> So what's the root cause for each of those little problems? That's what I'd > be digging at. Agreed. For now many of them just sit due to other commitments they put me on - this capacity plan will alleviate that problem though "look, if you want me to free up my time, I need to spend time getting to the root cause instead of fighting fires."
Hires/fires, the only impact on me is my monthly AD maintenance as they don't _delete_ accounts until I run my monthly report. Same for computer accounts. It does take time to go through these because sometimes the user accounts shouldn't be deleted because the user comes back later. In short, a LOT of what I do is stuff that was neglected until it became a problem. "You mean we had 14 unpatched PC's and that's how they got owned?". I know our SE's that patch their servers (yes we have two sets of servers some are mine, some aren't) and never check on why Server A didn't get patch D, they accept stuff in WSUS and move on, and it won't get attention unless something blows up from it, or if I happen to bring it up. Most of them go after the "latest and greatest project" an nobody but me seems to care about run and maintain - there's no glory in that. David Lum // SYSTEMS ENGINEER NORTHWEST EVALUATION ASSOCIATION (Desk) 971.222.1025 // (Cell) 503.267.9764 From: Brian Desmond [mailto:[email protected]] Sent: Wednesday, December 02, 2009 3:12 PM To: NT System Admin Issues Subject: RE: Capacity planning So what's the root cause for each of those little problems? That's what I'd be digging at. As far as hires/fires - what are you doing by hand for them? Thanks, Brian Desmond [email protected]<mailto:[email protected]> c - 312.731.3132 From: David Lum [mailto:[email protected]] Sent: Wednesday, December 02, 2009 5:01 PM To: NT System Admin Issues Subject: RE: Capacity planning I get very few tickets via ticketing system, I just get ones escalated that the Service Desk guys can't do. I love to automate as much as I can, what it boils down to is fixing the seemingly endless "exceptions", as in the SMS push works to all but 4 machines, doing an AD inventory I find 7 machines don't talk to WSUS, a couple machines don't talk to the McAfee ePO server if VPN'd in but are OK otherwise, McAfee rogue sensor find a couple PCs's with no agent...lots of stuff like that, and troubleshooting just a few of these can take the better part of a day all said and done. Making SMS packages etc also falls into this same hourly count. Then there's the occasional GPO addition or change, server data migration from one server to another...it adds up. We also have a fair amount of churn here - we bring on an average of 5 new people/week between new hires and contractors, and after a few months, those contractors leave and new ones come on board. I'm pretty lazy, if I have to do something more than 2-3 times and I can script or otherwise automate it, I will :). David Lum // SYSTEMS ENGINEER NORTHWEST EVALUATION ASSOCIATION (Desk) 971.222.1025 // (Cell) 503.267.9764 From: Brian Desmond [mailto:[email protected]] Sent: Wednesday, December 02, 2009 2:44 PM To: NT System Admin Issues Subject: RE: Capacity planning Do you get tickets for this work via a ticketing system? If so have whoever runs that add queues or categories for these different work groups if they aren't already broken out and then start charging time in the tickets. Most systems I've dealt with can do this (or custom fields can be added and you can run a report/export a CSV to Excel). Your estimate doesn't sound off to me although I bet you could reduce that time if you grouped up repetitive tasks, defined the inputs, and figured out how you could automate some of it. Thanks, Brian Desmond [email protected]<mailto:[email protected]> c - 312.731.3132 From: David Lum [mailto:[email protected]] Sent: Wednesday, December 02, 2009 9:01 AM To: NT System Admin Issues Subject: Capacity planning So...my team has been asked to estimate some time we spend on various projects and other work. I have 100 Windows servers and 400 workstations (PC's and laptops). I am the sole person in charge of keeping the desktops patched, up to date on McAfee, report into WSUS, SMS, etc. I do most of the Active Directory maintenance when it comes to creating new security groups for access (Service Desk does main these groups once I have created them). Basically if it related to central desktop management and server management, it's just me. I have estimated I spend 3 hours every day on these administrative tasks. 400 systems and about 250 users, that doesn't sound excessive, does it? Sometimes troubleshooting why ONE system isn't getting say, the Tivoli backup client pushed to it via SMS can be 3 hours right there. David Lum // SYSTEMS ENGINEER NORTHWEST EVALUATION ASSOCIATION (Desk) 971.222.1025 // (Cell) 503.267.9764 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
