|
Weedle posted:oh my god. the husbands who are tech guys. we had a tech guy husband set up our entire kindergarten faculty, unbeknownst to us, with an enterprise dropbox plan that they were all splitting the cost of out of their own pocket. we have enterprise o365 and we've been telling them about onedrive for like five loving years I love it when that happens at work. Yes, we're a 600lb gorilla in cloud computing, with a full Google Apps suite and unlimited storage...so you used your team's budget to set up a Dropbox account.
|
#
?
Aug 26, 2020 22:43
|
|
|
|
| # ? Apr 23, 2024 11:28 |
|
|
larchesdanrew posted:I informed the school before I left that there were a few accounts that had 2FA set up that I could not transfer ownership for until there was another TC set up and ready to take on the responsibility (Apple education is a huge pile of poo poo). There always has to be an owner and you can't transfer ownership to service accounts or an empty chair. I honestly can't remember my logic behind it now. I was just ready to gtfo and I thought of exactly no alternative solutions. Whatever. Usually we found out about this when an office's receptionist (who still had to report into the office) would contact us asking if there was any other way for them to work remotely, besides calling into them every day saying "Okay I'm about to start working, you'll get my authentication call in a minute". Note that all of these people had work-issued cell phones.
|
|
#
?
Aug 26, 2020 23:17
|
|
|
larchesdanrew posted:I informed the school before I left that there were a few accounts that had 2FA set up that I could not transfer ownership for until there was another TC set up and ready to take on the responsibility (Apple education is a huge pile of poo poo). There always has to be an owner and you can't transfer ownership to service accounts or an empty chair. Apple and Google both seem to have weird issues with the idea that a business can survive when people come and go - the only service that I've been made to interact with that actually understood that was Heroku (and so - by extension - so does Salesforce I assume)
|
|
#
?
Aug 27, 2020 01:05
|
|
|
ookiimarukochan posted:Apple and Google both seem to have weird issues with the idea that a business can survive when people come and go - the only service that I've been made to interact with that actually understood that was Heroku (and so - by extension - so does Salesforce I assume) Business Continuity is hard. Not 'Mergers and Acquisitions' hard, but hard and anyone good at it probably has some very painful experience.
|
|
#
?
Aug 27, 2020 02:46
|
|
|
Knormal posted:At the start of the pandemic when we were quickly transitioning to O365/telework and enabling 2FA, a significant number of people set it up with the authentication method being to call their office line. So for our 2FA setup, the only person in my company besides the owner of the account that can change it, is their direct manager. No one else. Since ParentCo does not trust our filthy hands with anything and they run the servers\domain, and boy howdy do they seem to loving hate us.  "I'm at home, I can't log in it says *error meaning no MFA*" "Do you have 2FA set up?" "What's that?" "The thing we sent 7 emails about over the last 3 weeks that you or your manager needs to do in the office on the network before you can work from home. Also the thing we've been telling you all to set up for the last 4 years." "Oh. I didn't do that. My manager is on vacation starting today." "Here's the phone number for ParentCo Accounts, tell them someone else who you report to, good luck."Is it the professional way to handle that? No, but there's literally nothing we can do. Like, the CTO can't get ParentCo to budge. It's a very stupid situation. ---- I also told seven WFH people this week various explanations along the theme of yes, you have to loving plug your desktop into the internet for it to work. No, no the thin client you had before did not loving work without it. What? No I'm not giving you the admin password so you can install a wifi adapter you bought off ebay, you were told you had to hardwire it! --- "Do you have a laptop or desktop" "A pc." "... is it a laptop or a desktop?" "A pc." "...Okay, I need to know WHAT KIND of pc." "I don't understand."  --- A ticket came in: Subject: Software , Description: Microsoft. ... 
|
|
#
?
