Transitioning From Small Shop IT To Enterprise?

Imaginary Friendly asks: "I'm the 3rd guy in a three-person IT firm. We're good and we're expanding. Our clients range from three computers to 30, with our largest client having six servers. We can handle the work but, thanks to my efforts and love (or just luck), I may be signing up two new clients who have 200 networked computers each. We're spread thin as it is, and hiring competent IT staff has been difficult. We're now doing 60-hour work weeks, so re-education has remained passive. How do we transition from manual rebuilds and CD deployments, to full scale (proper) IT administration?"

drink the koolaid

[Gothmolly]

Since 90+% of your clients will be MSFT shops, drink the koolaid. Get an MSDN subscription. Buy a big multicore machine, and you can all learn on VMs. Master all the MSFT (RIS, SMS, etc) and bolt-on tools (NetPro, GPA, etc). Learn to do everything the MSFT way, and you won't starve (at least until Linux takes over, if and when). In your spare time, look at alternative desktop environments for tip and tricks.

yup, do like the government and clueless big corps

[rubycodez]

With windows you can run a serious huge enterprise operation just like you run a home computer. with the sames security risks and catastrophies. gigabytes of mission critical and confidential information can float around on your executives laptops, to be stolen or lost and viewed by god knows whom. remember, if a box doesn't have a screen with a mouse and keyboard, it's not a real server. bonus points if a server needs a constant logged in gui screen to get important batch work done.

Re:

[alienmole]

I think you might have missed the point the grandparent was making - possibly because you're a Unix admin, and not a Windows admin.

The Windows GUI is inseperable from the OS, and has to run on the machine's built in video adapter and keyboard. You can't fully administer it through a console connected via RS232, for example, without hardware hacks to virtualize the video. And as the GP mentioned, many operations tend to require or at least strongly encourage a session logged in on the server's console. Th

Re:

[TeraCo]

Like the other poster said, use an iLO card (or your vendor equivalent). It's certainly saved me a 4AM trip to the data centre to powercycle a box and look at a screen.

Re:

[alienmole]

You can do it, sure, with the right hardware hack, as I mentioned in my previous message. The point is, you shouldn't have to, and it's primitive, single-user-oriented software that makes you do that. That bias is pervasive, affecting the way software for the Windows platform works.

BTW, I'm not some Unix zealot. I grew up on DOS & Windows and have been using Windows 32-bit versions since the first betas of Windows NT and the Win32 API. But Microsoft got lazy, and stopped improving their architecture

Re:

[IAmTheDave]

Why hack at all? Just use an IP KVM switch [kvms.com]. Full-remote, full-desktop.

Re:

[alienmole]

That's the same hack - you have to buy extra hardware to virtualize the machine's local video. The point is that Windows cannot support machines without local memory-mapped video. The purpose of local memory-mapped video is to provide high-speed local interaction for users of a workstation. The fact that Windows servers sitting in a datacenter need such video hardware, and then on top of that need other hardware to virtualize that video hardware, and even after all that its remote administration capabili

Re:

[alienmole]

Well iLO and remote administration of a server are really two different things.

They should be, but...

If the OS on that server requires a full GUI to maintain and configure the running processes, well, iLO offers nothing new other then giving you the full GUI to perform those maintenance tasks.

Right. And the point is that you shouldn't have to resort to that sort of thing just to do routine remote maintenance of a server. All the (Unix) servers I run have a remote console capability, but I almost

Re:

[rubycodez]

the point isn't the OS used, it's insecure the way things are done, running things like a home computer.

Re:

[dave562]

I second this. My first job in IT was in 1996 on Novell 3.12 network with NT 4.0 workstation on about 50 desktops. Since then I have transfered to consulting and some of our clients are running 500+ machine networks with dozens of servers and multiple sites. There are tools to get the job done, but the Microsoft tools are not always the right ones. For example, I wouldn't use RIS. Use Ghost instead. Definitely figure out Group Policy because it will help you enforce standards across the enterprise. G

Re:

[capsteve]

yes. agreed. drink the koolaid, get msdn, and dive in head first. also, if you're concerned about building/deploying lots of boxes, consider the certified gold partner status, which i believe gives you access to the oem building tools... build disk images and "bundled" apps of what your big client wants as a standard system deployment.

Re:

[jp10558]

Everyone can use Sysprep + ghost or Acronis or whatever to do that.

Re:

[capsteve]

yes, from a sysadmin perspective there are plenty of tools available without going thru the bother of creating oem-style installers... i was initially thinking g4u, but i got to thinking how i would make things easy for my parents, and other non-tech end users.

by creating an oem install disk, you make the emergency reinstall of a complete system including all standard apps by, say the sectretary or the copy boy easy for non-tech users. enabling the end user thru education and easy to use tools will in the e

Re:

[eln]

The way the article is worded, it seems they're mostly dealing with desktop PCs, which are almost certainly Windows-based. The servers may or may not be Linux, but if they're already built and coming from a shop that did not previously have an IT department of their own, I would bet on them being Windows as well.

