General discussion

Locked

controlling a wannabe admin

By lbofh ·
Our company has 2 offices. I am responsible for the networks/desktops/phones/anything else with electrons company-wide.
At the remote office, I have a wannabe admin. The problem is, he does not know much about computers/networks/etc. He just thinks he does. He is not interested in learning how to do things the right way, so there is no point in trying to use him in any sysadmin capacity. So, he is not authorized to do any administrative tasks, his responsibility is solely data entry.
He refuses to accept this and management refuses to fire him for the things he has done/attempted to do.
We just migrated to pure Windows 2000 on desktops and servers. I have locked things down so that only admins have privileges to install programs, etc and use a screensaver lock on all servers.
This guy still has not quit trying to mess with things! Has anyone else ever dealt with this? What did you do to combat it? How can I best create a paper trail to prove to the boss that he is violating our policies so he can be terminated?

This conversation is currently closed to new comments.

190 total posts (Page 5 of 19)   Prev   03 | 04 | 05 | 06 | 07   Next
Thread display: Collapse - | Expand +

All Comments

Collapse -

Re: So Lock him out for good or you are out

by wkktai84842002 In reply to So lock him out.

I totally agree with Oz. Almost every company has one or more of such person. Even worse, these people are arrogant, has no respect and no responsibility. It's a nightmare when they acquire more knowledge. They turn abusive and pathetically, the upper management thinks they r heroes. Whoever who takes the previous admin work that the person is still in the company, you will know what i meant.

What do you do if you're in my shoes which is you are also facing? Find another job. You will find you days clearing up his mess and you don't have time to advance your career. Of course, if all your attempts failed. It was mostly failed due to upper management decision making.

You can find a lot of programs that can track him down, eg attacker from the server that he tries to intrude to.

Hope this helps.

Collapse -

New Segnment and lock the network down

by SoHoHelpDesk In reply to So lock him out.

If you try to fight this guy it will only get worse for you, it sounds like you are getting consumed by it now, keep it simple, give him the rights to what he has to to do his job and that is it, nothing more and nothing less. You have recieved alot of good information in all the posts. I advise that you take the Security + Course you will get alot of insight into what this guy could do to the network if you do not take control now. www.manasi.com this guy is the Windows 2000 God, the best Tech write ever and he has everything you need to know about W2K Good Luck
Michael
Network & Internet Support Specialist, A+
Working on my MCSA for 2003

Collapse -

Mark Minasi

by david.mcginty In reply to New Segnment and lock the ...

Sorry to butt in like this. But, in case someone is trying to get to Mark's site. It is www.minasi.com I sure this is just a common error.

David McGinty
USAF
MCSA 2000, 2003

Collapse -

Stop wasting time

Your solution is simple and takes multiple paths.

1) Start from scratch. Know what apps he needs and do a fresh install of the OS and apps. Also do a recon of all hardware and servers for anything amiss.
PS You do have locked server room don't you? Or some sort of physical server security

2) Write a policy toward machine use...... No outside apps, no personal email, no installs except by the authorized people. (use names or titles).

3) Have your other admin using a password policy that requires change on Tuesday and Thursday and make them aware that a misused password is grounds for termination. And turn on all appropriate logs.

4) You cannot reprimand the rogue BUT you and your boss can sit down with him in a meeting with his boss and layout what you know and the new policies. Make him sign a statement that he understands them. Good old paper stands up well when having to fire someone.

Finally, the poster that suggested using this as a security drill had a VERY good idea.
We all have those mundane tasks of adding users and password changes, and we ALL read about the cool things others are doing with their gear (I admin. OS X myself), well you've been handed a sweet piece. You can use this as a reason to go to security demos/seminars. You can also use this as a reason to demo new security software and hardware. http://www.csoonline.com
Biometrics anyone? http://bssc.sel.sony.com/news/puppy/
Give your other admin. a fingerprint log in and a portable reader. Viola.
Yes, if they are plotting together it can be defeated with a Jell-O mold but key it to a specific reader.
You are monitoring the rogue's outgoing email for large attachments aren't you?

Collapse -

Right on Oz!!.... Get over it

by JAFA In reply to So lock him out.

It appears that you are being totaly consumed by this dilemma. It's obvious that you don't or will ever have control over this individual. Everyone has their "problem child" and you are no different. I feel there is something deeper than you're letting on. The title of your article gives it away that you are dealing with some major CONTROL issues. Even your alias "The Admin" appears to be inflated. Let the air out,come back to earth and join the rest of the human race. Mr. (as YOU call him) "wannabe" will eventually hang himself if he is truly inflicting serious damage to your company. Mean time use your "admin" skills to YOUR job and don't worry about his.

