to negotiate favorable contract terms with this in mind - everything is about money. You might be able to get a better rate on some services if you limit support to 8x5 instead of going 24x7, for instance. Is remote support acceptable or do you want someone on-site when you have to make that call? What is the response time to various levels of service calls? Do you want to host hardware on-site or have that done elsewhere? Things like that should be priced out and assessed against the needs of the business.

Lastly, an important bit regardless of how the company wants to do it, the goal is to streamline operations which includes any support that's required when systems are not operating properly. Identify the weak subsystems and put them on a roadmap to be replaced with something more robust. It's a boring exercise in IT management that involves budgets and change control procedures but it does pay off in the long-run. If you need to get approval for spending, it helps to show what the current cost is, what the cost could be if things go wrong, and what costs could be if replaced with the more robust system. As long as you speak to your management in terms of money, they should listen.

Re:methodically and late into the night

And also many eight days weeks.

Re:methodically and late into the night

[shentino]

If you are a lone wolf that did a good job enough to worry about your successor screwing it up, why did you leave in the first place?

Re:methodically and late into the night

It's tribalism, if you ask me. Even if you give some people the ideas and bring them to fruition; it may not be enough. If you're not with the in-crowd, you might as well be a turd in the mud. Eventually, they'll turn you into a pariah, take your ideas as their own, and tell everyone you're an idiot.

I've seen genuine appreciation too, it's just that it hasn't seemed to be the norm, in cases like the OP is talking about.

Re:methodically and late into the night

[DigiShaman]

As a consultant, I found myself on the other end of this. Often, someone leaves and is replaced with a jack-of-all-trades IT admin / developer. That will almost always be the #1 uno mistake any company can make. I was called out to assist with a migration contracted by the hour. Not only did we run into several road blocks preventing a smooth e-mail migration, but I've also identified lots of red flags to the network. Some involved double-natting using old consumer routers as switches to Dell Power Edge servers out of warrant and flashing amber LEDs indicating faulty hardware someplace. But the worse security issue??? All AD accounts were made members of the local Domain Admins group just so users could install software on their local Windows XP machine. First of all, most employees shouldn't be local admins of their machine. But if they need it, you can make their domain account members of the Local Administrative group instead.

There was other odds and ends to be found. A few weeks later, the guy quit his IT job. In my haste to provide as much value in consultation per hour as I could (saving his company money), I must have overwhelmed him instead and sent him into panic and shock. Damn...

Re:methodically and late into the night

[Helpadingoatemybaby]

Huh. I wonder why they lost $4b in valuation when they did fine management practices like "Give one guy 160 servers to manage" and "have him work 50 hours weeks."

Re:methodically and late into the night

[afidel]

We lost $4B in valuation because the global credit market disappeared and a REIT is all about the spread between their short term loans and their long term mortgages plus tenant mix management, oh and the bankruptcy of 3 large retailers due to the down economy didn't help.

Re:methodically and late into the night

[dragonturtle69]

One person, for three years; did you consider the management to be wise?

Re:methodically and late into the night

[whereiswaldo]

Yes - and yet young people wonder why older people get jaded.

Re:methodically and late into the night

I'm in the same position. Contemplating suicide.

Re:methodically and late into the night

[peetgr]

I walked into a new job, fairly decent salary at the time, and ran into the old guy leaving. He told me "sorry, I couldn't tell you at the interview, but start looking for a new job. This place is going down". The job lasted less than 6 months. Then the company went belly-up. I spent 9 months unemployed after that. With newborn twins to feed.

Re:methodically and late into the night

I'm this guy where I work - jack of all trades - master of... some? Maybe... you don't really get time to specialize in any one technology.

I would send a warning though - if he is a dev - I was too... this IT admin gig takes way too much of your time to be able to code as well (not saying I don't write code, I just don't do it as much or as often as I did when I was a dev and first started looking after the IT as well).

However... it is possible. Depending on your setup and budget (I've never worked at any small company that has an IT budget and you have to justify every spend), your best bet is to start migrating to new hardware and software and not mess with the old stuff. Get some new systems in place, make sure you have redundancy, start migrating the critical/flaky stuff to the new systems. Take multiple backups (I do local disk backups for fast file restores for when users delete stuff), NAS backups for fast-ish file and system restores (a monthly VM image of critical systems is great peace of mind and it can even be booted directly from the NAS (albeit slower than the local disk)) for longer term backups and tape backups for archival and backup of last resort. Once you have some breathing room, start automating the monitoring of the network - Spiceworks/Zenoss/Cactus/MRTG etc (try them all - pick the ones that work for you) get daily reports/error logs emailed to yourself (this is the best thing for me and is the first thing I check every morning - helps to head off any problems. Then migrate the rest of the services. Sit back and document the system at your leisure...

Re:methodically and late into the night

I don't answer my phone any more.

Been called while on vacation on the other side of the world about a server problem (the senior dev was looking after while I was away) and he had spent hours trying to fix the server - took me 2 mins to hear the dev out and ask him to bring a preconfigured backup server* on-line and I would fix the broken one when I got back... sheesh! Some people can't see the wood for the trees. *Long before virtualization was possible on commodity servers.

Also been called cause the boss couldn't print to their printer - there are 5 other printers (that were working) in the building... I mean...really?

I could go on.

Oh also the call outs don't give me any more than comp time, hence why I don't answer my phone any more.

Re:methodically and late into the night

[L4t3r4lu5]

Corollary: "If you're hit by a bus in the next five minutes and the company can carry on without you, why shouldn't your manager replace you with the Sports Pack for his new Mercedes?"

Re:methodically and late into the night

[nobodie]

I worked at a place for two years (but not in the "IT" area) where the IT "professionals" were responsible for speakers in the classrooms, lightbulbs and switches, and the debacle where they installed a punchcard system for a bunch of foreign teachers and expected them to meekly submit. The head of IT finally fought his way out of the lightbulbs and considered it a major victory. Then they bought their own server for 200 email addresses, with an incompetent admin, and claimed that it was impossible to expand up to include the student body (2000 students). It was always broken and the only thing they were efficient at was dropping your email as soon as you left.

Re:methodically and late into the night

[perlchild]

I thought the same, plus an e-commerce company in this pci dss era, without more people? How the hell did they get certified... and if not, how can they continue to operate?

Re:methodically and late into the night

[lsatenstein]

Reminds me of the Dilbert Character

Re:methodically and late into the night

Yes, as a consultant, you must learn to bleed slowly grasshopper.

So the OP is the only IT person at this company, does that make him the CIO?

Re:methodically and late into the night

aka 'Truck Number' - http://c2.com/cgi/wiki?TruckNumber

Quit

Nuff Said.

Re:Quit

No!

This is actually the kind of career building stuff one should leap at. What would you rather say in an interview for your next job:
- I took this system that was falling apart and made it run like clockwork.. downtime and issue frequency went from "it's down again" to "been up all year" ..
- Yeah it was pretty good when I got there, and I maintained the status quo

My thoughts on original question:

First step is comprehension. You can’t fix what you don’t know you have/need. Identify the key components of your system. Then for each key component, break it down to it’s parts and dependencies. Then break each one of those out, and so on, until you have a pretty damn good idea of what you have.

Next part is assessment. For each component you’ve identified, what is its current state.

And then it’s time to do triage. Prioritize stuff by largest potential impact.

And finally carry out your well thought out pla.. ok, can't say that one with a straight face. Basically try to fix stuff when you can, between putting out the daily fires.

Re:Quit

[1s44c]

Quit? Do you give up on every task before you start?

Some of us like a challenge.

Re:Quit

I worked in this environment for one year as to not tarnish my resume. I toughed out the last 4 months absolutely burned out and bitter. You cannot communicate to management that outages and issues aren't your fault; they're adopted. When you fix things, you'll inevidably miss something (I did because of the pace, not dictated by me). Get out. It's not worth the challenge to get proper budgeting to get the right tools in place or the organization as a whole wouldn't let things get how they are in the first place. The business model I came from is failing. If you're good, there are better paying, better rewarding, less "heart and soul" companies out there. You're doing basically startup work for at will employment pay.

Re:Quit

[The+Moof]

I'd amend that to a big "maybe" for sticking around.

All of what you said (and the initial reaction to quit in the GP) all hinges on the root cause of the mess. If it's a result of the predecessor not doing things correctly and flying by the seat of his pants, you're correct at jumping at the opportunity. However, if it's caused by management screwing IT every chance they get with poor timelines, lack of funding, no foresight, and so on, run like hell.

Re:Quit

[Jibekn]

As someone whose been fucked by a sociopath boss for trying to take on a similar project, I agree with the OP, QUIT, run far and fast. Its not worth it, being able to say "I took a broken system and made it run like clockwork" is worthless at most job interviews, they're not hiring someone to fix their broken system, they're hiring an admin (from the impression I got) if a company knows their system is falling apart, there's contracting companies that specialize in that, unless you're trying to get into one of them, don't bother.

Its really not fun being blamed for a critical failure caused by the idiocy of a predecessor, and then fired for it.

Re:Quit

[v1]

Yep. Hop into the waders and get to work. It can be a very rewarding experience turning a steaming pile back into a smooth running good looking machine.

To add to the above, document everything. Though it sounds like you're already doing that. Make sure it's documentation that works for anyone not just you. Don't take anything for granted. Automate whatever you can, including problem detection and notification. (save yourself from having to check things daily or weekly, have it shoot you an email or something if a common issue crops up again)

Make sure your employer fully understands the situation you and they are in, so they don't expect you to be doing improvements and striking things off their sore to-do-list that they were probably hoping you'd tackle the day you started. Get them a timeline as soon as you get something of a grip on the situation, tell them where you're going to be spending your time to start with, and the reasons why it's essential and going to delay their getting their bells and whistles and visible bang-for-the-buck of hiring you. Otherwise they may think you're just sitting on your butt because they're seeing no tangible benefits.

If you've got a LOT of things that need to be fixed, things that can be done by closer to trained-monkey level, consider getting a temp assistant to help you dig out. Someone to run around and reimage machines, fix networks, repair stations, do RMAs, etc while you pull up your sleeves and unhack the servers. But if they're not in that big of a hurry this may not be appropriate.

Good luck with it, sounds like fun actually, a challenge at the least.

Re:Quit

[Archangel+Michael]

It is probably a combination of the two. Because MGMT always assumes IT can do something with very little, and often the Impossible with Nothing.

We are skilled (most of us anyway) problem solvers, and they rely upon that to function. I hate to say it, but to the original question should be answered this way: HIRE outside consultants to evaluate your system(s), and give you a hard copy report on their findings that you can present to MGMT.

If the situation is as I believe, it is worse than he even suspects. He needs more help than he can do by himself, to get ahead of the curve.

Re:Quit

[KermodeBear]

Best advice, right there. It's a challenge for certain, but making things better is the best thing you can do - for the company (ha) and, far more importantly, for yourself.

Hang in there!

And although it may feel like the whole place is going to fall apart any moment, it hasn't yet, you're in charge, and it sounds like you're gradually making it all better. Take a deep breath, Don't Panic, it'll be okay.

Re:Quit

[shentino]

You can't win a football game if the referee is being bribed by the other side.

Or in this case, succeed with a boss who was short sighted enough to let the mess happen in the first place and who is going to blame you for failing if you don't pull off a miracle.

Re:Quit

[Nethemas+the+Great]

I'm familiar with that kind of mess... Best advise is to piss on all the fires as quickly as they arise and unfortunately put in over-time putting in place alternative implementations that prevent it from happening again. During those brief intervals when something isn't burning survey the land and determine the highest risk (read cost and likelihood of failure) and take proactive steps to mitigate. At first you'll feel like you're in the worst kind of hell but eventually, things will start to come in place and you'll be able to enjoy your hard earned vacation. Further, it's quite probable that you don't have a complete knowledge of the technology being used. Get it. There's no substitute for actually knowing what you're doing. It's unfortunately far too common for people with no time and/or interest to search the web for a snippet of code, or set of procedure steps and hack these into place with out the slightest clue what they're doing nor the consequences thereof. It's usually better to go sharpen the ax before you go into the woods even if it seems like it will take more time. Trust me, it will pay dividends later.

Re:Quit

[Wonko+the+Sane]

How often are IT messes due to shortsighted bosses as compared to the times that they result from some deal in the past in which a contractor was paid a lot of money (much of which funneled back to management in the form of kickbacks) to "fix" a problem at the shareholder's expense?

Re:Quit

So you worked for one whole year in this industry, and that gives you insight enough to know that there is only ONE reason that things get to this state?

That's interesting because I've been in this industry for 22 years and I can list at least two possible reasons. The obvious one you're missing is that there is budget but the previous guy was an idiot.

I'd say there's a 90% chance it's the latter. Budget is easy to come by in a thriving business, but people who know what they are doing are still rare (hell, this Ask Slashdot is basically "help I don't have a clue what I'm doing").

Re:Quit

[Nethemas+the+Great]

And some are sweatshop code monkeys or BestBuy clerks--that care nothing for their job--simply trying to collect a paycheck so they can buy Call of Duty {x}. Jobs to them are an unfortunately but necessary means to an end. The fewer hours and the less they actually have to do the better.

Re:Quit

[Ephemeriis]

This.

I'd be willing to bet a year's pay that the previous guy wasn't straight-up incompetent. He was probably relatively skilled, and doing the best he could with the resources at his disposal. Which were probably not actually the resources he needed.

Odds are good that there's a reason why the place is in the condition it is now.

Odds are good that there's a reason why the last guy isn't there anymore.

Odds are good that you're going to need more than one guy in IT to get it all straightened-out.

Re:Quit

[kiwimate]

HIRE outside consultants to evaluate your system(s), and give you a hard copy report on their findings that you can present to MGMT.

I agree.

Re:Quit

[gknoy]

It's not worth the challenge to get proper budgeting to get the right tools in place or the organization as a whole wouldn't let things get how they are in the first place.

I haven't been there, but it sounds like it would be very beneficial to learn to present the business case for upgrades and budgeting. Explain the difference in downtime that it would entail, and the benefits the company will get. From what I've seen our previous IT guy do, it seems that bosses are NOT opposed to spending money, as long as you can make a good case for why it's necessary. Put it in terms of dollars that it will save you and that will go a long way.

Re:Quit

[sir+lox+elroy]

My current employer was in that state when I started 7+ years ago. I enjoyed the diagnosis and repair. If you like the metal test of fixing problems it is great. Hang in there and when you are done fixing everything you will have something to be very proud of. :-)

Re:Quit

Yup. Stick to it if you're just getting started and want to make a name for yourself. But if it's just another line on your resume, then check if you're getting paid enough now to get you thorough the next months of work, or the following years of therapy.

Re:Quit

No!

This is actually the kind of career building stuff one should leap at. What would you rather say in an interview for your next job:
- I took this system that was falling apart and made it run like clockwork.. downtime and issue frequency went from "it's down again" to "been up all year" ..
- Yeah it was pretty good when I got there, and I maintained the status quo

My thoughts on original question:

First step is comprehension. You can’t fix what you don’t know you have/need. Identify the key components of your system. Then for each key component, break it down to it’s parts and dependencies. Then break each one of those out, and so on, until you have a pretty damn good idea of what you have.

Next part is assessment. For each component you’ve identified, what is its current state.

And then it’s time to do triage. Prioritize stuff by largest potential impact.

And finally carry out your well thought out pla.. ok, can't say that one with a straight face. Basically try to fix stuff when you can, between putting out the daily fires.

Simple; Ask them if you can hire a CO Opt student to do/help documentation and Analyst on the infrastructure... If they say no then you can see where this is headed. There maybe a red flag as to why they are thriving.... Once you stabilize their system then they are free to rid themselves of a high cost liability (You) and hire another less expensive first born over achiever, you can chalk it up to a life experience.

Re:Quit

[Siberwulf]

First step would be to evaluate everything as posted above.

Then build a Action Priority Matrix. It'll help you fit together an action plan and block out time for what appears to be major projects. It also allows you to get some Quickies done to show management you're the right guy to keep doing the job.

http://www.showingnaturally.com/ActionPriorityMatrix.png

Re:Quit

I suggest getting more English lessons as the words , "I worked in this environment for one year as to not tarnish my resume" does not by any stretch of the language mean, "So you worked for one whole year in this industry"

So what is your native language where the word "environment" is equivalent to "industry"?

And you claim you have worked in IT for 22 years but yet you cant read English properly.

Show me you H1B card, I think you are fluffing us.

Re:Quit

[Lumpy]

When I'm given a spoon and told to storm the hill and kill everyone in the machine gun nest?

yes. I quit before I even try. After you have been in IT long enough you can spot a suicide mission a mile away.

Re:Quit

why does it always seem like Scotty has screwed everyone it IT. If only management could be convinced that everything won't be fixed in 60 minutes less commercial breaks with only a screw driver and a prayer. We givin it all we've got captain

Re:Quit

[19thNervousBreakdown]

Show me you H1B card, I think you are fluffing us.

Is English your first language? Because the definition of "fluffing" that (I'm pretty sure) you're referring to isn't the one most of us are thinking of.

Re:Quit

[19thNervousBreakdown]

Oh god yes do this.

If your bosses will sign off on getting a second opinion, great, stick around and fix stuff. If they don't even want to know that it's screwed up, get out as soon as you can.

Just be very careful when selecting who you'll bring in to do the audit, and be very clear that if anyone is brought on to help fix the problems, it absolutely will not be the same as the evaluators. Otherwise you're essentially handing them a blank check to say whatever they feel like is wrong, and fix it any way they want.

My suggestion is to generally avoid letting contractors do more than consult with you on a project--they know very well how to set things up so that it's easy for them to work on in the future, and are generally not very good at making the stuff actually fit in well with your business processes.

Re:Quit

[lonelytrail]

Are you out of your mind? Where will he find time to "Identify the key components of your system. Then for each key component, break it down to it’s parts and dependencies. Then break each one of those out, and so on, until you have a pretty damn good idea of what you have." while he's working his 3rd shift for the day on Saturday after having worked 80 hours the week before.

Yeah, "leap" right out the door. Been there, done that. MGMT doesn't care. They, of course, want the business to succeed and make everyone happy but they have no idea how much of your blood they are asking for or how long before you die or leave. And NO, they won't hire another person.

Re:Quit

[lonelytrail]

Oh, "whoosh." I missed that last sentence, "Basically try to fix stuff when you can, between putting out the daily fires."

Good luck with that.

Re:Quit

[malkavian]

I've been in a few similar situations over the years. The first thing you put on the table is "This is not an acceptable situation. Your risks are .".
If they don't cover this, then that's really not your problem. I've coding for 32 years, and doing sysadmin stuff as well for about 20 (among other strings to the bow), and live in despair of people who really don't understand that this stuff doesn't happen by waving a magic wand, and there is more to it than making pretty buttons appear on a screen.
At interview, if someone said they'd reverse engineered and documented a system in this environment (and yes, I interview people for dev/admin jobs from time to time), I would seriously ask them why they didn't get management a junior to cover the paperwork and cover duties, while they dealt with the heavy lifting of reverse engineering and planning. I want someone around who will grok the risks, take responsibility and come up with a resilient service (not just a few machines that may be able to fail over). Budget isn't always easy to come by, especially if there are political axes to grind.
I'm with the AC on this, from the limited info available. Either get them to get you a second, or get out. If the business is thriving, they can afford it, and they're just being cheapskates (and in many years, I've met quite a few like that) if they don't. You don't want to work for a cheapskate.

The time to take this kind of work on solo is if you're part of a startup, when you've got a lot invested in the success of the company. You live or fall on your wits, capability, and ability to lose every evening, weekend, and many a night too, on keeping this up and running as cheaply as possible.
Once the 'thriving' level arrives, you'd better make sure you're not still carrying that load alone, otherwise your own lifespan (as well as that of the company) may be quite severely limited.

Re:Quit

[myurr]

Completely agree. Perhaps the previous guy didn't take the time to inform the management of what was required to do the job properly, or didn't know himself, or was more interested in painting himself as indispensable than doing the right thing. First things first, if this is genuinely a thriving e-commerce company then their website is their number one priority and their fulfilment systems are the number two priority, phones are number 3 with everything else taking a back seat - and they REALLY need to get a second employee. If you are ill, on holiday, or, deity forbid, something happens to you, then they need someone else who can step in. If their infrastructure is as shot as you suspect then you're going to need a second brain to sort it all out and help you implement it.

You must make sure that backups are being taken and are robust. You need a disaster recovery plan. You need both short term and long term plans to scale the infrastructure as the business grows and reactively if there's a sudden growth spurt. You need to know where the next bottleneck in the system is and come up with a plan to fix it. Do you have an adequate handle on monitoring traffic to the site from when they first land through to placing an order? Do management have the stats required to make informed decisions about the business? Management will also need to be aware of when IT will need extra funds as mapped against their own sales growth targets.

Once all of the above is sorted, and decent management allowing (and presuming this isn't something that is already being taken care of), you need to start suggesting to management the skillsets of people and / or contractors and / or agencies that need to be brought in to proactively grow the business. Be it SEO, PPC, UX, new features, etc. whatever it is, you have the opportunity to help the business understand it all and be instrumental in their success.

Re:Quit

[lightknight]

Hmm. Sounded more like there was a falling out between the guy who actually made the company (performed the actual work of consequence), and the guy who owned the company. So, guy who made the company resigned / was fired, and guy who owns the company brings in someone who is green to replace him (thinking to mold him into the kind of subservient tech he wants him to be). Battle of the Egos, and if only one person made the company beforehand, the new guy is going to fail. Probably tons of undocumented code, business logic, and designs which will run for a while, then stop.

Probably going to have to replace everything, in the long run.

Re:Quit

[Xacid]

Seconded.

And I definitely see the problems some of the other commenters had in similar situaitons - if you don't have the support of your management in a scenario like this you're fighting an uphill battle. In my case I had an incredibly helpful and understanding boss which made things much, much smoother than it otherwise would have been. Sure, I had to work some shit hours to make the bigger changes so as to not affect normal business but that's just the name of the game with a massive overhaul. Hell, I was feeling fortunate this wasn't a 24hr shop.

Anywho, definitely a great resume booster and does wonders for your confidence once you've conquered the beast. My advice is slow and steady and make sure you document all the new stuff.

Re:Quit

[cptdondo]

Depends on the management. 7 months ago I inherited a dysfunctional department with morale in the crapper and a seeming inability to do anything. The organization brought in a new director (my boss) and new department manager (me). I got a lot of funding and a lot of resources to fix things. Net result is that we are now ahead of the game for the first time in 5 years, people like being here, and we're having a blast.

So if management is providing support and resources, I'd say go for it. If they're saying we like it the way it is, then leave.

Re:Quit

[Bastardchyld]

I agree with what you have said, however with one minor caveat...

Based on this - "I assumed the position of programmer and sole IT personnel at a thriving e-commerce company." I am assuming...
1) He says he "assumed" the position which would imply that he worked elsewhere in the company and was made the de-facto IT person based on having an Android phone or a PS3 or whatever other metrics they decided to use. I am going to give the Poster the benefit of the doubt, and assume he is not in over his head.
2) If the company is a thriving e-commerce company, which means that they make their money off of this e-commerce platform. Which should mean they are wanting to protect the investment that they have already made.