Obviously, though, more details about the environments involved would have helped a lot if the submitter was aiming at getting useful information.

Re:

[LWATCDR]

If your customers run windows then you have no choice but to learn and use Windows.
Notice that they support workstations as well as servers so odds are they are windows machines.
Get ready for the fun of spyware or the fun of dealing with locked down windows systems.

Re:

[cptgrudge]

Done properly, locked down Windows systems aren't that much of a hassle. The only bad obstacles are getting all those legacy and poorly written apps to run correctly, and getting user acceptance. Difficult, but not insurmountable. You definitely still have to drink the kool-aid, though.

Re:

[imemyself]

Would Sendmail/IMAP & POP3 have calendaring, or storage policies that limit the size of user's mailboxes? Can you restore an individual message quickly if need be? Would it include calendar and contact management? What about the clustering? And webmail? How easy would it be to create an email account for a new user/does it pull passwords from the same place as the client computers do? I'm not trying to be an ass here, but MS does make some fairly nice products. And Exchange 2k3 is probably one of

Re:

[somersault]

Open Xchange is a bit of a PITA to setup, especially if you want to migrate from Exchange and keep consistency with Active Directory. I was seriously considering moving to it until the latest service pack for Exchange included 'Direct Push' email, and now I've just decided to stick with Exchange (I used to want to move away because when I first got here the email systems were slow and I perceived them to be unreliable, but things have improved over time with a little maintenance).

I'm a little pissed off

Re:

[dknj]

haha not likely. making sendmail perform like exchange is an exercise in futility. and i know this because i have designed, deployed, and administered enterprise sendmail and exchange deployments of similar sizes.

Re:

[Fred_A]

Sendmail is a MTA, not a groupware solution. It doesn't make much sense to compare it with Exchange.
OTOH I doubt you can get Exchange to interface with as many networks sendmail supports out of the box or that you can rewrite rules dynamically the way it can (admittedly with line-noise like syntax).

Re:

[0racle]

installing an SBS server and then wanting two more back up domain controllers (say, one at a data center and one backup locally

Exactly what is wrong with this.

Re:

[account_deleted]

Comment removed based on user account deletion

Re:

[dave562]

Forgive me as I've only ever worked with "real" Windows domains and I'm ignorant in regards to SBS. Does SBS even allow a second DC?

SBS is a complete nightmare if you're used to dealing with the real deal. We picked up a client who had the Geek Squad from Best Buy come in and setup a server for them. Of course they used SBS. All of the administrative tools are different. The layout of AD is different. The whole product just sucks big, smelly donkey nuts. We scrapped SBS and setup Server 2003.

Re:

[lukas84]

Treat SBS as a different product. It's not the same as a "real deal" windows setup.

If you learn that, you can also support it. The disadvantages of SBS are not obvious, and customers will prefer buying SBS with 10 CALs for 1000US$ than buying W2003 Standard + Exch2003 Standard with 10 CALs each for 10'000US$. You can't have a second DC with SBS (it will complain and shut down, it's also in the license agreement and everything). SBS is a product for very small shops which don't want to spend much money.

What about Win2003 + some open source tools?

[parvenu74]

Excellent post. Not being a sysadmin type I didn't know this (I'm an ASP.NET, SqlServer developer), but with my new job I've got considerable input and say over what the server and network setup will be for my organization for the next several years. We have about 150 desktops and every one is configured with the user running as local admin and most without password (horribly insecure, I know).

I want to change this but I don't want the expense of Active Directory. Can Mac OS X Server's Open Directory be use

Re:

[lukas84]

Active Directory isn't that expensive. It's a great tool in managing your network.

Samba has some sort of Windows Domain functionality, but last time i've worked with it (~2yrs ago), it was still en par with NT4 domains.

If you have 150 desktops, using Active Directory can reduce the managment overhead in a great deal. You can specify lots of client settings using group policies. AD also has some rudimentary software deployment support (using MSI files).

Centralised authentication, roaming user profiles, folde

First...

[misleb]

I would seriously recommend turning away those bigger clients for now until you first get the staffing to handle it. You can try to pick up the clients later. Maybe they'll hire someone else, but there is a chance that they will be unhappy with that someone else and come to you. You don't want to take the clients on now and screw up and ruin your reputation. If at all possible, hire someone (or multiple people) who already have experience with larger networks and kill two birds with one stone. I don't think it is really worth it to give you advice here on how to manage larger networks. You've got staffing problems. You need to address that first.

-matthew

Re:

[p0ss]

i agree, your staffing issues are your primary concern, without additional staff you are not going to be able to expand at all. Finding staff is hard, but as discussed in a recent slashdot article, the key is paying well. If there is competition for skilled people, the company who is paying the most will win.

