nav search
Data Centre Software Security DevOps Business Personal Tech Science Emergent Tech Bootnotes
BOFH
Lectures

back to article
Sysadmin told to spend 20+ hours changing user names, for no reason

Silver badge
Boffin

Re: compuserve anyone

Amazingly I'm pretty sure I can remember my ID:

100237,2643

3
0
Anonymous Coward

Re: compuserve anyone

As soon as I saw yours mine popped into my head - 100412,2015

1
0
Anonymous Coward

Re: compuserve anyone

I recently came across my original FidoNet address in some old docs which really threw me :).

That naming structure was *very* geographical because it pretty much described the whole path to the node where you held your post, but it had no names in it. If you decided to pick up email from abroad it would cost you an international phone call.

That said, at least it was only text, not 10MB powerpoint files..

1
0

Are you sure?

Are you sure you have captured all the steps needed to complete this task?

You need time to discover all the consequences of this management meddling, er initiative. Then once you have listed them all you need to test. Days become weeks and could be months. Well, does the manager want it done properly or not? And don't forget to consider how backups taken under the old regime may be restored using the new regime.

6
0
Angel

A true one.

Well spotted. Ms Brenda Utthead :D

In my case the Username was initial of firstname and surname until a Samantha Luttrell joined the staff. It was changed about 3 years later when she got married. Never did like the odd name out in AD.

1
0
Trollface

Why is it called a PC?

You lot need to stop calling them PCs.

It's not a personal computer if even your username is managed across the organization.

0
4
Silver badge

Re: Why is it called a PC?

I think that ship has sailed.

Thank god somebody had the sense to stop calling digital video recorders PVRs !

unlike the PC there was never a reason to that P in the first place!

1
0
Gold badge
Joke

Re: Why is it called a PC?

You lot need to stop calling them PCs.

We do that because the Work Computer one is already taken :)

5
0

Anyone with actual management skill of any kind

would have suggested running as-is with the new process documented and any additional users going on in the new format and if/when there's an issue with an existing account on the old system it's transferred over.

A common naming convention is a good idea, however spending a huge amount of time correcting an existing system which works isn't if it's documented to prevent a problem with loss of staff through illness or being driven to leave by a terrible boss.

Few IT staff I know are precious about how things are recorded, they just want it to be consistent an accurate.

2
0
Silver badge

Re: Anyone with actual management skill of any kind

Screws up scripting if your not using a single naming convention.

0
0

Resistance was futile

A colleague and I once spent a good week or so changing the network IP address ranges of 30 regional offices to match the 'harmonised' scheme of the company who'd acquired us. The change was not a major shift in numbering and we were clever enough to do a fair bit of it remotely through deft use of RDP and multihoming. After we'd finished and handed everything over to our new lords and masters (who very soon kicked us regional IT guys out), it transpired they'd forgot to tell us that the subnet masks also needed changing, so off we went again!

This same company ripped out the 8Mbit ADSL VPN connections (this was around 2004) between our HQ and the offices and replaced them with 1/2 Meg MPLS circuits - then wondered why everything ground to a halt (I bet the accountants loved the new bills too!)

The icing on the cake, was that the encumbent IT guys were sh*t scared of Linux and so out went the 300-user email system based on Postfix, to be replaced by MS Exchange + required Licences, and they abandoned the distributed, replicated, cross-site backup system based on BackupPC which performed full and incremental backups of data overnight from every office to two other locations, plus the clever rsync scripts that brought a copy of all regional data back to HQ every night for data mining - we had data coming in from MS-SQL, MS-Access and proprietary systems to be munged into one data set in MySQL - it was bloody brilliant, even if I do say so myself.

7
2
Anonymous Coward

One of my schools had a very sophisticated (for the time) program for attendance, room use and scheduling. The system could work out for example if there was a lesson clash for any students taking multiple A-level subjects in the sixth form year. Anyway it used the the initials of the staff and the first initial and last name for the students which had worked well. Then a student with a double barrelled name joined the school with a hyphen separating the two last names.

