The Grumpy IT Admin

It's probably every Admins least favourite topic. Licensing is a head ache all round. From reading EULAs to trying to maintain some kind of record of what is installed where, it is a difficult and painful part of our job but it has to be done and done meticulously and with great diligence and it is always a fight to get those further up the food chain to appreciate the cost and restrictions that are imposed. Trying to get any kind of financial support for some kind of Software Asset Management (SAM) system is both difficult to justify and a difficult sell, where's the return on investment on what can be quite a large investment? Well you just wait until Microsoft come knocking on your door. If you have any kind of volume licensing agreement you will have signed something to say it's ok for Microsoft to come in at 30 days notice and do an audit of all the software on all your PCs and Servers and Macs. Oh and you will pay for the privilege. In our case that could be som

Every now and then I have the need to perform a simple task across a large number of PCs. This could be rolling out an update of Flash or updating a registry entry. All of this is made simple by having some desktop management software like Altiris or Landesk to hand. Write a quick script to run a silent install or import the registry settings in silent mode and job done. However occasionally you come a across a desire that is little more difficult to fulfill. This normally involves applying a registry entry or deleting a folder in all of the user profiles on a PC. This is often trickier than it first seems. For example say you wanted to empty the temp folder in every user's profile. If you want to delete all files that have a .tmp extension anywhere on the C: drive then you can simple run the following Del C:\*.tmp /s Simple, job done. But when you want to delete all the files in the Temp folder that appears in C:\Documents and Settings\ Username\ Local settings\Temp. The

I am quite a strict parent when it comes to PC usage. Being someone who understands how PCs work and how to get around bad programming, I just make my kids ordinary Users on their PC not Admins. this means if they need to install anything I have to do it. I did at one stage give them the password but they used it to change the clock on the PC to circumvent the allowed times they were allowed to log on. This required a password change, unfortunately due to the large number of passwords we all need to remember these days I forgot what I set it to. Now the only real Microsoft supported ways out of this is the previously created recovery disk (never created one of those personally), do a system restore or failing that to rebuild the PC, this is not something that particularly bothers me, I often rebuild my PC every 3-6 months to clear out all the accumulated junk that builds up, though I have to say that, despite it's own bloat, Windows 7 seems to be more resilient than XP in losing

Licensing is a nightmare for any admin. We hate it and we even hate the bloke that has to make sure we comply. A distant vaguely related subsidiary of ours recently got hit with a million pound bill for license infringement by Microsoft. Bow whatever you feel about Microsoft or their prices or anything it is for the most part black and white when it comes to paying for licences. You use the software you, know how much of which bit of software you are using and you pay (through the nose) for it. That’s the deal. If they come calling as they are allowed to under the terms of their licence agreement you get charged full whack for everything that is installed that you haven’t got proof of licences for. The subsidiary in question rather ineptly decided to make everyone a local admin of their PC/Laptop so they could get all the badly written bits of software running. That is stupid in itself and sign of a weak IT department. Not surprisingly the users installed everything going on their lap

What is it with developer that they feel the need to do completely stupid things without a though for the consequences, just as long as it works? Are they just lazy perhaps? I have come across a couple of instances in the last couple of days where developers have created shares on servers and left them wide open to abuse by anyone being a bit nosey on the network. When I say wide open, I mean barn door wide open. Yes they put the Everyone group in with full control on both the share and NTFS permissions. Yes that’s right, I couldn’t believe it either; they even went to the extent of removing all the other users from the NTFS permissions. Complete and utter thoughtlessness and madness.  I quickly created some groups added the users I was aware of that need access and added that in to the shares and NTFS permissions after I reset it all to defaults. This not surprisingly caused some problems as users that were expecting access no longer could and the support/developer people got the ri

Users never cease to amaze me with the decisions they make. We bought, at great expense, an e-mail archiving system so we could keep our exchange systems lean mean and responsive. We went with Enterprise Vault as it was the only real player in town back then (version 5 and the KVS days, then Veritas now Symantec). Yes it is a bit clunky and probably wouldn’t be my choice if we were to pick a solution now, not just because it is Symantec but that would be a big factor. Anyway back to the users, all they have to do is leave everything as is and the Vault will drag off all the stuff more than 4 weeks old and leave a short cut in place of the e-mail, it is all pretty transparent to user, if they get a big email they can manually archive it with a couple of clicks. All simple stuff, all emails and attachments are indexed and there are some simple and more complex search methods, which are really quite quick considering the 6TB of emails and attachments we have archived, and an IE based