Now the problem here is that there are all kinds of red flags for doing things on the cheap, which is why you are finding all of these band-aids. If the company is thriving they should have no problem hiring a second person. Regardless of your level of skill mistakes will be made and these can be reduced if you have a sounding board. Someone to logic check things with.
As for actually identifying and making changes the parent has that part spot on. I am just concerned that may not be effective in this organization.

Re:Quit

[spads]

This is like embracing the rich challenge of shoveling out someone else's outhouse. It MIGHT be worth considering if these types of things are generally appreciated, but frequently (and to some extent deservedly) they are looked upon with scorn.

Re:Quit

[nortcele]

Preach it. Any job where you're the guy that has to fix it... the challenge is a HUGE learning opportunity. Evil boss or no. I've worked for a glory seeking back-stabbing boss before. That in itself is a good learning experience about how to appropriately protect your flank while still being able to do your job (and what kind of boss not to be). All that prior experience helped get me the job I have now, and it just happens to be for a great boss. I'm always in a constant state of character and job skill development. When it no longer is learning opportunity, find another job. Never burn bridges. Ever.

Re:Quit

[xelah]

It sounds like it was your boss that was the problem rather than the project. If you can't communicate properly to your boss why there is a problem, what it is, what the consequences are, what you will have to do to fix it, approximately how long it will take and which problems/systems have and have not been fixed (and therefore problems are all your responsibility) then it isn't going to work out. That's a lot of work, unlikely to be a lot of fun, and takes two people: you, to give the right information, and him, to actually listen and understand and honestly report it to the rest of the organization. If, after you've communicated properly, he STILL blames you for prior inadequacies he can see (but maybe not admit) are not your fault then you're probably going to have a problem no matter what state the systems are in.

Oh, and you don't say "I took a broken system and made it run like clockwork". You say something more like, if you can, "I specified, designed and deployed a whole new x/y/z system in a successful x month project which reduced support problems/reduced downtime/increased throughput/increased capacity from x to y within existing hardware and budgetary constraints". That demonstrates more than "I took a system which already works well and managed not to break it"

Re:Quit

[fifedrum]

this.

I wouldn't even consider overtime until you complete an initial assessment in terms of hardware warranty, redundancy and replacement costs, licensing mitigation etc. For that, you hardly have to get under the hood.

If they open their budget and agree to realistic (meaning expensive) hardware and software fixes which you'll surely need, stick around, otherwise forget it. Your resume is still warm, keep it in circulation. You don't want to be the lone IT guy in a shop full of illegal copies of server software.

If they magically agree to opening the purse, backup/restore and disaster recovery would be my first priority. Spend time figuring those systems out, implementing automatic tests and work in parallel on a hardware analysis of the entire place, power first, RAID second, database replication a close third. That is, as you review a hosts' backup requirements, and test restores, run through the host and check hardware, ensure it's appropriate to the task at hand, legal, secure, stable and all that. But don't dwell on any particular host too long at first. You don't want to get target fixated on one little detail for more than a few seconds.

Anything without warranty that doesn't have spare parts on hand gets replaced, anything critical without internal hardware redundancy (multiple power supplies on different circuits, RAID etc) gets replaced.

While you're ordering hardware, stage the deliveries so they can be replaced at a reasonable pace, and document as you learn. Start with a simply brain dump of the business reason a host/process exists, then dig down to the details of the changes from a default install of an OS while you're working to replace it.

I would insist on a PFY too.

Re:Quit

[oh-dark-thirty]

As someone who has inherited a bowl of spaghetti more than once in his day, I can say definitively that it's all driven by upper management/ownership. You're given a limited set of tools and an even smaller budget to make sure everything not only runs, but runs at peak efficiency. Then, add in incompetent end-users that are allowed, nay, ENCOURAGED to build undocumented, unstructured and barely maintainable "applications", and you're in for some real fun.

Re:Quit

[HornWumpus]

To paraphrase your question:

How often are IT messes doe to shortsighted bosses as compared to times that they result from short sighted bosses?

Managing contractors is the bosses job. That said the two scenarios are different flavors of incompetent shortsighted boss.

The boss that cluelessly throws money at a problem might be worth continuing to work for, if you believe (as I do) that letting a sucker keep his money is an immoral act.

Re:Quit

[ZiggieTheGreat]

I was here for the last 6 years. I came onto a team of two, and my co-conspirator was quickly promoted to my boss. There was never a replacement hired.

His basic philosophy was "if a patch can make it work, don't spend the money". any problems we had were never passed up to people with the money to fix things.

Things weren't too bad until he left two years later and they hired a non-technical person to be my new boss (we want someone with more artistic ability. Blech). I presented a list of all the things that needed replaced, upgraded, repaired, un-duct-taped, etc -- listed by priority, severity with downtime analysis, recovery, etc. It was a significant list, and I didn't expect everything on it to be done, but anything was better than nothing.

New boss passed the list in full force up the change, which initiated an audit, which was painful but I figured things would be better at the end. The auditors got fired before handing in their final report, management marked it down as "problem solved" and no money ever showed up.

Fast forward 4 years and the company cut pay "due to the economy", killed vacation benefits, and made working there a living hell. Due to cut pay, my ability to work overtime magically disappeared as well. I was there for six years, and I left handing over the same servers I took over when I started.

It was a mess, and I managed to stabilize systems by never changing them, but it was a patch job. Management didn't care and I held my breath every time a server rebooted. I'm happy to have gotten out before every collapsed.

To the OP, I say best of luck. If you can get traction, then stay and make the place awesome. If everything is an uphill battle, run now. The writing is on the wall.

Re:Quit

Kosh: "Understanding is a 3 edged sword, your side, their side, the Truth."

Actually, Kosh only said "Understanding is a 3 edged sword," Sheridan added the rest.

Re:Quit

[Jibekn]

In that case, the boss in question was the previous IT person, this was not relayed to me until after I was fired.

Re:Quit

[grcumb]

This is actually the kind of career building stuff one should leap at. What would you rather say in an interview for your next job: - I took this system that was falling apart and made it run like clockwork.. downtime and issue frequency went from "it's down again" to "been up all year" .. - Yeah it was pretty good when I got there, and I maintained the status quo

I just spent a couple of years stabilising and formalising an online organisation's systems, and I've got to say I'm of two minds on this one.

First off, this kind of undertaking is neither for the inexperienced nor the faint of heart. I took the job as a labour of love. The organisation I work for provides a critical service to millions of people, so it really had to continue. It's been running in its current form since about 2004, so you can imagine how much cruft it accumulated over the years.

For the first year, I worked alone. During one four month period, I worked seven days a week (half-days on Sundays). In that time, I standardised, automated and documented most aspects of the operation. I installed online and off-site backup and instituted backup and recovery protocols. I installed remote management capabilities, so that I could deal with everything except catastrophic hardware failure without having to be physically present. I implemented proper user management, single sign-on to all critical resources, and access control for important data.

By the end of the first year, I had a promising trainee, and within a year of that I had a second assistant helping with software development.

Wherever possible, I DID NOT invent anything. I appropriated simple tools and worked in the smallest possible increments. And this is a critical lesson: For everything you do, make the cost of failure as small as possible. If you bring operations to a halt, you had better be able to get them going again immediately.

Things are significantly better than they were, but I just gave my notice, anyway. Upper management have made it clear they don't understand the resource requirements we have, and they've refused to commit to contract extensions for key staff members, including my assistant. I know that if I stay, it'll only end in tears.

Bottom line: Don't take this on unless you're experienced enough to be able to spot the traps and to know how to get past them. And when I say 'know' I don't mean, 'I've heard about this great approach' or 'I've seen this done before.' This kind of environment is no place to learn. And even if you are experienced enough and committed enough to handle it, you still need to know when to walk away.

Re:Quit

If you were here right now I would kick you in the balls for using the phrase 'action priority matrix'.

Buzzword spouting moron.

Re:Quit

[lunchlady55]

PFY?

Oh you BOFH, you.
Oh, by the way, can I have some more disk space?

Re:Quit

[strikethree]

The first thing you put on the table is "This is not an acceptable situation. Your risks are .".

You said some good stuff; however, the line above should be considered an absolute mistake.

The mistake is here: "This is not an acceptable situation."

That is a judgement. It puts the listening party into a "battle mode" as they determine what it is that is unacceptable and who is at fault and according to whose standards.

There is the other obvious question too: Who is the situation not acceptable to?

If it is you, then they can say, "Walk. Nobody is forcing you to stay."

If it is them then you are presupposing their judgements. Some people can get very upset over this.

TL;DR, Don't use language like that as it can cause problems.

Re:Quit

[Glonoinha]

Because the definition of "fluffing" that (I'm pretty sure) you're referring to isn't the one most of us are thinking of.
Too bad. I love me a good fluffer.

Re:Quit

[jtnix]

Yeah, stick it out for a while and do what you can, you will learn a LOT more than you already have and will help develop your own crib sheet of tips, tricks and best practices. I've worked as an employee (not contractor) for two companies that were train wrecks waiting to happen. One wrecked (stayed there 9 months) the other was bought (stayed there 2.5 years, left a year before the sale). At both places I made good friends who I still have to this day and who've gotten me more work since then, not to mention good recommendations for my CV. One of those leads recently morphed from an amazing 8 month contract where I learned a LOT with a great company that has now hired me to work remotely (that's right, home office in my soft pants.) The CEO actually founded the company under the principles of 37 Signal's manifesto Getting Real (read that.) Dream Job if I ever knew one.

In my case, 10 years of weird contracts and small company employment disasters got me yards more than any 3 year IT BA and quitting will ever get anyone.

Re:Quit

"Action Priority Matrix," don't say shit like this, you sound like a buzzword whore even if you do know what you're talking about.

Re:Quit

I've never understood how people get themselves into these situations where they are working evenings and weekends seemingly on a never ending basis. I've worked in start-ups and small businesses and always been 'the IT guy' (whether or not I was there as the IT guy or a dev but thats another story) and I've always worked on the basis that I would implement systems that stayed up (cause I would be the one having to fix them) as cheaply as possible, or if not, have redundancy so the fix was 'bring up a backup server' so problems could be fixed during office hours.

If you are working more than 40hrs a week you are doing it wrong...

Re:Quit

[fifedrum]

you have plenty, \clicky clicky\ your quota says 0 bytes used

1 suggestions

start drinking

Re:1 suggestions

who stopped?

Re:1 suggestions

[Karl+Cocknozzle]

Mod parent UP. +1 Draper-esque.

Re:1 suggestions

You should listen to him; he's pre-med.

Re:1 suggestions

start drinking

^^This

Re:1 suggestions

Heavily

Re:1 suggestions

[colinrichardday]

Cyanide flavored Kool-Aid(TM)

Re:1 suggestions

[ab0mb88]

Better listen to him. He's pre-med.

Configuration management

[Neil+Watson]

Automate your servers so you can focus your time elsewhere. I use Cfengine.
http://watson-wilson.ca/2011/03/enterprise-system-administration-using-configuration-management.html

Re:Configuration management

[1s44c]

Yes, automate everything, monitor everything, backup everything, document everything.

I used to use cfengine but find puppet an easier tool to work with. Nagios and BackupPC are also wonderful tools but you might want to choose alternatives if they better fit your needs.

You might want to express some concerns to management just in case something critical does fall over you don't look quite so bad.

Re:Configuration management

[vajrabum]

Lots of folks here have talked about backups but if you're company is really successful then restores could be more of a problem than backups. Large databases and system configuration can take a loooong time. Develop a plan for restore and execute it regularly as a test. Make sure management understands the time for restoration. Two other things--virtualize (that reduces the coefficient of friction for moving things considerably) and consider using Amazon or some other cloud provider in your restore plan to in case your cage/server room/whatever burns. Some of those services are low or no cost until you start loading things up. If you go the cloud route be sure to get a read on your traffic, storage and other billable numbers. If that's the disaster plan then if the numbers are of any size at all you need to run the cost by the CFO to make sure that it's sustainable.

Re:Configuration management

[SCHecklerX]

Inherited my mess about a year ago. I've done much to clean it up and monitor it.

I may have to investigate Cfengine soon, but for now, since I am comfortable with creating my own RPMs since all of our servers are CentOS, I simply use yum with rpm. It works very nicely. If I make changes (I use git to track/branch/etc), I then just rsync the repository to our production server once I am happy that everything is correct. Building, git, etc, is all automated from within vim with some simple scripts that I wrote.

Nagios to monitor the whole mess, including MySQL replication, DRBD clusters, Backups, Firewalls, Mail Relays, Web Servers, Whether we somehow ended up on a RBL, etc.

Dunno how I got stuck doing it, not being a developer, but I will also be training our 'development' team (php web developers) on how to use git from a shared repository.

I'm managing approximately 50 enterprise server systems this way, and the load is no big deal for just me to manage now that I'm slowly beginning to reign in our developers and my boss. They all have root access still :-( A political fight I'm not yet prepared to have. I was able to take it away on the web servers, at least, and that's the only thing our developers touch, so life is a bit better.

Re:Configuration management

[TomTraynor]

And document every step of the way. What you did, how you did it, where you did it and WHY! I did support for three years on a legacy mainframe app and a lot was never documented, especially the WHY. Half the time I put into fixing the outage was documentation.

Re:Configuration management

[TomTraynor]

Been there with failing backups. We do a disaster recover exercise on a regular basis. The first time doing a disaster recovery test many years ago our backup tapes failed and we had to revert to another set of backups to finish the exercise. It drove home to senior management about the importance of backing up and just as importantly ensuring that those backups will work when they are needed!

Re:Configuration management

[bill_mcgonigle]

They all have root access still :-( A political fight I'm not yet prepared to have. I was able to take it away on the web servers, at least, and that's the only thing our developers touch, so life is a bit better.

A fine baby step is to move everybody over to sudo. If you can get buy-in that everybody will track changes with git, then you have somebody to blame and can build a case if they break it. With sudo you have a record of who was mucking (in your /var/log/secure).

If they're perfectly reasonable/responsible and you can track changes, it's not such a problem, really, unless you're worried that they're secret agents meaning to break your stuff. I typically only see frustrating carelessness where people can get away with it.

Re:Configuration management

[TomTraynor]

Do the fight, at least if there is a paper trail your ass is covered. If your company has auditors, buy them a coffee and see if they can help you explain to senior management why root access for everyone is a bad thing. I needed it years ago as the support person, but, when I moved back to development they kept my access. They gave me very strange looks when I asked for access to be revoked, but, when they got audited they didn't get nailed by the auditor for having developers full access to the prod machines.

As a compromise see if you can get a 'SYSTEST' area defined where an image of prod data is stored and the new code that is to be promoted can be staged. That way developers can put up their code and prove it works with prod data and if it gets signed off by management you can 'promote' the code to the prod servers.

Re:Configuration management

[vajrabum]

It may not just be a reliability problem. It may also be a time problem. The time to restore 10TB for example may be prohibitive for many applications. That used to be a big enterprise problem, but now everybody can afford such things. In other words make sure you have a data protection plan and not a backup plan and that you've tested the system and your assumptions.

Re:Configuration management

A fine baby step is to move everybody over to sudo.

This is a great recommendation, but not easy to pull off. It's unlikely that they'll go willingly. They'll probably just do "sudo bash" (which is a bit better than logging in as root directly, but not a whole lot). You'll get excuses like "typing sudo for every command is too slow". If they actually knew which commands actually required root privileges and which ones could be run as a normal user, they'd find that it's not really all that bad. In the end, you'll need management backing to pull this off, and people will need to get more than a hand slap if you find that they don't use sudo properly.

in your /var/log/secure

That gets rotated and goes away at some point. I prefer to have sudo log to /var/log/sudo.log and not rotate it. That way, you have a complete history of what's been done on the box. In most cases, it will never get large enough to where it's a problem. You can accomplish this by adding "Defaults logfile=/var/log/sudo.log" in your sudoers file. You might also like "Defaults loglinelen=0"

Re:Configuration management

no .. NO .. NFUCKINGO
There is not actual reason to EVER have production data outside of the production systems ( beyond backup ) ..

Staging / dev / test should be performed with TEST data.. That is data that is REALLY REALLY fucked up .. fields with bad data .. wrong data types .. random data .. data designed to break things .. sql injection simulations .. ect. As close to every potentially possible data combination that can be generated.

If you ever have a situation where code breaks in production , that was not discovered in testing aganst the "TEST" data set. Then that means that the TEST data set is broken!!! .. not that the process is.

If you are truly paranoid , then you can always do "pre-deployment" testing with production data. This is done AFTER the code is signed off on for production deployment. If ANYTHING breaks there , then you need to fix the test.

Re:Configuration management

[ZiggieTheGreat]

I spent 6 years working in a place where our DR plan was to avoid disasters.

Re:Configuration management

[Vanders]

They all have root access still :-(

Here's a generalised three step plan:

1. If you don't already have it, implement some sort of centralised authentication mechanism. This can be NIS+, LDAP, Kerberos, whatever, but have it.
2. Disable root logins and start to make everyone use sudo. Sudo is auditable. Sudo permissions can be made fine-grained.
3. Implement configuration management. Even if that's only managing critical system components (I.e. the sudoers files, sshd_config, passwd & group files). Even if you "only" use Cfengine (but seriously take a look at Puppet and Chef before you make a decision).

Re:Configuration management

[ZiggieTheGreat]

I don't actually recommend this method, but it worked in my case:

Our root password somehow got posted on a forum and our server was then hacked (the server happened to be DMZ'd off and in maintenance mode at the time, so damage was minimal). I was able to point out the insecurity of allowing root logins remotely and lock everyone down to using sudo and logging in as themselves. I had the occasional person try sudo su, which made me laugh but for the most part people conformed.

Again, I do not recommend this method.

Re:Configuration management

[SCHecklerX]

Unfortunately, my biggest problem is the PHB. I have already given sudo access for the web developers on the web servers where I don't allow direct root logins any longer. We have ldap. Now 5 years later, it's actually being used properly :-D

Example:
"I don't want to have to come in on a weekend if there is a problem, so I bridged across the firewall with an IP KVM, exposing it directly to the Internet" That same stunt, by the way, was somehow a 'Firewall problem' since he assigned it the same address at the firewall's public primary address...

My biggest fight is to get the Boss, who understandably had to run things for a little while when his last admin was fired for being a general douchebag to relinquish control, and to at least communicate with me rather than trying to implement things behind my back.

I've cleaned up most of the problems from the prior admin, and am moving forward. If I can get my boss to keep his hands off, or at the very least involve me when he has a 'brilliant' idea, life won't be too bad.

Re:Configuration management

[SCHecklerX]

Ha! Auditors. We aren't that big, although the owners think they are.

Ok, how's this for my environment:

The owners of the company demand that we store everyone's password, in the clear, in a field in ldap so they can have access to everything. I have tried challenging this several times, and have yet to make any headway. Those ldap servers are accessed via the Master r/w account by our web servers on the untrusted Internet. Did I also mention that none of our publically-facing servers are on a DMZ, and that my boss fights me every time I mention how all of these things are very bad ideas?

Re:Configuration management

[SCHecklerX]

I know all of these things. And may just do it, and ask for forgiveness later. The environment is somewhat hostile, since they have never had a real RHCE, CISSP, CPT, CEH type running things before.

Re:Configuration management

[LordLimecat]

Clicking on the "self healing" bullet point, I get

404 Page Not Found
By Neil H Watson on January 1, 1999 8:40 AM
This is not the page you are looking for. Pages have been rearranged and my website relaunched. I'm sorry for the inconvenience. The search tool on this site should help you to locate the the file you are looking for.

Sincerely,
Neil H. Watson

Can I get a +1 irony here?

Re:Configuration management

Restores are always a bigger problems than backups.

Re:Configuration management

[bill_mcgonigle]

"I don't want to have to come in on a weekend if there is a problem

fair enough

, so I bridged across the firewall with an IP KVM, exposing it directly to the Internet"

ahhhhhggghh!!! Yeah, I'm sure that runs a perfectly secure IP stack.

Now, if the guy had implemented a 2-factor OpenVPN server so he could get to his IPKVM device, I might say you should cut him some slack.

That same stunt, by the way, was somehow a 'Firewall problem' since he assigned it the same address at the firewall's public primary address...

0-o Doesn't he have some business matters to attend to?

If I can get my boss to keep his hands off, or at the very least involve me when he has a 'brilliant' idea, life won't be too bad.

Appeal to his desires. Does he want more time at home with the kids? Does he have Important Meetings to go to? Whatever it takes to make him feel good about giving you the projects. You might have to do a bit more for a little while, but you'll get him trained soon enough with enough positive reinforcement. Even consider that he's trying to spare you some of the load, even if it's not a very good idea.

Re:Configuration management

[badkarmadayaccount]

OK, give them SSH, if they fuck it up, fine, just don't let anyone else do it.

Wiki

Been there, done that. Start with a simple wiki. Document everything including lists of things that need to be done. Put time and dollar costs on everything along with your idea of the priority. Present the list to the CEO or whomever it is that is above you and work on prioritizing it, then get to work.

Re:Wiki

[1s44c]

Also a list of what needs to be done can be used to justify extra people, new software, or new servers.

Re:Wiki

[yakatz]

Short of blowing it up and starting fresh, this is the best way. Kidding aside, I was in the same situation as you several years ago.
We happened to have Sharepoint already installed (as part of SBS2008), so we started using its Wiki feature for our documentation.
We use its lists feature to keep track of license keys and firewall settings (not in the same list of course).
Just make as comprehensive a list as possible.

you don't

[yincrash]

you hire more people and do a thorough job of cleaning it up or rebuilding.

Re:you don't

[Synerg1y]

Or bring in contractors / consultants and have them serve their part and then part ways, the biggest mistake you can make is taking everything on your shoulders, that = loss of life & health. It's a job and work != life.

Re:you don't

[Stargoat]

Bring in consultants to do a Network Security Assessment. Tell them what they will find. Use other people to deliver the bad news and refer to their reports when you want something.

Re:You don't

[Z00L00K]

A situation like that requires more than one person, but you can't hire a person to get the job done and just sit back - you need a co-worker with experience where you both can go at the problems and jointly analyze and discuss pros and cons of how to resolve potential bombs in the solution.

Going at a problem alone may sometimes be as dangerous or more dangerous than leaving the problem alone.

And if you are two at a job you have at least some backup if you get sick or have an accident.

Re:you don't

[tnk1]

Agreed. They should hire one other person, possibly a junior level person who can learn on the job and not hit the budget too much, and then use contractors to help with the clean up. That or use all contractors and hire the most promising one after 6-12 months. In no circumstances should you have only one person working an operational job if you can help it. That's like cheaping out on construction materials in buildings... low-cost, works great, until it fails catastrophically and the public calls for blood.

