Step 4

Work closer with the org to find out what they need. ERP? I think that's more specific.

Step 3

Control the changes

Step 2

Build a flexible infrastructure

Step 1

Build a reliable network.

System Administration and Information Technology - look at that...

So the names say it all but we don't think about it often. It's about system administration and information technology. Our job is not to make the email servers faster or secure the DMZ, it's to get the organizations we support the information they need in a systematic manner. We focus so strongly on the technology - but think of how many people read a broadcast email versus who reads the sign taped on the lunchroom door.

I think our job is to facilitate and increase the value of the information an organization uses and help it to make sure it's looking at the right things. A lot of this starts with having a reliable network and flexible IT infrastructure. You also need to make sure your data is reliable, secure and accurate. This includes stuff like information security and change control because you can't secure what you don't know about and it's hard to know what's out there if you don't start in a known state and control the changes from there.

It's a lot of work but that's what they are paying you for, not to cut and paste stuff from google into a router.

Some nice utilities

SoftPerfect has some very nice freeware, Network Scanner will give you solid information on a subnet including shares, SNMP and WMI queries. LAN Search Pro will look across your network for documents.

Both are free.

Make your users love you

Offer to color code their mail. Red for items where they are the only To:, Green if they are on CC: or part of a distribution and gray if it's to a distribution list only.

If any one knows how to do this in Outlook 2008 via a Group Policy Object let me know.

Fix -vs- Restart

It's common to "fix" a problem in IT by restarting the service or server that's acting odd.

A lot of the time restarting will let you send the customer on their merry way, and it's not a bad idea but don't confuse it with fixing the actual problem. In fact the restart can mask the problem by overwriting valuable error logs and other information.

Make sure you get the information to prevent the problem from re-occuring. Then restart the service. Finally, know the steps you need to take to implement the actual fix (making the service stable) and schedule a time to do it.

It's really freaking hard to fix a problem you have not identified.

Google knows the answers. The trick is finding the right question

How to troubleshoot a problem

This is something that's harder the more familiar with the technology you become - Oh look www.stuff.com is unreachable, I'll restart apache (or whatever).

Don't get me wrong, if you can fix something fast go for it (assuming no Change Control issues), but if you're looking to actually find out what the problem is that's a different game all together.

1. Identify the actual problem. SVN checkouts are slow
2. Specify expected results (SVN should check out in X seconds)
3. Identify all of the involved systems* (network, SVN server, client, storage, which repo etc)
4. Break down the entire thing to a testable granularity (ping time to server, speed copying repo with cp locally, the same but over NFS instead of SVN, storage utilization).

Now you have the basic tools to find out what's causing your issue, not just how to resolve it.

Learn a frigging language

Not just a scripting language, something you can at least write a UI out of. That's 90% of the work if you already know the job you want to do. And for LISA says you should program to be a senior dude.

Suggestion for someone who does not suck at programming

For something as easy to set up. I have yet to find a decent certificate server from a UI point of view. It's not that freaking complicated guys, OpenSSL does the work. I need to get off my butt and learn how to write code well enough to do a simple UI that raps around a command line tool.

I wonder if Python is the best bang for the buck.

So about servers versus services

As an good IT guy the very first thing you should know is to distinguish between the server and the service. Print is the service, nyc-print01 is the server.

For UNIX it's pretty easy to set this up - create an alias for the server, make sure any certificates it's using are signed for both names and you're usually groovy. I'm probably 70% Windows though, most UNIX admins I knew as I started out where college grads and that intimidated me.

Anyways, in Windows you can do most of the same thing. I don't guarantee it will work with any service but we've had good luck so far. First you do the same thing as with the *nix box, create an alias (the service is the alias, the server is the actual record. I'll make a post on the DNS specifics later.

Then you add two registry keys:

Key one, optional server names: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\lanmanserver\parameters make an OptionalNames entry, REG_MULTI_SZ is the type. Add one of each of the SERVICE names. I'm pretty sure you don't need to put the server name in.

The second key, Disable Strict Name Checking:

HKLM\SYSTEM\CurrentControlSet\Services\lanmanserver\parameters
Dword value: DisableStrictNameChecking
Value data (Decimal): 00000001

Finally if you use certificates you'll need to issue certs to the alias, ususally this means a new cert for the server, still having the server listed as the hostname but with aliases defined. Windows Certserver is a pain in the butt.

Oh and you may need to add it's second name in AD, under adsiedit (don't screw around in here, this is kind of like the registry for AD). I'll post it later when I can look it up.

Even this point you may not get full functionality with your alias (printers) instead of your hostname. Try to find ways to resolve that if it's something can live with.

The first thing to do is think.

Everything you do is leverage for everything else. Since your user's perception of you is only through the services they use take that point of view when providing them. The difference between an architect and an administrator is that the administrator goes "Damn, the router failed" and the architect either says "Good thing we talked to business folks and made sure they didn't want to pay for that upgrade" or "Glad I made that redundant". The more you save your company money taking these steps is frequently measured by your IT savvy, how hard you work and how well you know what your company actually does. The more places you can pinpoint those questions the better you will be, and remember sometimes the politics matter more than the ROI. Actually that's kind of naive, politics always influences everything at a big company. I like working at a place that is really big on demonstrable returns. If you can drop your downtime by 50% with the same budget in a year that's good stuff.

Can you even tell?

About 2 years ago I was freaking out. In my mind I was so good at my job that I'd made my self obsolete. I kind of had...if they wanted things to be as good as they where before I got there. We had something like 30-40 hosts, most of them on 6am to 6pm uptime requirements and an email server that required rebooting once every week or two. From my understanding of most small to mid sized shops that's normal and it really does not have to be that way. The majority of stuff that consultants like to charge massive cash for is either stuff you can look up on the Internet or little tricks. This is my attempt at sharing some of the little tricks.