Thursday, 2 April 2009

One DIY and one "Professional"

We are currently collaborating with another I.T. Shop to help clean up some messes.

Site 1 - Young DIY
+ Dell T605 with 1 1TB Hitachi (No RAID)
+ Windows Server 2003 R2 Enterprise for 6 Users.
+ No external backup. NT Backup runs once a week to the second partition.
+ Running in a workgroup mode. No AD, DHCP, DNS, etc.
+ FTP client on the workstations with FTP Server enabled on the server for file sharing!
+ No network, data, or other security.
+ QuickBooks installed on the server with two users connecting via RDP (local admin group). The server was in admin mode.

The situation in this case is pretty much a wash. A fresh build is in order with no SBS on the horizon. :(

Site 2 "Professional with *NIX background"
+ SBS 2003 Std SP1 with no functional wizards.
+ Multiple GPOs at the domain level to run various scripts. Some now non-existent.
+ GPO at the domain level to rename the 500 Admin account "root".
+ AD, DNS, DHCP are a mess.
+ No functional backup.
+ No WSUS.
+ No RWW, OWA, OMA though PPTP is set up for remote access.
+ Multiple users set as Domain Admins.

We will be using a Swing Migration to take SBS off and then back onto the original hardware to get things done right. The owner is so burned, they would not even consider new hardware even though the box is a couple of years old.

We now have a ShadowProtect snapshot of the SBS, the Terminal Server on the SBS network, and a key user's workstation.

We will run through the whole Swing once to catch any gotchas as they have a number of LoB applications installed. Some are still in use, some are not.

By the time we are done, we will have two properly set up networks with the remote access properly configured.

Wow ... How do we get the idea out there that I.T. Costs are no longer secondary and capable of being handled by DIY or shops not properly certified on the products they support?

Philip

Sent from my SBS Integrated Windows Mobile® phone.

7 comments:

Philip Fuesser said...

I agree. It's crazy how frequent these types of situations come up!

Anonymous said...

Site 2 should be a new setup from scratch as well. If as you say AD DNS etc are a mess your just going to swing the mess onto the new build.

Take the hit and redo the workstations and profiles. What you loose in time on the workstations you will gain back from no swing.

How many workstaions? <10?

Philip Elder Cluster MVP said...

Philip,

Yes, it is sad actually that folks can still get away with hacking things together.

A.,

During the Swing we will run through and clean out AD of all of the garbage. There are approximately 35-40 users, so it would be a huge deal to recreate everything.

Philip

stryqx said...

The IT costs one can be resolved. I use a scenario of no power for a week. It focuses them quickly on core operations and business owners tend to go white when they realise the impact IT has on their operations. Money tends to be found from somewhere at this point.

The second one re certification is difficult, especially when even the certified shops have conceptual misunderstandings of how the technologies should be applied. e.g. non-SSL POP/IMAP access for Outlook + mobile devices, not using wizards for basic config on SBS, wireless networks using WEP without certs, separate Windows Server + Exchange Server where SBS would do. And they're just the ones I've fixed in the last 6 months...

David Moisan said...

I shouldn't say this, but I'd be more comfortable fixing the DIY system. The "Unix Professional" did worse damage, from my reading of it.

Absoblogginlutely! said...

Wow that is messed up. I'd also wonder how legal the software is on the first machine - running Windows Enterprise - for 6 users?

Philip Elder Cluster MVP said...

David,

Yeah, the cleansing process will be deep. Hopefully the workstations will not have any servere tattoos either.

Ab,

All of the Dell OEM stuff was with the box fortunately. And yeah, Server Enterprise for 6 users on a single Opteron T605 Dell server. We found out that they are leasing the Dell server for 36 months at the end of which they could have purchased a lot with the cash.

*Sigh*

Philip