Of course, the problem is that, in the end, it is the executives and upper management who *should* be caring about this because they are the ones who care about the business as a whole. If there is a catastrophic failure which actually impacts business, who is actually on the hook for it? Maybe the IT guy, but it really should be on the backs of the bosses. When customers start dropping because you suck, the shareholders and the board won't give a shit about some IT drone, they will want the tangy taste of at least a VP to savor. Obviously, the IT guy could also get canned as well, but that's generally just collateral damage. Management has the power to hire and fire, but they need to use that authority to make sure that they get things done right. If they are just trying to scrape by with one person, your management is a problem.

Denning Cycle

[Colin+Smith]

HTH

We don't need to know you're single....

We don't need to know you're single....

Good luck at fixing other people's mistakes...

Re:We don't need to know you're single....

I suspect that he meant that he was only one person, as opposed to being conjoined twins and thus able to do 1.5x as much work.

The relationship status part can pretty much be assumed from him being a programmer, and posting on slashdot.

"A little over a month ago I assumed the position"

Dude, that is to easy. There are serious wiseacres on this board.

any management software?

[alen]

is there any software that alerts you something is wrong? at the minimum it will tell you what is out there? what about the backup software reports?

i use netbackup to back up our MS SQL servers and didn't like the built in reporting. i wrote my own procedure to import a few tables from the msdb database where the backup data is kept into a central database and use SQL Server Reporting Services to send daily emails of the latest backup times of each server/database. along with a few alert reports of databases that were never backed up or haven't been backed up for 7 days.

Re:any management software?

[Synerg1y]

PRTG monitor.

Welcome.

related story

[shentino]

Did the last guy outsource everything to india?

Re:related story

[Nethemas+the+Great]

I have a strong hunch that that is not funny.

Re:related story

it seems like the entire company's infrastructure is just a few problems away from a total meltdown.

That pretty much describes every shop I've ever worked in.

"Just Git 'R Dun!"

Re:related story

[Viewsonic]

For those outside of IT, probably not.

Re:related story

Did the last guy outsource everything to india?

If not, step 1...

Re:related story

[mdm42]

No, the "last guy" is also the one who runs the company. And set up the original systems. And wrote all that Perl stuff.

OP: Brian, is that you?

One thing at a time

[UberJugend]

Assess your most vulnerable items. If that is a server, a network component, application, database etc. Give them all a critical score. Share that list with your boss/manager and work the list one item at a time. You can't spread yourself too thin when working a project like this, so focus on one or two items at a time until you see a light at the end of the tunnel.

Re:One thing at a time

[RagingFuryBlack]

Probably better to start with "Well, what are my assets?" What things are currently plugged into my network? What purpose do they serve in meeting the objectives of the business? Once you know what is on your network, then you can start assessing what items are vulnerable. I've used NeXpose for vulnerability assessment as of late, but I'm sure there are other solutions, both proprietary and FOSS that can do the job. Many of these products will give you a total risk score and a CVSS score of the vulnerabilities on the system. Of course, I'd just start using these as a justification for more staff. You've got much larger problems than just security vulnerabilities. You've got infrastructure issues from the sound of it that need some serious man hours to fix. Use the security portion to light a fire under management's ass and get some new staff under you. Management reacts pretty quickly when they realize their compensation list may be available for download by the outside world from their internal servers.

Re:One thing at a time

[Nethemas+the+Great]

That's a great idea, but in practice you will be forced to spend 80% or more of your time pissing on all the fires. Very often you "are" forced to spread yourself thin, very thin, because if you don't the whole building is in imminent danger of collapsing around you while you are replacing the door.

Re:One thing at a time

[42sd]

If you do things too well, there will be no impetus for management to change. If you don't have time to correctly fix the problems you are just continuing your pain. Many of those problems/hacks likely exist because the guy before you was trying to get them features as quickly as they wanted and it snowballed on him.

It will likely continue unless you can communicate with management. I personally speak in too much detail for non-technical people and this has been a huge hindrance. If you aren't speaking on their level of understanding, you're Charlie Brown's teacher.

I'm not saying don't put in extra time to fix things. I am saying if they are going to keep expecting you to work miracles, that it's abuse.

People undervalue technical work. You see someone building a house and you know that it is an actual object. It has 3 dimensions. It has running water and can withstand all sorts of weather. You have a visible, touchable result. With IT work, all your doing is typing in notepad or clicking on images to them. You're effectively building an iceberg.

To the non-technical, programs are anthropomorphic. The program thinks for itself and it reasons about a problem on its own. If you're consistently hearing "all you have to do is" after you've already explained what you have insufficient data in order to make a decision, you're not going to make them happy. They will forget your compromise and continue thinking in their terms without any basis in reality. In that case, run.

Re:One thing at a time

[johnlcallaway]

100% agree. I've been in a few shops like that, and am in one now. Your brain can't hold all of the information.

But ... you can deal with chunks of it, and in the process learn how things operate. Try to find the low-hanging fruit, work on them. And don't just move them, take the time to make them work they way they should with appropriate automation, error detection, automated audits and simple recovery procedures. As systems get fixed, it will become easier to tackle the monsters.

But it will take a long time. I've been at my current job for 4 years, and we are now just getting to the point of tackling the biggest mess the company has. But in those four years, operations gets fewer aborts, things that do break give better messages, and restart procedures are mostly 'rerun'. So instead of spending half my time fixing last nights mess, I can spend almost 7 hours a day actually getting work done.

One secret has been to simplify. Instead of one program doing 20 different things, we have 20 programs and use a job scheduler (a real one, not cron or Windows Task Manager) to coordinate them. For instance, we load a lot of data into the database from external sources. Programs used to load and modify in one step. Now we load the raw data into a table, and if needed process it in a later step. In some instances, we have even separated data from one wide table with the original load data plus our analytical columns into two or more tables. While somewhat inefficient, the payoff is the vendor can change their delivery methods or we can change data vendors without modifying all the downstream programs. And some queries actually run faster because they don't have to do as many I/Os reading blocks with data they don't need.

None of this was planned out. We took discrete systems, modified, ran in parallel, then replicated into existing systems if we needed to. All the while new processes used the new systems.

The cool part?? No deadlines, no conversion nightmares. A few weekends here and there when needed, but it's been mostly 45-50 hour weeks because I enjoy the work, not because someone demands it.

Escalate

[sociocapitalist]

Brief your management on the situation. Explain what condition things are in and what is needed to get them into a manageable state. Give them a list of projects / tasks that you have to deal with and get them to prioritize.

Re:Escalate

[vikingpower]

Mod parent up. Make sure you have management backing - but truly, I am serious: DO make sure you DO have management backing ! - ,then get to work. Document as much as you can, then identify the hottest points, fixing them, one after the other. As you make your way through the mess, your understanding will deepen. Ask if you can hire an intern ( ? ). So, to summarize: 1) get political backing 2) document, document, document 3) fix, in single-tasking mode 4) if necessary, GOTO #1) For your next career move, this is great to have on your CV.

Re:Escalate

Most importantly, speak business to them, not technology, and phrase things positively. Say "this configuration was probably good for a smaller business, and it's still working OK now that we're larger, but if we grow too much more without replacing it, it will become more and more of a liability. It makes more sense to replace it now, so we can reap the benefits of it while we grow, than wait for it to become a hindrance that has to be worked around". And make sure to say things like "this will help John and his team over in accounting do their job more easily" or "this will save us $____ in the long run".

If you can, find some problem that a) is relatively cheap to fix, and b) the fix would be easily seen and felt by the users. Something that would publicly show "hey, I just fixed this thing", so when you go in to ask for money to replace more technical, behind-the-scenes stuff you can point at an earlier victory and say "this may not be as forward-facing, but it's just as important as ___".

Re:Escalate

[BlackSnake112]

You might want to check out who was on board with those decisions before pointing out all the flaws. If management was on board with those (bad) decisions, you might find your self in hot water with them. Now if you can go right to the top (CEO, company owner), you might have a chance. That is if that person takes you seriously.

If your predecessor had the backing of management, you might be signing your own pink slip. I have worked for places that upper management dedicated how IT was going to do things. Not just what equipment to get, but which programming languages to use, how to code, how to load the data, no use of automation, this is how long tasks take, etc. This was happening due to the marketing group making deals with people (in the places where I worked). The marketing group had management's complete attention. We got things done and on time, but at a huge cost to the well being of the people in IT. That place had 5 IT people and 74 marketing people. The marketing group called the shots. One example: At 4PM on Monday we were told we had to get this new store of 30 million items from 15 different sources up and running by Friday's 9AM showing to some company. New website, new database, new conversions from all the sources fixing all the data in 3 days. The marketing person set all the deadlines. We did it. Then 3 days became the new how long it takes to get a store up and running from nothing time. To this day I still do not like marketing people.

Re:Escalate

[gknoy]

I'd like to add that v1 above made a great comment too, namely that in addition to the crucial steps you mentioned, it's also important to keep management informed of your task list AND your progress on it, since often your fixes will be behind-the-scenes things that they may not notice. Make sure they know you're working hard to make their system better and more robust, do NOT assume that anyone else notices what you're doing.

Re:Escalate

[Decameron81]

Brief your management on the situation. Explain what condition things are in and what is needed to get them into a manageable state. Give them a list of projects / tasks that you have to deal with and get them to prioritize.

Its sort of unrelated. But my brother was doing some independent audio work for some VIP wedding in Italy, when he realized the electrical hardware & connections were a mess (meaning they were actually dangerous to use). He first talked with the management for the event and let them know about the situation. They ignored him. He quit the job, and was highly criticized for it.

As he was disconnecting all of his hardware with his team, a short circuit caused a fire, which fortunately was controlled easily.

The event's management immediately contacted him to offer him a formal apology and pay for the damages to his hardware. They also offered to hire him back, double the salary. The last part was kind of luck, but had the fire not been controlled as easily as it was, my brother would have shared the responsibility.

Long story short: sometimes you have to know when to step down.

Re:Escalate

[froogger]

This ^

Unless you have management with you on where you are right now, and what is required to get where _they_ want to go, you're not doing a good job. No matter how technical superb your solutions may be then, they'll still just be your solutions and not the companies. If you have an understand, there will be resources (or at least support for making the right priorities).

Re:Escalate

Indeed, make the management aware of the problem, and the need for action.
Without management support you will get nowhere and might as well start looking
for another assignment immediately. Once you have jacked up their awareness,
there are several methods out there to help bringing the infrastructure under
control.

Best of luck,
    - Pal

Re:Escalate

This is a good start. I would suggest using something like confluence to organize your notes and documentation http://confluence.atlassian.com/dashboard.action
The same company has a product called Jira which would be good to track the various projects and time you spend on them (tracking your time is the thing you can do for yourself in this situation). Put those tools in place first so you can track and document what you are doing for the company it will also help 6 mos later when you have to revisit an issue/device/configuration.

If you are going to audit I usually take a top down approach and get a list of all the applications utilized by the company. Track their software versions, dependencies on external tools (java versions, specific libraries etc etc). I would not focus on doing updates at this time, you just want to get a snapshot of the current environment. Track down as much about the application configs as you can and put those under version control or perhaps attach them to a confluence document (hell do both). Map the applications to which servers support those applications, which databases and database servers support the applications. Then audit the servers for their information. From the servers I would personally track the filesystems back to their source (local HD, SAN, NAS) and work document where stuff is located in your storage infrastructure. When doing the storage document the backup process and tape rotations (assuming they have such a process). Then audit the network switches and account for each and every populated on each switch.

Once that is done it possible walk the server room and list each and every piece of hardware found in every cabinet. Pull their serial numbers. Verify if they are on maintenance contracts. Now map those servers back to the applications, are there any servers that don't map to an application or service ?

Good luck, don't expect a lot of thanks or pats on the back for this, it is usually a thankless process from the idiots who allowed it to occur in the first place. Remember as you piece this puzzle back together you are basically reinforcing their notion that you can neglect you IT environment for a while save those $$$ and get away with it.

Re:Escalate

Long story short: Always keep a lighter handy.

Re:Escalate

[Naso540]

Great comment - you have to start with the mission critical apps for your business. I would also consider just cutting off some of the legacy problem by using SaaS services for all the basics: email, collaboration, payroll, sales, CRM, financials. You can then focus on the admin work on the core production systems.

I wouldn't worry...

IMO, don't loose any sleep over it. The description covers most IT systems.

Re:I wouldn't worry...

[mikael_j]

Sadly there's a lot of truth to this. In my experience the difference between most "good" and "bad" networks is whether the WTFs are vendor-blessed hacks or in-house hacks.

Of course, there are always those places where this is not the case but I've seen enough IT environments to believe that for a majority of companies this is sadly the state of things. If maintenance in the average factory was handled the same way IT is handled at the average company most machines would consist of approximately 30-50% duct tape, newspaper, string and glue...

Getting a Grip

[Dan+East]

Get a firm grip on your steering wheel, and keep your car pointed away from that company.

Re:Getting a Grip

[Hadlock]

This is the only solid advice I've read so far. Band-aid solutions are indicative of two things: too shy to ask management for a bigger budget, or management's reluctance to improve their budget. Generally it is the latter.

Re:Getting a Grip

[berashith]

agreed. As soon as I saw this was an IT department of one, I could tell the exact amount of care that management has on getting things like this corrected. These things are in place because management does not want to provide what is needed. If they only want to pay for band-aids, that is all they will have.

Present a quick hit list of what is most bad, and how much it will cost and how long it will take to correct. This will get lip service at best, and then witha clear conscience spend your working days getting paid to find a new job.

Re:Getting a Grip

[Atanamis]

agreed. As soon as I saw this was an IT department of one, I could tell the exact amount of care that management has on getting things like this corrected. These things are in place because management does not want to provide what is needed. If they only want to pay for band-aids, that is all they will have.

This isn't necessarily the case though. I have a friend who took over IT at a small business. When he walked in they were using pirated software and their IT was a complete mess. After he put in hours to get it fixed up (with personal support from the owner), they ended up offering him an executive position with a massive pay increase. Some small shops with one IT guy really just don't know what they are doing, and haven't had a person in the job to tell them what is being done wrong. Your advice is still good though. A person in that situation needs to test whether they have management support to do things better. If so, it can turn into a career making opportunity to turn things around. If you can't get the management on your side though, it very well could be time to start looking for another job with more supportive management.

Re:Getting a Grip

[Quirkz]

This is insightful. It's very easy for a single person to just kind of figure out "good enough for now" and then leave it. On personal projects I'm often guilty of doing something half-assed. (I wouldn't do it in a business scenario, but the next guy might.)

Re:Getting a Grip

[elashish14]

And don't drive in reverse!

Get management buy in...

[Lumpy]

You need to document it and get management to approve spending money.

I'll bet you $100.00 the band-aids are there because management refuses to spend money on Infrastructure and its' why it is a mess and the guy there beforehand has left.

99% of the time a hosed IT infrastructure is because management refused to spend any money so it had to be half assed.

Re:Get management buy in...

[javilon]

And once you have confirmed this fact, you should start searching for jobs instead of trying to redo the full IT structure of your company by yourself.

Re:Get management buy in...

This. Present the business case. Use whatever statistics you can get, get decent cost estimates. IT is traditional a money sink. If you want the budget to get it fixed, and you need budget to get it fixed, you've got to either show management the liability of not fixing it, or the profit in fixing it. Oh by the way, the answer is likely "no, and don't ask" so you've got to put a decent sales job into getting your business case read.

Part B: Does "thriving" mean "not losing money today", "making money", "growing" or "exploding"? That hugely affects the business case for IT upgrade, maintenance, clean-ups, etc. Your business case needs to tie into the coroprate growth plan. Read your management and see what they want to hear, and then tailor your business case to what they want to hear. In my case, that means writing the gold-plated business case that meets what management thinks they want to beleive that they can achieve, and then providing a business case that's the 80% solution when they balk at the bottom line. The 80% is what I need to do the job well and meet current needs, the gold-plated is assuming their growth predictions. Your management is (hopefully) different, so read what they want.

This probably means "as our sales increase, our IT support will follow this roadmap to increase profitability" instead of "this shit is all bandaids and about to fall apart." ... the first one makes you a team player, the second means you can't maintain the system that's obviously working, and should be replaced with someone who can.

Good hunting.

Re:Get management buy in...

I agree that this is my experience as well. The best thing you can do is to identify and document 2 or 3 business stopping potential failures. Next identify the most vulnerable systems and order them for a diagnostic process based on most critical. Prepare a plan with 2 alternatives. Initial plan is a fully funded review and upgrade of systems. Alt 1 is a review and repair of most critical systems with assistance. Alt 2 is continue with band aids. Be sure to identify the business activities that will be affected by the stoppage of specific systems.

Present that to Sr Staff and let them choose. If they choose Alt 2, find another job while applying band aids.

Re:Get management buy in...

99% of the time a hosed IT infrastructure is because management refused to spend any money so it had to be half assed.

In my experience, nine out of ten companies I walk into are more than thrilled to spend metric assloads of money.

99% of the time a hosed IT infrastructure is because ones predecessors were fucking morons.

Re:Get management buy in...

[LostOne]

The "refuse to spend money" thing assumes the company has the money to spend at all. This is often just not the case in the current economic climate. Consider how many small businesses are hanging on by a thread and simply do not have the resources to commit to even the most desirable improvements. And before you say that is obviously the mark of poor management, consider that many times the choice is between going bankrupt by spending money to fix a looming problem that has not yet materialized or staying in business another three months. How is choosing the bankruptcy option beneficial to anyone?

Sure, spending the money on a clean system that is not loaded with kludges, bandaids, and binder twine is the correct choice for the long term, but you cannot get to the long term if you completely ignore short term needs.

Re:Get management buy in...

[kiwimate]

Exactly correct.

Step 1.

Document. Look at your critical systems. Document what they are. Start at a high level - line of business, internal (HR, etc). Drill down - I have an Oracle server, I have a Citrix system to allow the users to remote connect, which uses a VPN, etc.

Cost: your time.

Step 2.

Prioritize. What are the most important systems? Start with the systems which, if they go down, will cause the company to lose money. Then the ones which support internal processes. Rank order.

Cost: your time. Possibly management's time - they may have input into priorities.

Step 3.

Audit. Start at the top and find out just what state they're in. If you don't feel sufficiently comfortable with a particular technology to do this yourself, hire an SME for a few hours.

Cost: potentially the consulting SME to evaluate various systems. Note - the initial contract is an audit, not a "find everything and fix".

Step 4.

Fix. If you have audit notes which say "this critical line of business system is on the verge of death and once it dies it can't be resurrected", that goes first. If you have audit notes which say "this is a system which provides some reporting capabilities and it's a bit shaky, but worst case is you have to reboot the server and the reports to management go out a bit late", not so bad.

If you get to step 3 and management won't pay, then you have a problem.

If you get to step 2 and management won't give up their time, then you have a very big problem.

A big question will be the level of support from management. If they are not supportive, or if money is tight and they say "we'd like to pay for the consultants but", then that's why you've rank ordered.

If they're cooperative but don't have the money, work with them to figure out some kind of timeline based on highest risk.

If they're stubborn, urgh, bad spot. Do your best to determine level of risk. Work with the company accountant to figure out the cost to the company if a critical line of business system goes down for 10 minutes. 2 hours. Include some waffle about reputation, if you can. Include any penalties or SLA violations, if you have those.

Re:Get management buy in...

[RobertLTux]

You may also want to see if you can cause/let a recoverable failure to happen (maybe in the department with the manager that is giving you the least buyin??) and then leverage that to get more buyin.

Your order of business should be

What will be/ reveal felonies in the exec suite if not fixed.
What will be an E-Ticket directly to Chapter 7
What will be trouble end of quarter
What will be trouble end of year
What will be trouble NEXT YEAR.

Of course pulling a BOFH and using a debounced hammer on some of the kit may also help if its planned right.

Re:Get management buy in...

I also vote for lack of money as the reason things were that way.

Have you asked for a budget yet ?

Re:Get management buy in...

I'm about to leave a company that wants to spend zero money on infrastructure (suspect the company is about to get bought out). I've got one significant server that is 13 years old... I'd be having a serious talk with management to find out the true issues.

Re:Get management buy in...

[Shadow99_1]

In my experience management tends to be the reason even if the previous person was a moron... I recall a place I worked for a few years back that the CAO decided running minimal power and heating in our building over christmas break was to expensive (and this in PA along lake erie, where we had tons of snow all winter). Funny enough he died from his cancer he'd been 'hiding' from us since he started there and I was called over break because they couldn't login (the power had been turned off, so even the UPS can't keep the Domain server up for the 5 days it had been since it had power). However when I explained the server simply needed turned on they were both unable to locate the power button on the server (tower configuration system, not rack) and unwilling to pay me to come in (They refused to hire me except as an hourly employee so they didn't have to give me as many benefits, technically I was required to take my vacation during this period as no work was supposed to be going on).

In a sane world the server would always have it's trickle of power and I'd have been more than willing to go in even if it was just to power on a server. Oh during the management transition I even got put on a 3 day suspension because I 'hadn't expressed how bad an issue was well enough'. I think when I spend days trying to tell them how bad a certain thing is and no one wants to listen it's amazingly stupid to discipline me for not being able to force them to listen to me... But that's my IT view of things, not a management view.

This sort of management usually gets what it pays for: bad service.

Re:Get management buy in...

So.... after reading all slashdot posts of this thread, kiwimate's rationalized strategy is the best to start with:
No psychology lessons in business practices, no narratives and morals, just how to work around facts.

I'd combine it with ScottyLad's nearby post about documentation to emphasize the priorities:
"""
My primary objectives are to implement some form of inventory control to document the what / where / why...

What - What have you got (servers, software, services, contracts, operating systems, databases, users)
Where - Where is it - where are your servers, what machine is this software licence running on?
Why - What is the Business Justification for this service - what is the Business Impact if this database stopped running tomorrow?
Once you've got to that stage, then you're ready to get in to the real technical details. Remember that you are pitching your documentation
"""
Notice the correlation with steps 1 & 2 of kiwimate's post? there you go.

Here is the bare minimum I strive to find/document once landing in a new complex IT territory, as parachuting contractor:
* Hardware Inventory (indexed by physical spot/rack/position; includes equipment names/tags & cabling summary) - ISO/OSI Layer 1
* Fabric Inventory (indexed by host or VM; includes hostname/IP address/MACs/network interfaces - ISO/OSI Layer 2 & 3
* Services Inventory (indexed by service name/type; includes which service/daemon runs where, which port, who are the users, related info)
* Network map (in effect the map is normally designed around the Layer 3 topology but often more complexity is drawn on it, on as needed basis)
* Services Dependency Diagram (this is how the web of services relate to each other, from foundations to higher level services - a Directed Acyclic Graph)
TIP: all you need to do this is often just a wiki and a diagramming tool; it can do miracles in moments of panic and dire need.
If job at this point has been done well, you should be able to tell with different combinations of failures WHAT may get affected and via which path.
Try to pick from the following list of suspects: a random PSU in the Data room, broken cables/switches, DNS or NTP services, LDAP server etc.
It will not tell you though, HOW big is the impact of the effect, if there is a serious one at all; that relates to business processes!
In short, you now have a good hold of the ingredients and delivery mechanisms of Services (hey, highlight this word).

