IT Employment

General discussion


controlling a wannabe admin

By lbofh ·
Our company has 2 offices. I am responsible for the networks/desktops/phones/anything else with electrons company-wide.
At the remote office, I have a wannabe admin. The problem is, he does not know much about computers/networks/etc. He just thinks he does. He is not interested in learning how to do things the right way, so there is no point in trying to use him in any sysadmin capacity. So, he is not authorized to do any administrative tasks, his responsibility is solely data entry.
He refuses to accept this and management refuses to fire him for the things he has done/attempted to do.
We just migrated to pure Windows 2000 on desktops and servers. I have locked things down so that only admins have privileges to install programs, etc and use a screensaver lock on all servers.
This guy still has not quit trying to mess with things! Has anyone else ever dealt with this? What did you do to combat it? How can I best create a paper trail to prove to the boss that he is violating our policies so he can be terminated?

This conversation is currently closed to new comments.

Thread display: Collapse - | Expand +

All Comments

Collapse -

Politics will override policy

by gralfus In reply to controlling a wannabe adm ...

I had a guy that was actively distributing viruses through a game server he set up. Every time we removed it, he set it up again. I documented it and sent it up the food chain. It generated quite a stir and some zealous sounding emails...then nothing. This guy was the pretty boy of the R&amp department and could not be fired. He knew that, so he could do literally anything he wanted to. Shortly thereafter the job cuts came through and now I have a job elsewhere.

Short of setting him up for destruction, ala the BOFH, all you can do is lock things down and set your permissions and group policy as best you can.

Collapse -

ROI: Politics, Security, Policies, etc.

by No One In reply to Politics will override po ...

Business is about money and Return on Investment. While every business would like to have the perfect security, policies and environment - it is not always cost effective. To that end management will choose on risk vs. cost. When a non technical communication can be made to upper management about the financial impact that the risk/behavior has had on the company supported by examples of how similar behavior has effected other companies, then upper management will be able to make effective decisions that benifits the company's bottom line.

If the (value of the work product) - (employee's salary + cost of bad behaviors) > 0 then that employee still improves the company's value.

Collapse -

opportunity costs too!

I agree that the best way to communicate with upper management is through recourse to cost vs benefits.

However, I would prefer to work for a company that considers the opportunity costs of hiring average workers.

The equation given,

(value of the work product) - (employee's salary + cost of bad behaviors) > 0
=> employee improves company value

does not take this into account because an employee may be bringing only $5 a month into the company but ALSO taking up a valuable employment "slot" that could be filled with a more productive employee.

Collapse -

Comrade vs. Confrontation

by debeifert In reply to opportunity costs too!

It seems to me that if the person has some IT ability, and obviously IT interest, why not encourage cooperation and assistance, rather than alienation and confrontation. Having been on both sides, I've seen IT people that think they know better than anyone else what a person should and should not have access to. If it is not violating company policy (not IT "law"), and it's not hurting anything, what is the big deal? If it is a problem, explaining the reason (not just "ordering from on high") might get better results. I don't think trying to fire a good employee for changing their screen saver is good management.

Collapse -


by mathieu_tl In reply to Politics will override po ...

Well, I must admit I do not have that much knowledge of the workings of Windows Server and the like,
but through my Unix server I would have taken the rogue game server down and locked up the IP ranges and MAC addresses to be able to connect... Then again, the net I administer is pretty static and simple.

Collapse -

Published Roles?

by PDO2000 In reply to controlling a wannabe adm ...

I would caution you against an information reconnaissance mission. That practice is merely an effect of the problem that could easily consume you and distract you from your core responsibilities. Focus your energy on a solid solution.

Is this person a subordinate, or a peer?

It seems you may require clarity on your titles/roles/responsibilities. Good upper-management should support this and provide to you both. If his duties include IT administration (of any kind), they should be clearly defined and bordered ... as should yours. If personnel conflict arises, or system damage occurs, management should act accordingly. If your organization does not have management of this caliber, perhaps your talent and integrity could be better utilized by another. Best of luck.

Collapse -

Roles are clear

by lbofh In reply to Published Roles?

Roles are very clear. He is a data entry staff member. He has no IT administration duties.
Actually, my boss and I have both made it clear to him IN WRITING that he is not to attempt to administer or modify any company computers etc.
However, he does not report directly to me or my boss. Yes, we outrank him on the org chart, but that doesn't mean much. We don't have the authority to discipline him.
The person whom he reports to does not believe that there is a problem.
So, the next step is to take it his manager's boss, who is also my manager's boss. Let's call him Bill.
Bill is not strong on dealing with personnel issues. To make it worse, he does not understand the situation at all. We've tried to explain and didn't get anywhere.
What he requires is tangible proof that someone is doing something "wrong" before he will take any action.
On one hand, I don't want to waste time coming up with the paper trail. But, on the other hand, I am beginning to want this guy gone.
What escalated the situation was doing a remote connect to the wannabe's workstation after hours recently and finding it had been logged in as one of the admin accounts. I have no idea where he got the password. Passwords are held very closely around here and only 2 current employees knew that one.
If you're wondering, it was not easily guessable. It had more than 10 characters. Included upper and lower case, numeric and special (#@$^) characters, was not a word or a name, etc.

Collapse -

This is a test.

by DC_GUY In reply to Roles are clear

A couple of suggestions:

1. Don't make it personal. You're starting to sound like it's a matter of honor to get rid of this guy. Try the decaf, dude: it's just a job! Your mission is to serve the company, not to acquire the credentials of a superhero. Put the problem in the proper focus and work toward protecting the company's information resources.

2. Perfect your detective skills. It sounds like this guy is, by your standards, an internal saboteur. Perhaps he hasn't done anything worse than annoy people and cause a bit of rework so far. But with the resources and contacts he seems to have acquired, he could probably do some real damage if he were a crook, a spy on your competitor's payroll, or a self-appointed terrorist -- instead of just an arrogant jerk. Use this as a security drill. Figure out how to thwart him using the resources at your disposal, which obviously do NOT include upper management. This is a fairly realistic case study: upper management often cannot be convinced that there is a serious computer security problem worthy of their attention until it has caused irreversible damage.

If you can solve this problem without gaining the support of upper management, you can be really proud of yourself. At that point it's OK to take it personally. ^_^

Collapse -

DC_Guy nailed this one

by TomSal In reply to This is a test.

I agree whole-heartedly with the advice DC_Guy presented in his post.

And the most imporant rule is "DO NOT TAKE IT PERSONAL". I've been in the admin field for a decade now, I knew next to nothing about admining when I first started -- I was lucky to be taught by someone who really knew their stuff..kind of like I was an apprentice admin. So I have full respect for the knowledge and responsibilities of being an admin today. Also, yep - we just got rid of a "wannabe" type last June. He was his own downfall though, he gradually spent more and more time "trying" to do admin like things (without authorization btw) that he eventually wasn't spending any time do the job he was actually paid to do! lol.

Oh yeah his real job responsibility? Data entry and scanning work orders into a database.

Collapse -

I think so too

by lbofh In reply to DC_Guy nailed this one

I agree with you. DC_Guy is right in saying that it is a good case study/security drill. I also think that approaching it in that manner will help to make it less personal and more of a learning experience.
Heck, maybe we'll change his job description and consider him an internal security auditor/pen-tester! <grin>
I also think that given time, he will go the way of your "wannabe" type, as it sounds just like him, right down to the real job responsibilities. Thanks to both of you for the reminder to not take it personally. I think it gets too easy for it to become personal when one is spending most waking hours at work!

Related Discussions

Related Forums