====== Classic Sysadmin / IT Misdesigns ======

If you are doing / not doing this stuff, you should reconsider your position as a [[:computer_science:sysadmin|SysAdmin / IT Director]]

  * Adding public DNS servers to domain joined systems
  * Not having any Windows update restrictions on workstations and just leaving auto update.
  * Not doing updates on servers for YEARS.
  * Not using GPOs
  * Not using MDT, or any automated deployment.
  * Abusing the email as a ghetto collaboration system, so that mailboxes burn 50GB in a few months
  * Not using VMs.
  * Not using ticketing.
  * Using excel files for password management.
  * Not using DNS and just hardcoding IP addresses everywhere.
  * Don’t know any security, so they often get hit with ransomware because their client machines, DCs and backups are all mixed together.
  * RDP-ing everywhere because they never heard of RSAT.
  * Not documenting anything
  * Default passwords. Printers, cameras, specialized equipment.
  * Implementing flat networks without any segmentation because "VLAN's are hard".
  * Loose firewall rules, not auditing firewall rules, not providing detailed comments within firewall rules.
  * EVERYONE GETS LOCAL ADMIN
  * Not implementing monitoring or syslog servers.
  * Not using password management. Not setting up self-service password reset