Aug 27, 2020 03:25
|
|
|
PirateDentist posted:I also told seven WFH people this week various explanations along the theme of yes, you have to loving plug your desktop into the internet for it to work. No, no the thin client you had before did not loving work without it. What? No I'm not giving you the admin password so you can install a wifi adapter you bought off ebay, you were told you had to hardwire it! I love these things, I bought one "universal" wifi shitdongle from ebay, it took 2 months to ship from shenzhen, and the first time you plug it in for driver installation, it presents as a readonly flash drive with autorun, then after a while disconnects the fake usb device and presents the wifi chipset. It had three different kinds of autorun malware mastered/permanently written to the loving dongle's like 64mb of flashdrive space, and chinese gambling redirect site bookmarks saved as .url shortcuts. It also asked to turn off driver signing/enable test mode and reboot in the instructions. As a bonus it did work exceptionally well with a realtek chip for $4+postage but lol (figured out the chipset and downloaded official drivers from realtek)
|
|
#
?
Aug 27, 2020 04:38
|
|
|
Biowarfare posted:I love these things, I bought one "universal" wifi shitdongle from ebay, it took 2 months to ship from shenzhen, and the first time you plug it in for driver installation, it presents as a readonly flash drive with autorun, then after a while disconnects the fake usb device and presents the wifi chipset. Oh good lord, I had so many calls from cheap travelers trying to get those things installed, and our application whitelisting suite would hard block anything like that. "No, I...can't actually unblock that. You need to go through sourcing for a reason."
|
|
#
?
Aug 27, 2020 05:04
|
|
|
Knormal posted:At the start of the pandemic when we were quickly transitioning to O365/telework and enabling 2FA, a significant number of people set it up with the authentication method being to call their office line. You can disable phone call-based MFA by going to Azure Active Directory > Security > MFA > Getting started > Configure > Additional cloud-based MFA settings (intuitive eh?) and remove the phone call option.
|
|
#
?
Aug 27, 2020 08:42
|
|
|
Dirt Road Junglist posted:Oh good lord, I had so many calls from cheap travelers trying to get those things installed, and our application whitelisting suite would hard block anything like that. "No, I...can't actually unblock that. You need to go through sourcing for a reason." I guess their department gets to pay for a new laptop when they get back eh?
|
|
#
?
Aug 27, 2020 11:34
|
|
|
I have 2FA setup for one of my accounts, but I am not allowed my mobile phone on site, so I have to go off site, log in and come back when my browser occasional decides not to remember me... At least I am not the only one with problems I guess
|
|
#
?
Aug 27, 2020 13:19
|
|
|
Weedle posted:oh my god. the husbands who are tech guys. we had a tech guy husband set up our entire kindergarten faculty, unbeknownst to us, with an enterprise dropbox plan that they were all splitting the cost of out of their own pocket. we have enterprise o365 and we've been telling them about onedrive for like five loving years The missus is setting up a brand new charter organization from scratch and I’ve been their IT help until they hire a guy. I got stuff like gmail and web hosting set up for their registration site but refused to make recommendations on hardware and stuff. My thinking was that they should hire a person and let them make direct decisions about the gear they would be supporting. So they hired a guy last week and I happily turned over all of my credentials for the various sites after making his account super user everywhere. The guy was/is so happy, I mean over the moon grateful, when I did that. I think he was expecting “husband of the CEO is an IT guy with opinions” -type shenanigans. Frankly I couldn’t wait to be rid of all of it. Working for a spouse pro bono? Nuh-uh. No way. No how. I was also relieved when we finally got three hundred iPads out of our garage. It was fun to get the points on our credit card, though.
|
|
#
?
Aug 27, 2020 17:39
|
|
|
Previous CTO set up AppleID for the company on his company email. Fine, I can access that. Also set up 2FA on his company phone. Which has since been reassigned to someone else. I had to pester this poor girl in legal for 2 days to get a 2FA code. I don't understand why you'd do that. You can add multiple phone numbers for management! It's easy, I just did it! There's four of them in there now. But I mean gently caress, why would you make yourself the only person able to access an account? Fuckin dumb.
|
|
#
?
Aug 27, 2020 17:47
|
|
|
Antioch posted:Previous CTO set up AppleID for the company on his company email. Fine, I can access that. Solely to make it a pain in the rear end for someone else if you get fired waves at old job
|
|
#
?
Aug 27, 2020 18:01
|
|
|
mllaneza posted:Business Continuity is hard. Not 'Mergers and Acquisitions' hard, but hard and anyone good at it probably has some very painful experience. Weedle posted:oh my god. the husbands who are tech guys.
|
|
#
?