If you can use telecommuters, do, it will broaden your labour market immensly.

One last point, Train your customers as you go. It may seem counter intuitive, but teaching your customers to solv

Re:

[misleb]

i agree, your staffing issues are your primary concern, without additional staff you are not going to be able to expand at all. Finding staff is hard, but as discussed in a recent slashdot article, the key is paying well. If there is competition for skilled people, the company who is paying the most will win.

This is not true in my case. My primary concern when looking for an IT job is finding an environment that fits my personality best. I am currently making nearly *half* of what I potentially could jus

Re:First...

[KillerCow]

Ditto.

By your own admission, you are stretched thin and can't handle your current load. Now you want to take on new clients, but not just any new clients, new clients with large needs that you don't know how to address.

Do you really think that you are going to be able handle your current load (which you say that you can't already), the load from these 2 new big clients (whom are each about 7 times bigger than your current largest client), and be able to figure out how to change the way that you do things to meet the demands of these new clients (when do you plan to have time for this)? No, no, and no, on all counts.

Fix your staffing problems.

Serve your existing clients without killing yourself, then expand.

You are risking your current client base in order to add more business that you admittedly can't handle. You will likely ruin your existing reputation and relationships, just to pick up some clients that you can't serve. It's hard to say "no" to new business, but sometimes you have to. If you grow to fast, it will get out of control.

Re:

[the-empty-string]

Parent and grandparent are right.

In the meantime, you can get great technical insight about large scale IT management here [infrastructures.org]

Grow fast, grow hard

[MMaestro]

No offense, but this is an extremely ideal and unrealistic manner to approach this problem. Businesses need to learn how to grow when needed, especially start-ups. Clients don't like it when you tell them "well we can't handle it right now, try us again in 3 to 6 months." Thats not cool. Clients will usually take their business else where and unless their competitor drops the ball, chances are you've lost a customer.

Re:

[hhghghghh]

Losing a customer who you couldn't server in the first place is no big loss. Losing a customer who you overpromised, underdelivered will bite you in the ass. They'll at the very least tell other people, and they will try to get compensation from you.

Re:

[plumby]

Clients don't like it when you tell them "well we can't handle it right now, try us again in 3 to 6 months."

They like it a hell of a lot more than being told "We can handle that no problem" only for you to either screw their network up or fail to deliver anything.

By telling the big customers that you're not ready, you're losing the big customer, at least for now. By attempting to take them on when you can't handle what you've already got, you'll more than likely lose the new customer, your existing customer

Grow orderly, grow well

[Old Man Kensey]

Clients don't like it when you tell them "well we can't handle it right now, try us again in 3 to 6 months." Thats not cool. Clients will usually take their business else where and unless their competitor drops the ball, chances are you've lost a customer.

As others have noted, the consequences of doing business poorly can be worse than the results of not doing it at all. But the other dimension is what I call "bullshit factor". It works like this: You're a small IT shop serving, let us say, 30 small-bus

Staffing it...

[tempest69]

You need to get a 4th and 5th person. The hiring can be a mess, I've made mistakes and lived with others mistakes. First make sure that they have some skills, a specific skill set is sometimes overdone. Some Skills/Experince that you want to be looking for.

1. Shell Scripting, can your person make changes to dozens of machines at one time when you have a crunch.

2. Obscene famialiarity with the OS.. A headphone jockey can walk a user through hell and back, if they know exactly what is popping up an

Remote Desktop Takeover

[camperdave]

The only thing I'd add is that you become familiar with the remote desktop takeover tools. Sometimes it just helps to see what the other person is doing.

Re:

[bergeron76]

I disagree. I'd hire good managers. Seriously. I know this won't be received well here on /., but it's true: Having a good manager (one who can get things done quickly and efficiently) is not a bad thing when it comes to the bottom line (profit).

The key that you'll have to find, is finding a manager who is both technically experienced (important), and managerially experienced (not cheap).

You can also find someone to replace you in the organization and learn how to become a better manager yourself. By d

Re:

[ScuzzMonkey]

Absolutely correct. Moving from small manual operations to 200+ PCs at a client requires, much more than technical knowledge, organization. It's a whole different approach to IT, and if you don't learn it quick, you're going to both run yourselves ragged and displease your clients immensely. Standards, procedures, all those nasty managerial buzzwords, are things you are going to have to become intimately familiar with in short-order. And since it doesn't sound like you have that sort of background yet,

Re:

[misleb]

I disagree. I'd hire good managers. Seriously. I know this won't be received well here on /., but it's true: Having a good manager (one who can get things done quickly and efficiently) is not a bad thing when it comes to the bottom line (profit).

So how exactly does this solve the technical and capacity shortcomings of their current IT staff. Yeah, good managers are important, but if you don't the staff, you can't take on bigger clients, PERIOD.