Collapse -

welcome to the club

by dotgaz In reply to But it is justified

I think all of us sys Admins have had similar problems, mine was my boss a company secretary. He caused me a massive problem and I had to work all night to fix it. I pulled him aside and thanked him for making me work all night. He had done various other small things but nothing that killed a server before. He apologised and doesn't touch anything now. In a previous employ I found one of my IT staff was sabotaging me. I spoke to him at length showed him the logs where he had played around but to no avail. Spoke to my bosses but nothing. So I named and shamed him in an all staff email when I apologised to the staff that couldn't work because of what he had done. He was ostracized by fellow workers. Harsh !! maybe but it worked he left quietly. I was told off but I took the whole thing personally. I should have thought of it as some of the others said a job nothing more.

Collapse -

Simple Solution

by The_Punisher79 In reply to But it is justified

Wow, I think this discussion has struck a deep chord with alot of Admins since we all have people like this in our work environments. There are two sides to the matter, but they are simple. One, if he cannot be trusted with Admin access or technical duties, DON'T GIVE THEM TO HIM. Give him power user access to his machine and leave it at that. It is ludicrous to think that ANYONE would give someone admin access to their network, just to "learn" or neglect the responsibilities that they was hired for. The second option is to still give him power user access to the workstations and ask him to assist other less technical users with simple stuff like adding printers off a print server, ect... Active Directory DOES have a User Rights Delegation wizard you can use to give him access to reset passwords, make accounts, and so on without giving him ADMIN access to the network (as long as you have AD incorporated). I support a remote location over 5000 miles away and it is SO NICE to have someone there that knows a little about computers to help me when there are problems. It's also nice to have people locally that can help their coworkers do the menial things that every tech HATES getting calls about. If he is willing and has time AFTER his assigned tasks, use him to your advantage.

Collapse -

Rarely a simple solution

by dcox In reply to Simple Solution

I see both sides as I have been on both sides. I am now Manager of IT Ops and know the benefits and risks of users that know less than they realize.

Although having technically skilled assistance at a remote site is useful, it must be managed with care and common sense. Most users that are technically literate like to play with settings in an attempt to boost performance, secure a box, block "Big Brother", and the sort.

When they start playing with settings that can have devastating effects, like going to the root of a system drive and setting all file/folder access as everyone "read only", this becomes a serious problem. I have actually seen this happen.

All you can do is document the event, report it, resolve it and move on.

You must remember that Management does not care about emotions, just facts. Management is always looking for people to become sub managers, people that can be neutral, calm and deal with issues with minimal intervention.

If you can prove this person is taking unauthorized actions; document it, ask your boss for advice on how to approach the culprit, advise the culprit of the situation and what you have been instructed to do and keep a running document with a log of dates and times of all events.

If this person is such a threat that systems are being blasted, then remember you must do your job, and only your job. This includes keeping your boss informed of all related matters and how you tried to resolve them professionally without escalation.

Also, remember that all communications between you and the other party must be professional; you must ?stay above the fray?. Keep your tone and inflection (both in conversations and emails) courteous and professional.

You should appear as more the victim than the killer.

If not, you are also part of the problem.

Collapse -

How Do You Know Who . . . .

by joe_at_stavka In reply to But it is justified

How do you know who used that workstation after hours? If two or more people know a common USERID and password, then neither can be held responsible for its use. More importantly, you cannot prove that the person in question was at his terminal when the admin logged on. While it probably was the person involved, proving that becomes problematic in the face of shared USERIDs and passwords.

If you gave him admin rights in the past, then it seems possible that he cracked one or more passwords while he had the rights. At the very least, I think it prudent to change all administrator passwords and eliminate any shared USERIDs.

As I understand it, administrators should use USERIDs with administrative rights. They should not use the Administrator account. In addition, turning on strong passwords seems like a good idea if it is not in use now.

Collapse -

Be a Listener & Leader, not a controller

by axlehead In reply to Your title is SOOOO negat ...

It's time for you to become a master listener. Individuals like your Wannabe Admin often have very valuable suggestions that can help increase work efficiency entire groups in an organization. Use this guys as a contribution and resources for you to do a better job, keep him as a friend, he obviously has an interest and some skill with computers, help him get some training, be a leader, not a career wrecker.
-Axlehead

Back to IT Employment Forum
190 total posts (Page 5 of 19)   Prev   03 | 04 | 05 | 06 | 07   Next

Related Discussions

Related Forums