ML
    • Recent
    • Categories
    • Tags
    • Popular
    • Users
    • Groups
    • Register
    • Login

    System Admin - checklist for Don'ts and Important points please!

    Scheduled Pinned Locked Moved IT Discussion
    scottalanmillerdashrenderjared buschdustinb
    36 Posts 9 Posters 3.4k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • openitO
      openit @JaredBusch
      last edited by

      @JaredBusch
      Here I understand, you found me wrong, when it comes to my intention of this thread, I'm not expecting response for 3 points I mentioned, it's just few examples for your reference. Obviously I learned those Don't points while I work, learn on tutorials and LAB.

      Those above 3 points are just as example, so you can understand my expectations and throw some valid or important or Don't points.

      1 Reply Last reply Reply Quote 0
      • openitO
        openit @PhlipElder
        last edited by

        @PhlipElder said in System Admin - checklist for Don'ts and Important points please!:

        @openit said in System Admin - checklist for Don'ts and Important points please!:

        1. Not recommended to convert Physical Server which has Domain Controller to Virtual Machine.
        2. Need to choose right Generation (1 or 2) type VM on Hyper-V, because later we can't change the generation.
        3. Don't set Static IP of some server/machine without consulting Network Team, to avoid conflicts with existing DHCP scope.

        Your inputs matters a lot to me, and might help others in community as well.

        Thanks!

        4: Group Policy: Follow best practices. Don't touch the Default Domain and Default Domain Controllers policies. Always set up the OU/GPO structure and settings according to the org's needs.

        5: Hyper-V standalone: We don't join the host to the guest's domain. It presents a barrier to a ransomware compromise.

        6: Backup: A backup is not considered "Good" until it is fully bare metal/hypervisor restored. Spot file/folder restores are not a verification method.

        7: No Remote Desktop Protocol (RDP) port forwards (NAT) from the Internet (alternate port) to 3389 on the intended destination. Ever. Use Remote Desktop Gateway and add DUO or other 2FA to the mix.

        Thanks @PhlipElder

        This kind of reply was my expectation.

        Others may say, there could be 100s of Don'ts if we keep discussing, I understand that, but I'm asking you which is very important for Don'ts because you can't revert back, because it could lead to a disaster, or something you learned from your Bitter Experience in past etc.

        1 Reply Last reply Reply Quote 0
        • openitO
          openit @scottalanmiller
          last edited by

          @scottalanmiller said in System Admin - checklist for Don'ts and Important points please!:

          underlying technical reasons

          @scottalanmiller
          I understand about "figure out underlying technical reasons ", I have been trying for the same, let's say, yesterday I was going deep about BCDR (Business Continuity and Disaster Recovery), which given me clarification on In and Out.

          1 Reply Last reply Reply Quote 1
          • openitO
            openit @scottalanmiller
            last edited by

            @scottalanmiller said in System Admin - checklist for Don'ts and Important points please!:

            @PhlipElder said in System Admin - checklist for Don'ts and Important points please!:

            3: The subnet should be documented somewhere. MAC addresses, IP addresses, DHCP scope(s), DHCP settings, and so on. Advanced IP Scanner is free and is a good place to start if none exist. There are other tools out there.

            I realize that you (OpenIT) were just making examples

            Exactly, those are just some examples, so you people can thrown some valuable info for me, from your past experience, I understand, there could be 100s or 1000s of Don'ts kind of things, but at least some of points from your bitter experience can lead me to understand different perspectives to study or research etc. while I continue my learning through reading articles online, attending courses on Udemy, doing things on my LAB.

            @Dashrender @IRJ @JaredBusch @Obsolesce @PhlipElder @scottalanmiller

            scottalanmillerS 1 Reply Last reply Reply Quote 0
            • scottalanmillerS
              scottalanmiller @openit
              last edited by

              @openit said in System Admin - checklist for Don'ts and Important points please!:

              but at least some of points from your bitter experience can lead me to understand different perspectives to study or research etc

              Those are tough, because our experiences are unlikely to help you. They will be with specific tech, versions, installations, configurations, etc. and following our experience might not only be non-applicable, but it might be backwards for you.

              Example... I've lost data on a RAID 5 that had no business being a RAID 5. If you try to learn from my experience, you might just avoid RAID 5, but your drives, your server, your use case have essentially zero chance of being similar to mine and RAID 5 on modern SSDs might be exactly what you need.

              Or you might think from someone's experience that doing an AD DC restore is bad and can't be done, but in your case it might easily be the right thing to do and work just fine.

              The point is, in IT you can't ever learn from peoples' experience in this way. Learning the under the hood details and understanding how things work and why experiences mean what they do is necessary for the experiences to be useful. So my RAID 5 experience would be useful to you only when you understand all the ins and outs of RAID and can see my mistake in context of both my setup and how it may or may not apply to yours.

              openitO 1 Reply Last reply Reply Quote 2
              • 1
                1337
                last edited by

                Maybe I'm alone but on the top of my list:

                1. Only use Microsoft as a last resort when all other options have been explored.
                2. If you get paid by the hour disregard #1.
                scottalanmillerS gjacobseG 2 Replies Last reply Reply Quote 5
                • scottalanmillerS
                  scottalanmiller @1337
                  last edited by

                  @Pete-S said in System Admin - checklist for Don'ts and Important points please!:

                  Maybe I'm alone but on the top of my list:

                  1. Only use Microsoft as a last resort when all other options have been explored.
                  2. If you get paid by the hour disregard #1.

                  So, so true.