-matthew

Re:

[chuckfee]

Gates is a college dropout. They make great CEOs. Ask Larry Ellison or Steve Jobs.

Engineers do make great CEOs - in France. Seriously. I'm not
sure why.

--chuck

Re:

[mike2R]

Yes and no. It depends what your aims are. If you have dreams becoming a large company then you will have to take this sort of risk, probably several times.

But there are thousands of small companies that exist for decades providing a good secure income for their founders. If this is your aim then taking large risks is something you should leave to those with VCs breathing down their necks.

There's nothing wrong with small, safe, organic growth, and not pissing off your existing customers can be a worth

Re:

[qwijibo]

Was "worst advice ever" meant to be a warning about the rest of the post?

The "you can work 80hr weeks instead" attitude is not a way to succeed. If you're demanding more from your people and they get nothing in return, some of them are going to leave. Hourly people who do get paid more for working more aren't all going to be interested in giving up all their free time to benefit the company. If people leave, that substantially increases the workload - not only do you have to take up the slack, but you al

It is all about using the right TOOLS

[huckda]

If you are utilizing the right tools...
disk imaging(roll out an entire office full of workstations in 30 min)
antivirus server(pick your vendor)
backup systems(BackupPC is one I love, doesn't do bare metal restores though) .msi packaging and deployment...(www.wpkg.org) is a nice opensource deployment tool for this.
tools like 'Nagios' for server/device monitoring
Groupware packages like Zimbra

and of course VMWARE...why have 10 test machines taking up space and heating up the room...test new stuff on a virtual m

Re:

[CmdrGravy]

Do you seriously work 60 hour weeks for $4000 a month, it sounds like you may be selling yourself way short there, that's just over £2,000 ( GBP ) or just over 8 pounds an hour which is about the same as I'd get working behind a bar.

Depends on your clients' needs...

[Fallen Kell]

Everything that will be said here at /. will depend on what your clients are doing and running. I would tell you to setup a single system for each of your clients and make a flash archive of it, and then setup a Jumpstart server at/for each client and configure it with to load that flash image to the client systems for desktop support.

But if you havn't figured out already, this will only work in a Sun Solaris house. The same will be said of solutions to every other problem, they will be machine/OS/client sp

Service Management

[_Hellfire_]

On the non-technical side of things, formal Service Management is a must. If you haven't already, I would strongly recommend formalising the management of incidents, changes, requests etc. with something like ITIL [wikipedia.org]. Without formal change management you'll get breakages caused by change and unhappy customers. Recording incidents (every incident) allows you to build up a picture of where your pain points are with each customer, makes it easy for billing, and if you get the same incident again, and you can look at the resolution of the previous incident for a head start in solving the current one.

You mentioned manual rebuilds etc. It would pay to automate this as much as possible (I'm sure you'll get some responses on this). Quality can often be equated with consistency. If you give your customers the same thing over and over they will know what to expect, even if it's only 80% of everything they need. They'll be much happier in the long run than if you give them brilliant service one day and crap service the next.

Re:

[_Hellfire_]

Hellfire do you work for a outsourcing company be any chance.>

No, I work for a mining company you've heard of.

Not doing documentation and not holding change approval meetings are precisely the kinds of behaviours that get you into a situation where the the Information Stores are offline and 500 people are screaming at you. HP and others estimate that 80% of Incidents are caused by poorly managed changes. Think about that - most organisations could save themselves 80% of their incidents by tightening up

Plan

[Amouth]

I moved from a small pc shop to a larger company with about 50 people.. i am by my self.. but we are spread out alot.

what you need to is to plann everything. train people that the locations to handel minor things and make them a fire fighting team.. no company is going to complain that you train their people to handel the minor issues so that they don't have to call you. try to make everything in rounds.. if problems can wait let them untill the guys schedualed to come by can get there and have his list and go about his job.

with a good work order system you can plan for the jobs and have job kits for your workers.. a check list ... the simple stuff makes all the diffrence.

and if you can put this in place then hiring people to do the work is alot easier as they don't all have to be experts.

also set up remote admin and monitoring.. companies might fight back alittle but make it fit their policies.. because if you can see a problem and fix it before they notice that is a good thing. also if it is something that could be done remotely you don't have to send people out there..

and for the multi server people a single port KVM over IP connected to a normal KVM rocks.. they arn't cheap but if you are making money from them droping the 500$ for a single port KVM over IP isnt' that bad.. also you can get them with modems so you can dial into them.. makes remote admin easy.

make network maps and keep them where everyone can get to them so that you don't have jsut one guy that can work at a specific place because he is the only one that knows how it is done

just some ideas.. but always plan..

Re:

[nametaken]

This is all good stuff.

The only thing I'd recommend is skipping some of the remote access stuff, and just setting up a VPN connection to their building or network. Of course, this depends on whether or not they're down with it.