This is the point whereby getting to know the business environment becomes unavoidable and you need to prioritize.
Management should tell you which services are critical and how much pain the feel when a given service is down.
I normally do a Failure Modes & Effects Analysis (FMEA) and assign Severity Levels to each potential trouble scenarios.
In the table, there should be a mitigation column and obvious things should appear up there: backups, fail-over setups etc.
The FMEA is never complete (due to "Earth is SPOF" line of discussion) but if you get a TOP10 you are probably bold.
That's when you can start giving back information to management layer and discuss with them options & refinements.
As said elsewhere, focus on cost/benefit of proposed solutions and remember they actually care for the $$$ numbers.
FMEA is not perfect but can be understood well by both technical people and management types. This is good ground.
Many discoveries and important conclusions are drawn by merely trying to improve the technical documentation.
The complexity of the analysis can be raised (eg. refine processes due to security or privacy concerns etc).

To summarize, controlling an IT environment cannot happen overnight because of the complexity and unknown layout
of the multiple software/hardware components and their interdependencies, which are often only found out after trouble.
The method described above asks for iterative improvement and serves as means to document business knowledge of IT sys

Re:Get management buy in...

I wish we could agree on the definition of terms here, when I read thriving e-commerce firm, I got 25%+ year over year growth for 3+ years minimum.
(I've seen sustained 40% growth in that field in fact, so triple growth[+200%] in 5 years could be a good ballbark[floor] figure)
Maybe it's just a case of thriving as "making ends meet and paying our shareholder"... I just resent that implication

2 Steps

2 steps need to be done: 1. Tell your boss about these terrible problems. 2. Demand more money.

this is a majorly funny story

[roman_mir]

Facts:

1. The job has lasted for 1 month so far.
2. The e-commerce company is 'thriving' apparently'.
3. All of the systems have been "reverse engineered" in that 1 month.
4. All of the documents are written in that 1 month.
5. In 1 months there have been: network and phone upgrades and database maintenance with Perl and it all has been 'immensely rewarding'.
6. The entire infrastructure is 'a few problems away from a total meltdown'.
7. Single person IT operation to do everything.

Question: is this for real? What's the size of the company and what's the budget?

Re:this is a majorly funny story

[Firemouth]

Give the guy a break, it's probably still his first day! To accomplish all of that, he probably walked in the door a month ago and since then he hasn't seen the light of day, walked outside, slept, or even eaten. It's a cry for help, don't mock the poor guy! Somebody, get this man a pizza and some ambien!

Re:this is a majorly funny story

[roman_mir]

I am not mocking him, I am just wondering if it's not another one of those 'sixth sense' situations? Is he sure he is alive?

Re:this is a majorly funny story

[methano]

There's something wacky here. A thriving e-commerce company with one IT guy, newly hired. Let's think of some more similar situations.

A thriving construction company with one hammer.
A thriving aerospace company with a big backyard.
A thriving hospital with a nurse and a veterinarian on staff.

Maybe I should read the article. Nah!

Re:this is a majorly funny story

[roman_mir]

What? There is an article?

I see dead people.

Re:this is a majorly funny story

[1u3hr]

Question: is this for real?

It's an "Ask Slashdot". They're as real as "Letters to Penthouse". Both carefully crafted to create a fantasy situation to excite readers. Read them if the subject is something you're interested in, but don't waste your time giving advice..

Re:this is a majorly funny story

[vlm]

My gut level guess is my house's IT infrastructure is more elaborate / complicated. Admittedly very little of my gross income depends on my home infrastructure.
My guess is he's a noob to IT. "'a few problems away from a total meltdown" describes every IT infrastructure I've seen in the past 20 years, including fortune 500 corporates. Nothing new there.

I'm serious about the house analogy. Just treat it like a extremely advanced home lan, except you have more time, and outages are much more costly.

I keep all my docs and manuals and data in GIT since its just me, and I replicate it all over. If there were more than just me I'd probably put it on a wiki instance. At all costs, stay ahead of the curve. For example, one hour setting up munin / mrtg / nagios saves ten hours of outage time. If you're neck deep in that extra ten hours of outage and "can't" stop fighting fires, stay up all freaking night or whatever it takes to set up the monitoring system. Even if its just you, set up a ticketing system to keep track of "forgotten" stuff. RT is free and works better than most commercial packages. Once you get the fires put out, start building up the replication. Multiple DHCP servers... Multiple replicated databases. Multiple backup hosts. Probably can't buy new, the good news is for a small network you don't need much power, so old/junk computers are OK. Those are less reliable? Who cares, I have four LXC hosts, each of which cost $99, any two of which can run my primary and backup mysql DB image, and all four have a backup of the current running DB copied to them daily (and burned to cheap DVD) so I can't theoretically lose more than a days data.

In summary, copy advanced home users in all areas, monitoring is critical, replication is important. Back up everything so many times to so many places until you can't think of any more ways to back stuff up. And automate the heck out of all of it.

And keep spare parts for everything. Your DHCP server doesn't care if its on a three ghz six core or a one ghz single core, but your users will care if there is none working at all because you couldn't keep spare hardware in a closet. If people are not accusing you of being a techno-hoarder, you're doing it wrong.

Re:this is a majorly funny story

[KermodeBear]

I don't see where he said that all systems have been reverse engineered and documented in one month; only that he is currently reverse engineering systems and documenting.

And, maybe this guy likes what he is doing, getting his hands dirty with network and phone stuff. And some people really like writing Perl (I don't; I think it's the devil's language). If he finds his work rewarding, who are you to mock him?

Re:this is a majorly funny story

[roman_mir]

I just googled 'letters to Penthouse' and I don't know why, but I found them about as informative as this story but they are definitely more titillating, and the pics are OK.

As to advice to the submitter of the story: I'd say never mind reverse engineering the whatever gizmo-thingy in that 'thriving' company, if it was thriving before you got there, nothing will change that, because obviously if it's thriving, it's not because of anything that the IT department is doing there.

Start a romance with somebody in sales, that would take the pressure off.

Re:this is a majorly funny story

[roman_mir]

Hey hey hey, when I say ALL, I do mean ALL that exist.

Just because you misunderstand this to be "ALL that CAN exist" doesn't mean that's what I said.

In any case, as I mentioned earlier here, nothing that he will do will have any effect on the company, because he said it's 'thriving', so if it's thriving, it's not because of whatever their IT dep't is up to.

Best advice is not to do anything, romance some sales ladies. It's a good gig he's got going there.

Re:this is a majorly funny story

[tlhIngan]

There's something wacky here. A thriving e-commerce company with one IT guy, newly hired. Let's think of some more similar situations.
 

Can happen. It may not be an Amazon, but you can have a thiriving e-commerce company that does basically "small business" type sales (maybe $1M/year is a good year?).

You can also have very technical people and engineers doing the software, so the IT guy's job is really just making sure things keep running. Hell, half the patches and bandaids may be there because some developer didn't want to bother it IT guy and worked around whatever issue they were having. Happens quite often, really - as developers push from development into QA and then production, they realize they need access to production data that won't be available until the updated system is pushed to production, so URLs and references are hacked around so it could be QA tested then pushed to production unmodified. The alternative is to have those resources pre-pushed to production ahead of QA testing but that's another whole can of worms involving production changes that can't be replicated outside of production.

There may be only one "IT guy" but 20 people who can also do the "IT work" if push came to shove.

Re:this is a majorly funny story

[justsayin]

Me thinks it might have been an OK system and is now f'ed up. I mean if you really did all that work and it is still a pile of junk then who is to blame?

Re:this is a majorly funny story

[justsayin]

I see dead servers.

Re:this is a majorly funny story

[sco_robinso]

I've worked for fairly small companies like this a while ago. To me, this means one of 2 things:

1. It's a very small company. You can be small and still thriving. Maybe it's a startup that signed it's first 100 clients. If the company only needs 1 IT person (programmer AND do it all), then it would very likely have to be a very small shop ( 2. It's a very cheap company. They hire the absolute bare bones, as they have a bare bones product (or an immature product). They need somebody to update code and content every now and again, as well as keep things "running", and thats pretty much it.

In either case, the infrastructure should be small enough to be able to overhaul it fairly easily. But as others have said, don't make change for the sake of change. Take a look back, use your experience to determine what needs overhaul, and develop a game plan.

Re:this is a majorly funny story

I love perl

Re:this is a majorly funny story

[pixr99]

Your DHCP server doesn't care if its on a three ghz six core or a one ghz single core, but your users will care if there is none working at all because you couldn't keep spare hardware in a closet. If people are not accusing you of being a techno-hoarder, you're doing it wrong.

I appreciate all you've written. In fact, I agree with it. However, I'd like to point out that places like the one described by the submitter... well, they don't use DHCP. They use a spreadsheet of IP addresses... in Excel format.

Re:this is a majorly funny story

[MattBD]

The company I work for is just over a year old (although the parent company is somewhat older), and is a UK-based e-commerce business selling veterinary supplies and medicine. The senior developer was the sole IT guy until I joined at the start of September, and another developer joined us in November. We do all the systems administration, desktop support and web development for the company, and there's a total of ten people at present. Not sure what their profit margins are like, but I see the running total of the sales every day, and sales tend to average around £6,000 a week, so turnover is almost certainly above the £1 million mark.

Granted, they have the parent company's resources to fall back on, but they very deliberately kept the infrastructure entirely separate from the parent company. Conceivably there's one or two people in the parent company who we could call on if necessary to help, but they'd probably only really be of any use for desktop support or network problems - the parent company's IT infrastructure is mostly Windows Server based, while all of our critical systems run on Ubuntu Server (we use Google Apps for email as well). Otherwise there's no-one else we could really call on for help. So it can be done - however, we're in the very lucky position of not having to deal with any kind of legacy infrastructure, so we're free to make the decisions ourselves. I can imagine things might be a lot harder in a longer-established company.

Re:this is a majorly funny story

[tengu1sd]

He's probably a new hire at t-mobile supporting Sidekick cloud storage. Or the last person quit after having his team rightsized down to a single person from a dozen.

Develop multiple personalities

[StillNeedMoreCoffee]

I refer you to Gilbert and Sullivan's Mikado.

Re:Develop multiple personalities

[Kittenman]

I'm here for you ...

Koko:. ... so I consulted the Attorney-General, the Lord Chief Justice, the Master of the Rolls, the Judge Ordinary and the Lord Chancellor. They 're all of the same opinion. Never knew such unanimity on a point of law in my life !

My previous situation exactly

Work planning. First, what are your goals - how do you want everything to look for you to be happy and comfortable with it? High level, followed by more specific details for each. Ensure that your design is flexible enough to allow additional features and functionality to be incorporated without a total revamp. After that's mostly done (it won't be complete at this stage), start charting expected timelines for tasks, dependencies, and costs. Go back and revise your goals the plan, to account for everything you thought of once you went through the first time. And since you've never done this before, go through it a third time and a fourth and a fifth - continue until you can make a pass without modifying anything significant. At the end of the main planning effort, you should have a timeline of bite-sized tasks that must be completed to allow other bite-sized tasks to be performed, along with their associated costs. Present the timeline, cost, and benefits to your boss. Get approval for the budget, and get to work. Document everything you do, or (if you're short on time) the dead minimum has to be documentation on the final results of each task.

It's the Eye of the Tiger!

[anom]

Just buy a few cases of your energy drink of choice and put Eye of the Tiger on repeat until you've got it all fixed.

I believe in you.

Re:It's the Eye of the Tiger!

[mtrachtenberg]

I believe in you too! Quit immediately and form your own IT outsourcing company. You are worth millions.

Re:It's the Eye of the Tiger!

I agree, but just skip all the in between bits, you know just do the montage and everything will be fixed in seconds.

Re:It's the Eye of the Tiger!

Fuck that, I believe in you enough that you could suddenly become a god in the Warp and start draining the souls of all of humanity to feed your ravenous hunger.

Re:It's the Eye of the Tiger!

Lesbians from all over LOVE YOU!!!

Speak UP

Tell/emai/post your opinion and observation, as detailed as you can, alongside with your concerns. Make sure your managers see it. Do not expect them to do anything about it. Do it for your own reference, so you may continue working normally. Do not overwork or overworry yourself, for that will not bring you nor the failing systems anywhere closer to resolution. Do your normal job, stay cool and speak up. You are in drivers' seat.

Sorry; Demng Cycle

[Colin+Smith]

above

just wondering

[shortscruffydave]

You say that this is a "thriving ecommerce company"...I'm just wondering how it's managed to achieve and maintain "thriving" status with a single member of IT personnel?

Wait a minute ....

[CuriousGeorge113]

"I assumed the position of programmer and sole IT personnel at a thriving e-commerce company."

Wait.... a thriving e-commerce company has one IT person? Am I missing something here...? No wonder everything was band-aided together. They have one person doing everything.

You may want to consider hiring an outside firm to come in and do the audit for you. The last thing you need right now, on top of your daily workload, is to perform an audit. That, and a third party firm creates a sense of objectivity, and would eliminate the "The IT guy wants a new toy" response from the CFO.

Backups

[slazzy]

Always start by making sure the backups are working properly.

Re:Backups

[TomTraynor]

Don't forget to verify that the restore process using the backups works too.

Re:Backups

This, this, a thousand times this! In reading this comment, bear in mind that I work professionally in backup and recovery; it has been my bread and butter for the past ten years, and I'm classed as a reasonably senior guy in that space. (Don't just take my words as gospel, though; consider how they fit to your situation. Then take them as gospel. :P )

I still remember the tale told by the trainer who was teaching the Legato Networker basics course I got sent on back in 2001. The customer was complaining about errors during the backup. He came in, pulled out the tape, looked at it, ran it through his fingers: "Hmm. I didn't know they made these in clear."

Yup - the magnetic oxide had been completely worn off. Chance of data recovery? I'll let you figure it out.

Backing up the data is only half the story, and it's the trivial half at that. Consider databases. I can backup the individual files that make up the database, sure, no problems! Will they be useful when they're restored? Probably not. Or I can back everything up to /dev/null - look, backups ran super quick today!

Any backup solution must incorporate regular recovery tests (application, full system, individual files - all of this and more). Ideally, the business should define its RPO and RTO (recovery point objective, recovery time objective: how much data they can afford to lose, and how quickly they need to get the system back up and running) for each system/application; that then determines how much money you need to spend to provide an adequate system.

Good luck!

Be a hero

Pull out a shotgun in the middle of a meeting with management and splatter your brains on the wall behind you to the shock of all your coworkers and management.

Report and plan

Report the problems to your supervisors immediately. Let them know what you plan to do to address the problems and if you need any additional resources (like extra staff, overtime or an adjustment to your schedule so you can make major changes when no one is using the system).

It important to keep them in loop so they can make decisions based on their budget. They need to be aware of their dependence on the system, its fragility and the need to invest to ensure its continued survival.

At some point, decisions about where to invest need to be made and keeping those decisions-makers informed is important.

And

[NEDHead]

we've been running ever since..

Start at the bottom, work up

[gatkinso]

By bottom I mean the servers that the least number of systems depend on.

Get them humming, with an eye toward your migration path.

Then, be methodical. Backup everything often. try not to do anything easily not easily reversed, and let the folks know the true state of their systems.

This actually sounds like fun.

Re:Start at the bottom, work up

[DrGamez]

This sounds like fun because it's not your job/reputation on the line if shit does eventually hit the fan. I fix computers/networks for a large restaurant chain, and when the servers blip or the shoddy computers decide to restart (our IT "department" is also one guy, I'm the poor sap he got to help him on the side) it's 30 minutes of chaos and panic as servers, customers, cooks, and management all lose it. I cannot imagine the amount of work and sheer terror that would come with having to do a full audit and begin to start fixing some of the real big problems WHILE keeping the networks still up and running. It sounds like the problem the author is describing needs a weekend of just everything turned off and a good 48 hours spent investigating all problems that you can see. It sounds like fun to the parent because it's some great problem solving on paper; it isn't his network and job on the line.

could be worse

All I can say is that it could be worse- at least the guy isn't still there defending his band-aids.

You dont ...

Advise your boss that an audit is in order due to these anomolies that you have found. Recommend to the financial controls / legal team that they bring in an outside firm to come in and look over the infrastructure and where needed, upgrade your code / configurations / infrastructure to industry best practice.

Re:You dont ...

[Bill,+Shooter+of+Bul]

If he's the only IT/programmer guy, how bid do you think their financial controls / legal team is?

Relax and take small steps.

[MatrixRunnerWork]

Relax it has survived so far, so likely it will continue as long as you don't make huge changes without a back out plan.

Get a security scanner software or pay someone to audit the external facing servers, that helps build confidence or scare you silly. Most things found in that kind of an audit are fairly easy to fix and low risk (patching software, limiting unneeded services and such).

Second get everything into some form of revision control that is possible. Source, images, web pages.

Back up everything into tarballs or zips so that if you make a change you can undo it quick if it goes poorly.

When it comes time to make changes do a small one first, like updating the copyright at the bottom of the page, re-deploy everything, test as best as you can. This is a confidence building measure then advance on to larger changes ...

Make sure your boss understands the current state, so it positively, since after all they hired the person before you ...

Before you do that

[Colin+Smith]

Make sure you know what you've got. That means a db and an automated inventory tool. Installed & managed by above management engine.

Then decide what services are missing.

Then automate the rest with the management engine.
 

Step by Step

The very first thing I would do is back everything up. Image every drive.

Next, do a Risk Assessment.

If this system goes TU, how bad will it be?
What steps can we take to help ensure that doesn't happen with this system?

Now come up with a plan of action.

Here are the show-stoppers I found
They generally fall into these categories.
This category can be solved this way, making for a more reliable system
This category can be solved this way, giving us better capabilities.
This category can be solved this way, saving this over time.

Here are all the bandaids I found.
They generally fall into these categories.
This category can be solved this way, making for a more reliable system
This category can be solved this way, giving us better capabilities.
This category can be solved this way, saving this over time.

If it works, don't fix it.

[Okian+Warrior]

You're going to spend time rewriting things that currently work? That's a recipe for disaster.

Unless you can predict when something will fail (as in - the database uses 16-bit indexing, so when we hit 65,536 orders the database will crash), it's much more effective to leave things alone.

Wait until changes are needed, then straighten out only those pieces that you have to touch when implementing new functionality.

Work to a benefit. Unless you can point to some aspect which will change in a measurable way (it's crashing frequently, it will crash *less* when I'm done, it will cost less in terms of server rental, &c), leave it alone.

Re:If it works, don't fix it.

[bill_mcgonigle]

Unless you can predict when something will fail (as in - the database uses 16-bit indexing, so when we hit 65,536 orders the database will crash), it's much more effective to leave things alone.

You're advocating incurring short-term benefits at the expense of the long term problems.

This guy probably has dependencies that will take days to figure out are even there and "when everything is down" is the wrong time to begin that discovery process.

In addition, he won't ever be able to scale or add new capabilities in the current state.

Only if his goal is to collect a paycheck for a short period of time and get out should he engage in that sort of Wall St/Congress 'thinking'.

Re:If it works, don't fix it.

[shentino]

If you pass up a short term advantage your competition may gain enough market share to squeeze you out of reaping long term benefits.

Re:If it works, don't fix it.

I use signed INTs you insensitive clod!

Re:If it works, don't fix it.

[bill_mcgonigle]

If you pass up a short term advantage your competition may gain enough market share to squeeze you out of reaping long term benefits.

remember, the systems are all down in the long-term. That's the point at which competition can really come in and crush you.

Re:If it works, don't fix it.

[shentino]

If we're both right the solution seems to be to get it right from the beginning and not let it get screwed up to begin with.

Re:If it works, don't fix it.

[bill_mcgonigle]

If we're both right the solution seems to be to get it right from the beginning and not let it get screwed up to begin with.

100% agree. But look up at the title bar. :)

Easy on the finger pointing

No offense, but if you don't have the necessary background to know what/where the tools are; who are you to say everything is band-aided? I see this a lot with new ITs, they see something different than they would have done and instantly label their predecessor a moron; later to make "their" change and break everything. Easy on the finger pointing.

The first thing you need to do is make a comprehensive assessment; don't jump in and start making changes until you have documented everything. If you can contact your predecessor and ask about design and/or documentation that may be stored in an industry standard tool that YOU are unaware of; do so. Once you know how all the pieces move, then start to plan how to improve/repair it. If you dive in and it breaks, you will be blamed; if it breaks and you fix it with minimal down time, you're the hero.

If you ask me...

The fact that you don't know the answer to any of these questions shows that you're really no more qualified to be the sole IT personnel than the last guy was.

3rd time's a charm

[Colin+Smith]

Deming.

Re:3rd time's a charm

[Nethemas+the+Great]

That's lovely and all but where do you get on and where do you get off that crazy merry-go-round?

Re:3rd time's a charm

[Colin+Smith]

Get on at Plan usually. "How do you want everything to be?"

You don't get off.

You'll find it in use under various different names in businesses, from software to cars.

Bandaids?

Are things working? What you call "bandaids" may be actually decent solutions you don't yet understand.

Stop worrying about a "meltdown" and just get to work.

1. Back up everything. Don't start messing with things unless you're sure you can revert them back to their working condition.

2. Document things as you understand them.

3. Pick just one network element at a time and see if you can simplify it. Clean it up. Remove unnecessary junk. Check to make sure it operates as your documentation indicates.

4. Test. Test. Test. Remove the element from the network. Does the network fail as expected? If not, figure out why.

5. After you feel good about the network element, move on to the next one.

6. Lather, rinse, repeat.

Just move carefully and methodically. You'll eventually have things cleared up.

inherited it mess

Welcome to the real world. That fact that you are the only one who even appears to be concern about the situation should be your first and only clue, as to what your employer considers to be critical, essential, important, and last but not least profitable. Are you sure that they are profitable?

What, where, why...

[ScottyLad]

I've spent the best part of my career undertaking tasks like this (as an external consultant), with my average time on an assignment lasting somewhere between 18 months and 3 years.

My aim on every project is to make myself obsolete - in that I try to get documentation up to a point where a suitably qualified individual could come in, read the documentation, and work the rest out for themselves.

My primary objectives are to implement some form of inventory control to document the what / where / why...

• What - What have you got (servers, software, services, contracts, operating systems, databases, users)
• Where - Where is it - where are your servers, what machine is this software licence running on?
• Why - What is the Business Justification for this service - what is the Business Impact if this database stopped running tomorrow?

Once you've got to that stage, then you're ready to get in to the real technical details. Remember that you are pitching your documentation to your successor, or to some imaginary "suitably qualified individual", so documenting what a system does and why is a higher priority than commenting every line of code.

It is possible to do with one person, depending on the size of the organisation, it can be particularly rewarding to do on your own - in a small business you often find some of the users have a good understanding of some of the systems, or are keen to learn.

You stated in your post that you've assumed the role of programmer and sole IT personnel - which means you need to learn to think like a manager as well as a techie (which is harder than most people imagine!). Once you learn to focus on the business priorities, you'll understand where to begin with the technical detail, and what level of documentation is required.

Re:What, where, why...