Apparently no one had thought about this possibility when designing the software and his hyphen caused two students to be created in the system (same first name but different second name) So in the first lesson I attended that year the teacher read out the names and everyone put their hand in the air when their name was called and said here. Except for Coates* who wasn't there and no one knew who he was as this was the start of the Autumn term and loads of new students. We had an entire day of lessons where Coates was absent and it was out down to sickness or something else. A week goes by and still no sign which is not good news at all. There is a bit of worry amongst the admin staff that he has been listed as sick every day when in fact nobody knows where this kid is. So they look at his details on the computer and there's no home address, no parents, no phone number etc. which is very odd. This will have to be reported to the Local Education Authority (now to Ofsted) and that's a very bad thing apparently! On the Monday morning of the next week the English teacher asks if anyone knows this kid outside of school as the staff don't know anything about him. "Does anyone know where he lives, what he looks like, who his parents are?" etc.

Rather sheepishly one child then raised his hand and said my my full name is XXXXXX Serge-Coates* it might be me. We'd been through twenty five lessons with the teacher asking at the start of the class when the register was taken if XXXXXX Coates was there. They couldn't believe that he had taken this long to twig that it was possibly him and assumed that he was doing it to make them look stupid. Although not unpopular with the rest of us, he was very unpopular with the staff over that.

*Name changed, he wasn't posh his parents had divorced and remarried other people keeping their original last names and new surnames.

3
0
Silver badge

"Then a student with a double barrelled name joined the school with a hyphen separating the two last names."

Ah. The double barrelled surname problem.

Client's client had a database in which the names were properly structured but for some reason decided to amalgamate forename and surname into one string, surname first to send to us. We were then expected to transform it into the correct sequence to print. Hyphenated surnames would have been OK but non-hyphenated... After giving them a few examples they saw my point. However instead of a correct fix - either send it as two fields or concatenate it in the right order, they kept things as they were and sent an extra, numerical parameter, to shown where it should be pivoted.

1
0
Silver badge

"We'd been through twenty five lessons with the teacher asking at the start of the class when the register was taken if XXXXXX Coates was there"

Every single class I was ever in at high school only ever called surnames at roll call. The only exception was if there were 2 of them and then an initial would be called too.

0
0
Silver badge

"The only exception was if there were 2 of them and then an initial would be called too."

We had a set of twins in our class. John and Joseph. No middle names. :-)

0
0
Silver badge

Every single class I was ever in at high school only ever called surnames at roll call.

One of my high school teachers had been teaching for 30-odd years and had done it that way with no problem. She would also call out the names in blocks of 3, eg Anderson, Andrews, Calver... Collins, Daniels, Davis....

Then she got my class. One of my classmates had the surname "Roots1". 2 of the boys (one of them a rather sensitive bully) got a bit upset, because of "Peters Roots Symes".

1 For the slang-impaired, at least over here "Root" is a synonym for sex.

0
0
Silver badge

Well, when people address me as John I studiously ignore them as my name is not John, it's Jonathan.

0
0
Anonymous Coward

The good thing about standards..

The good thing about standards.. is that there are so many to choose from.

Our AD structure is made from several smaller domains nailed together. There are probably 20 or so different naming schemes in use. Now we could make everything the same but that would involve a helluva lot of arguing, and if there's something that IT folk enjoy an argument over then it is naming conventions.

As for machine names.. never name the machine after its owner. In our organisation a machine gets a number which it sticks with throughout its entire life. Unless of course it's those bits of the organisation that actually do name the machine after its owner. Yes, we can't name those consistently either.

You can of course wait until objects with the old names drop out of the AD structure and replace them with new ones. With computers that's about 5 years, not too bad for a large organisation. For users.. well, that can be decades. But you have to plan for the long term, eh?

2
0
Silver badge

That will end in blood sweat and tears. Active Directory really doesn't like it when you rename something.

1
0

So this is what I'd do.

Go home and complain. Maybe bitch on social media. Or, you know, a forum like this. Maybe drink. Maybe watch cartoons. Definitely picture detailed visions of retribution.

Then back at work, write up an impact plan, and have the boss sign off on it.

Then, just do it.

Ultimately, no matter how much personal pride I take in a job well done, these are not my computers, and I do not own this business.

3
1
Silver badge

"Then, just do it."

Even allowing for all the other stuff to work properly there is a fundamental problem which was fully explained in the article. The proposed naming system cannot guarantee to produce unique names and unique names are an essential requirement. So just do what, exactly?

