IT funnies at work. 1 step forward, 20 steps backwards

This is getting to the downright comical level here at work. Bunch of engineers, using models, XP computers on a Novell network. Finally upgrading to new Windows 7 computers.

And that's where the fun begins.

The modeling softwares are somehow incompatable with the restrictions IT has placed on user accounts and Windows 7. So, instead of everyone having the modeling software they need, we're going all the way back to having one or two computers for modeling. Everyone has to wait and que up to do the modeling they need to do for their jobs.

Oh, it gets better!

For who knows what reason, the network printers connected to the Windows 7 computers are now only available during designated office hours. Anyone working early or late cannot print anything. Even funnier, the print jobs do not que up, indicating a problem, they are dumped before the que as an error. So as far as IT is concerned, there is no problem, otherwise there would be a log.

I'm actually trying to fire up an old dot matrix pin print printer directly to my computer so at least some work can be poorly done.

No point in tears or frustration, it's just too funny!

I think windows 7 just gives IT to many options to be dicks. Through it they have been able to become as big of an organizational bottleneck as the finance department is. We just upgraded and its stupid how much more "locked down" everything is than XP was.

Our IT department likes to be more... hands on with their dickery. Previous policy: buy what you need using your NIH grant. Effective July 1st, all technology purchases must follow the process of "tell IT what roles you need filled" and they will "recommend a solution." This is going to intensely suck.

(Science computer needs rarely equal office computer expectations)

Our department used to have its own IT guy and he was awesome. He got us anything we needed and kept everybody running nationwide. So they eliminated his position and we use the corporate IT department. Now it takes 2-3 days to get approval for normal software updates for stuff we use regularly.

kylini wrote: Our IT department likes to be more... hands on with their dickery. Previous policy: buy what you need using your NIH grant. Effective July 1st, all technology purchases must follow the process of "tell IT what roles you need filled" and they will "recommend a solution." This is going to intensely suck. (Science computer needs rarely equal office computer expectations)

"I need the role of XYZ Program filled."

I found a really great IT guy at my company. I just circumvent every process we have by emailing him directly--it will take about 1/2 a day before he gets to it, but it gets done the first time, and it gets done right.

it might not all be the IT department's fault. Friend of mine worked IT for Lehman Brothers before they went under and were bought out by a German Bank.

After the German Company took over, she even had to lock herself out of upgrading her own computer until anything was approved from Germany.

Of course that never happened.. what IT person truly locks themselves out of a computer

Man I'd get my ass fired if I created a clusterberkeley like the one in foxtrapper's office.

Now the problem with the modeling application is that it's badly written in such a way that for one reason or another, it requires administrative rights when it shouldn't, and it has a problem with Win7's permissions that it didn't have with XP. This leaves the IT department with the choices of 1) Breaking E36 M3 (which they chose) 2) Giving users administrative rights, allowing them to unleash the Dancing Pigs on their office 3)Find a more creative solution.

For 3 there are a couple of options. One might be to grant users permissions to just the parts of the OS that this modeling app needs access to, fixing the problem with a minimal security compromise. But if the app's really an awfully-coded piece of E36 M3, which seems to be the usual situation in the world of engineering software, that won't be an option because it will be indistinguishable from option 2. The other option is for your IT department to try this:

http://www.robotronic.de/runasspcEn.html

That should let users elevate permissions for the modeling app alone without giving them all admin logins.

I use two laptops to do my job (one Mac and one PC). It is just more efficient and I've used this same workflow at several companies before. Apparently our IT department is cracking down and we can only have one machine per person now, no exceptions. So I explain to the IT drone that some of my software only runs on Windows, while I have around $500k of legacy content in all Mac formats, plus several thousand tagged photos in iPhoto. Their current solution is to let me keep the Mac and give me a virtual PC on a server somewhere, except that they can't get it to work right. I mentioned just installing Parallels and the IT drone almost snapped, shouting something about maintaining two OS licenses, which I understand...except won't they be doing the same thing on my VM?

mad_machine wrote: it might not all be the IT department's fault.