[Okian+Warrior]

Well, let's look at it rationally.

Every decision you make should be weighed using the risk/reward formula.

I'm advocating short term benefits at the expense of the long term problems times the *probability* of long term problems.

If there are no long-term problems now, you can't really say what the probability of long-term problems is at the moment. Indeed, the most likely expectation is that there will be *no* long term problems in the future.

Plus, there's the very real possibility that any changes he makes in anticipation of potential future problems will in itself cause short-term problems.

It's not that I'm advocating against fixing broken code, I'm saying that you take risk/reward and expectation of benefit into account.

Sometimes it's not enough to be right - you also have to be effective.

Start with the basics

Start at the basics of the network.

Switches / routers / firewalls in good condition? How are the logs?
Then move on to the server health. Event viewer good? Whatever server management hardware they have is happy? Warranties, all that stuff?

Just work your way down the path.

Speaking as someone in a similar situation

[bravecanadian]

The situation being understaffed and underfunded but expected to keep everything working... my advice is get out while you can.

It just isn't worth it. The reason why the systems are all patch and duct tape is because they think cheap is good management - and the longer you keep it running the more it proves it to them.

And hey, their new boat they bought with their bonus for keeping expenses down is awesome!

Re:Speaking as someone in a similar situation

[DrGamez]

And hey, their new boat they bought with their bonus for keeping expenses down is awesome!

I'll give them a little more credit than this, a lot of management sees IT as a sinkhole for money - every time the IT guy comes to talk to them it's to say "x is broken and we need $y", and after a while they will become less inclined to spend money on the department. The issue with this is IT is another expense, just like any other expense a business needs (insurance, power, payroll), and it will not go away when you "fix everything" because there is no such term in a universe with entropy. I say keep your management inform of WHAT you're doing, even if it's to say I did x, y, and z, and it cost the company nothing extra, also it might save us money. This keeps you in closer communication with the higher-ups so when the eventual time comes where you must upgrade/replace something they will be more inclined to see your value. (Note: why does "an universe" just sound wrong?)

Start over... slowly

[rabenja]

I was in much the same position 12 years ago at this company. I am now CIO with 7 people on my team with several business partners to help manage the infrastructure. My advice for what it is worth:

• - Take time every day to assess and analyze the bigger picture before allowing yourself to get drawn into the details.
• - Look at the entire system from a risk mitigation perspective. What areas are most likely to cause "meltdown". Spend the most effort there.
• - What are incremental changes that can be made that improve the overall risk picture? Focus on the biggest bang for the buck.
• - Defer anything that works well enough for the time being.
• - Avoid big bang solutions unless they can be contained and tested well, with the capability of rolling back.
• - Get help where necessary.

Upper Management Buy-In

[cogeek]

First thing I'd do would be to document the issues that you've found. Talk with your immediate supervisor, explain the issues and the plan that you've come up with to address it. Without upper management buy-in, you're doomed from the start. Look for free/low-cost management utilities out there. Prioritize the issues you've found and start tackling them one at a time. If you make your supervisor aware of the issues and provide an overview of how you plan to deal with them, they'll be a lot more understanding if something does break in the meantime than if it comes as a total surprise.

How big is the IT system

[Murdoch5]

Explain to management that the total fruit cake in the job before built the system in suspended failure and one wrong move or random move will bring everything to a halt.

Once you have there attention just start fresh, so rebuild the most broken part of the network on a new system and slowly rebuild and re-factor from there. It will be a lot of work but if done carefully it will save the current mess your stuck with.

Re:How big is the IT system

[sco_robinso]

This can be dangerous, politically speaking.

Very, VERY often in small companies, a 'friend of a friend' did the IT work before they decided to hire a full time person. Put your feelers out about the previous IT guy FIRST. The last thing you want to do is sit down and explain to the owner how the previous IT guy was a retard, and then he says 'that retard is my brother in law'. Get a sense as to what they thought of him previously. If he/she was a well loved person around the office, and you come in guns-blazing bad mouthing them, your credibility will be shredded instantly.

And maybe it's not the past person's fault? Maybe management was stingy, and more or less told him to do things as cheaply as humanly possible? Many startups (and charities) are like this. Maybe that previous guy was actually doing a half-assed decent job, given the conditions. There's been times where I've looked at things and wondered why on earth it is the way it is, and then after a couple weeks/months, I realized the factors behind the decision. Maybe the past IT guy was a saint (at least in the eyes of the business).

Bottom line: Unless something is about to literally explode, get a sense of things first. Be careful, get a lay of the land, not only technologically, but POLITICALLY as well. It's usually not so simple as going in a bad-mouthing the previous decisions. Maybe the founder/owner/ceo is a bit technical himself, so you don't want to spend an hour poo-poo'ing his own work. Approach with tact.

Plan out restructure

[Keiichi25]

First thing I would recommend is plan out a restructure and rebuild of the setup. List off the critical needs and why they need to be covered. The problem most companies do not understand about IT is that in the process of cost cutting, the critical structures your previous guy was forced to skimp on will cost the company in the long run due to you trying to maintain as much as you can. Underline the need for the restructure to avoid meltdown. The upper management needs to understand that while you can try to support with minimal costs, the catastrophic repercussions come up when you have no fall back due to cost cutting and the number of days it takes to get new hardware or rebuilding of a system back to the level of functionality. A minimum of 2 days to get systems back to functionality and a dead stop to any other support while the critical systems are being rebuilt. As someone else mentioned, hiring additional support will help, but it will not help in the situation of a production level dead stop due to critical systems not having redundacy or planned upgradability. Lastly, underline the necessity to not cut back on maintenance. Running at bare minimum and no maintenance support will cause long term cost overruns as being the only person who has to maintain it will also cause long term burn out and higher turn around of IT workers, which will cost them again in the long run.

Re:Plan out restructure

[zlives]

Memo's cover your ass. Document your concerns, create a timeline to formulate a plan. Plan and then implement.

Rebuild

[goathumper]

The truth is if it's that fragile, then recovery or repair are not options because you never know when you'll be done. Your best strategy is to rebuild. Organize the rebuild jobs from smallest (simplest, or least-complex) to biggest, and start from the smaller ones.

Importantly, you need to understand what your infrastructure does and why (which you claim you're already trying to do). However, the most critical point is that your superiors understand what you're up against and the risks they bite into if they choose to not go forward with the rebuild(s).

Once you understand what it is you need to rebuild, then you can do it properly: document the strategy to be followed (and incredibly important is that you document the key reasoning points behind the decision process), and plan out the implementation. If your superiors find that it consumes too much of your time, try to talk them into hiring (one? two?) more folks to help you hold the fort while the rebuilds are in progress so the day-to-day isn't left in the lurch. I had to go through this type of a situation recently and the end result of the rebuilds was that the previously inevitable downtime went away almost completely (only ISP outages were an issue). Deployment of new servers was cut down by 95%, and tons and tons of other benefits. Biggest of all: by the time I was done, everything essentially ran itself and even on the end-user support things were almost automated (granted, 99% of my audience were tech-savvy so they didn't need much help anyway). 95%+ of my time was spent just scouring logs and servers to ensure everything was running smoothly (which it was).

Then again, the key point was selling my upper management on the fact that my predecessors had done such a lousy job of setting everything up that trying to fix it was more expensive than a from-scratch rebuild, and that they were one fly's fart away from a catastrophe. You don't need to scare them shitless, just point out where they are and what they're up against if a rebuild isn't even done (even rebuild of only SOME of the systems can make a huge difference). Make sure it's clearly stated in writing (a "big" e-mail explaining the situation clearly to get the ball rolling usually takes care of that).

Key thing: DO NOT try to fix or recover the old stuff - if it's really as messed up as you suggest, you will consume comparable amounts of time to a rebuild, with none of the benefits and the added risk that you didn't fix all the problems because you couldn't spot some of them.

One other thing that served me well in terms of plotting my strategy: take the approach that I'm building something and going to be fired the day I'm done, and whatever I build needs to be inheritable and clearly understandable by my potential successors. This angle will encourage you to keep it simple, stupid, well documented, and easy to maintain/audit. In the end, this is why your predecessors sucked: they didn't think they'd eventually (be) move(d) on - but in IT, that's the one constant: staff rotation.

Inventory and Asset Managemetn

I have done this for a lot of companies here that have sold, gone on their own, or been taken over and have a ton of IT stuff that one person needs to figure out what is what. Get a list going of every network device, info on it, and what it is running. Once you accumulate that, you can get its version and age and take it to certain groups and determine its critical need in the company. Sometimes, things change and a server that was once critical and would think needs to be upgraded or replaced can be decommissioned or moved to another cluster or server. Once you break up your equipment into groups and critical risk, you can then plan upgrades with your capital you have each year and possibly support contracts.

First things first.

This is a delicate balancing act, because by seeking out and acknowledging the problems you are essentially taking ownership of them.

The first thing you should do is let your supervisor know what you are planning on doing and getting a committment from them for dedicated time to fix the problems. This is essential.

If you don't get this time committment, you need to dial back your eager beaverness. Keep letting them know that the audit needs to be done and give a few examples of issues that need to be corrected. When you are working on other tasks, mention that this would be a lot easier if X was fixed, but that it needs to be fixed from the ground up, and again, push for time.

Otherwise what is going to happen is you are going to basically be building yourself a pile of work that is now deemed critical (especially in the event that something horrible does break), that your boss considers you responsible for, but no spare time to fix it. "Oh, just fix things as you see them!" they will say, which when some major infrastructure component and supporting services needs to be rebuilt, is completely impossible. Now instead of being the hero that helps them recover from the jerk that was there before you, you are a scoundrel who did not save them in time.

Get the time committment for the full scope of the work that needs to be done. I'm telling you, this is important, because when it comes time for someone to take the blame, it isn't going to be your boss.

Backups...

[David_Hart]

As has been mentioned, begin with making sure that you have backups of EVERYTHING. Backup, perform test restores, fix any backup issues, rinse, repeat.

1. Backups: Backup, perform test restores to VMs, fix any backup issues, rinse, repeat. Make sure to examine backup logs every day for the first month or so, and at least once a week thereafter.

2. Monitoring: Implement basic monitoring, including your backup system.

3. Infrastructure: Use the monitoring to fix any infrastructure issues such as overloaded servers (high CPU, memory), overloaded network uplinks or slowdowns (high bandwidth usage, incorrect speed and duplex settings), etc.

4. Applications: Use the monitoring to find application issues. Some may go away as a result of fixing infrastructure issues. Others will require support calls to vendors.

Me too

[weave]

I walked into a similar nightmare two years ago. Before I even took the job I assessed the situation and gave them a proposal for what needed to be done and a price estimate for the software and hardware. I told them I would not take the job unless they committed funds to support the function. I also warned them that there were numerous ticking time bombs and I'll defuse them as fast as possible but there was no magic fix and it would take some time and they could have a disaster still

I then convinced them to only hire me part-time and to also hire a part-time desktop support person for a few reasons including they don't want to pay me to do that and having two IT people at least gives you some continuity. Even if the desktop support guy doesn't know the high-end stuff, if I leave the desktop person can still guide the new person and save them a lot of time I never got.

My line of attack was:

1. Back up data. Wasn't easy. They had old cart tape drive units that were problematic. I ended up getting cheap TB externals to at least make mirrored copies of things. But at least if there was a disaster, I'd have their data safe somewhere -- even if it took me weeks to reconstruct systems to use it.
2. Secure data. Everything was wide open. All domain users WERE DOMAIN ADMINISTRATORS. Locking that down was a pain. An understanding of what would be impacted ahead of time would have taken months, so I didn't tell anyone what access they had, then started removing people from domain admins a few at a time and waited to hear what broke, then fixed access issues. Not user friendly, but getting that under control fast was necessary.
3. Renovated room with servers in it (that were 5+ year old deskside servers) so as to accommodate a rack with proper A/C flow, electrical feed, and physical security.
4. Had them throw ~$50k into a virtual infrastructure and SAN, then virtualized all their old deskside servers until I could migrate apps on them to fresh OS installs. Used Vspehere's DRS product to back up the OS images and data to another system I had them buy for their other site (thankfully not too far away and connected by fiber)
5. Identifying all in-house written programs and finding turnkey solutions to them, preferably cloud-based to reduce their dependency on in-house IT staff in future.
6. Documenting everything as best I can as I go.

Getting back to original point, a one-person IT shop is suicide. Them having a two person part-time crew is better because if one leaves, at least the other can provide some sort of continuity -- and that happened already. The fairly young guy I hired for desktop support two years ago died last month :-(

Re:Me too

[[ The fairly young guy I hired for desktop support two years ago died last month :-(]]

Did the job kill him? I've heard tales about desktop support; you were right to push that work off onto someone else.

Re:Me too

The fairly young guy I hired for desktop support two years ago died last month :-(

Always mount a scratch desktop support guy.

how do you as a single person?

[nimbius]

its simple, you cant. you can however make a resounding case to your employers that you will need more help. learn more about the business, how it works, and interrelate your infrastructure to their bottom line in order to secure extra funding and more hands. management is tasked to ensure you as an engineer have everything you need to do the job, and if your job scope has grown then so to must your resources.

do not try to handle the entirety of the infrastructure on your own; help desk, development, and sysadmin. I pulled that plate-balancing kind of act for the first three years of my career and it amounted to a thanklessly low paying job, a long commute, and an unrelenting amount of stress. if there are bandaids placed everywhere then its because the last guy couldnt communicate the things he really needed (servers, cooling, switches, a real lunch break with actual hot food.)

Re:how do you as a single person?

[DrGamez]

I swear every one of these stories are the same. Occupy Fry's until the plight of the IT worker is known. WE ARE THE (keepers of) 99% (uptime)!!!

Get help

[iB1]

If the systems are really that close to collapsing, then you know as well as I do that it'll happen at the worst possible moment, and you will get all of the blame for it.

Talk to your boss ASAP and highlight where the issues are and explain to him in monetary terms what will happen if the system screws up / how much time will be lost.

Push to see if you can afford to get someone else hired - even if it's a junior network engineer. You need to share the pain before it consumes you.

Re:Wait a minute ....

[vlm]

You may want to consider hiring an outside firm to come in and do the audit for you. The last thing you need right now, on top of your daily workload, is to perform an audit. That, and a third party firm creates a sense of objectivity, and would eliminate the "The IT guy wants a new toy" response from the CFO.

And make sure not to hire an outside firm that consults on outsourcing IT support. Security firms are pretty good at general IT auditing in addition to strictly security related analysis.

Define your goals.

[scamper_22]

The first step is to define your goals. What do you want out of this?

1. a job
2. learning new skils
3. leadership
4. a chance to grow in the company

If you are the sole IT/programmer person, this is a company in dire need of management with clue as to IT. You could be that change and end up being a manager of IT for this company. You have to work you butt off, fixing things, dealing with budgets and hiring staff. Can you deal with upper management to accomplish everything? That's up to you to decide.

What I won't recommend is killing yourself for a company that is unwilling to learn from its mistakes and do it right. In that case, just treat it as a good learning opportunity, but don't kill yourself. They won't always be able to hire a superhero to come in and keep things running. Or if they do, it will be a well-paid consultant and they will learn their lesson quickly how much it costs.

There is a reason this company has such poor IT systems. You could up being the IT guy in a long line of IT idiots.

Re:Define your goals.

You speak truth, but sometimes it's fun to be a badass and play superhero. Certainly not a position you should rely on, though.

If you have to "ask slashdot"

It sounds like you're already fucked.

Find another job

Your the sole programmer and IT guy for a "thriving" company? That's not thriving. That's life support. Find another company and let nature take it's course with these guys.

Money is the last step not the first

[sjbe]

99% of the time a hosed IT infrastructure is because management refused to spend any money so it had to be half assed.

It is certainly true that a great many companies are penny-wise-pound-foolish when it comes to IT but it is VERY premature to jump to that conclusion here. I've seen almost as many cases where companies over spent on IT for things they didn't really need. My current company has a piece of accounting software that is seriously overkill for our relatively pedestrian needs. Cost our company $80,000 when $3000 on Quickbooks Enterprise would have done the job fine. ( Bought by the previous owners who were all engineers without a lick of business savvy)

In any case it is much more likely that any "half assed" solutions were due to a lack of competence rather than a lack of money. It sounds like this guy has done a lot to improve things without throwing big bucks at the problem so I'm inclined to suspect his predecessor was not especially gifted.

Money whipping a problem should always be the solution of last resort. While it is certainly possible this company isn't spending enough, you don't spend money on anything without a reasonable expected ROI. Spending money as a first impulse usually means you haven't really thought about the problem sufficiently and are just assuming that a more expensive product will solve all your problems. If I hired an IT guy and the first thing out of his mouth was that I wasn't spending enough I'd be seriously worried.

Re:Money is the last step not the first

Spending too much on frivolity is equivalent to or worse than not having a budget if the purchases are made irregardless of expert advice.

Re:Wait a minute ....

[pz]

Agreed. And talk to the outside auditor to make sure they strongly recommend hiring at least one other IT person.

What happens when you're out sick?

What happens when you want to take a vacation?

What happens when the servers die at 4am?

What happens when Hotmail refuses to accept connections from your company, and then Google Analytics explodes, and then your merchant account service stops processing your transactions, and then the marketing DB goes down, and then the phone systems stop working?

You want AT LEAST one other person helping with your job.

Slowly...

[NitroWolf]

Slowly and carefully... You'll probably never get done and in the end you'll be applying similar band-aids to get things running/keep things going as your predecessor did. Then you'll leave and someone else will come in and the cycle will start all over.

Good luck and god speed, sir.

Re:Slowly...

[justsayin]

So true, so true. You just described my whole career. I'm gonna go cry now.

I work for a small ma and pa e-commerce company...

We are utterly puny and irrelevant. About a million in annual sales. The upside is our sales are all add on sales, so we are almost all profit, except for IT and fulfillment costs. It takes 5 of us to keep this thing running, that is our entire staff. This guy is smaller than that. It is hard for me to imagine a company smaller than our operation. Like the only thing smaller than us is the couple that buys stuff at garage sales and puts it on ebay.

If this guy is for real, I suggest taking all of the servers and crap and throwing them away, and get a nice e-commerce storefront from a reputable dealer. For something this small, if the LAN is something more than... A wireless AP router, with a cheap wifi card slapped into each of the computers, he is spending too much time and effort on it.

Ditch all that pearl crap, and go buy yourself a few copies of Excell. That is all the database you need at this point.

This unit is too small for even a key system for phones. He should consider just getting everyone a set of headphones, and have everybody do this on skype. Or just a couple of POTS multi line phones.

But wtf??? He shouldn't be doing anything with Perl and databases until they are generating a few thousand records a day. I mean in our company, with about 30-40 orders a day we fit very nicely in Excell...

Hire me!

[Shifty0x88]

Hire me to come in and help you out!

Did this 3 years ago.

[jzarling]

3 years ago I was dropped into a very similar position at a small state agency.
I had some documentation, a server names list, passwords, and licenses lists. I first addressed the issues with desktops, and shored up the servers. What probably saved my sanity was I was tasked with moving most of our servers to a VM environment, and could setup things in a documented manner.

In this situation currently.

[YojimboJango]

The number one best thing you can ever do in your situation is ask your bosses what they think the system should be doing.

Step 1: All the squirrelly business logic and the rationale behind each system you have to maintain should have a plain text description. You have to know the 'Why' before the mess of band aids that is the 'How' will ever make sense. Have your boss (or his secretary, or whoever) document it and get it to you. Do NOT do this step yourself. Repeat do NOT perform this step.

Step 2: Put out fires till someone not you finishes step 1. Start making backups of every last scrap of data you can get your grubby hands on.

Step 3: Once step 1 is done compare it to the mess. Note where the realities that are in your bosses head diverge from what is actually happening. Your job is to now create a detailed functional spec that takes what your boss says, and expand on it with what is really happening. Try to include worst case scenarios and document them as intended features.

Step 4: Have your boss and sales and marketing, and every other top level manager sign off on it. This will not happen. No two managers in your company will fully agree on what the current system is actually doing. Your goal is to figure out what sales and marketing are telling your users that your products do. Do not disregard this step or it will come back and bite you very hard.

Step 5: Once every department actually agrees on what your job really is, you will be well equipped to start the long process of fixing things. Again make lots and lots of backups. Management will sign off on step 4, then you'll fix a gaping security hole, and some customer somewhere will throw a raging fit because sales promised that they'd be able to get admin access to your databases or something ridiculous.

Step 6: Don't be an ass. When step 5 inevitably happens, explain the miss-step in communication graciously, and roll back. If you pulled not being an ass off properly, you now have a great platform to explain to management why X was a bad idea, and present an idea to fix it.

I'm a grizzled vet to your situation. If someone would've told me what I just told you when I started out, there would have been a lot less headache and stress. Hang in there, it can be an intensely rewarding experience.

Quit

[geekforhire]

Obviously they hired the wrong replacement if you are asking these questions. This is IT 101.

Don't attack everything at once

[gmuslera]

Set a goal on how all should be working and evolve each area toward that goal, one by one. Be sure that the old sections keep working with the new ones, keeping mostly the old code till their turn comes. Will be an iterative process as the definition of the goal architecture probably will evolve, both by future needs and to do less work accomodating old things that are good enough.

Re:I work for a small ma and pa e-commerce company

[roman_mir]

I think you missed the part where he said the company was thriving.

It means whatever he does is irrelevant, because they are thriving with whatever they have. I think he needs to check if they are really an e-commerce company and not a money laundering operation for some drug dealers, in which case he is set for life.

Been there...

[nine-times]

I've been through similar situations a number of times. For the people who are telling you to get out of this job, I say: not necessarily. If you manage to fix these things, it can be a great learning experience and it can help you earn a name for yourself.

So my advice is to start out bringing these problems to the attention of management. You don't need to be pushy, but be very clear that you have found these problems, that you think they're serious problems, and that the problems may endanger the success of the company. Give them a little leeway on how to direct you. They probably won't want to throw lots of money at the problem, but if they don't seem genuinely concerned and looking for solutions, then start looking for a new job.

Second, get ready to learn about project management, because you're not fixing all of this at once. Make a list of what needs to be done. Prioritize that list. Estimate the time needed to do each task. If there's something extremely high priority that will run up against a specific deadline, then figure out what's necessary to meet that deadline. Start working on a budget.

Start setting schedules for each thing that needs to be done, but recognize that the schedule will have to be flexible. In fact, don't bother scheduling things that are low priority until you've put out some fires. Keep them on your todo list, but consider making a separate "to do eventually, but I'm not going to bother thinking about it right now" list. When you have a schedule set, get to work. Keep track of your progress, and keep management informed of your progress. Keep them informed about problems and obstacles that you encounter along the way, especially if they'll cause an increase in your budget or a delay in your schedule.

You'll want to gather some good project management tools along the way. At a bare minimum, these tools will include a calendar, a todo list, and a way to keep organized notes. Set aside time every week to review your notes, your calendar, your todo list.

You can take project management classes, but most of what they teach you comes down to this: Make sure you understand what you're trying to accomplish, and that what you're doing is actually the best way to accomplish it. Keep your stakeholders informed, and listen to their feedback on your progress.