3
0

Both schemes have the same fundamental problem. Any scheme based on names will... how do you handle companies where two John Smiths work?

0
0
Silver badge

"how do you handle companies where two John Smiths work?"

In the original scheme it appeared that naming was somewhat informal allowing scope for ad hoc decisions to resolve problems. If you set up a prescriptive scheme such as that proposed you need to build in a means of ensuring* uniqueness. In another post someone suggested adding x, y or z as dummy initials to a first/last initial scheme; works well right up until you've allocated jxs and then John Xavier Smith joins the company. Essentially it means something along the lines of adding a few digits so that your two John Smiths, or indeed Jane and John Smith, can be handled as smithj01 and smithj02.

*To some degree of statistical acceptability. The example above fails if the company is so big there's a realistic chance of 100 or more smithjnn names being generated in which case you need more digits.

0
0
Silver badge

"The proposed naming system cannot guarantee to produce unique names and unique names are an essential requirement."

The existing scheme doesn't either.

Unless the 'new' scheme is less than 3 letters per person, it's less likely to produce duplicates than the frankly idiotic 3-letter practice (which has only 18k possible combinations, and since most of those are unlikely to occur ever - just how likely is ZQP, for example? - it's likely to run into duplicates ridiculously quickly).

Scrap both and come up with a sane naming convention.

0
0
Silver badge

I don't understand ...

... exactly what “Harold” meant by "The 2IC is having none of that argument". He provided an estimate along with identifying some possible risks. And the #2 boss is saying "No"? Does he have some insight into the process and a more streamlined approach? Or is he one of these supervisors that just think the IT department throws a handful of faerie dust at the servers and its 'job done'.

Having worked in some heavily audited lines of business, this sounds like a request to 'just get it done, but hide the expenditures' which can get even a CEO canned. Or at least the business banned from government contracts. Now I understand that not everyone must answer to this high a level of accountability. But Harold should take whatever steps are needed, through official channels, to request budget for and set up charge lines to track this activity. That might be enough to stop 2IC in his tracks.

2
0

There are good places to work, this is not one of them.

Find another Job, and when you resign, make it crystal clear that it is entirely because the 2IC is not a reasonable person.

2
1

One persons point of view is more important than anothers

Ultimately all it comes down to is one person thinking their point of view is more important - and therefore overriding - anothers. Everyone wants their own way and will do what they feel necessary to justify that.

This happens in all aspects of life when you're a grown up.

Document the issues as you see them, then get on with your job. If a situation arsies where you're being blamed for someone elses fuck up then show them the dated documentation to show that you foresaw the issue(s) and warned them about them. Collect your pay check and get on with it. If it becomes terrible to the point you can handle it, consider moving jobs. But it would have to be pretty drastic (or you're in a low paid/crap job) for that to be a real option.

1
1
Anonymous Coward

Re: One persons point of view is more important than anothers

"This happens in all aspects of life when you're a grown up."

Until you are grown up you get very little say in any decisions. At 13 a friend's son showed a sense of impeccable logic in family arguments about things he wanted to do or not do. His mother's reaction was always to dismiss his well-crafted argument with "because I say so".

3
0
Silver badge

About 20 years ago, my then boss asked me how I had time to help out other staff, when my predecessor spent all week taking the various electric motors off line, testing the motor winding resistances (with a bog standard ohm metre) and recording them, to help identify which motors were starting to fail.

So I went and got a brand new, unused motor from stores, and a dead motor of the same type I had pulled the day before and showed him the ohm readings.

They were identical.

Then I went back to my cubby hole and read a book until someone wanted some help.

(A proper insulation tester would have shown some differences, but they werent willing to supply one, and I wasnt going to spend my own cash to buy one).

7
0
Holmes

Redacted Part Deux

If you copied the list of actions that Harold sent to 2IC to explain why it's going to take so long to do, then only redacted a few details before putting it into the article, 2IC will have to be pretty thick not to put 2 and 2 together.

Lets hope 2IC doesn't read El Reg or Harold is royally screwed. I'm sure 2IC will be looking through Harold's employment contract for clauses Harold has breached by sharing this story in a public forum.

...so many icons to choose from.

1
0
Anonymous Coward

I for once, love Skype.

My full name, separated by dots. No bloody abbreviations, no bloody misspelling, just long strings that comprise my full name, separated by dots that can be suppressed.

