Table of Contents

Starting a new role as a sysadmin - things I need to discover

Original Author: https://www.reddit.com/user/Neralet/

Original Source: https://www.reddit.com/r/sysadmin/comments/7vngcp/starting_a_new_role_as_a_sysadmin_things_i_need/

Company information

Site information

number of sites the company operates at, including addresses, google map links, operating hours, access requirements, parking details, number of staff on site, IT presence, network connectivity, operations at site, map or plan of site buildings, site manager name and contact details, key IT assets or systems in use.

Organisational

Org chart for the business, with key stakeholders marked. Key software in use with mapping to users or divisions, show who has pain points and might have quick wins, their perception of IT quality, do they understand IT and the drivers, do they understand the IT triangle (Good, Fast, Cheap – you can only pick two!). Meet with other staff that are users of IT and get their perception of the services – don’t promise anything other than to look / investigate at this stage. Try to establish their level of confidence in your department and peers, the tech the company has, and if it’s a driver or a bottleneck for their workflow.

Business Systems

is there a list of all systems / applications, with business owners, and agreed SLAs, RTO and RPOs, DR/BC plans and risk assessments.

Service / help desk

meet the service desk manager and staff – establish pain points, expectations, team size, introductions into type of characters, aspirations and skill sets of team members. What desktop hardware is in use, anti-virus software, intrusion detection system, data loss prevention, helpdesk system or software? Is BYOD supported and actually used, what is the company mobile policy and hardware, who manages the phones. Desktop patching, build and deployment policy and processes – windows images, SCCM or manual build, or something else?

Success Metrics

establish how you will be scored / rated in the position – system uptime, project delivery, ticket closure, user satisfaction etc. Establish the rating system or who/how will be doing the scoring. How often do you need to justify your position / progress, and to what depth. Look at the political landscape and work out if you save the company money by implementing X or fixing Y if you and your team will get the credit, or will some other smooth talking chump?

Disaster recovery / Business Continuity

is there a DR/BC plan? Who is responsible overall for DR/BC? Is any existing plan feasible? Are there any failover tests done? Has DR/BC ever been invoked? Is DR/BC seen as necessary?

Physical surveys and information

Comms and server room information

list of all rooms used to hold key IT assets, maps of where they are, details on power supplies, HVAC, security, access, build quality, age of equipment, asbestos presence, fire alarm / suppression systems, provision / location of Demarc from Telecoms providers

Infrastructure

get a count of the number of systems that will be managed, and a basic list. Get a baseline quality assessment of each system for further investigation. Check what Firewalls secure the main egress point. Is there remote access provision – VPN, RDP, Citrix etc. What is the backup system / method in use, and are there clear retention policies in place? Have there been recent routine restores? Have there been DR/BC invokes recently? What software is used for monitoring of network and systems? Are there requirements or expectations of OOH support and over what time frame? Are things like patching done OOH? Is there a list of existing contracts, key vendors and projects underway or planned for the near future? Is there a cable colour guide or scheme on site?

Technical information

Licensing

What type of MS licencing is used, what version of Office is use (or Libre or other productivity suite), who manages the licences and how / when is it audited. Is there a list of bespoke industry software in use, and are there contact details for support / maintenance – are there maintenance contracts for the software? What is the budget cost of licencing for the company, and the historical trend? Is there a licence shortfall – is urgent action needed, and who do you need to get signoff from. Make sure there is an email trail for anything here.

Phone system

Make, model, age, technology, Support level, DDI number range, extension plans, Call groups, hunt groups, skill sets, IVR, voicemail, routing, holiday cover, emergency messages. ISDN or SIP. Age of system.

Websites

External hosting provider, data centre standards, design agency, contact details, Hosting costs, plans, monitoring, availability, update cycle, testing plan, DNS providers, SSL certificates, change control, signoff procedure, marketing team contacts, marketing plan, domain expiry and auto-renewal, domain protection

Company Intranet

SharePoint or some other CMS? Use, quality, hosting provision, clutter, speed, monitoring. Auto open homepage on login?

Web filtering

Present or not, on site or as a service. Done by appliance or server. Exception groups, management, over-rides, reporting. Establish if there is a generic vendor provided block list, or industry specific details. How restrictive is the company, or are they generally permissive. Is the blocking of content at the IT departments discretion, or managers of teams. Is filtering reported on? Are there different levels of filtering for execs, managers and general staff, or special teams like Comms and Marketing?

