You are invited to Log in or Register a free Frihost Account!

Migration from Novell/OES to AD

Ok. So I'm mildly terrified about this. I started my job essentially feet first. Now we're just going to go through that all over again, it seems.

It's the startling realization that not one single person in your department knows how you actually do your job. So many people within each workgroup introduces something or something changes and with it comes some new tool that you're introduced to. I mean, even then the person isn't really sure how you would use that tool, they just close over what information is there.

I mean, when our user portal was overhaul (both old and new versions were built in-house). New tools had been integrated into it. We were shown the tools and given some access. We got to see, roughly, the information inside. The connection was never made why we needed these (or might not) or how we could use them in our day to day troubleshooting. I mean, I started to make connections, poked around. I end up using that information to figure out why someone might be having access issues. I use it to figure out what people are doing, how they might have a self-inflicted wound. That's not at all what's happening across the board with my fellow colleagues.

So, circling back. With this transition... I'm used to how file/folder access works on our servers. Users have their own space where they save their files. Then, on another server, the department has a space for departmental files.

I have a pretty good understanding of how access is managed. It's defined by us (oddly enough us level 1 peeps make these groups and assign them to the desired folder and define the rights). Granted, it's full access or read-only. But I also knew how to remove inherited rights to make something 'private' depending on how access was managed above.

Now we're moving to NTFS rights and... I'm confused. I'm having a hard time finding material specific to that scenario. Creating a group, users are assigned to the group. That group is attached to a specific folder. That group has specific rights.

Typically it's the same as above. The group might have full access to read the files, modify them. They can add files, rename them. It might be rare to prevent someone from deleting a folder...

In our environment, and with some crossover between departments, you might have multiple groups associated with a folder. One where folks can only read the contents. Another where they can modify the contents. I'm not going to say that above that might be a person or small group that would add and remove files (if that's possible).

We only had the one intro session and, despite asking for a copy of the materials, I never got them. I wish I could have watched that video again... The guy when through all the checkboxes and explained each set of rights with a live example. First go round was a bit confusing... I like to hash things out and if I had a whiteboard I'd go to town trying to relate that info to our environment.

It's not enough for me to read about it. I need to understand how it's being applied. I need live examples. We're tumbling very quickly towards these changes. Our server for staff files is moving tomorrow night (well they've been copying data for the past week) and it'll go live on Thursday. They've made quite the plunder too. I can see all the folders for each user but I don't have permissions to the contents. I did on the old server.

You know how sad it is that people don't understand what a file explorer is? Or the address bar? They understand "I click this icon and click Desktop". Our users aren't savvy at all and they don't understand that their files aren't stored on their computer, they're on a network server. Blows their mind... actually they just look like a deer caught in the headlights...


4 blog comments below

Would it help if your group started a lunch hour seminar series that educated the users as to how it all works and fit together? Maybe the management could work out a system whereby attendance and/or giving of those lectures could count to some brownie points for the workers' annual assessment. Carrot for the management would be less support needed and more educated end users?
deanhills on Wed Jan 24, 2018 10:43 pm
Oddly enough we had a project last year to develop and build a badging system. It was a good idea but it's one of those things that failed because it was short-sighted. It takes time and dedication to build out the content. You'd have to go and reach out to other areas to devise new training and badging opportunities that might benefit workers in other areas. There's also the issue where uptake is an issue and enforcement. Union works feel particularly threatened if management might use a system like this to force you out of your job. I'm not saying I agree with that mentality. I think the benefits of steering folks towards learning about the environment they work in.

We've also been trying out these lunch and learn sessions. The last one I think we had... no one showed up. That was very depressing. I feel like we could do a better job getting the word out. We never seem to make things like posters of flyers. We don't make something that could go out into internal mail and land in everyone's desk. I find that other areas of the workplace have a better shot at getting the word out. Drawing attention to something. They can throw their weight around a bit more.

Both are great ideas. Both are things we've tried to implement or are currently trying to carry out. It's just... the success rate is not looking good.

TheGremlyn on Thu Jan 25, 2018 1:33 am
Darn! I'd have given my eye teeth to attend those sessions. I love attending, learning and bonding with those who provide the learning. Like it works wonders in almost every positive direction. You're right, the lack of interest probably gels completely with the lack of understanding the basic principles to everyone's detriment.
deanhills on Fri Jan 26, 2018 12:54 am
Ok. So I only died a little today. It was a bigger ****show than anyone expected.

The assumption was that only those who had the folder redirection hard-coded into their registry would be impacted. Um. No. I was also never under the assumption that when folder redirection broke and pointed a user to the wrong volume of the server was somehow something they did... they're not savvy enough. Install malware? Sure. Meddle with the registry. No. Nope. Not even a little.

Why am I confident in this? Because we would NEVER meddle with the registry in classrooms. So it was maddening to have the classroom line going off all the time because someone 'lost' access to their desktop files. The new home driver server was mounted but something that was being pushed out (likely something we weren't even aware of) had resulted in the registry being hard-coded to point to the old server.

I was brought in at 7am and the phones were open at 7am. Usually the classroom line is the only thing that comes through but that starts at 7:30am and then the regular traffic can start at 8am. We never told anyone we'd be there that early so no one would have tried to call us, except by accident or without knowledge of our normal hours.

The benefit of being in so soon and in the calm before the storm is I COULD FINALLY READ UP ON WHAT THE HECK HAD BEEN DONE!

That's no good going live with something and also only informing your service desk on what was changed and how to loosely support it.

Ultimately with 3 of us in by 8:30am and a fourth in at 11am the phones were going wild. We had an extra student come in who was pulled to help answer phones. Switchboard was redirected to another person. Even our 3 classroom techs were drafted to help with the phone calls. We were still up to our eyeballs in calls. We never even had a chance to look at tickets. I'm mean, they were about the same thing and the only honest reply is "please call in".

Well. I can also say our Win7 users are mildly screwed. We can even redirect them at all to the new server. I think I have a vague understanding of why... but I couldn't explain it as I don't know the terminology. The changes in the registry just revert... they can manually navigate to the home drive folder. It's mounted anywhere... just can't work the redirection. It just won't stick. Means anytime they log in or access a file explorer window they'll get an error about being unable to reach the desktop on their older home server.

Bleeeeeeh. So today was mostly capturing a good chunk of the admin staff and some faculty. The dust probably won't settle for 1-2 weeks as faculty rotate through the classrooms. It's a per-user issue on each computer. I took a call from one room and realized someone was in there earlier with the issue. Bleh.

TheGremlyn on Fri Jan 26, 2018 1:14 am

© 2005-2011 Frihost, forums powered by phpBB.