I used to work for a small IT firm, and most of our larger companies allowed us to set up VPN tunnels to their networks. This way we were able to do things like regular remote backups and troubleshooting. When you can solve the problem remotely, they like that. They don't have to

Re:

[Amouth]

if you understand every word then why does it matter.. the fact that i can't spell well doesn't change the meaning of the words i write.

Re:

[Score Whore]

Because the discontinuities caused by your shitty spelling and grammar break the flow of information from your words into your reader's heads. Overall you reduce the quality of the communication between you and your reader. Additionally it shows disrespect for your reader that you don't give enough of a fuck to actually take the time to present them with a well written statement.

But go ahead and write like a moron. It just reduces people's impression of you regardless of your actual technical skill and inte

Re:

[Puchku]

Use Firefox 2.. It has a built in spell checker :)

Unattended.

[Geopoliticus]

Check out http://unattended.sourceforge.net/ [sourceforge.net]

I have been using this at our companies for the past two years and has GREATLY simplified our redeployment strategy. If you have different clients who use different computer systems that all run Windows. Do yourself a favor and check it out.

As others have said...

[Rix]

Your main problem is staffing. I doubt the problem is actually in finding people, but rather that you're not offering enough to attract them.

Deployment on a budget.

[222]

Look into unattended, (http://unattended.sourceforge.net/) an open source alternative to RIS. It makes it possible to use linux servers to push out installs via network. A good unattended install with post installation scripts should make life easier.

As far as application deployment goes, a combination of the psutil psexec.exe and msi installers can make life a breeze. For example, scripting an office 2003 install is as simple as remotely executing the following:


msiexec.exe /i \\server\share\Deploy\O

Where do you need someone?

[Antique Geekmeister]

Given that each new machine will take some worktime, say 10 minutes/machine/week if you fully automate and have good plenty of spare equipment on service contracts, 200 machines is 2000 minutes/week, or easily 33 hours/week. You obviously need new staff to handle this: the first hire you make should be a competent contractor who's done seriously automated network build systems, suitable for CGI or Beowulf clusters, to reduce the load of OS imaging new machines or rebuilding your existing hardware into some

Yes, but what do you DO?

[Doctor Memory]

Can you hire the current IT staff at your new clients? Or are you taking them away from a competitor? Do you guys specialize (somebody's the network guru, somebody's the server wrangler, the third guy's the application specialist)? If so, then maybe each of you should hire an "apprentice" and train them in your specialty. Consider trolling around the local community college with a decent IT program (if you have one).

One thing to do is compile a list of best practices for your shop. This will help commu

Re:

[masdog]

Consider trolling around the local community college with a decent IT program (if you have one).

Or a four year college. A lot of colleges with IT programs give a general overview of the field, and the programs are found wanting in some, or many, areas.

Been there

[kilocomp]

You have already recognized you have limited time and it is hard to find versatile self starting quality IT people. The next step is to prioritize your clients (people are going to disagree with me here), but the clients who pay the most and who pay on time (collecting money can be a huge time hog) are your top priority. You are switching client profiles and larger clients are more valuable. Trying to get the next big client will be easier if you can say you support 2 200 users bases instead of Mom and P

Establish Procedures, hire someone who knows them

[StewedSquirrel]

Hire someone who knows corporate IT.

Please.

I've dealt with too many "three man IT shops" who treat IT work like auto mechanics. "try it, tweak something, try it again, tweak something, try it again, tweak something, try it again, tweak something". All the while, the company is offline. Corporate IT is about establishing procedures BEFORE the issues happen and about having backup plans for WHEN they happen, all of which is designed to minimize downtime.

Working with an office of 2-3 people... if you're diddling with their router for 2 hours, your time is probably worth more than the time the company has lost. But if you diddle with 200 people's connection for 2 hours, you've just cost their company $20,000, possibly more. Imagine what sort of investments could have prevented that downtime, how much cheaper they are than that downtime and why you should have implimented them :-)

FYI, Documentation is more important than you think.

Stew

Re:

[Kjella]

FYI, Documentation is more important than you think.

And just as important, a *good* backup system. I had to fix a system down issue not that long ago where a configuration file had been strangely corrupted. Sure, I could probably find it somewhere in the system documentation what all the settings there was supposed to be, but it was a lot easier to check when it was last good, fire up the backup tool and say "I want file X from last friday". It's sort of like documenting code - for the love of Christ, docum

This is correct

[endus]

Not that I would consider 200 machines a ton of devices to manage, but dealing with a larger network is definitely a different story. Policies, procedures, scheduled downtime, documentation...this is your world. Just like the person above said, you're not an auto mechanic....you don't just go in and start monkeying around with things trying to fix them. VMWare might not be a terrible idea but it depends on exactly what you're supporting. You need to test things like patches and upgrades before they ge

Re:

[bit01]

People can say what they want about windows but for managing an enterprise network where there are novice users? It's the only way to go.