Aug 27, 2020 18:31
|
|
|
Antioch posted:I don't understand why you'd do that. You can add multiple phone numbers for management! It's easy, I just did it! There's four of them in there now. But I mean gently caress, why would you make yourself the only person able to access an account? Fuckin dumb. Because whenever their access has an issue, they call you to fix it, so obviously you'd know how to fix that, too, right? Just call the number, I dunno, you're the IT genius here, not me.
|
|
#
?
Aug 27, 2020 18:37
|
|
|
Here's a story: So yesterday evening I stopped in to a school to check with a treasurer about how a replacement monitor was working for her and to put in some overtime configuring a bunch of PCs down the hall. She was on the phone and looking frustrated and making angry gestures at her monitor, which is the universal sign for someone being on the phone with our helpdesk. So, I asked if she was having some issue with her new monitor. She said "Nah, I'm working on a problem with Amazon." and then proceeded to request to please speak to a supervisor into the phone. I figured, "huh, okay, guess she had a problem with her order or something" and then I went down the hall and got to work. Turns out that according to an urgent helpdesk ticket this morning - she was ACTUALLY working with whoever answered the phone number she dialed when responding to a browser pop up that said it was from Amazon and somehow her aMaZoN sEcUrItY wAs cOmPrOmIsEd. She then proceeded to somehow allow them remote access onto the PC and change her password and do who the gently caress even knows what else. She said she suddenly realized something was shady about all that sometime in the middle of the night last night and notified the help desk first thing in the morning. I know it's not exactly my fault but I'm so pissed that I was RIGHT. loving. THERE. Like, if I was just standing a couple feet to the right I probably would have actually seen her screen and noticed somebody was remoted in and wondered what the gently caress. Or if I just asked a couple more questions. Or if SHE asked a couple questions from me - I mean, I'm just a T2 mostly-swaps-hardware dude, but that's a basic enough scam that I'd like to think I... probably would have noticed? So that's a fun little thing on top of the whole "half of our students can now take their computers home" clusterfuck.
|
|
#
?
Aug 27, 2020 18:50
|
|
|
Oh, so meanwhile... https://www.vice.com/en_us/article/7kpjvq/salesforce-doing-layoffs-a-day-after-announcing-record-breaking-profits
|
|
#
?
Aug 27, 2020 19:58
|
|
|
Dirt Road Junglist posted:Oh good lord, I had so many calls from cheap travelers trying to get those things installed, and our application whitelisting suite would hard block anything like that. "No, I...can't actually unblock that. You need to go through sourcing for a reason." Honestly, the best part is that I later found out through some digging is that it worked just fine with a Realtek 802.11b/g/n driver, officially. The entire (and *only*) reason that it asked me to turn off driver signing was so that they could install their fake modified driver that was named/branded with a different Realtek model that was "newer" and supported ac. It did not actually support ac. It had no other changes than the name of a better, more expensive chipset (that it didn't support the features of anyway) showing up in network adapter list.
|
|
#
?
Aug 27, 2020 20:00
|
|
|
nominal posted:I know it's not exactly my fault but I'm so pissed that I was RIGHT. loving. THERE. It's not only "not exactly your fault", it's completely not your fault in any way at all. If they'd received a random phone call telling them to grab the contents of the petty cash and meet them outside to hand it over for inspection that wouldn't be the fault of the phone company. Perhaps look at blocking all remote access tools other than what you use for support, but it's not your fault. Regarding Apple logins, Apple Business Manager supports multiple administrators, and you can link it to Azure AD to allow people in the company to use their corporate credentials for iCloud. They can then add a personal Apple ID if they want to buy their own apps, sync photos etc.
|
|
#
?
Aug 27, 2020 20:03
|
|
|
I used to consult as a general IT guy, and one of my clients had the domain name for his business coming up for renewal and wanted me to take care of it. Of course he didn't know the credentials he'd used at the registrar when he originally got the domain some years ago, but that's no problem, we can just do a password reset. What's the email he used for the registrar account? Why, his old address for his now-defunct previous business, of course. A business whose domain he'd allowed to expire since he had no use for it after the business went under, so of course that email account no longer existed. There was only one thing to do: I re-registered the old defunct domain name myself, set up the necessary email account on it, and then had the registrar send the password reset link to it. Nice and easy, and made for an interesting little line item on the invoice. I just tried not to think about how anyone on Earth could have done the exact same thing and taken control of the domain for his current business.
|
|
#
?