Re:Been there...

[FreeUser]

I've been through similar situations a number of times. For the people who are telling you to get out of this job, I say: not necessarily. If you manage to fix these things, it can be a great learning experience and it can help you earn a name for yourself.

I couldn't agree more. I went into a thriving proprietary trading shop with similar IT issues (they had more than one IT guy, but staff was skelatal and challenges enormous. I spent two years sorting out the infrastructure, server OSes, third party orphaned library dependencies, etc. The result was a trading environment that no longer crashed every morning at market open...a vast improvement. After the migration from Solaris to Linux and a refactor, we ended up with systems that were ahead of the industry at the time in robustness, at a fraction of our competitors' costs.

Good times...the gig lasted 13 years, until I move to London (and up the corporate ladder).

Yes, you'll work long hours, but if you fix the problems, and ensure upper management knows of what you're doing, why, and what you're contributions are, you will most likely do well. And if they don't give a rat's *ss, then you know where you stand and can move on to something better, with a wealth of experience.

Re:Been there...

[tnk1]

It can be an intensely rewarding experience, and one should not necessarily discard the opportunity. However, bear a few things in mind:

1) You have to have the actual ability to make it work. Don't try and kid yourself, if you don't, you don't. Not everyone is cut out to be a one-man operation. You could be a genius and still lack certain skillsets or talents you need to make this sort of thing work. In fact, many very smart people I know are far too high-strung for that sort of work.

2) Management has to support you. If they don't, then you will get nothing out of it but grief. On the other hand, a good manager should have gotten you some help, so the Venn diagram of good managers and managers who let you run stuff by yourself is not going to have a huge overlap.

3) The existing system can have ticking time bombs, but if they are actually going off, you're never going to have time to do anything other than put out the resulting fires. Do not try and rebuild anything while there is a fire currently consuming what is already there.

4) You actually have set aside your life to focus on this. You will be putting in long hours. You will be putting in late hours. You will have to do mind-numbing amounts of work. In the end, you may well be proud that you accomplished it, but if you have a family or a need to get out and socialize, your rewarding feelings may well be tempered by the fact that you have missed out on other things. I know plenty of IT folks who did this sort of thing and ended up divorced or with ultimatums.

5) For Goodness' sake, do not do this simply because you really like IT or something. Do it because it advances a goal you have. If you aren't going to achieve this goal, then don't take it. I have known some fools who love IT and work like machines and get paid some low number and just sort of soldier on, BUT all the while complaining about the idiot architect or manager who gets paid 50% more than they do for less work. Here's a hint, if you covet their money and their time to play golf or their ability to tell you what to do, but you still can't detach yourself from writing clever shell scripts to run everything because of some stupid sense of pride, then you are the idiot, not them. If this job doesn't get you anything other than some good war stories, then don't take it.

Re:Been there...

[nine-times]

All good points. To add on to and modify the last point, the sort of "learning project management" stuff I mention isn't going to be too helpful if you just want to write scripts and fix computers. Do that stuff and learn how to do it well if you'd like to get into management. If you prefer to work on intense tech stuff, don't try to be a manager. Instead, find a job where you do the intense tech stuff and your manager handles everything else.

As far as the problem where "the idiot architect or manager who gets paid 50% more than they do for less work," that may or may not be accurate. I know I've worked as a manager and had people who worked under me think that I had it easy because I sat at a desk and pushed papers. They didn't understand the work I put in, and often that work made their jobs easier.

Re:Wait a minute ....

[CuriousGeorge113]

And make sure not to hire an outside firm that consults on outsourcing IT support. Security firms are pretty good at general IT auditing in addition to strictly security related analysis.

Right, and be careful using a Vendor to run this audit for you as well. It might be tempting, because they will give you a really good deal, but you are essentially paying them to generate a report that says you need to buy all their gear. Not saying this can't work, in fact this could be a good option if you are on a shoestring (assuming not with your use of the word thriving) budget, just be careful.

Re:Wait a minute ....

Thriving is relative. If they are a 1/2 million dollar company and their sales are up by 100%, then they are thriving.

And yes, you can survive on a single IT staff if your web presence is your business. Several years ago I consulted for several companies like this.

Toss it.

In this day an age you can just virtualize it all and throw the crap away.

Re:"A little over a month ago I assumed the positi

posted to un-do faulty mod, thanks to a browser quirk or slashdot ajax or or something.

Document, plan, propose, execute

[winkydink]

You document what's there. You've already started that. Next you document what's deficient. Then you put together a plan that, in stages, makes things better. Then you propose that plan to your management in terms that make sense to business people (happier customers, money saved, disaster avoided, etc...). Then you execute the plan.

Follow a proven method to fix any mess

[khemicals]

Your general problem isn't unique, and the solution isn't either. I wouldn't want to address this large problem using the contents of a post response on /. . Find a proven method for fixing this sort of situation that you can rapidly read and follow. Rather than writing out the various steps, grab a copy of the Visible Ops e-book (or some similar one), read it in a few hours (its short), and start addressing your environment chapter by chapter. With a documented plan of attack that has been used by many, getting management support should be trivial and you can hit the ground running fast.

http://www.itpi.org/?page=Visible_Ops

Your biggest problem will be funding

[rickb928]

Either because your predecessor 'made it work' with little or no funding (better translated as 'he made it almost work'), or because your predecessor failed to acquire sufficient funding to do it 'right'.

As a former field tech/consultant, try to avoid bringing in consultants to explain why the stuff needs to be bought. Many a manager ends up believing the consultants and disbelieving their staff. You get to either hire the consultant to justify your plan or find yourself undercut by that lack of confidence.

And of course nail some problems and show improvements as early as you can. It's wise to both solve pressing impactful problems first, and gain trust.

I always loved going into a client with lots of problems. Not just for the thrill of making things right, but knowing that if I did it right I had a referral for my next client - because the end result was most often working my way out of the gig. Either I passed the client on to another tech to maintain, or they got their staff's legs under them and could carry on. So long as there are more clients, this is good. Great fun to figure things out, isn;t it?

This happened to me with my current job

I was hired almost 3 years ago to replace my predecessor who died. There was little to no documentation. What little there was was wrong or very out of date. As she was sick for the year before she died she wasn't in the office much.

I started with the server farm. I documented the hardware and software on each server. I exported the Active Directory and did a permissions audit. I retrieved the windows license keys from the servers using Magical Jelly Bean Keyfinder which found the keys for a few other programs we were running too. I then did a windows backup of each server AND verified the backup. I then proceeded to update all of the software starting with anti-virus and then MS patches. I had to call the other software vendors and explain my predecessor died and I needed help to find out what we owned, keys for the software, maintenance records, etc. Most vendors were happy to help. I updated what I could. I filed the rest away along with quotes for the current versions of the software that didn't have a maintenance contract.

I then went to the network. I traced each cable back to where it was plugged into and used dia (http://live.gnome.org/Dia) to document the network. I even took pictures and label a few cables. This was a real mess. Each VoIP phone was plugged into the main network and each computer was plugged into the phone. That was the reason their computers and phones weren't working properly. I fired up a wireshark session on my backtrack pc and logged the traffic. The network was in horrible shape. All of the printer servers were running IPX, DLC, appletalk, etc, even though it was a strictly windows shop. I also found a few computers trying to send out email when no one was here. Can you say virus? A reinstall of the OS and Office fixed that problem. I had to use the recovery method of each of the networking equipment as the passwords I was given did not work. I did firmware upgrades on everything and then took a can of compressed air and shot it through the vents. I had a vacuum cleaner on the other end sucking up the dust that came out. Do the cleaning when the equipment is turned off.

I used spiceworks to document the pcs. None of the computers had the windows firewall turned on so it was a fast and easy solution. I found a lot of software that had no business being here. I setup a WSUS server to patch the clients.

I had a meeting with management about 6 months after I started and explained everything in detail. I made a priority list of items to address. They agreed and started to move to address the issues. The anti-virus contract was first as it was the cheapest. The MS agreement was almost last as it was expensive but is well worth the cost.

I did break a few things while I fixing the servers and network. I had to write an asp frontend to an access database so I could get rid of a dieing server. You are going to find things no one else is going to know about or thought was removed long ago. It took me 5 months off and on to find a switch that spiceworks said existed but I couldn't find. I found it above a ceiling tile when I was running a new cat 5 cable.

Just document everything, backup everything, and work after hours. It has taken almost 2 years to address everything but everything is running much better and the people are much happier now that things work.

Good Luck

Re:This happened to me with my current job

[HappyHead]

I had a similar, if slightly less difficult situation with a former job - I was hired originally as a programmer, but my boss (who was also the entire rest of the IT department) quit after I'd been there a year, and I was handed all of his work (and none of his pay, of course). For the most part, I already knew where everything was and how to fix it if it broke, but every now and then, I'd get a call saying "Hey, the #### broke again, can you fix it?" and my response would be "We have a ####? Where is it, and why was I never told about this?" Fortunately, the management was understanding of the problems involved, and took me off programming duty for a month of "trace things out and figure out where everything is, and document it". They were actually great people to work with, but the pay was about half what I'm making now.

Eventually, I did the cable-tracing thing with the plant manager, and we found an old 386 with no monitor, and a hefty UPS stuck up in the ceiling of one of the hallways, hooked up to the network. We tried disconnecting it, and the whole network died. (ie: fileservers, application servers, databases, etc...) Fortunately, rebooting the netware server got things going again just fine, but we never managed to figure out what that machine was actually doing, because the hard drive was so corrupted that it wouldn't boot back up again when we got it to a monitor.

You are already doing fine.

[LordZardoz]

Inheriting someone elses work is never easy, but your doing well enough. You have to resist the urge to re-implement everything wholesale and simply take the time to learn how the hell everything is working.

In your case I would suggest documenting the discovered issues and noting exactly what your concerns are. Also throw in some time estimates (with a healthy error margin) describing how long it would take you to fix such a problem if it manifested, and estimates describing how much time and effort it will take to replace and re-implement the systems that would cause the problems. Then send this stuff out as an e-mail no one will ever read.

Then when shit breaks, you at least have the paper trail and you can give the 'I tried to warn you' speech to preempt your bosses from having you eat the big bowl of dogshit that will result.

END COMMUNICATION

thriving?

"programmer and sole IT personnel at a thriving e-commerce company."

It's not a thriving e-commerce company if they have a sole IT person who is also a programmer. They are either progressing steadily to failure or are a "successful start up currently experiencing growing pains" at best. If they have that many systems managed by a single person and have that many band aides... then without the support of upper management all you can do is try and make better band aides. Be sure to voice your concerns so when the flaming pile of hardware hits the fan it isn't your fault.

There is a fine line between awesome learning opportunity and being taken advantage of.

Go back to school?

Maybe it's just me, but a question like this is from a person in over his or her head?

One IT Employee?

[djl4570]

How is it that a thriving e-commerce company only has one IT employee? Did the rest quit? Did the marketing drones and PHB's bleed the IT budget into their bonus pool? I suspect deeper issues than the physical infrastructure you describe. Bandaids are what someone does when there's no budget to do it right and it sounds like the management culture doesn't want to invest in doing it right.

Re:One IT Employee?

[geekoid]

Or when ti was started someone cousin was available for cheap, and now they are thriving they need an actual pro.

If that's the case, it's a huge opportunity for the right person.
If ti's a bunch of sales people request shit left and right, needing it now, and the IT person can't push back? Either have a strong personality, tell people what is going to change, and tell people No when ti's unreasonable. You will either create a strong IT dept., or look for a new job. If you create a strong IT dept, you will benefit from that the rest of your life. If they fire you, .. well it sucked their anyways. If you are contacting other people outside for help, you may be able to leverage that contacts for employment.

And don't go in for that economy sucks bullshit. Maintain contacts, and employment will be available. I was in the work place in '83. It was far worse then anything we have had during this recession.

But before you do

Brief your management on the situation. Explain what condition things are in and what is needed to get them into a manageable state. Give them a list of projects / tasks that you have to deal with and get them to prioritize.

And If you feel at all uncomfortable or hesitant to do this, then examine alternative career paths beforehand.

Once you have briefed them, If management appears reluctant, begin pursuing those alternative career paths.

Cloud service?

You can plan to move to Cloud service if there is any alternative so that you can scale the system very easily. that is going to be the future..
Make an asssement, then get audit done and submit the report to management.

Re:Cloud service?

[MattBD]

This. Much as the cloud is an annoying buzzword, there's a lot to be said for moving what you can to one of these services if you haven't got the time to maintain it yourself. Google Apps is a solid, inexpensive, reliable and powerful solution for email, and if you're rushed off your feet, it makes sense to offload everything you can get away with.

Automation, automation, and more automation.

There are lot's of things you could and should do but automation is the only thing that will allow you to do more over time. Start there and build on it.

Create a wiki and document as much as you can

[FridayBob]

Do that in broad lines, avoiding too much detail. Start on the largest scale, with short descriptions of all the major subsystems, and then work down to the lower levels. In the same way, document your own changes, but don't skimp on describing your rationale.

It may take a while, but this approach has a number of advantages. First, you will develop a clearer picture of what your predecessor has done. Second, you will better understand your own handy-work when you try to figure out why you did what you did months or years from now. Third, as opposed to your predecessor, when the day comes you will be able to leave your position in a clear conscience to your own successor.

To many, this advice probably sounds like a good way to make a tough job even harder. Most of us hate writing documentation (just ask your predecessor), but system administration is definitely a lot more complex these days than it was in the 90s, and even back then I learned the hard way that, in order to remain in control of systems that will likely be used for many years, documentation is essential beyond a certain level of complexity.

Thriving e-commerce my arse! Leave NOW!

[Kamiza+Ikioi]

"A little over a month ago, I assumed the position of programmer and sole IT personnel at a thriving e-commerce company."

I'm sorry, repeat that again?

"A little over a month ago, I assumed the position of programmer and sole IT personnel at a thriving e-commerce company"

No offense, but you should leave NOW! A "thriving e-commerce company" with only one person in IT? Really? You are working for a Mickey Mouse operation. It's most likely run by sales, and sales doesn't give a damn what you do or how you do it or the problems caused for you. Those band aids? Sales requested each and every one of them! Leave now. Leave fast!

Progressive enhancement

I'm going to say this, as someone who has been in similar situations. You need to research the issues, come up with a plan that can be prioritized and/or implemented in stages of increasing cost/time/difficulty.

At the top of this list should be the easy, obvious fixes that yield immediate benefits. Things like simple backups, and configuration tweaks to improve resource utilization. Things that are free to implement (besides your time).

Below those are cheap things that will help in the short-term, or address a current need. This means independent services that don't require lots of planning or testing to implement. Mail server's running out of space ? Upgrade or even move your mail to the cloud if it makes sense for this company.

Then at the end of the list, you have the long-term stuff and the "nice to have" stuff when the company can afford it.

The idea is to present it all in a way that follows the growth of the company. Boil that frog slowly! You need to gradually show the benefits of proper infrastructure, in a way that won't break the bank nor shock the manager or owner who invariably has been skating by in blissful ignorance. Those early successes will build your reputation and trust, so that when the time comes to make a big purchase, or bring in some contractors, the value will be self-evident to your superiors and you will have a much easier time getting that PO approved.

I'm surprised...

that no one even mentionned Virtualisation yet.

Or if you ignore me, go get Spiceworks.

[Kamiza+Ikioi]

Go get Spiceworks, and it will do 99% of your requests for you.

You're welcome.

Re:Or if you ignore me, go get Spiceworks.

[Catnaps]

Oh my various deities... HOW is this FREE!?
Scratch that.. how have I not heard of this before? Holy shit I think I love you.

the curse

[onicrom]

The time that you've been given to familiarize yourself with their environment is gone. You have found a tonne of inefficiencies and know exactly what you need to do to clean, automate, improve etc...
BUT
Now you have to start doing the work that 'the business', the part of the company that makes money, you find yourself taking short-cuts and applying the same types of band-aids. It is the curse of all IT professionals!

Why would they need a backup?

[Colin+Smith]

They have a guy who finds upgrading phone systems immensely satisfying! If he's sick he'll come in and fix it and who needs vacation anyway, he'll take the cash instead.

I'm betting it's a psychotic break and he IS his predecessor.
 

First Things First

I've been in your situation a couple times before.

First things first, Organizational support.

You say you are just one guy. You need buy in from your boss/organization. To get more resources, or at least buy in. One thing I learned, if you don't have support of the organization, they'll NOT recognize a single thing you fix... but will be quick to blame you if something remotely goes wrong during a fix.

If you don't have organizational support, then it's time to find a new organization.

Prioritize. This seems simple, but when things look insurmountable, you'll be surprised how easy it is to get sidetracked. Top of the list are issues that have the highest likelyhood of affecting production uptime. Regardless how bad an issue is, if it doesn't effect production uptime, and is NOT a 5 minute fix... it goes to the bottom of the list.

Consultants. This can be a double-edged sword. They're good if the area is outside your expertise, (ie you're the Unix/Network Admin, and there's glaring issues with Weblogic), If you do go the consultant route, define a CLEAR STATEMENT OF WORK, and ensure it includes DOCUMENTATION. :-)

One bite at a time

I think everyone has inherited this same mess at some point. The answer is always the same as "How does one eat an elephant? One bite at a time". Identify the biggest and worst fire - correct it, then move on to the second worst fire. Eventually you end up in IT nirvana.

Document and chat with management.

[TomTraynor]

You will probably be getting a large number of suggestions. I have done both support and development on mainframes and servers so here is some input:

1. Let management know at a high level the state of the machine(s) and get permission to spend part of your time documenting the system. When you get permission ask them for how often they need updates and how much detail. Keeping them in the loop seems to make them happy and feel important.

2. Document the current state and highlight areas of concern. Put down what the concerns are, the risks and the potential costs to the company if it fails.

3. Go through the document and organize it by risks. Try to figure out the size of the risk and how much work it will take to fix it and what is needed to fix the problem.

4. Automate as much of your process as possible. Any task you have to do on a regular basis (in my humble opinion if you do it more than once then automate it) should be automated. Dedicate time to document what you did.

5. Senior management is probably not wanting to see details. When you present, keep it simple and short. Point out the costs of failure and if you need software to help put that forward as an 'investment in infrastructure'.

6. If the company has an internal auditor make friends with him/her. Getting them on your side to present to management will help. Having the auditor explain to them the financial costs will help your cause a lot.

7. When you do things take the time to document what you are doing, WHY you are doing it, how you did it and where to go for the programs/scripts/data.

8. Pick the brains as much as possible of all the people there. Offering to buy coffee and donuts seems to make them more receptive to an informal
session and the amount of information they have could help you.

Part of every project we do now is dedicated to documentation and the client now knows the importance of that documentation and is happy to pay for it. The current system is over 25 years old and a lot of business knowledge has been lost due to people retiring or leaving. When we find things we put them into a document. The hardest thing to find is the 'WHY', but, once you get that the rest of the information starts to make more sense. Our most popular section is the 'HOW TO DO' as this is the short cut for every other document in the system.

When you do your documentation try to keep the documents as open as possible. Try to avoid proprietary packages as much as possible. We had an old flow chart program that we didn't have the program for and it took me a week to find an open source package that could read and export the files.

Been There, Done That

[Bastian227]

Word for word, I thought your submission was something I wrote. I've been there, done that, so it is possible. The mess I inherited took me 6 MONTHS to fully comprehend and formulate all plans of attack. Meanwhile, I was trying to fix and maintain what I could.

To tackle the whole problem, where did I start? Everywhere, frankly. There was no one starting point. Everything was affecting everything else. I did my best to get written down exactly what was running on each server, including running daemons, system crontab, and all user crontabs. Basically, build a list of what exactly you can determine. Then, try to get into the mindset of your predecessor and try to understand why (as best you can) to see if that sheds some light on what else may be lurking out there.

I didn't get bogged down in formal documentation because I knew I would have to rebuild everything. I took copious notes and drew pictures of what I thought were the processes of the system, but this documentation was just for my own benefit. Once I could identify unneeded processes, I shut them down or side-stepped them and hoped I didn't break anything; if I did, that was just more information at my disposal. Other processes I simplified and consolidated where I could. Eventually, the system got more and more comprehensible.

Once I "got" everything that was going on, I built a fresh new setup that focused on simplicity and efficiency. This is when I focused on documentation. I kept the legacy system dormant but available, just in case.

Now, we have a darn good system in place. I used virtualization to segregate different services and to enhance security. Maintenance is now preventative. Management is happy because they can now grow the business without everything imploding. The focus of my work today is building new products and services. I hope my successor doesn't complain.

Slashdot community service project...

[logandr]

Post all your passwords, server names and address. The Slashdot community will swoop in and document the whole system for you in a few hours.

Getting a grip

[wolfguru]

In answer to your question - Slowly, with extensive notes and with discussions with the people that the systems you are looking into may affect. I've been the primary It person for a large printing firm for about 16 years, and I manage a staff of two now, with various personnel changes over the years. Applications that look like a mess may have developed over a period, and as the person you replaced developed their skills and learned how to do things better. There have been several recent articles in some of the tech blogs about finding out why something was done a specific way the hard way, and learning to document everything before you make even simple changes is the safest course of action, and will get you back out of trouble. Don't be afraid to talk to the people that use specific systems or functions; sometimes you may find it is "because that is how we have always done it", but sometimes you will find that a specific practive avoids a common type of error or provides a specific check on a process. Remember that what you have come into may look like a tangle, but it is also a working whole, even if some parts seem to be of the baling wire and bubble gum variety. Look at the whole when you replace a component, and see how the information and process flows both into and out of the portion you are improving, and be sure your new solutions integrate as well. Trust that you will make mistakes, and make backups, copies and notes that enable you to back out carefully, then when you have made successful changes, document the process you have completed and keep that as the core of your new documentation. Make one goal to never put the person that follows you in the same bewildering place. There is never time to go back and document, especially if you are on your own. Do it at the time you make the changes, and you will have it when you are finished, as well as have the path to back up and recognize where your change may have caused something to go wrong, as some things inevitably will. Above all, prioritize, document, research and change things slowly. Your primary responsibility is not to improve the systems, it is to support the people that rely on them. Keep that foremost in mind as you make any changes and you'll do well.

Make Your Task List Publicly Visible

[Mandatory+Default]

Get a whiteboard. Put your task list on it, in priority order, with time estimates. Order should be based on a business decision - what's the financial risk of something failing. Backups and security are always pretty high on my list.

Get buy-in from management on the ordering, because when something breaks (and it will), you need to make sure that someone above you approved the risk ordering.

Once you have a priority order, then figure out how much it's going to cost to do each one. If mgmt considers something a #1 priorty and is only willing to fund 10% of the price to fix it, then you have a pretty clear warning that it's time to look for a new job.

When tasks are finished, cross them off but don't erase. Make sure everyone knows that things are getting done.

Don't let anyone rearrange the task ordering without a financial justification that's approved by mgmt.

Re:Make Your Task List Publicly Visible

[geekoid]

Excellent advice. I'm going to add one bit.