You give some good advice but this is simply not true. Unix/linux remote management for novice users is different but is every bit as easy/hard as M$Windows remote management. In some ways easier because of better file system semantics and much less need for update reboots. I've done both and as always it depends on the competence of the administrator.

---

I love th

Re:

[qwijibo]

I'd recommend that anyone who uses contractors have a long term plan as well. Contracting companies have an additional overhead of ~30% that doesn't help your company or the contractor. That may be an acceptable cost to have no real commitment to the person. Having individuals as contractors with no company inbetween runs the risk of the IRS ruling them to be employees, which is a headache no business wants.

There should be a very limited duration between when you bring on a contractor and when you cut th

Read: Bootstrapping an Infrastructure

[David McBride]

I can heartily recommend:

      Bootstrapping an Infrastructure [infrastructures.org].

It describes good design patterns for computer infrastructure design.

Document, Document, Document, baby!

[LibertineR]

Right NOW, get yourself a CRM solution and a Change Management solution. Next, develop a methodology for multi-tiered levels of support. Have your procedures on paper for how you handle onsite issues, AND what you can handle remotely. As someone else mentioned, drink the MS koolaid and get an MSDN subscription and learn all you can about RIS and other things that will make your life easier. Choose or hire an EXPERT in Active Directory, DNS and Windows Security. PAY THEM WHAT THEY WANT!

Develop a knowledge

"good help is so hard to find"

[SuperBanana]

Businesses love to complain about how hard it is to find employees when they're being cheap on labor, or how they can't retain good help.

There's no talent problem; there's a "how the IT industry treats workers" problem. Here's the current IT talent pool "problem", as I see it:

• The IT industry is one of the few industries that seems almost completely unwilling to recognize general skill/talent, and expects to hire someone who they can drop in and have productive in a matter of hours. It doesn't work that way- in the IT industry or any other industry. Every new employee needs training and familiarization, every new hire causes lost productivity. GET OVER IT. There are industries where corporations send workers to a WEEK OR MORE of training before they've "worked" a single hour.
• Loads of IT workers were encouraged to drop out of / skip college because their technical skills were all they supposedly cared about. Now it's "degree or don't apply." So much for technical skill.
• Employers and the industry are doing nothing to make training/certification easy or inexpensive. Redhat certification, for example, costs thousands of dollars- out of reach of most job seekers. Furthermore, loads of employers are refusing to invest in their workerforce (continuing education/training) and/or treat them like shit. They're then shocked when said employee's performance drops and they get fired/"laid off"
• Employers are abusing "temp to perm" and "temp" positions, cheating the unemployment and benefits systems and tricking workers into thinking that, if they're good little drones, they'll get the job at the end of 3 months- when in reality, the company will show them the door with a silly little excuse.
• HR departments use all sorts of fancy technology to effectively dump your resume in the trash can without a single eyeball seeing it, after cheerfully sending you a "thanks for sending in your resume!" letter.
• Employers post insane requirements looking for people with a skillset that goes on for PAGES and have grossly unrealistic expectations for years-of-experience. For even the most mundane schlep, I mean help, desk positions. Candidates respond by simply flooding employers with any position the candidate thinks they might be remotely qualified for.

Is it any wonder that IT staff leave the industry in droves after just a few years?

Re:

[Beardo the Bearded]

They also want someone willing to work 50-60 hours a week.

Re:

[Shados]

The IT industry is one of the few industries that seems almost completely unwilling to recognize general skill/talent, and expects to hire someone who they can drop in and have productive in a matter of hours. It doesn't work that way- in the IT industry or any other industry. Every new employee needs training and familiarization, every new hire causes lost productivity. GET OVER IT. There are industries where corporations send workers to a WEEK OR MORE of training before they've "worked" a single hour

Oh

S.A.R.

[Jailbrekr]

Hi, I am solely responsible for a 200 user network over 2 floor, and assist in the support of a 100 user network in another city. For the first year, I busted my ass to implement my 3 point program. Those points are:

1) Standardization
2) Automation
3) Redundancy

1) Standardization.

The more they are the same, the easier it is to administer. Try to have the same hardware and image for each department. Use ghost like its going out of style. Use standard naming conventions. The borg naming convention is NOT standa

Re:

[Jailbrekr]

So all you really did was put more of a load on hotmails spam filter.

Cool!

from reactive to proactive

[Yonder Way]

http://www.infrastructures.org/ [infrastructures.org]

Some of these essays are a bit dated especially with regards to the tools they are suggesting but the mindset is still quite sound.

Contract some of the work out

[MrJynxx]

Work on getting a working relationship with vendors, contract out a desktop hardware support company to manage the hardware breaks, contract out a helpdesk function. So that should leave you and your very small but focused team on dealing with managing the vendor and processes, and all of the projects relating to this small company (hardware refresh, software deployments, etc).