I believe GMail goes about in the same fashion. Right?

0
0

Re: I for once, love Skype.

Nope, it does not. There are various people around the world with the same name as mine. My gmail address has a dot between first and last name. Theirs (multiple people) does not and I get their emails all the time. I even got a classified email from the US once.

So, sorry, Gmail no longer seems to work that way.

1
0
Silver badge

Re: I for once, love Skype.

You have to get in early.

Which then causes annoyance anyway, as firstname.lastname@gmail.com gets a huge amount if email intended for firstname.lastname1@gmail.com

1
0
Silver badge

Re: I for once, love Skype.

As far as I can work it out, my firstname.surname@gmail addy doesn't seem to go to the American who shares my name. But I do get some of her firstnamesurname@gmail.com messages from time to time - unless someone is just assuming that she has that address (which has been mine since gmail was invitation only) or, as suggested below, that one has a digit that gets forgotten. And though I do like to get my own name for any account I would never choose a user name with an add-on number - I'd rather find something original.

0
0
Silver badge

Re: I for once, love Skype.

"I even got a classified email from the US once."

Similar here. I got a few emails emails from ITV with me CC'd in discussing an upcoming production. It took about three weeks of replying to them pointing out the mistake before I eventually did a Reply-All and it stopped (also got an apology for the inconvenience, natch!)

Another one was a company sending me details of a contract workers invoices/expenses. That only happened once and they were *extremely* apologetic and thanked me profusely for pointing it out to them. That could have been very nasty for them.

0
0

Email alias

That part of the job should be pretty smooth providing (as previously pointed out) it is an additional alias.

There would be benefits in standardisation (visible to the outside world) and little disruption. People accidentally using the old alias would still get their emails.

Changing the login name is where things get horrid. And for no real gain.

I would add the aliases (script). Check there are no issues over a few days. Then make the primary address the new format one.

Then I would raise the issues about the login. If 2ic is any good he'd realise that the good parts of his plan were done, and cancel the rest. If not then I would suggest that a 3rd part were hired to do the move or that it be done a few users every day, until complete (one letter of the alphabet a day perhaps). I would make sure HR had a copy of my recommendations on file, just in case I was overrules and it all went titsup.

2
0

Re: Email alias

By "alias" I don't mean an additional SMTP address - I mean the Exchange alias, which is used in Address Lists and is the Exchange equivalent of a "username".

0
0
Anonymous Coward

Process is to remove all non-standard users profiles off the system and it will take 3 weeks to reset-up...

0
0

So only 40 accounts to do

30mins per account, 20 hours work = 40 accounts.

Do 2 a day and done in 2 weeks. Start with the most important user and see how far you get before being begged to stop. I reacon 2 days max before the one in charge has had enough of not being able to access stuff.

1
0
Silver badge
Pint

Four pages of comments...

With almost as good content as a BOFH story. Including LOTS of ways to make the process work "so well". Yes, it must be Friday.

Cheers.

2
0
Silver badge

Why "20+ hours"

I get that this is the total amount of time for all the users, but what difference does it make if you do them all in one go or do one a day for the next few months?

In fact, if he's forced into a corner about doing this, even after making the 2IC sign off on all the risk statements, etc. he should insist on doing a small number of more technically competent power users first and waiting a month to see what sort of issues they have. Choosing the more technically competent means:

1) he won't waste time reminding them their username changed when they call and say "I can't login to X" like will happen with the clueless ones

2) they will notice problems readily and can describe them properly

3) are more likely do the sort of things (personal scripts etc.) that can't easily be accounted for when assessing risk

4) probably perform more important functions, so if stuff breaks their inability to perform their job will quickly make its way up the chain to the top and the 2IC may be forced to reconsider this idea.

2
0
Silver badge

Re: Why "20+ hours"

" he should insist on doing a small number of more technically competent power users first"

No, as per another comment, start with 1IC & 2IC. There's probably a degree of overlap as 2IC probably reckons he's one of the more technically competent power users.

0
0

Not difficult.

1. Document and inform of the risk

2. Create a transformation project, engage a consultant

3. Create a process, and a test, then re-assess risk

4. Request budget for change.

5. Create methods and scripts for PFYs to follow an implement

6. Await sign off from 2IC to approve the potential downfall of anything AD linked for the whim of a change, then either sit back knowing you've been vindicated because he backs out, or plough on and kick off the change project, knowing that the overtime is coming, and the "I told you so" moment will be glorious.