Go to home deport and get a 4x8 Solid White Tileboard. Attach to a wall or easel.

Spend the 13 bucks and set it up on your own. Then make a list of tasks, and issues.

Then go to the manager as get your priorities based on your professional concerns.

Normal I advocate for the employee never spending a dime of their own money; but I have found that in this case, the 13 bucks yopu spends is paid back.

It's stupid, yes. However it's a social thing, and Manager who came through the business ranks can be impressed by your 'professionalism'.

", then you have a pretty clear warning that it's time to look for a new job."
Sometimes is an opportunity to go over their head. In hindsight, I have missed a lot of opportunities because I didn't go over management heads to the CIO and say "This system will cost 250K to fix. If it fails, you are out of business. It can not be done for 25K"

Obviously, have your resume ready and your feelers already out.

Sometime, you just have to say No for people to take you seriously. Again, it's a stupid social thing.

The very first question you should ask...

[ISurfTooMuch]

...is why your company is in this mess right now. Was your predecessor incompetent, bad at documenting, or so busy putting out fires that he never had a chance to do things properly? You also need to know if the reason he was putting out fires all the time was because he never had the resources to run a proper IT department. If that's the case, you have to prepare yourself for the real possibility that management either doesn't understand the need to properly fund IT or the fact that they do understand and are just too cheap to do it. A lack of understanding is fixable; being a bunch of cheapskates often isn't. And if they're too cheap, especially considering that you work for an e-commerce company, then you're in for a rough ride. Believe me, it's no fun trying to do your job when you can't get the tools you need to actually do it. If you find yourself in that situation, then you can only do what you can do. After that, you're going to be frustrated as hell. Perhaps that's why the last guy left.

And one word of warning. You're going to have to make an assessment of how likely it is that you can keep this ship afloat. If you're unable to get things in order, and the best you can do is stay one step ahead of a disaster, then you need to get the hell out before the inevitable disaster does happen because, when it does, it's entirely possible that you're going to get blamed, especially if management is too cheap to get you the resources you need. Fix the leaky boat as best you can, do whatever improvements you can manage, then polish your resume and start looking.

Burnout

I did this sort of thing for a year and a half. Management was on board, the staff were on board, everything was going swimmingly. Then at some point I realized that the goal of getting things "cleaned up" moved every time I made progress. It turned out Management was clueless and they were definitely on board, just not the right train. I was doing the job of a sysadmin/developer/dba/manger, but not getting paid for any of those roles. I got angry and burned out. So burned out that I considered quitting IT entirely.

Was it an incredible learning experience? You bet.

Was it career building? Not really, because I wasn't working with the latest tech due to budget constraints and constant firefighting.

I now work for a similar sized organization with a small team. There is still lots of variety and a pile of work, but the pile is manageable. I am infinitely happier.

My advice repeats what was stated above: Figure out why the place is a mess. If it's management's fault, run and don't look back.

This.

[symbolset]

Gordian knot. Alexandrian solution.

Three Letters

[Overzeetop]

When I was hired to run the IT department of a major company my predecessor left three letters in the desk that was now mine. Each letter was clearly labeled; System Failure #1, System Failure #2, System Failure #3. A post-it note was attached to the bundle of letters.

        In case of a substantial system failure open the letters in order, once per failure, and they will help you through the problem.

I put the letters back in the desk and forgot about them.

About one year later we had a cascading server failure that left our corporate intranet and several important production servers off-line. While repairing the problem I remembered the letters. Curious, I opened the first letter.

        Blame me, your predecessor

The day after we got the servers back up I was called in to my boss;s office to explain what happened and why were down for so long. Taking my cue from the letter I blamed my predecessor. My boss was satisfied with my answer and let me go.

About six months down the road we had another big failure. This time our primary database server went down and the secondary was having trouble dealing with the load. I had to put a lot of extra hours into getting them back up and we lost a few transactions due to the backup server not being able to function under the load.

Once again, I reached into that desk drawer and opened letter #2.

        Blame the equipment

This time I lamented to the boss about how it wasn't my fault. It was that backup server! If we had some good equipment to run on these things just would not happen. He was satisfied with my answer and I went back to work.

Things ran smoothly for the next 18 months. Then we got hit with a virus that somehow got past our firewall and wreaked havoc on our systems.

I opened the third letter.

        Write three letters

(Sorry, this was the first thing I thought of when I read the summary)

A javascript glitch?

[Okian+Warrior]

This was meant to be posted in response to something else above.

I don't know how it got pushed down in the comment chain. Sorry for any confusion.

Observium, ESXi, and Hobbit

[charnov]

The combo of Observium (network monitoring), Hobbit (monitor everything with extreme ease), and either ESXi or Proxmox VE for consolidation and ease of management/isolation/testing/etc has served me well for years to take control of large organizations quickly. Last two business I was hired to fix, I set this up and then built a parallel enterprise as VMs (the right way this time) and then cut everyone over in a weekend. No one noticed the change except to say stuff didn;t crash anymore and it was really fast.

Also OpenFiler and NexentaStor make for a great SAN.

If you need more: PFSense for firewall or VLAN router, BlueIris for IP cameras, PBX in a Flash for VoIP, SoGo for Outlook compatible email, LibreOffice, etc.

Re:Observium, ESXi, and Hobbit

Have to agree that to make any progress, sans adding more people, the only option is to automate. The monitoring tools mantioned should help.

In terms of actual network and machine management, Salt should be worth checking out, as maybe the next gen tool. http://twit.tv/show/floss-weekly/191

Seriously?

I'm looking forward to reading the full story on The Daily WTF in a few months.

Been here, done it

[EW87]

I started as the lone IT administrator for a large commercial insurance company. With almost no documentation, I had to use some RMM tools (Kaseya) and other audit software like Belarc Advisor, and network sniffers to completely figure out everything going on in the company. There were so many terrible band aids, I even had to bring on a few helping hands to help get it done, it took a year. They have 64-bit/32-bit compatibility issues, they had Windows 7 on machines that were trying to run a DOS/Novell shared resource. It was extremely difficult and frustrating, and the pay wasn't as good as easier positions I've been in. However, it was an amazing day when it got completely done.

Map the dependencies

[thesandbender]

You already know that it's a tangled mess. You need to map that tangle throughly before you start fixing/replacing/retiring anything. The conversation you do not want to have with your superiors is why retiring system X (which costs $5,000/month) took down system Y (which makes $100,000/month). You need to map out both the business processes (which systems they touch) and the system dependencies (trust no one, log network data and look at the traffic between boxes). Do not start pulling strings until you know what they're connected to.

You're not going to do this by yourself... at the very least you're going to need someone who knows the business side throughly. I've walked into a situation like this before for a very, very large company and I swear it took years off of my life but I learned a whole hell of a lot from the experience. Best of luck.

have just done something similar..

Have just done something similar. But did have some documentation, even if some of it where outdated/invalid or just plain wrong...

Started about 13 months ago and still not finished, but it's going forward..
How i did it was:
1. Change admin-passwords on all systems and allow back users on a per-needed basis.. (tell then if they want the admin password they will have to maintain the machine... scares most people off)
2. Inventory of the current services needed (ignore the current systems at this point)
3. Inventory of what machines can be scrapped and re-purposed.
4. Inventory of the services running of different systems.
5. Draw up a plan on how the network looked and what features where needed.
6. Looked into what things that where needed in the next 3 years.

To get to this point for me took something like 4 months, but the old setup was horrific... plain gray-boxes.. no mirroring of data..... No recovery-procedure except re-installation.... netgear/belkin/linksys routers as firewalls, those for home use... Yes, multiple ones.... so basically someone going into the first store and buying as they would when they wanted something for home...

Next steps...

Design how the environment will have to look to support new functions for the next 3 years.
To try and limit the amount of work here try and reuse existing systems, if they are well-maintained and in good working order. If it's a bit job to migrate any specific , badly configured, migrate it to the new enviroment if it can be kept seperatly and without having other systems to rely on it... Keep it running during the big job and take care of it later...

Remember to make backups of everything before you touch anything... Preferably try and restore them to a new system and verify that the backup works...

And here comes the hard work... Create a migration-schedule and start migrating...

I would strongly recommend you to hire someone for doing an audit after you have some type of documentation of the systems to help you come up with a good system-design that can be maintained in the future too... Try and keep stuff as automated as possible and try to use one type of OS to reduce the complexity, but exceptions are ok..

And... Document systems that you install!!! Do NOT move to the next system before the current one has been documented completely!!

Tell them...

to not be so cheap and hire a bit more help. If they are "thriving" they can afford it.

Audit

Been there before. Do this:

1) Audit first! e.g. www.fastslm.com
2) Identify non-conformoties
3) Fix them
4) Track everything
5) Define IT rules
6) Enforce them

Sounds familiar

I just celebrated my 6th anniversary at a non-profit as the sole IT guy. I still have a long way to go in terms of fixing or replacing the trail of crap left by my predecessors, but things are going pretty well. I manage around 85 devices (servers both physical and virtual, desktops, laptops, security cameras, thin clients) using Spiceworks, document like a fiend, backup my backups (we have about 60TB of data), etc. My next big "project" is to migrate our customer service database from a 15+ year old Access mdb to SQL and whip up a web UI for it. I'm shooting for next summer to start that.

Good luck!

This is the norm

I have been in IT for over 25 years and have worked dozen's of IT jobs. The average time at a company for an IT professional is 3 years. That being said, this problem the guy is experiencing is pretty much the norm for every job I have ever worked. When I am hired, it is to clean up the mess that is IT and get things documented. IT guys are notoriously horrible at documenting anything. I come in, document everything, reverse engineer it all, and usually redo the entire organization from the ground up to get it set up right. Once I am done and it is all stable and documented, it is time to move on to the next disaster. I think a lot of IT pro's are not as good as they pretend to be. To be in IT, you need to know more than how to fix a server, plug in an ethernet cable, etc. You need to know how to document and keep documentation up to date. If you are a sole IT guy in a company, the problem comes from management. I can't tell you how many times I see the "IT Manager" or "VP of IT" that has no technical experience and is trying to run the IT department. He ends up hiring some young kid that is an "IT superstar" but that actually ends up being a kid that just messes with linux in his spare time and not an experienced IT pro.

Thought That Was in the Description

But as I dig deeper, I notice the alarming number of band-aids applied by my predecessor, and it seems like the entire company's infrastructure is just a few problems away from a total meltdown.

The day I walk into an office and this isn't the case is the day I'll be worried about my job as a break-fix IT contractor.

He has been given the responsibility

[Grand+Facade]

for the operation.

Has he been given the authority to make it right?

Or is he just the next scapegoat to take the fall for the PHB?

Write up a report documenting the faults you have fixed and show how that led you to notice the other faults/bottle-necks/bandaids/single points of failure.
Figure out a rough estimate of the equipment and man hours necessary, include a time frame to complete.
Include a department allowance to bring in a right hand man to cover day to day crisis to allow you to focus on the upgrade.
And submit this up the food chain.

I am sure that these issues were not disclosed during your hiring process (if there was any awareness). These issues seem very critical and if you go trying to fix them without documenting the severity and notifying the higher ups of the hazards, you may wind up getting blamed for any crisis arising from said defects.

Divide and conquer

[biodata]

1. Work out what bits you want to work on and what you don't. (I would be most interested in their database, backend payment, processing, and accounting systems, and customer facing website, YMMV) 2. Log everything that you work on so you have evidence of where the problems are and how long you spend on each one. 3. Get quotes from separate firms to manage all the bits you don't want to do (printers? phones? LAN? server management? email?) 4. Find out what the directors' plans for the business are for the next 6 months, 1 year, 2 years, 5 years. 5. Work up a systems development plan to meet the director's business objectives (increasing customer base? new products and services? increasing transaction volumes?). 6. Present the package of quotes and your development plan in an organised meeting with senior management. Argue for the extra money to cover the routine services, and the extra staff you will need to support their business development (as others have said, doing it alone won't work long-term, it will lkill both you and the business). If they are a serious business they will recognise the wisdom in your approach and be more than willing to invest in what is ultimately the basis of their whole business. Do this quickly while you are still an unknown quantity, full of magical skills. Once you become the guy who fixes the printers they won't be able to hear your message so clearly.

Re:Divide and conquer

[mcmonkey]

Do this quickly while you are still an unknown quantity, full of magical skills. Once you become the guy who fixes the printers they won't be able to hear your message so clearly.

Best. Advice. In the comments.

CYA

[P-niiice]

I would also say that you should ensure that everyone who can negatively affect your career should be well aware of the issues you face and what you're doing (or going to do) to fix them. You don't want something you haven't fixed yet to fail and have that blame fall on you. Cover your ass, well and repeatedly.

You don't

[geekoid]

You hire an expert to do it.

An oxymoron?

"a thriving e-commerce company" with one IT person.

Step one: Fire all non-IT personnel and replace with smart IT people.

No further action required.

Re:An oxymoron?

[Z00L00K]

Not necessarily - the business model may be good but the technical solution can still be running on duct tape and Vodka.

if they don't care, why should you?

[plurgid]

You wouldn't be in this situation if your employer gave a crap. It's plain and simple: you report to someone. They know the extent of the problem and that there is only one of you. If they cared, there would be more than one of you. But there isn't. So turnabout is fair play.

This is the true American solution to your problem: find other people to exploit and skim off the top ...

Step 1: tell them you're going to become a telecommuter so that you can work 100% of the time
Step 2: get on elance or some other such site: hire gobs of cheap (dubious) overseas help at $1/hour
Step 3: instruct them all to send emails from your address and answer the phone with your name.
Step 4: find a different job and just let your sub-contractors handle that one until the house of cards falls apart

If your current employer calls you out on the fact that you have 15 different accents and sometimes answer the phone in a female voice, ask them why they're so racist.

bonus if you used a pseudonym when hiring for your present job.

Escalate

Start building a list of problems or ToDos and keep everyone in the loop every time a new item is added.
Ask management to prioritize the list every time a new item is added.

I've had cases in the past where management actively refused to deal with the problem list.
They forbid me to keep a list as "documenting problems took time away from solving problems"
If you have this situation, submit your resignation to all management (including executives)
along with the problem list. Make it clear that you are resigning due to management refusing
to acknowledge and deal with the existing problems endemic in the IT infrastructure.

Perhaps middle management was trying the keep upper management from finding out about the
problems. Now everyone knows.

Here's what they will do:
1. They might call you back at a better rate. You win.
2. They might call the guy who caused the problems in the first place -- at a better rate. (they're idiots)
3. They might call a new guy in at the same rate they hired you for. In this case, they need a slave.
        The first and the second slaves quit so they're looking for a third slave.
        When they get to the 5th slave it will dawn on them that they need to start looking/paying
        for talent not slaves.

Solution

[lupinstel]

Just remember, if something goes wrong, blame the guy who can't speak English...
Ah, Tibor, how many times have you saved my butt?

Manage the configurations of what?

Sounds to me like OP has no way to tell the wheat from the chaff - what boxes do what, what's essential, what's critical, and what's actually dead weight.

Inheriting an environment places a certain requirement on the incoming admin if documentation isn't there or has rotted.

Firewall config backups? Cool - where are they, and how do I get to them? Which databases are live? Web servers? App servers?

Full-scale discovery and inventory is usually where I start, working my way back toward a tool based on the info (and actual scale) of the operating environments.

Re: more than one guy in IT

[TaoPhoenix]

I'll go on a limb based on my own current experience.

I think just about all companies bigger than say seven people need two people split half IT and half "line functions".

Then when everything is humming, they can "just work". But when a cascade situation comes up, you do those Tier Levels. Level 1 does all the End User fallout. (Every computer needs to get that new utility installed, then all the printers quit working because of a 2 minute power outage (winter is coming), User 1 wants to know where their file is that they worked on for 3 hours. Oh look, it's in a temporary folder because it came straight from an email. etc.)

Then Tier 2 deals with all the system configs, there could be a software change coming, etc. That second pair of hands seems to be more than the sum of the hands in IT when managers want something fixed. I've done the Level 1 Helpdesk for a while now, with the second man more behind the scenes.

Re:Wait a minute ....

One IT person is a problem for you?

I work in hospital with 300 beds, 100 doctors, 230 nurses and 150 other staff. Institution has got about 150 workstations, 15 servers (HIS, RIS, DB servers, etc.), two PACS, connected with 8-9 routers and +20 managed switches, a firewall/gateway and dozen of dedicated diagnostic systems.

IT personnel comes down to one IT guy and one guy that "can repair things".

Forget documentation - focus on automation

[phamlen]

I've seen a lot of folks suggesting that you focus on documenting but I take the opposite view: you should actually be working to make documentation unnecessary. Documentation, by its very nature, tends to become obsolete very quickly - and any good IT guy learns to look at what's actually going on in the system rather than relying solely on the documentation. So you want to make your system as self-documenting as possible:

• Set up a good monitoring system - that's a great starting point for your successor because he can deduce what's important by what's being monitored. Get someone else to be involved in monitoring (maybe your boss?) and you've got a second person who knows what is important.
• Use a good naming convention - EmailServer1, TelephoneCloset3 are good names. Ninja, Macbeth, Comp1, etc. are bad.
• Fix DNS so that common names go the right place - typing 'wiki' into the browser should go to the wiki, 'monitoring' should go to the monitoring system, etc.
• Never build machines manually - Use configuration management software, automate builds, make them as push-button as possible.
• Use an web/online Task List - Get in the habit of using task list software (I like PivotalTracker, personally) Giving your successor a list of what you worked on over the last month is really useful. Plus, it's an easy way to sit down with your management and show them what you'll be working on over the next week/month/year.
• Automate those simple tasks you do all the time - Do you find yourself clearing disk space? Running reports? Run them from your management/monitoring console instead - that way, there's at least a script for someone else to read.
• Finally, set up a wiki to document anything that isn't covered above - there will always be something but hopefully it will be a short list.

I've done this three or four times and it's worked every time.

Re:Forget documentation - focus on automation

[Todd+Knarr]

Naming convention: I've found that functional names are bad. EmailServer1 ends up getting a database added to it, and then e-mail gets moved off to another machine as part of an upgrade, and now the name no longer matches what the machine does. Bad.

I decide on a theme for names, or possibly a couple of themes, and assign machines random names based on those themes. If I need to assign functional names, I use CNAMEs or aliases to map the functional name to a real name. Then when EmailServer1 moves from "amethyst" to "diamond" I don't have to reconfigure machine names, I just change a CNAME record in the zonefile. When dealing with lots of machines it works well with naming conventions like "prefix followed by asset tag number", eg. "DT1057" or "SRV005".

Just don't pick themes that're NSFW or hard to type.

Start with no more band-aids and system monitoring

[buddhapop]

You can't just let the fires hang, so you need to start with putting fires out. Just do that with the long term in mind. Start putting fires out by solving the underlying issue and not just patching the symptom. The next step is to implement monitoring. Something like Nagios or Cacti. This process requires you to inventory systems/services and document those systems/services. It is a productive way to start peeking into the setup. It also helps you to notice fires before others do, so you can put them out before anyone has to ask you about it. "Fires" often exist long before anyone tells you about it. People just deal with issues until it prevents them from getting something urgent done. Then it becomes a fire. With all that in place, you will get ahead of the fires and better understand the systems under your care. Now you can start to plan and rebuild "in your own image".

I was a predecessor

I was a predecessor at a small corp doing about $5M annually...and trained my replacements. Yeap, more than one--although only one of them was really 'good enough' to understand it in entirety. I even provided them with a "here's the steps to dig yourself out" plan. Six months after I quit, they had all quit. I heard from one of them afterwards that he was still "digging deeper" into tech debt.

No clue what's going on now. Although I am morbidly curious and would like to meet anyone good enough to "escape the tech pit".

For the unwary, there were a variety of programming and IT hacks that could cause things to shutdown. Usually partially and in weird ways.

Some of the worst...

- servers directly connected via crossover cable because we only had a 100 meg lan and it was too slow for database to app-server connection.
- Remote NFS mounts tunneled through SSH via special scripts.
- cronjobs remotely executed through SSH fixed keys (on different user names)
- remote database replication partially done through the above
- that would feed into sales and trouble ticket application tables that did not integrate with our native database
- absolutely bizarre firewall settings
- shared root passwords
- remote root login with a weak password on production network
( management's direct request. Better believe I saved that email)
- multiple webservers running different versions of apache, php
- IIS running in the DMZ with weird applications
- production webhosting system pointing to files on the development wiki
- absolutely bizarre backup practices
- Developer databases running off of a DROBO. VERY SLOWLY.
- A near total absence of unit tests
- Documentation months or years out of date, and none of the auto documentation served anywhere
- A bizarre chain of RPC dependencies that crossed multiple network boundaries with caching stuck in strange, unexpected places. In some instances, caches were "forever" -- or at least until "service restart". The aforementioned SSH cronjobs would sometimes kick these instead of a local cronjob, because the local clocks were unreliable and the system packages were too old to get reliable NTP clients... I could've compiled them myself, but that *might* have taken two or three hours to resolve dependencies--and I *knew* I could monkeypunch it together with SSH in 10 to 15 minutes.

And that's before discussing the things I did in the source code. The really disgusting things I'm not proud of. Sorry about that incident with the two donkeys and a parakeet in Juarez mom.

What I can say is... I am not incompetent as an admin, or a developer. I am however, someone who was not able to sell the necessary fixes to management. That'd ultimately be why I resigned. Some people might say that made me a poor deve-- I'd say it means management didn't do their job and accurately assess and manage... well... me. The certainty of an impending nervous breakdown as the complexity tidal wave started to overcome me and... time to quit. After I left I heard they took my network sequence diagram had the thing printed on an 8 foot wide laminated-markerable paper to try to help the new staff...

"Database" running slow? "I can fix it for a week, but I need..."

That week short-term became two years of a cron job pulling certain records to deal with a known bug involving cache performance...

VPN Running slow? "I can fix it by changing a setting in the client, but it's really because we don't have enough uplink... however, compression will work fine for most of your document editing since you copy it anyway..."

Became forever. Although the CRM client application would crash because things were so slow. We fixed that by virtualizing some desktops. Which resulted in contention among users. Not enough disk space to host those even with thin provisioning which ran out and locked one desktop down.... attach another DROBO to the SAN. Actual drives are too expe

Migrate everything

[Urban+Garlic]

I did something like this, although I had been the informal "back-up" admin for a while before I took over. Even so, the take-over was very sudden, and I quickly discovered there were whole facets of the system I didn't even know existed.

My solution was to pick one major sub-unit at a time, and migrate it to a system that I understood -- you probably have to do this anyways, since you have to do upgrades on your software, use that as an opportunity to get a grip on the system in question. In my case, the first choice was easy, the primary SAN host blew up about a month into the project. My users had a really lousy day that day, but 24 hours later, I had an object lesson in the importance of back-ups, and by God I knew how the (new) system worked.

Been here.