I say small because 200+ workstations is not the enterprise, the enterprise is something much much bigger (talkin multiple platform

Lesson #1 of IT

[HockeyPuck]

Do NOT play LAB in a production environment.

aka

Do not LEARN on the job. LEARN in class or in a proper lab... not during an outage or during an install.

That is proper IT, anything else is flying by the seat of your pants which will cost ..your customer's their data, ...your company revenue and ....you your job.

Huge decision to make

[syousef]

Do you want to keep doing what you're doing, or do you want to be a manager? Being the manager is more lucrative if you're successful but you're not going to get to both play IT admin and manager of a large company. You'll be spread way too thin.

The job you don't want to do, you need to hire for. If that's the mangerial role, you need to make sure you don't end up a lowly surf by managing the hiring process very very carefully to ensure you retain control at all times.

If you are unable or unwilling to find

Simple

[Cervantes]

It's not that hard, I've been in the same boat.

Step 1: Think of the coolest things you can do to make things quick and easy.
Step 2: Implement it.
Step 3: Document it.

Really, whether it's thin clients, giving all the pc's bootable nics, setting up network images for reimaging, using VNC or other remote service/admin tools... think outside the box and then do it. Because with 200 people you're not going to have time to walk to every machine, nor can you spend time bringing the boxes in for simple reimage.

And d

SMS/AD/RIS

[Skuld-Chan]

Microsoft has tons of tools that are pretty good at managing large enterprises with few people, but its helpful to know something about Windows scripting, and locking down Windows to prevent user misconfiguration.

400 desktops

[silas_moeckel]

400 or so desktops might be one or two people at worst. As to the os install bits, I did that gig 15 years ago and had automated remote installs with one floppy, PXE gets rid of the floppy. I mean it the oh no my machine got eaten by a virus should be no harder than a please reboot hit f12 and go get a drink. In the background you should have setup the machine to PXE boot into the virus scanner image and exported it's VNC session to your desktop across the site to site VPN. Find anything that you dont l

Work Harder

[lewp]

Here's a secret about big corporate IT deployments (I've worked in a couple very large ones, and observed a few more belonging to equally large "partners"): The tools they use don't really save you that much work.

You wind up maintaining solutions to help you maintain your solutions. You train people to train people. You automate your processes, and in return you get to create a whole slew of new processes to oversee the automation. You lose techs thanks to the new "productivity", but you gain project manage

Re:

[Junta]

Not all tools make life harder, just a lot of the ones companies try to sell.

Maybe it's hypnosis. A company will sell it's software solution on how it will enable the client to do great things, and then get that client to pay *more* for complementary services because the developers did a bad job of making it actually easy to achieve great things.

Particularly when aspects of the infrastructure are Unix based, a lot of vendors out there will sell tools to help manage the whole picture, including managing *ni

Read This Book! Live This Book!

[DaGoodBoy]

The Practice of System and Network Administration [amazon.com] by Thomas A. Limoncelli and Christine Hogan is the definitive reference to build, and more importantly, maintain any network and system infrastructure. It is written in an accessible style with plenty of real-world examples that focus on the importance of key infrastructure. It is not a "How To" book exactly, rather it offers advice and specifications for the kind of support infrastructure you have to build to be successful supporting large system and network infrastructure. If you are familiar with this book, please add your comments on it.

Hire a Sys Admin

[blackbear]

To grow, you're going to be forced to be more specialized in your job functions. Find an experineced systems administrator who has worked in big shops and has experience working with software developers. This persion will be expensive if they're any good, and will be worth the money.

Above all don't pretend that you know how to manage IT infrastructure. Systems and infrastructure administration is a compeltly different world than most developers ever work in. Your automated systems and production environment

Not all too difficult

[guruevi]

I'm currently managing 2000 workplaces, 3 mainframes, 50-some servers with about 15 people.

We didn't have any trouble or asset management except for what came with Active Directory and right now I'm implementing a central command, asset collector etc.

I can't elaborate on it due to NDA but if you're looking for someone to take care of your IT support management problems, contact me, I might be able to give you some tips.

You aren't successful unless you turn down work.

[shess]

That isn't to say that turning down work makes you successful, of course. Once you get to where you're turning away work, it means you can be selective. Also, you can start charging more.

BTW, if you're already doing 60-hour work weeks, you had better be making some really really good money (*), because the alternative is that you're already losing the game. What if one of you comes down with a flu that puts you on your back for 3 weeks? The other two gonna work 90-hour weeks? Doubtful. 60-hour weeks a

Sorry, just to confirm....

[JaJ_D]

We're now doing 60-hour work weeks, so re-education has remained passive

Errr whats unusual about this?