Aug 27, 2020 20:30
|
|
|
it finally happened: i ruined someone's day/life by informing them that outlook recall only works within the organization. a teacher accidentally sent a disparaging email about a parent to the parent instead of the principal. my nightmare
|
|
#
?
Aug 27, 2020 20:42
|
|
|
Weedle posted:it finally happened: i ruined someone's day/life by informing them that outlook recall only works within the organization. a teacher accidentally sent a disparaging email about a parent to the parent instead of the principal. my nightmare I get you don't like giving bad news, but seems like its far from a nightmare. The systems worked exactly as it was suppose to.
|
|
#
?
Aug 27, 2020 20:44
|
|
|
Sickening posted:I get you don't like giving bad news, but seems like its far from a nightmare. The systems worked exactly as it was suppose to. oh no i mean doing that is my nightmare. i'm grateful it happened to someone else and not me
|
|
#
?
Aug 27, 2020 20:45
|
|
|
Weedle posted:it finally happened: i ruined someone's day/life by informing them that outlook recall only works within the organization. a teacher accidentally sent a disparaging email about a parent to the parent instead of the principal. my nightmare Nightmare? poo poo, son. Break out the popcorn.
|
|
#
?
Aug 27, 2020 20:47
|
|
|
Dirt Road Junglist posted:Oh, so meanwhile... “For affected employees, we are helping them find the next step in their careers, whether within our company or a new opportunity.” Uh huh
|
|
#
?
Aug 28, 2020 04:05
|
|
|
Antioch posted:Previous CTO set up AppleID for the company on his company email. Fine, I can access that. Oh god don't. I do occasional hardware support for a business with a couple of hundred Macbooks/iOS devices and one single AppleID. During lockdown the CTO gave the password to some random employee, who promptly set up 2FA on it. Thanks random employee! Hope you enjoy eternal alerts coming up on your device, since we can't find any setting that makes it ask for phone auth first!
|
|
#
?
Aug 28, 2020 11:25
|
|
|
doublepost fun with Cloudflare!
|
|
#
?
Aug 28, 2020 11:43
|
|
|
larchesdanrew posted:I informed the school before I left that there were a few accounts that had 2FA set up that I could not transfer ownership for until there was another TC set up and ready to take on the responsibility (Apple education is a huge pile of poo poo). There always has to be an owner and you can't transfer ownership to service accounts or an empty chair. I honestly can't remember my logic behind it now. I was just ready to gtfo and I thought of exactly no alternative solutions. Whatever. I went back and read the entirety of your saga in this thread and I actually cheered when I read you got out of Mississippi - so happy for you! And the meltdown your former school is experiencing is nothing more than karma performing a long overdue balancing of the scales. As for your new employer and your reaction when something broke, that's an entirely normal response IMO - I did much the same thing for almost a year after I started in my current position. In many ways it's a lot like PTSD. But the good news is that the hammering panic and instinct to flinch when something unexpectedly breaks will go away. You are a drat good techy, and you deserve every bit of success and recognition that comes your way. I also want to hear more tales of woe and calamity your former employer is experiencing, as nothing beats a well-deserved comeuppance.
|
|
#
?
Aug 30, 2020 11:30
|
|
|
Antioch posted:Previous CTO set up AppleID for the company on his company email. Fine, I can access that. Aww poo poo, this reminds me our Apple IT and Developer account has forced 2FA on it and some chowderheads only linked it to a single iPad. I remember I added another iPad to it to make things less ridiculous but it still something that needs sorting, it's always great thinking "Ah, I need to log into the Apple account... oh wait the unlock device is in a locked cupboard 13 miles away".
|
|
#
?