I used to work for a company that only paid for one or two seats of very expensive design software and used novell/win clients to cheat and allow the whole office to use it in separate OS/2 login sessions. They had about 22 issues costing about $1.2M when migration time came

We just moved from XP/Novell to Windows7/AD. It's a complicated migration, and it sounds like your IT group decided to boil the ocean by locking down permissions at the same time. Better to get things migrated over cleanly, and then worry about locking down security as a second step.

I was the business lead on our division's WinXP to Win7 migration a few months ago. Uggh, what a cluster. And bonus -- I got to be the guy 'responsible' for disrupting every single member our workforce!

I know locking things down can be a pain but remember there is a reason we do it. I have computers like this come in to my office on a daily basis. http://youtu.be/YDNmyyrEZho

Regarding XP/Win7, at least we were given choices. 1) Upgrade if possible; 2) purchase a crazy external firewall to keep the XP machine on the network; or 3) remove the XP machine from the network. Our dedicated instrument machines that couldn't be migrated were just unplugged from the internet. God help us if we have an infected flash drive though!

There was a security lock down that happened with the XP to Win7 migration in my office. Immediately after I got Windows 7, I could not get into two web-based applications because of expired security certificates. These applications were hosted and maintained by the IT dept.

After a lot of calls and emails, I found out there was no plan for actually doing anything about the security certificates. The suggestion was to install Firefox (IE is the company standard) and use that instead because it would allow me to set up exceptions to work around specific certificates. Of course I didn't have the ability to install anything on the my new Win7 machine. I would have to jump through hoops to get special permission to have Firefox installed.

It all got sorted. But it took two weeks and put me behind schedule.

At my company it goes like this:

Me: Hey IT guy, I need X, Y, and probably Z.

Him: Done. Do you need it urgently enough to get it sent next day air?

Me: Nope. (usually anyhow, I did get a laptop next day aired to my house instead of the office the Wednesday before Thanksgiving, and then a replacement next day aired on saturday when the first one was DOA)

Him: It'll be here in 2-3 days.

Also, my first day working there came with a note: "You have full local admin privileges on this box, and a decent set of domain admin privleges as well. Do whatever you need to do, and let us know if you need more access on the domain end of things."

It's the first time that I've not had my efficiency sapped by silly IT hoops, and it's quite nice. Beats the hell out of the IT restrictions when I was working for the feds.

This is almost as bad as what the "safety" guys just did to us at the Borgata.

Entertainment has a sterling safety record. Aside from a few sprains, and a some broken toes (two of which were mine) we have had almost no injuries in the 11 years since we opened...

They came and removed our welders and grinders this week because they are dangerous. Exactly how are we supposed to have a fabrication shop without a welder?

Truly, I think if every company fired their entire IT department and threw all their computers in the trash, they'd get more work done. And I'm a computer guy!

mad_machine wrote: This is almost as bad as what the "safety" guys just did to us at the Borgata. Entertainment has a sterling safety record. Aside from a few sprains, and a some broken toes (two of which were mine) we have had almost no injuries in the 11 years since we opened... They came and removed our welders and grinders this week because they are dangerous. Exactly how are we supposed to have a fabrication shop without a welder?

Please excuse me, but I find this to be absolutely hilarious!

Being in IT it's funny to hear people complain about it because....well....I hear it all day....even from people in other parts of the IT office. "Your tool is making machines run slow." (it's a passive tool that resides in the network and not on anyones machine) "Why do I only get 60 minutes of youtube access a day? How am I supposed to watch movies?" There is no way of logically explaining this to simpletons. "Why can't I download and install programs on my computer? I doubt the latest Super Nintendo emulator will hurt anything."

And I swear I spend way to much time working on preventing people who manage to find another way to download a streaming music app on the machine. We allow Pandora but for some reason people feel it's necessary to download every other application possible to stream music. Thank goodness USB ports are disabled.

The OP sounds like your IT department is in need of some refresher training on Windows 7 and access controls for your programs. Maybe there is an issue with the host based security application. You guys do need to understand that most companies compile and deploy a information system security policy and the IT department are the ones to manage and implement those policies as to properly secure the network infrastructure. From basic read, write, and execute rules to what you are allowed to view on the internet. I always say if you have an issue with the policy go see the division heads.