Email

On-premise or cloud. Mail addresses / domains. Average mail flow. If on prem, backup and restore tests, if cloud who has admin access to portals. Retention policy. Mailbox sizes. Archiving policy. Legal / retention hold policy. Spam / AV checks. Max send / receive size.

Active Directory

How many DCs, what patch level, what OS, what schema updates, what extra software installed on the DCs. P or V? Name of domain matches external or not? Sub domains? Domain trusts? Are users in users and computers in computers or is there a custom layout. Are there job roles / functions.

DNS

Internal DNS - microsoft via AD servers? Extra domains? Internal testing?

DHCP

What range is defined, exceptions, reservations, support for weird stuff like WINS, how full is the range. What servers issues DHCP. Are DHCP helpers defined.

Routing topology

Simple or complex, core or distributed. All sites exit via main, or local breakout?

Databases

SQL, Oracle or Postgres/MySQL, or other? Versions, sizes of boxes - Physical or Virtual - backup methods, DBs set to autogrow, is there a DBA, no blank / SA passwords. Maintenance plans

Password management

On prem or cloud. Backup. Master key? Access levels? Quality of record keeping? Password methods? Change cycles?

File servers

One big file servers, or multiple small ones? Mapped as what letter or accessed via UNC? File and folder security? Size of file store, age, docs not accessed for last N? Backups and restores - shadow copies? Data stored on physical PC or mapped LUN on shared storage? Access speed / throughput?

SAN

Make, model, support level, disk size and space, RAID level, network connectivity, management connections, utilisation, max IOPS, parts available, expansion available, age

Asset management

Asset stickers, management system, numbering, depreciation speed, finance considerations, record keeping, estate age, update cycle, OS levels

CMBD

does the company have one, is it used by multiple departments, or just a few. Licences? Perception? Use? Cloud or on-prem?

Restricted / special systems

are there systems subject to PCI/DSS, SOX or other financial or regulatory bodies? Are there special requirements for the data? What proportion of systems are these, what is the split between special / standard data. What are the audit requirements.

Social / soft skills

Budget / finance

what is the current IT budget spend PA. What is the depreciation term set by Finance for capex? Is the company biased towards capex or opex? Is the IT budget proportional to company turnover? What is the refresh cycle on desktop, laptop, server, SAN, switch hardware?

Security

is there a security policy in place already? Does the company have all external sites secured by SSL? Is there external Pen testing? Is there cyber-security awareness from employees? Have there been any data breaches? Is there awareness of GDPR?

Social

get to know the following key people, and make friends – the receptionist who will screen your calls, or look after your visitors. The person who organises stationary, admin supplies or books couriers and can make deliveries happen as if by magic. The M&E engineer who can sort out power, lighting and aircon issues for you, and arrange access through locked doors all over site. The HR person who sorts out timesheets, flexitime, overtime and cover. The payroll person to looks after expenses, petrol claims, invoicing and payroll.

Office politics

You need to be able to describe your work and projects in ways that at least justifies existence and at best terrifies Management so they won't want to cut your budget. Also be able to express the importance of every project in terms of either generating money or risk mitigation to avoid losing money. Business is all about revenue and many managers see IT as an unpleasant expense rather than as an important tool which enables their employees to make money. Asset Management either means ugly stickers that the helpdesk uses instead of actually fixing the computer thingy, or it means a streamlined system of inventory management which enables faster issue resolution, ensuring your colleague is returned to a productive state as soon as possible.

Documentation

how will you record your progress, success, issues and documentation. Is there a wiki or sharepoint site? Do you need a document repository making? Is there documentation in place, and how good is it? Is there a standard to aim for? Does the company recognise the importance of documentation?

Shadow IT

is there any, in what departments, and to what level. How many admin accounts are there, and who has access. Is IT seen as a thing that slows you down and stops you getting stuff done, and thus something that needs to be bypassed? Do people doing / using shadow IT have legitimate issues, or political power that prevents dealing with them directly.

Alongside the information to gather, there’s a list of things I will be trying to get / ensure I have available to ensure I can work well:

Network management equipment


Timeline