This may sound jokey but I am being serious. Every IT job I have had (7 in 10 years) I have worked these sorts of hours due to a) bad management, b) stupid sales people (promising stuff that is not ready/spec'd out for a months time) c) understaffing d) poor staff that are so bad at their jobs they should be fired e) general incompetence e) etc.. etc...

From experience the good programmers end up hav

Rubbish.

[jotaeleemeese]

I have worked on IT for 17 years in many different countries all around the world, and my typical week has been 40 hours, 35 the last few years.

If there was the smallest hint that hours would become insane I was posting my CV to agencies and prospective employers faster than you can say "overtime".

IT people are all too willing to put put macho bravura performances, when in reality weeks of 60 hours are pointing to poor management and personel with lack of self respect.

Hire The Best, Work Together

[Bob9113]

Figure out how many people you want and what average salary you want to pay. Then cut the number of people in half and double the average salary. Nothing kills enterprise IT faster than semi-competents trying to cover-up their mistakes. Plan to spend at least twice as long as you think you can afford on interviews and checking references. While interviewing, ask some questions that are too hard - if the candidate can't comfortably admit that they do not know the answer, they won't be able to admit when they

Work tickets, audits, normalization, documentation

[mveloso]

There are three key things that you need to do when you want to manage an IT shop (for anyone):

#1. Have a ticketing system in place or built. This is probably the most crucial thing you can do, because it will become the core of your job. Nothing gets done without a ticket, period. The ticketing system will also allow you to document (1) the problem, (2) the time spent on the problem, and (3) your interaction with the customers.

#2. You need to do an audit, so you know what services are being used (and requi

Re:

[mveloso]

Oh, that's five things, not three! Doh!

Sub-Contract

[not_hylas( )]

Sub contract an IT tech (team) from a good firm.
Interview for a qualified partner in crime (PIC) that has skills that fill the bill.
Hire, then train him/her.

The subcontractor will cost you plenty but will allow you to play catch up and snag the accounts.
Be up front with your customers about this, either they will support you in this, or you find out what you're really up against early.
It's all about being "reasonable".
Spend money - make money.

Eh?

I was told

[doombob]

If you're too busy, then you're not charging enough for your work.

Re:

[Tribbin]

First read before being smart-ass.

"..., and hiring competent IT staff has been difficult."

Re:

[dave562]

I think your definition of qualified might be different from mine, because in my experience there is definitely not a surplus of qualified people out there.

I second this. It is hard as hell to find anyone competent with REAL WORLD EXPERIENCE for less than $75,000 a year. There plenty of guys out there who you can pay $50,000 and throw into the breach, but as soon as they have to recover a corrupt Exchange message store or bring up a crashed domain controller, they're going to end up causing more problems

Re:

[wonkavader]

Have to agree. CS degrees on resumes of people I've interviewed in the past year or so are badges of inadequacy in the same way a Network+ cert used to be.

Re:

[wonkavader]

Resumes are so unhelpful, these days. We bring a broad smattering of people in. Some have just a littl experience post-BS, some have a lot. Virtually all of them fail the interview where we have them write a trivial algorithm.

When you say "looking for" you probably mean, how do we pick the resumes. HR does keyword searches on resumes posted on Monster and other resume farms. We also post jobs and look through all applicants who are interested in US. We contact, with the desire to bring in for an inter

Re:

[syousef]

Experience is a necessary but not sufficient condition to not making newbie mistakes, and by that I mean decisions that sound logical and intuitive/plausible until you actually try them in the real world. Experience is very important. Yes you can have a very bad mechanic with 17 years in the trade. But I guarantee you no one in their right mind is going to let someone work on a multi-million dollar race car with 3 months experience just because they're intelligent. You need both.

As for scientific discoverie

Re:

[duffbeer703]

The problem with self-taught people is that they are "experts" in operating whatever solution they taught themselves, and filter all problems through that tool set. One of the big reasons for this is the free/cheap learning material that they use are vendor-provided educational/marketing collateral.

So when these people move up the ranks and become Microsoft/HP/Cisco/IBM/etc certified they have a natural affinity to their chosen vendor.

Re:

[marcello_dl]

When i hear about linux deployment i figure a local apt repository for tested packages, an apt-upgrade at shutdown and happy users. Today i crashed office by pasting three paragraphs and a table into a new word doc from a secure site browsed by IE6. Not to mention that when it works, same action is faster on my linux home machine whose specs say it's 5 times slower. and i don't get warnings about certificates while doing that. For the record, the only problem with that page is missing doctype and one spuri

Re:

[itwerx]

outsource your work and call yourself the VP of marketing and operations.

This is better advice than the poster may have intended. With your current size you really don't want to add FTE's just for two clients. Use that good old "people network" and see who you can shanghai on board temporarily (with an eye towards possibly making them FTE down the road). Otherwise you're investing heavily on what is essentially a gamble at this point.