1
0
Silver badge

Re: Not difficult.

Had to do something similar a few years ago and scripted it - good job too as I had to unscript it two weeks later and its was a lot easier with the original script.

Its useful to make sure you seriously fuck up the people above the person causing the stupidity though.

0
0
Silver badge

Why not just do your job?

Yes, doing something you think is stupid and without purpose is frustrating, but if that's what the boss wants, just do it. After all, you'll be paid just the same as if you were doing something you consider useful. As others have said, CYA by sending an email detailing how long it will take and the potential pitfalls and asking for confirmation that you should still go ahead. If you get the confirmation and it is something that is possible and you are capable of doing it, then just do it to the best of your ability - what's the problem? Nobody is going to blame you for someone else's decision.

If you don't like doing things that you do not personally believe is necessary, then become self-employed or start your own company. Otherwise you are being paid to do whatever the boss wants you to do (within your job description), and unless you are a director, however you think the company should be run is irrelevant.

On the flip side, how would you like it if your subordinate or employee refused to do what you asked (or deliberately made it fail) because they thought your idea was stupid? Maybe the idea really is stupid - or maybe you have a bigger plan in mind that you don't want to disclose just yet.

0
1

Re: Why not just do your job?

"Nobody is going to blame you for someone else's decision." </naivety>

"or maybe you have a bigger plan in mind that you don't want to disclose just yet" ;)

1
0
Silver badge

Re: Why not just do your job?

You haven't spent much time working have you? Or are you still in school?

Yes, doing something you think is stupid and without purpose is frustrating, but if that's what the boss wants, just do it. .. then just do it to the best of your ability - what's the problem?

Some people are actually invested in and care about the firms they work for, and the stress screwups can cause their co-workers - whom they also care about. And if you're doing your job (eg making sure the IT keeps working smoothly), then you're pro-active about making sure that the systems you care for continue to work properly, even if that means introducing your boss to a bag of quicklime (El Reg, we really need that BOFH icon!)

Nobody is going to blame you for someone else's decision.

Yeah right. See the Naivety quote from GoodOldHarold..

On the flip side, how would you like it if your subordinate or employee refused to do what you asked (or deliberately made it fail) because they thought your idea was stupid?

I've had the priviledge of working for people who valued their employee's input, and have also been an employer myself. In both cases "This is stupid, you need to..." held the possibility of a pay rise, and potentially saved lives as well. I had a plan which seemed great to me, but had a flaw I could not see. Junior who had little experience was still able to see the flaw, and it saved a lot of hassle.

Any employee should be able to raise issues they see with a plan, and unless the issues they raise are really stupid, they should be discussed if necessary, or at least a polite explanation as to why there isn't an issue should be given. Granted, some people are too stupid for (polite) words, but if someone is well-meaning and their concern is reasonable, why not give them an ear?

1
0

The solution to the 2IC is simple

Stick a knife in his head.

(I've been at home sick this week and have watched a *lot* of Walking Dead. Man, those guys are effective problem-solvers.)

1
0
Silver badge

This educational institute; it wouldn't be KCL by any chance?

1
0
Bronze badge

I guess I am very lucky .....

I must be very lucky. My boss doesn't ask for stuff just for the hell of it.

But I did once have to deal with another head of another department, who kept dreaming up new ways to reward various forms of fundamentally bad behaviour under the colour of improving performance; only to return some weeks later with a better idea, having identified some issues with the present scheme that I had already told him about the first time he mentioned it.

If you really can't persuade someone that their really bad idea is a really bad idea, then you have to make damned sure you can fix any damage you might have caused while implementing their really bad idea under duress and under protest. That means at least one full backup and restore drill, just to prove you can; and another full backup immediately before you start, so you can go back to a known-working state.

And for the record, it is not only possible, but reasonably painless to change a user's login, under GNU/Linux NIS with all of /home on an NFS share. User rebecca logs out before lunch, user becky logs in after lunch. But I wouldn't do more than one at a time .....

1
0

Page:

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

The Register - Independent news and views for the tech community. Part of Situation Publishing