This is no way to run a railroad.
I've been here for four full working days. I just about quit this afternoon.
This is the fourth major NT-networked company I've worked for and the first non-IT business. I have never, never seen an NT network this badly fucked up. Nor an IT staff more blindly unaware of their own incompetence.
It's bad. Fact One: Active Directory is a powerful beast, but it has to be designed, planned, and implemented rigorously, from the top down, or else nothing else is going to work, from servers right down to desktops. Right now none of the AD domain controllers are properly synchronizing with each other, mostly because they're scattered all over the continent and communicating across slow links. Group Policies are being implemented in a half-assed, I-don't-really-know-what-this-setting-does-but-it-sounds-good way, and forget DNS actually functioning reliably (DNS, btw, is the bedrock of Active Directory). Fact Two: The Active Directory rollout here strongly resembles the fable of the seven blind men and the elephant - nobody has any idea what they're doing because they won't look at anything beyond their own little corner of the network and won't take the time to learn how AD works.
I deployed four PCs this aft and three of them are not working (two of them at all) because the machine accounts are in the AD, the user accounts are in an old NT4 domain, and apparently no one bothered to check if the things mapped by the login script are even allowed by the Group Policy.
The simple solution is to put the machines back in the old NT4 domain and quit fucking around with AD until it's right, all of it, everywhere. We're not doing that, because my boss would rather keep fucking around with trying to get the AD controllers to synchronize than fix the problems. Meanwhile, the users are getting progressively more and more frustrated.
A brand-new 3.0 GHz P4 should make a user happy, not pissed off. If I were the CIO of this gin joint, I'd have had all the IT staff lined up against a wall and shot by now, as a warning to others.
Update: After three hours of screwing around, my boss agreed to move the PCs back to the NT4 domain, which fixed everything instantly.
At a conservative estimate for the combined lost employee time, this little error of judgement cost the company about $500. Not that much, really, but $500 more than needed to be spent. This leads to BlueDog's ${RAND}th Law of System Administration: Know When to Back Out.
This is the fourth major NT-networked company I've worked for and the first non-IT business. I have never, never seen an NT network this badly fucked up. Nor an IT staff more blindly unaware of their own incompetence.
It's bad. Fact One: Active Directory is a powerful beast, but it has to be designed, planned, and implemented rigorously, from the top down, or else nothing else is going to work, from servers right down to desktops. Right now none of the AD domain controllers are properly synchronizing with each other, mostly because they're scattered all over the continent and communicating across slow links. Group Policies are being implemented in a half-assed, I-don't-really-know-what-this-setting-does-but-it-sounds-good way, and forget DNS actually functioning reliably (DNS, btw, is the bedrock of Active Directory). Fact Two: The Active Directory rollout here strongly resembles the fable of the seven blind men and the elephant - nobody has any idea what they're doing because they won't look at anything beyond their own little corner of the network and won't take the time to learn how AD works.
I deployed four PCs this aft and three of them are not working (two of them at all) because the machine accounts are in the AD, the user accounts are in an old NT4 domain, and apparently no one bothered to check if the things mapped by the login script are even allowed by the Group Policy.
The simple solution is to put the machines back in the old NT4 domain and quit fucking around with AD until it's right, all of it, everywhere. We're not doing that, because my boss would rather keep fucking around with trying to get the AD controllers to synchronize than fix the problems. Meanwhile, the users are getting progressively more and more frustrated.
A brand-new 3.0 GHz P4 should make a user happy, not pissed off. If I were the CIO of this gin joint, I'd have had all the IT staff lined up against a wall and shot by now, as a warning to others.
Update: After three hours of screwing around, my boss agreed to move the PCs back to the NT4 domain, which fixed everything instantly.
At a conservative estimate for the combined lost employee time, this little error of judgement cost the company about $500. Not that much, really, but $500 more than needed to be spent. This leads to BlueDog's ${RAND}th Law of System Administration: Know When to Back Out.