1. Virtualize everything so that it can be back up and running quickly in case of failure.
2. Hire another programmer(s) and start a consistent rebuild in a single language and make sure it gets done right this time.
3. Spend most of your time keeping the old junk going and documenting what you have and assist in creating the new system.
When the rewrite is done then you will have a reasonable starting point to base future development on. Unless there is new development to be done at this time they will probably lay you off and keep the new programmer since he will have the most knowledge of the new system. You will have done what is best for the company though if that is any consolation.

How do you...

[lionchild]

You ask:

The big question now is, how do I, as a single person, effectively audit the network, servers, databases, backups, and formulate a long-term plan that can be implemented by one person?

I answer:

The same way you eat an elephant - one bite at a time.

Make a list of things to do.
Prioritize them to where you think they belong.
Update the priorities as things happen and you uncover more dire events.
Keep management, directors and executives updated very regularly. (They're likely going to need to spend money on updates at some point. Be honest and up front about it. If they're in the loop, there aren't surprises.)
Lather, rinse, repeat.

The Basterd-Operator-from-Hell is OK

As ex-programmer, i started as as lonely network-admin at a art-restauration firm.
I can share these experiences:
- Backup everything. Virtualize your servers in a test-lab
- Do'nt fix anything that isn't broken... monitor/understand your systems instead
- *If you have to*, than don't be afraid to take risks (upgrade servers, rewire switches,...)
- A sys-admin is a fire fighter:
--- People don't care how you fix it, so Don't expect gratitude and don't overcomplicate your work.
--- 'No' is an answer too.. or ask extra money: Never ever touch personal equipment (personal laptops, tablets,..)
--- Prioritise your work: Time management is your friend.

  After six years and almost a heart-attack i have learned a lot and was able to do some cool projects, but i'm not going to do this for ever.
Basicly advise: act like the Basterd-Operator-from-hell

no solution

1- There is no "thriving enterprise" with a one man IT team.
2- There is no IT solution to a company's perception that in this times, they can stay in business (forget about "thriving") by neglecting the technology part of their business model

What to do: get promoted

[Yakasha]

Can't manage that junk yourself and keep your sanity, so, get promoted

1. 1. Figure out what resources you need: permanent employees, contractors, service providers, hardware, software, etc
2. 2. Show them your plan for hiring and procuring the resources
3. 3. Present a budget request
4. 4. Enjoy your promotion to Director or VP

This is how you do it:

Begin at the beginning, continue through the middle, and end at the end.

Rewrite it

The time and effort needed to understand arbitrarily bad code far far exceeds the time and effort to understand what they system is supposed to do and then implement that functionality.

I know people hate this answer (cue the outcry) but it's the simple truth. Crap code is a money / time pit with an unbounded downside. There is nothing to insure you against the code as-is being literally unextendable in mandatory directions sans an exponential explosion of needed changes.

Not writing code like this is what professional software engineering is all about. What it's NOT about is being a janitor named Sisyphus...
That's Sys-e-F.U.S. -> *UCKED UP *HIT

This gig has writings on the wall all over

[luis_a_espinal]

My backup was my boss who was technically competent, so there was that, but it's not like I've never worked a job as a one man show. You buckle down and do what you have to and make it so things don't break just because you're not around (yes, this requires budget, but I've been fortunate enough that anyone willing to pay me what I'm worth is also willing to invest in a solid infrastructure).

This made you (and the situation you described) an outlier, one with a positive outcome. Your experiences cannot be applied in general. In general, this is rarely the case, for one-man-tech shops that is.

For the most part, conditions as described by the original submitter typically have "GTFO ASAP!" written all over it. I've done IT in companies, small and large, and I can attest that what you say is true: Yes, it is possible to being the one-guy-IT-slash-programmer-shop at a small e-commerce company. But the question is why? I wouldn't do it (again) unless a good compensation package came with it (which is typically never the case), or if I'm fresh out of school with nothing on my plate to take (in which case, it is ok.)

Good companies are never based on one-man-IT-slash-dev-shops, regardless of size (or at least they try not to.) I know, again, I've worked with companies big and small. Conditions like that are typically good proxies for more systemic problems, and at the end of the day (whenever possible), you want a paycheck, a rewarding job and good working conditions. Rarely you see that with one-man-IT-slash-dev-shop gigs, rarely if ever, regardless of the size of the company.

That's just my $0.02 input from what I've seen. YMMV so readers be warned and please take this anecdotal piece with a grain of salt.

Reading comprehension

[luis_a_espinal]

So you worked for one whole year in this industry, and that gives you insight enough to know that there is only ONE reason that things get to this state?

That is not what he said. He said this:

I worked in this environment for one year ...

As in "I worked in such type of environment as described by the original submitter". The rest of this person's post does not provide a context with which to infer that such a year was the only year in this industry. In fact, the post context hints very strongly that such is not the case.

In Soviet Russia

[Roachie]

IT has grip on YOU!

One step at a time...

[TemporalBeing]

Seriously, continue documenting the existing systems until you have them all documented. Then start building a layout in how they are all integrated so you can see how everything relates. Once there, start with the core components and components with the fewest connections to other components and start updating/replacing them until you have it all replaced and upgraded to something more to your liking.

However, you'll probably leave before that is all done - thereby making it a greater mess for the next guy.

Just saying...

You don't.

[blair1q]

You recognize that it's a company problem and that you're not enough manpower to get it done.

You get management to recognize that by explaining to them that it needs more manpower and it needs to be done.

If they balk, you're stuck dealing with it on your own, and it will be slow, and there may be times you just can't change something without changing several other things and you can't change them all in a short enough time to prevent the company from grinding to a halt, so you'll just have to leave them.

Run!

[cowtamer]

Fast. Do not look back, lest you turn into a pillar of salt!

Seriously, if you're over 30, quit now. Otherwise, if you are young and inexperienced, stay if this is a WELL-PAYING opportunity or you REALLY enjoy and trust yourself or the company.

If you stay, start MIGRATING the pieces into something you understand and can document. I recommend migrating to a mainstream, well-supported, open source projects UNLESS the proprietary alternative is vastly easier to deploy (this is generally not the case). Test each step and have a backout plan ready. Backup whatever you can.

Realize that you might succeed and prove yourself to the company. Also realize that it might all come crashing down on you, with all the blame being assigned to you for any and all things that go wrong. The pitfalls are many. Use the source. Good luck!

Late to the game, but...

[Just+Some+Guy]

So everyone else has already commented, but here's my $0.02:

You're probably getting a million emails, texts, IMs, and other alarms per day.

Make them stop.

Don't disable the alarms, but pick something that seems important and noisy and figure out why it keeps wanting to pester you. Fix the root cause. That's one less thing you'll have to deal with tomorrow.

In short, be throughput driven and not interrupt driven. I have coworkers who have to deal with 100 small fires a day - and that's not an exaggeration. When I'm in their office discussing something, we're constantly interrupted by the "new mail deal with me right this moment!" sound. Don't do that! I probably get a Nagios warning once a month or so, typically telling me that the VPN to my house is down because it's raining and my DSL sucks, and that's about all I want to hear from the network.

It starts with how to restore from backup.

[Marble68]

No matter what - focus on restore procedures.

That will presume backups - so start there. If backups are shoddy, FIX THAT FIRST. If there's one thing you can almost always get budget for its disaster recovery.

But *always*, *always* backup with the focus on how to *restore*. Backing up is easy, restoring is the hard part.

By doing this, you will identify dependencies, settings, installation procedures, etc. You'll also identify which systems are less critical than others.

Subsequently, you will know how long it'll take you to bring a system back up.

Lastly, you'll know how to save your ass if you break something.

Start your restore process by the simple edict of following the money. Work from the financial transaction outward.

Now aren't you glad...

...that your predecessor didn't comment his code?

This is why code comments and documentation are so important. I'll _never_ understand why so-called "experts" think comments just "get in the way." I would never hire someone with such an attitude, nor would I pay for freelance uncommented code: If you can't explain it, I'll assume you don't understand it.

ummm...

[bobaferret]

What part of klatu verata nicto didn't you understand!?

Guess what the guy after will be saying????

I inherited this crap some the previous guy. Clearly he didn't know what he was doing. This is gonna take at least a year to fix.

* Backups plus tested restores
* SAN - start here for the greatest flexibility
* Configuration management
* Change management
* Migrate as much to servers from desktops as possible
* Deploy FLOSS when it makes sense
** cups for print ($0)
** alfresco for CIFS ($0)
** Zimbra for an Exchange replacement ($0)
** OpenLDAP unless you have a large scale setup. Then Redhat makes something that scales to many millions of accounts.
** OpenVPN for remote access
* Deploy commercial tools when there isn't a good FLOSS solution
* Dump as much Microsoft infrastructure as possible. Get off that drug. OpenOffice can easily replace most MS-Office instances.
* Virtualize all servers if possible. Avoid being screwed by VMware. LXC and KVM are solid and viable VM solutions.

Gee, I guess that describes what I've done here and at client locations.

Enterprises can't fire Microsoft, but small companies can. The savings can easily add up for a 20 person company. The system stability will improve too. Basically, my Linux systems don't go down unless I'm patching the kernel.

Don't Quit

[mcmonkey]

I agree. Do it. But under the following conditions.

1) Only if you can not take the job too seriously. If you're the type who gets stressed out about work, who doesn't know when it's time to walk away from an issue and start over tomorrow, this type of job can be heck.

But if you can remember it's only a job, and if things don't work out, you can get another job, that it's only bits you're moving around, it's not brain surgery, this sounds like a potentially rewarding opportunity. That leads to...

2) Make sure you are getting rewarded. If you are an old hat and getting paid well, take the money and run. It's job security (at least until you get things straightened out) and interesting work. You'll be facing a new problem every day, which sounds rough until you consider the boredom of facing the same problem every day.

Or, if you're a young gun, even not well paid, think of this as your education. What you learn on this job will aid you for the rest of your career. You'll get to work with many more systems and different technologies than you would at most IT jobs. And you'll get a chance to build up your troubleshooting muscles. Nothing obliterates my respect for someone who looks like a greybeard faster than a lack of troubleshooting sense.

Troubleshooting--good troubleshooting--is an art. Listen to Car Talk. That kind of crazy you only get from experience. There's a feel for how modules and systems interact and how something over here throws an error when something over there isn't right.

Think of this job as grad school. 2 or 3 years of dirty work, but do it for the education. Then get out.

Transparency

[dtmos]

. . . document everything. . . [m]ake sure your employer fully understands the situation you and they are in.

This was the first thought that came to me. While there surely are employers that are the personification of Evil (I, too, have met my share), most are simply trying to do the best they can, but are hampered in their ability to help you by a lack of time, a lack of knowledge of IT subjects, or both. Because of this, they can't independently judge the quality of the advice you're giving them -- i.e., they have to trust you. Since (at least in my experience) most conversations with management IT initiates are, in one way or another, a request to spend money, you can see the problem: It's difficult to continue to trust someone whose solution to every problem is to take money from you.

One technique I have used successfully is to never, ever refer to the IT department in particular, but always refer to the company as a whole. Also, as the parent says, document everything -- but do so in terms that will be meaningful to management. "The language of management is money," Juran said, and he was right. The infrastructure must make the company money, or it wouldn't be there -- talk to management in terms of the risks they are running to reduce revenue, increase expenses, or both.

Most business people, like investors in general, dislike surprises, and prefer to know their risks in advance. The trick is to present the situation in non-threatening terms, so that the boss feels like you're trying to make more money for him. Even after doing so, one has to be prepared for the possibility of a negative response, possibly even for a valid reason -- there's no cash available this month; they're planning to move anyway, etc. Or the boss just made a mistake. With any luck, the documentation you have on file will protect you, should blame be directed your way. If not, well, you didn't want to work there, anyway. Did you?

Re:Transparency

[v1]

Most business people, like investors in general, dislike surprises, and prefer to know their risks in advance. The trick is to present the situation in non-threatening terms, so that the boss feels like you're trying to make more money for him.

How true. They'd much rather hear how your change is going to make them money than prevent the loss of money. Fortunately, it's usually possible to spin words (honestly) between the two forms.

I had to push for a 10bt 24 port ethernet switch in 1996, back when switches were mad expensive. ($1500) Instead of explaining how we were losing productivity every day due to the bottlenecks and slow network, I explained the benefits of faster boot time and end-of-day processing. Same message, different words. And the morning after, he had a line outside his office with people wanting to know "what the hell did you do to the server last night??!" That was fun, savor the victories. Fortunately, from that point forward they had a lot more trust in my recommendations when money needed to be spent.

SNAFU

I thought dealing with inherited messes were the normal state of affairs in IT, or do I just have crummy luck?

Obligatory Dilbert.

[amacbride]

I had this on my office wall at a former employer where I was in a similar situation.

Don't try to eat the whole elephant

[neurosine]

The best approach is to define your systems, break them down into modules, and replace them in a systematic fashion. Eventually you'll be working in an infrastructure of your own design while avoiding disruptions.

Run now

If management let things get like this you can bet they won't fund fixing it either.

Number of techies to run e-commerce company

[microphage]

That both they and you assume a 'thriving e-commerce company` can be run with only a single technical staff beggars incredulity. But that is one more than at an ISP where I was once briefly employed. Maybe they don't want anyone hanging round that long. Cut your losses and start looking for your next job now. Else you're looking at a ten months burnout before they find your replacement, similar to the feller you replaced.

Nothing much u can do

From your tone, I can tell you are closed-minded and overrate your self. You are a control freak that wants everything done your way, and you will fail if you have to think outside the box. You have to think more than merely "how do I as a single person.." You have to assume it will fail, and have a plan in place. Your predecessor may have had no choice but to use duct-tape like solutions, and if they fail, you might need some back-up duct tape. You also arrogantly assume that he/she had the resources available that you do - he/she likely didn't. Finally, the fact that you would as /. to do your job for you is the final testament that you don't know what you're doing, and are very lucky to have a job at all in this current economic climate. If you were smart (and I don't think you are ..not in real terms just drudge terms) you would assume that whatever solution you come up with, that someone even more regimental and incompetent than you will see it as duct tape, you need to envision problems a future techie will have when you're gone. But you won't do that, as you're too into your own ego. You will likely (if anything) make life very difficult for the person that follows you so you can be contacted and made to look good - the hero as it were. Plenty of your type around!

Welcome to IT

[jon3k]

Every network is band-aids on band-aids. I'm literally shocked every morning when I wake up and it hasn't all collapsed.

Wouldn't Have Taken That

[Greyfox]

When you interview at a company, you're finding out if you want to work there as much as they're finding out if they want to hire you. You've gone through a lot of warning signs and probably will not be given the resources or authority to change things. Plus, it's going to take you at least 6 months before you really know the system well.

Your best bet is to start making a comfortable nest of processes (Version Control, Deployment, etc) and start documenting how things work. It will be extremely helpful to you if you have a method by which you can revert any changes you make to the system. Once you have an architectural overview in place, you can start to make changes to the system comfortably.

Since you're filling several roles there, whatever they're paying you probably isn't enough. If you saw all these things and quoted them an hourly rate that was higher than you thought they could afford and they still made you an offer, good for you!

Probably not BS

I can totally believe you on this point, especially in RE and wholesale banking where you deal in small numbers of transactions (relatively speaking), but ones with a lot of zeros and commas in them.

I am a 'one man show' + occasional contractor support consultant catering to the same industry, and my client base is about 450 users spread across a dozen small and medium sized wholesale mortgage banks (and a handful of non-banking companies somewhat reluctantly taken on as referrals). Collectively they are probably worth in the neighborhood of 1.5-2 billion, but as their business processes are very amenable to standardization and automation, they can have a very compact IT footprint once you develop a scalable 'pre fab' IT platform that suits them all.

This would not be the same situation at all if they were a group of retail store chains or distributors or medical offices or anything else with a high personnel to market cap ratio.

I've definitely cost 6 in house IT guys their jobs, and possibly more. I guess I am part of the problem in this industry, driving salaries down and creating the impression that anyone is replaceable. In my capacity as a consultant I am more replaceable than any full time person, and this makes me acutely aware of how much a commodity IT is becoming.

Time to Man UP that Resume

Take the weekly pay.

Apply more band aids

Spam around you're newly Man Up'ed resume and prepare to bail ASAP.

What do you do?

Suck it up, that's what you do. You don't think every other IT worker who has come into a job with a large company hasn't gone through the exact same thing? If you can't handle your own work responsibilities you need to get a job you _can_ handle, plain and simple.

It is always so..

It's always the same. The new person comes in. Doesn't understand the systems. Doesn't know the history that has transpired and how a product is developed. The new person has trouble, as we all do understanding and fearing what they see and complains.

Welcome to the real world of programming.

Replace everything

[manu0601]

Replace everything. This is a slow process, and since you lack manpower, you will end up with the same amount of band-aids as you had in the first place. But theses will be your own band-aids, not the one you inherited, so you will have a chance to master the thing.

Sounds familiar

[Simon80]

Rob, is that you?

First things first

Document, then go to whoever hands out the money. Get some for yourself.

Lazy!!!

[syousef]

What if you got really sick?

I call this the 'Hit By A Bus' scenario. If you're hit by a bus in the next five minutes can the business carry on without you?

That's just lazy! If it takes more than 5 minutes to get out of the bus' way you deserve to be hit! :p~~~~

Thriving e-commerce company???

"A little over a month ago, I assumed the position of programmer and sole IT personnel at a thriving e-commerce company"

Hmmm programmer and sole IT person at a Thriving e-commerce company? are you sure???

If it was thriving, the company wouldn't have made the stupid decision of hiring the same person to take on both an operational and development role. Ignoring the logistics of it, it is also a SOX violation.

DANCE ON YOUR TOES!

[tqk]

DANCE ON YOUR TOES! You may think you're drowning, but if you just dance a bit, you can get your nose above water enough to breathe.

Trust me, real geeks would give one of their balls to find a gig like this. You get to start EVERYTHING over! You're their new $deity! :-)

Outsource it.

[jawahar]

Outsource it.

Single IT responsible ?

[Foske]

Simple: Forget it. If you got hit by a truck the company will face bankruptcy in weeks.

Re:Wait a minute ....

You;d be surprised how small some of those shops tend to be. And they focus their resources on the programmers who make changes to the site, order fulfillment, and billing. IT is still considered overhead, and something to be minimized, unfortunate as that is.

Risk Analysis and Wiki

Been there:
Risk Analysis is key: Decide what to Accept, Transfer (insurance), reduce (make little changes), avoid (completely replace)
I recommend a Wiki also. I have used Xwiki (free) or Share Point foundation (bundled on MS SBS 2010). I created a site collection based on the 10 domains taught in the CISSP course. The benefit is you can find anything this way via simple searches. Also Ubuntu has ZIM Desktop Wiki that runs as a webserver and can be searched too (free).

Document everything you do in a Wiki and prioritize based on Risk and as time goes on it will get easier

Too many people here are hating on 1 man IT shops

A lot of posts here have pointed out that it's a horrible idea to run a company with just one IT person.

None of you live in the real world. I work for a real company that has 7 full time employees, we do several million a year in business. I maintain servers in rented racks in two different datacenters (one on each coast). I don't even work in the office where the other 6 people work.

I do *everything* - SQL dba, network admin, server admin, mail admin, some programming (back end only, not graphical stuff - I suck at that), backups, any automation, any apps that run on servers I have to make/get to work, dns, web servers - you name it.

All our clients are large companies.

Is it perfect? No (incidentally, like one of the above posts, my boss is technical enough with lots of support docs from me to handle emergencies if I'm not around).

Could we even remotely afford to have 2 IT staffers - no. Could we have just two part timers backing each other up - sure. But is that really better - to have two employees that likely wont stick around forever (I've been here 10 years) who you need to replace from time to time? No - we do that for our production staff - and replacing those people who don't stay (and none of them do because it doesn't pay well enough) is always a pain.

Small companies need really dependable employees...it's unreasonable to think that in such a small company where things change all the time (procedures/tech/what have you) and you are also always trying to save a buck...to make the jobs be simple drag and drop positions - everyone here is important, everyone wears multiple hats and whenever anyone leaves everyone else has to cover until a suitable replacement can be brought up to speed (which can take months).

People are going to say - well your business is not well enough run. That's BS - it's a small business built off of the mortgage of one guy's house to start with - this is the way things work, if you don't get bought out, don't IPO, aren't a "startup" it's very hard to transition from 5-10 employees to dozens - it takes a whole new level of business to get there because you will end up having way more overhead per employee.

The trick is to do everything simple/well enough with enough backups that failures are minimized - do I maintain 5 9's uptime? Of course not, but i get close - I don't track it exactly (because we don't provide SLA's it's not that important) but we definitely hit somewhere near 4 9's - and if a customer needed and was willing to pay for 5 9's service - it would be easy to achieve (albeit more expensive, but we'd cover that by increasing the cost of services to the company requesting it).

I'm well aware that I'm jack of all trades and master of none...but I can generally make anything work given google and a couple of hours research, plus help from friends that are masters, but not jacks.

Sorry for the AC post, but my handle would be too easy to tie to me in RL on the off chance someone I actually knew read this.

To get to the OP's question - there's no good way to acquire running knowledge of a 1 man shop where you don't have access to the 1 man. Shit's going to break, you'll learn when you fix it - just make copies/backups of everything so you don't lose anything irreplaceable for now.

It's possible

In fact it is easy!

1. VMware esxi (if its a small shop, just use the free version and not vSphere)
2. Storagecraft Shadowprotect. $900 per microsoft server
3. Linux servers? use scripts.

Congratulations- you're done, including bare metal DR.

Some ideas from my experience

I'm currently going through the same thing with a small holdings company in Ohio that runs several parts manufacturing factories. My suggestions for you are this.

1) You're going to have to work some weekends to get the major things upgraded, just accept this and get things done.
2) Start with the networking equipment. Get everything communicating across the network properly as all services rely on a stable network to work correctly.
3) Fix the major service issues that will get the most people happy. In my situation I had some very bad Netgear routers with unstable VPN's. Once I fixed that and did some basic maintenance to our terminal servers everyone thought I was a genius which bought me a lot of capital and time to get other projects pushed through.
4) Trickle your way down into smaller problems. Once I got done with the network equipment I connected some domain controllers to get them sharing user data which gave everyone one username and password. Again, the owners were very happy with this and I bought myself a lot of time and capital for my work.
5) Go through various network resources and get them properly managed and deployed so you can bring your build time down on new computers, servers, or other networking equipment. This could include making documentation, perl scripts to manage samba servers if you're on linux/unix, perl/batch/powershell/GPO setups for managing things on MS networks, etc, etc dependent on the services you use.
6) Once you're at this point you can work on peoples smaller problems and getting the little things running.

The biggest problem you'll run into is people who have little problems and you have to put them off while you fix the major ones, especially if you have whiners or those forgetful managers who can't remember anything you tell them to deal with. You'll need to make sure to effectively communicate time lines for problem resolution to keep everyone happy and do it over email so you can reference it. When you're trying to get the owners to buy new equipment remember to say things like "I know you can't put a price on the productivity you get from your IT equipment but if you spend X amount of dollars on Y equipment you can make Z things work more efficiently." Also refer to the expensive equipment purchases which are hard to justify as "Investments into your employees productivity". Business people will respond to those kinds of methods.