General discussion


admin rights for executives?

By Hiro_Protagonist ·
I've got a wanabe who just hired on as a Senior Vice President. This guy used to work for the company like 2 years ago but got laid off. Now he's back and we've upgraded to 2000 from 98 and he insists on having admin rights to his W2K laptop because he needs to "control his own destiny on the computer" pfft...
My boss and I are sticking to the guns that got our support to user ratio up to 1/150. Has anyone run into this problem? Do you give admin rights to your executives if they ask for it?

This conversation is currently closed to new comments.

Thread display: Collapse - | Expand +

All Comments

Collapse -

We used to have a similar policy...

by RBMG In reply to

We run a network with approximately 70 Clients and used to have a similar policy....until users started loading software that would consistantly go out on the network or internet (like Weather Bug). This started clogging up the network with non-company related traffic that would bring the network down to a crall, thereby affecting everyone.

We locked down all clients, removed all non-company related software and re-wrote the policies. No network problems, client problems reduced by 85%, network traffic issues are virtually non-existant. Only traffic problem we have had since doing this was from a screaming NIC...we replaced the NIC card and have had no issues since.

Collapse -

Been on both sides

by calzinman at In reply to

I've done a lot of hardware and software installation and repair, as well as network management. I used to do the direct user support for about 100 users. Unofficially, as it wasn't my job, but I was the one everyone came to because I could usually fix the problem. I did the triage. If it was hardware, I called the overworked techs and told them what was needed (I was usually right--the techs asked for "second opinions" from me, too). If it was software, I either fixed it or, if the system had gotten to "cruft level 5" and above, it went to the official techs for a reblow.

About a year ago, I transitioned into a job in another organization where I was relatively senior, and could leave the user support behind (they have a larger, better tech staff than I was used to). However, *I* wanted admin rights to my XP laptop. My old organization had gotten tighter and tighter, pulling all control into the national office, to the point where they had a mis-set switch in their XP install that caused a long-time app (an app managed by the same useless national office people) to misfunction in a very annoying way for every user in the country. Everyone, including the local techs, was locked out of the setting. I told the national folks that there was a problem, and what and where it was and what to do to fix it. Over a year ago. It's still not fixed. Everybody's still using kludgy workarounds and wasting time. I will *not* stand for that on something I'm trying to get work done on. Maybe I'm funny that way, but I think technology is here to serve *me,* not the other way around!

I fully understand the implications of taking on admin rights (****, I still administer a couple of networks on the side, one a mixed-platform), and I'm exceedingly careful of what I do--and don't--install.

But I also know I am, by and large, the exception, in that I *do* understand the implications, so I'm pretty careful.

I understand wanting admin rights (which, by the way, I was given by my new organization--without having to raise a fuss). I don't want to be balked by someone *else's* ideas of what I should and shouldn't have on a machine only *I* use. But I also know that it's a recipe for disaster for many users. It sounds like it may well be for the boss described. I agree with those who are saying "give it to him, but make sure he's agreed--preferably in writing--that, if he screws it up because of something he did, it may be a while before it can get fixed." I don't think that's at all unfair to ask, and I think if you can present it to him as an issue of fairness, he can probably be persuaded.

Collapse -

Don't do it!

by bmarin In reply to

I don't thinks the users should even have access to their control panel. I can't tell you how many secretarys have released a virus by trying to download puppy-dog wallpaper.

Collapse -

I agree with Rusty

by Seamus In reply to WTH????

Allowing someone to dictate change without a business need is opening Pandora's box.

I can assume that you do because you probably wouldn?t be having this discussion if he was VP for another department.

Education is the most important tool you have in your arsenal. Teach him the reasons that Administration privileges are limited. Administration privilege makes the machine more open to Virus attacks, Spyware and other unwanted menaces. Thus making the network more vulnerable

If he still insists on the change then have him make the change request based business need. This is an explanation of why it is a requirement and have it signed off by a superior. (superior to the person making the request.) I know in this situation that is very limited but that is the policy that we have here. If it is the president that is making the request I have my superior sign off.

You can request this because you are going outside company policy and you need to document any deviation from company policy for future reference.

If the business reason is not a need it is a want then you have something to work with.

Collapse -

Do you have a leg to stand on?

by TLLVP In reply to I agree with Rusty

Do you ultimately report to this VP? If so, then you're most likely out of luck and will have to give him what he wants. If not, have your superior go up the chain of command to see if your VP will support the decision to keep things locked down. If he will, then HE should have the backbone to go tell the pain VP that it ain't happening and why. If he won't support you, then once again you're out of luck and will have to give in regardless of policy.

Collapse -

Above all, CYA

by tachyoninc In reply to I agree with Rusty

No matter how it turns out, GET EVERYTHING IN WRITING, with appropriate signatures. My experience is that CYA is very important, for yourself, and for possible future removal of bad apples.

Collapse -

People issues

by rob.mangus In reply to WTH????

In my whole life I have never been able to control anyone. The closest one can come to control is to create an environment where the other person is willing to go along. When you have that issue resolved then you can work with people. Until then policies are just writing and only mean what the boss says they mean.

A little pain on the exec's part will provide a substantial lesson and you the opportunity to shine as the person who "bailed them out".

Collapse -

Business Justification

by eth0 In reply to WTH????

Words of wisdom: Business Justification

Thank you Russell.

Collapse -

Let him have it ...

by jeffassessor In reply to Local Admin?

Give up the control issue,(rule 1: "THEY" are always right), you can never win a pissing match with brass. Alow him to screw up and be VERY prepared to bail him out at a moments notice. The result: You start to look like the second coming and he begins to rely on you for more than just tech stuff (which he does not respect and beleives to be monkey trainable anyway). Look at the big picture; YOU WANT TO GROW UP AND BE THE BIG FISH TOO!

Collapse -

We in IT are there for the users, not them for us

by StomsAz In reply to Let him have it ...

I completly agree. Too often we set our policies very strict to save ourselves time and billable hours, and end up having a negative impact the end users productivity. We sometimes make change requests so stringent that users will do anything in their power to get around us.

I would rather be known as a helpful problem solving team member than as an impediment to productivitiy for the sake of a IT department "Policy" that was imposed on the users.

Related Discussions

Related Forums