                  1 Reply Last reply Reply Quote 2
                  • gjacobseG
                    gjacobse @1337
                    last edited by

                    @Pete-S said in System Admin - checklist for Don'ts and Important points please!:

                    Maybe I'm alone but on the top of my list:

                    1. Only use Microsoft as a last resort when all other options have been explored.
                    2. If you get paid by the hour disregard #1.

                    Option 1. - What do you say / do when the Owner specifically states, Windows Only environment. NIX and Apply need not apply -

                    ObsolesceO IRJI scottalanmillerS 3 Replies Last reply Reply Quote 0
                    • ObsolesceO
                      Obsolesce @gjacobse
                      last edited by

                      @gjacobse said in System Admin - checklist for Don'ts and Important points please!:

                      @Pete-S said in System Admin - checklist for Don'ts and Important points please!:

                      Maybe I'm alone but on the top of my list:

                      1. Only use Microsoft as a last resort when all other options have been explored.
                      2. If you get paid by the hour disregard #1.

                      Option 1. - What do you say / do when the Owner specifically states, Windows Only environment. NIX and Apply need not apply -

                      Then it's a last resort scenario and you use Windows.

                      1 Reply Last reply Reply Quote 0
                      • IRJI
                        IRJ @gjacobse
                        last edited by

                        @gjacobse said in System Admin - checklist for Don'ts and Important points please!:

                        @Pete-S said in System Admin - checklist for Don'ts and Important points please!:

                        Maybe I'm alone but on the top of my list:

                        1. Only use Microsoft as a last resort when all other options have been explored.
                        2. If you get paid by the hour disregard #1.

                        Option 1. - What do you say / do when the Owner specifically states, Windows Only environment. NIX and Apply need not apply -

                        Look for another job

                        scottalanmillerS openitO 2 Replies Last reply Reply Quote 2
                        • scottalanmillerS
                          scottalanmiller @gjacobse
                          last edited by

                          @gjacobse said in System Admin - checklist for Don'ts and Important points please!:

                          @Pete-S said in System Admin - checklist for Don'ts and Important points please!:

                          Maybe I'm alone but on the top of my list:

                          1. Only use Microsoft as a last resort when all other options have been explored.
                          2. If you get paid by the hour disregard #1.

                          Option 1. - What do you say / do when the Owner specifically states, Windows Only environment. NIX and Apply need not apply -

                          You say "okay, but you are the CIO because you are making the IT decisions and all risks and problems are on you because I'm just pressing the buttons you tell me to press, not running IT."

                          1 Reply Last reply Reply Quote 1
                          • scottalanmillerS
                            scottalanmiller @IRJ
                            last edited by

                            @IRJ said in System Admin - checklist for Don'ts and Important points please!:

                            @gjacobse said in System Admin - checklist for Don'ts and Important points please!:

                            @Pete-S said in System Admin - checklist for Don'ts and Important points please!:

                            Maybe I'm alone but on the top of my list:

                            1. Only use Microsoft as a last resort when all other options have been explored.
                            2. If you get paid by the hour disregard #1.

                            Option 1. - What do you say / do when the Owner specifically states, Windows Only environment. NIX and Apply need not apply -

                            Look for another job

                            An IT job, rather an a hobby. An owner doing that is 1) running IT and 2) not trusting you and 3) viewing his "business" as a hobby and approaching everything around his emotions rather than making business decisions.

                            There's no purpose for IT people in a "business" like that because we don't have any value to add.

                            1 Reply Last reply Reply Quote 1
                            • openitO
                              openit @scottalanmiller
                              last edited by

                              @scottalanmiller said in System Admin - checklist for Don'ts and Important points please!:

                              @openit said in System Admin - checklist for Don'ts and Important points please!:

                              but at least some of points from your bitter experience can lead me to understand different perspectives to study or research etc

                              Those are tough, because our experiences are unlikely to help you. They will be with specific tech, versions, installations, configurations, etc. and following our experience might not only be non-applicable, but it might be backwards for you.

                              Example... I've lost data on a RAID 5 that had no business being a RAID 5. If you try to learn from my experience, you might just avoid RAID 5, but your drives, your server, your use case have essentially zero chance of being similar to mine and RAID 5 on modern SSDs might be exactly what you need.

                              Or you might think from someone's experience that doing an AD DC restore is bad and can't be done, but in your case it might easily be the right thing to do and work just fine.

                              The point is, in IT you can't ever learn from peoples' experience in this way. Learning the under the hood details and understanding how things work and why experiences mean what they do is necessary for the experiences to be useful. So my RAID 5 experience would be useful to you only when you understand all the ins and outs of RAID and can see my mistake in context of both my setup and how it may or may not apply to yours.

                              This given me clarification and agreed!

                              1 Reply Last reply Reply Quote 0
                              • openitO
                                openit @IRJ
                                last edited by

                                @IRJ said in System Admin - checklist for Don'ts and Important points please!:

                                @gjacobse said in System Admin - checklist for Don'ts and Important points please!:

                                @Pete-S said in System Admin - checklist for Don'ts and Important points please!:

                                Maybe I'm alone but on the top of my list:

                                1. Only use Microsoft as a last resort when all other options have been explored.
                                2. If you get paid by the hour disregard #1.

                                Option 1. - What do you say / do when the Owner specifically states, Windows Only environment. NIX and Apply need not apply -

                                Look for another job

                                Lol 🙂

                                1 Reply Last reply Reply Quote 0
                                • 1
                                • 2
                                • 1 / 2
                                • First post
                                  Last post