Sep 1, 2020 13:01
|
|
|
I am probably being finickity. We run a site for the Government, we lease their phone system, so whilst we can patch the analogue lines about and change handsets as they break - anything beyond that then there is a helpdesk responsible for the phone system. We got a ticket saying I can make outgoing calls but I don't receive any. A tech decided to turn up the ringer volume to prove the phone handset was ok as they knew the cabling was fine due to the outgoing calls. I kinda get the logic, but I also feel like that is an odd decision to make, you'd surely just swap test a phone from the office next door to see if the fault follows. I feel like the tech dealing with this is looking for an excuse to say 'not my problem you need to call the helpdesk' but I also know the first thing the helpdesk will say is have you swapped the phone. This means the user will swap the phone and potentially move the fault which means someone else will come back to us, or the fault will just come directly back to us if the user isn't brave enough to swap stuff themselves. If it comes back, the tech will say 'I have ~tested~ the phone' and we are essentially hoping the tech is right in his test. To be fair, he could be, but if not, it's a bit daft. I've not challenged the dude as he might get away with it, I just find it strange. Is it me ?
|
|
#
?
Sep 1, 2020 14:34
|
|
|
from your posts in the other it gripe thread it sounds like you have a really hard time trusting any of your techs to do things right or communicate with you honestly about their work. whether this mistrust is justified or not, if your first assumption is that the people you assign to complete these basic tasks are going to gently caress it up and/or pass the buck, it sounds to me like that's the real problem
|
|
#
?
Sep 1, 2020 15:01
|
|
|
I guess that's where I am leading this to. Stuff like this has regularly come back to bite this particular tech. It's easy for me to sit back and just go 'well go clean your poo poo up' so now I am expecting that to happen at every turn I'm trying to not challenge things that look like banana skins to me because I want it to be ok, but things just keep coming back. my issue is I let him make his own mistakes, but when it comes back and I say you really ought to do a better test - the answer I get is 'it's not my fault because I tested the ringer so I did my bit' my real underlying question is, is that test sufficient? I would say not really. Therefore, if I get the above excuse I feel it is reasonable to say do better and coming up with excuses isn't a reasonable response. I am happy to challenge the guy but every time there is a plausible excuse I am not sure if he is learning that he needs to be more reliable in his solutions.
|
|
#
?
Sep 1, 2020 15:16
|
|
|
When you employ people you get to set them goals to meet, but you don't also get to dictate the exact method that they need to take to get there. Having somebody check that their phone is actually set to alert them of incoming calls seems to be a more logical step than swapping devices around, especially if the problem is linked to the profile of that user on the PBX and the divert/do not disturb status will just follow them onto a new handset. How often does an IP handset have full functionality when calling out but doesn't show any signs of an inbound call, and it's an issue with the device anyway? And like you said, there's a helpdesk responsible for the phone system. "User can make calls, isn't alerted to incoming calls, the ringer volume is turned up" seems like enough to punt it over to the team actually responsible for that system.
|
|
#
?
Sep 1, 2020 17:05
|
|
|
They did note that said helpdesk will kick it back down of a phone swap wasn't attempted, so maybe thats why?
|
|
#
?
Sep 1, 2020 17:11
|
|
|
In fairness, I've encountered enough "I'm not getting any inbound calls!!!!1111" tickets where it has been that the ringer wasn't turned up in my history that my first gut instinct would be to try that too.  Obviously if I did that and I still couldn't ring through to that number/extension/what have you I'd continue troubleshooting, but you bet your rear end that'd be my first check.
|
|
#
?
Sep 1, 2020 18:13
|
|
|
was not an IP phone - just an analogue phone and we have no access to config, if there is a dial tone we swap the phone or escalate, it's as simple as that. the helpdesk did kick it back it was the phone. i dont want to dictate the method for sure, but when it reaches the point the guy can't keep up with a normal amount of work due to return trips to half jobs that could reasonably be anticipated on a regular basis it's a performance issue. i could probably argue the guy is trying to be clever by finding a new and improved solution to swapping a phone, because he likes to be the cleverest guy in the room what i think i need to be doing is recording these sorts of mistakes in anticipation of performance management.
|
|
#
?
Sep 1, 2020 19:25
|
|
|
Do you have a helpdesk that is linked to tracking time spend on each ticket? E.g. so you can pull up three hours logged for diagnosing a faulty phone handset and two visits out to the user and explain how that's not an acceptable amount of time to take for such a simple issue.
|
|
#
?
Sep 1, 2020 19:38
|
|
|
a series of phone calls came in: the nursing staff sent out emails to a bunch of parents informing them that their kids needed to quarantine due to covid exposure. then a little while later they sent out another email saying that actually the kids didn't need to quarantine (???), but they didn't send it to all of the parents they sent the first email to. parents are now seeking an explanation from me, the desktop support guy, because emails are sent and read on computers
|
|
#
?
Sep 1, 2020 19:56
|
|
|
angry armadillo posted:what i think i need to be doing is recording these sorts of mistakes in anticipation of performance management. Considering how long this has been going on, I'm surprised that you're not already documenting this. That's risks biting you in the rear end if you need to move into more formal performance management, since now you either have to go backfill all of that and risk him fighting you on it (Oh, I didn't know...) or you have to start over now and deal with this for however long your HR requires. Do you meet with him on a regular basis, preferably weekly, to discuss the job? Do you provide regular, timely feedback about performance, both positive and negative? Most managers give very little feedback, and what feedback they do give tends to be very late and almost always negative. If someone does a good job on a ticket or an email, tell them they did a good job. If someone is a little late for a meeting, and it's a problem, then get with them real quick as soon as is reasonable and mention it. "Hey, when you're late for meetings it can make it tough to get through the whole agenda, can you work on that? Ok great, thanks." This doesn't have to get complicated, and it's not a scolding. Lots of minor adjustments help people understand what they should be doing. Do you have documented performance expectations with this guy? Emails or meeting notes where you talk about behavior, not motivation, with him ("When you do XYZ..." vs "You're trying to avoid...") and set expectations for what a good job looks like? Doing this is beneficial for both negative and positive performance management. If you have an employee who was a bit of a turd, but you worked with him and he really improved, maybe he should get a better raise or minor promotion. Having that documentation already available lets you make that case, just the same as it helps you make the case for letting someone go. The point about discussing behavior and not motivation is also important. People can fight about motivation all day long, but when you restrict it to what was actually done or not done then it's much harder to rebut. If you say to him "Swapping the phone is part of standard troubleshooting for no inbound calls, can you make sure to do that next time", there's a lot less room for him to go into what he was thinking, and what he meant, and so on and so forth. If he does, you can swing the conversation back around to concrete behavior much more easily. If you start in on "I think you wanted to get done quick and go back to your desk", you're going to be there all day splitting hairs about what he was thinking. I know this sounds terrible and corporate, and it sucks to do, but it'll be better in the long run. As for the phone issue that started this, I think that testing the volume is a valid troubleshooting step. That said, if that doesn't fix the issue and swapping the device is part of the standard troubleshooting for your team, there's no reason he shouldn't have done that as well. That's definitely a problem in that case.
|
|
#
?
Sep 1, 2020 20:07
|
|
|
|
| # ? Apr 23, 2024 11:28 |
|
|
I'm probably half way there. For example, we discussed the phone job today, we also discussed a CCTV job that he did an awesome job with- I am conscious that because I know I dont trust the quality of his work I really make an effort to find a couple of positives from the day, because he probably does as many good jobs as bad which makes it tough to performance manage (in my mind) - i am guessing and should probably sit him down and specifically address this but i think jobs like CCTV where he is in plant rooms or outside with a lamp post are areas of high performance for him - i think it's got something to do with the lack of people = lack of distraction and/or lack of areas to 'show off' which improves his performance. i have a list of good and bad things to try and paint a balanced picture. I am probably trying hard to avoid formal performance management but the problem is the repeated daft stuff - the other problem is none of it is really damaging, it's just daft. the bit where I am weak is definitely thinking of behaviour questions and letting him provided motivations. Interestingly, I've tried that approach as a kinda ToughGuyManager and been like 'when X happens, I'd expect to see you try Y' and he has been like ah well but i like to talk through how I think and then I am opening the door for him to introduce the motivation points which are a distraction from address the issue. I agree the volume is a valid step, but to then give up and take the attitude of 'oh well helpdesk then' without taking the next step of swapping the phone is lazy, given you could have just swapped with the room next door whilst at the job. I'm not saying dont try the volume thing, I'm saying, why refer to the helpdesk at that point? Some good pointers though, thanks.
|
|
#
?
Sep 1, 2020 20:22
|
|