Transitioning From Small Shop IT To Enterprise?

Imaginary Friendly asks: "I'm the 3rd guy in a three-person IT firm. We're good and we're expanding. Our clients range from three computers to 30, with our largest client having six servers. We can handle the work but, thanks to my efforts and love (or just luck), I may be signing up two new clients who have 200 networked computers each. We're spread thin as it is, and hiring competent IT staff has been difficult. We're now doing 60-hour work weeks, so re-education has remained passive. How do we transition from manual rebuilds and CD deployments, to full scale (proper) IT administration?"

drink the koolaid

[Gothmolly (148874)]

Since 90+% of your clients will be MSFT shops, drink the koolaid. Get an MSDN subscription. Buy a big multicore machine, and you can all learn on VMs. Master all the MSFT (RIS, SMS, etc) and bolt-on tools (NetPro, GPA, etc). Learn to do everything the MSFT way, and you won't starve (at least until Linux takes over, if and when). In your spare time, look at alternative desktop environments for tip and tricks.

yup, do like the government and clueless big corps

[rubycodez (864176)]

With windows you can run a serious huge enterprise operation just like you run a home computer. with the sames security risks and catastrophies. gigabytes of mission critical and confidential information can float around on your executives laptops, to be stolen or lost and viewed by god knows whom. remember, if a box doesn't have a screen with a mouse and keyboard, it's not a real server. bonus points if a server needs a constant logged in gui screen to get important batch work done.

Re:

[alienmole (15522)]

I think you might have missed the point the grandparent was making - possibly because you're a Unix admin, and not a Windows admin.

The Windows GUI is inseperable from the OS, and has to run on the machine's built in video adapter and keyboard. You can't fully administer it through a console connected via RS232, for example, without hardware hacks to virtualize the video. And as the GP mentioned, many operations tend to require or at least strongly encourage a session logged in on the server's console. Th

Re:

[TeraCo (410407)]

Like the other poster said, use an iLO card (or your vendor equivalent). It's certainly saved me a 4AM trip to the data centre to powercycle a box and look at a screen.

Re:

[eln (21727)]

The way the article is worded, it seems they're mostly dealing with desktop PCs, which are almost certainly Windows-based. The servers may or may not be Linux, but if they're already built and coming from a shop that did not previously have an IT department of their own, I would bet on them being Windows as well.

Obviously, though, more details about the environments involved would have helped a lot if the submitter was aiming at getting useful information.

Re:

[LWATCDR (28044)]

If your customers run windows then you have no choice but to learn and use Windows.
Notice that they support workstations as well as servers so odds are they are windows machines.
Get ready for the fun of spyware or the fun of dealing with locked down windows systems.

Re:

[cptgrudge (177113)]

Done properly, locked down Windows systems aren't that much of a hassle. The only bad obstacles are getting all those legacy and poorly written apps to run correctly, and getting user acceptance. Difficult, but not insurmountable. You definitely still have to drink the kool-aid, though.

Re:

[0racle (667029)]

installing an SBS server and then wanting two more back up domain controllers (say, one at a data center and one backup locally

Exactly what is wrong with this.

Re:

[toadlife (301863)]

"A second domain controller can replicate AD fine, offload authentication, etc., but if your original DC goes up in flames, the reinstallation process must create a new domain;"

Forgive me as I've only ever worked with "real" Windows domains and I'm ignorant in regards to SBS. Does SBS even allow a second DC?

First...

[misleb (129952)]

I would seriously recommend turning away those bigger clients for now until you first get the staffing to handle it. You can try to pick up the clients later. Maybe they'll hire someone else, but there is a chance that they will be unhappy with that someone else and come to you. You don't want to take the clients on now and screw up and ruin your reputation. If at all possible, hire someone (or multiple people) who already have experience with larger networks and kill two birds with one stone. I don't think it is really worth it to give you advice here on how to manage larger networks. You've got staffing problems. You need to address that first.

-matthew

Re:

[p0ss (998301)]

i agree, your staffing issues are your primary concern, without additional staff you are not going to be able to expand at all. Finding staff is hard, but as discussed in a recent slashdot article, the key is paying well. If there is competition for skilled people, the company who is paying the most will win.

If you can use telecommuters, do, it will broaden your labour market immensly.

One last point, Train your customers as you go. It may seem counter intuitive, but teaching your customers to solv

Re:First...

[KillerCow (213458)]

Ditto.

By your own admission, you are stretched thin and can't handle your current load. Now you want to take on new clients, but not just any new clients, new clients with large needs that you don't know how to address.

Do you really think that you are going to be able handle your current load (which you say that you can't already), the load from these 2 new big clients (whom are each about 7 times bigger than your current largest client), and be able to figure out how to change the way that you do things to meet the demands of these new clients (when do you plan to have time for this)? No, no, and no, on all counts.

Fix your staffing problems.

Serve your existing clients without killing yourself, then expand.

You are risking your current client base in order to add more business that you admittedly can't handle. You will likely ruin your existing reputation and relationships, just to pick up some clients that you can't serve. It's hard to say "no" to new business, but sometimes you have to. If you grow to fast, it will get out of control.

Re:

[the-empty-string (106157)]

Parent and grandparent are right.

In the meantime, you can get great technical insight about large scale IT management here [infrastructures.org]

Staffing it...

[tempest69 (572798)]

You need to get a 4th and 5th person. The hiring can be a mess, I've made mistakes and lived with others mistakes. First make sure that they have some skills, a specific skill set is sometimes overdone. Some Skills/Experince that you want to be looking for.

1. Shell Scripting, can your person make changes to dozens of machines at one time when you have a crunch.

2. Obscene famialiarity with the OS.. A headphone jockey can walk a user through hell and back, if they know exactly what is popping up an

Remote Desktop Takeover

[camperdave (969942)]

The only thing I'd add is that you become familiar with the remote desktop takeover tools. Sometimes it just helps to see what the other person is doing.

Re:

[qwijibo (101731)]

Was "worst advice ever" meant to be a warning about the rest of the post?

The "you can work 80hr weeks instead" attitude is not a way to succeed. If you're demanding more from your people and they get nothing in return, some of them are going to leave. Hourly people who do get paid more for working more aren't all going to be interested in giving up all their free time to benefit the company. If people leave, that substantially increases the workload - not only do you have to take up the slack, but you al

Depends on your clients' needs...

[Fallen Kell (165468)]

Everything that will be said here at /. will depend on what your clients are doing and running. I would tell you to setup a single system for each of your clients and make a flash archive of it, and then setup a Jumpstart server at/for each client and configure it with to load that flash image to the client systems for desktop support.

But if you havn't figured out already, this will only work in a Sun Solaris house. The same will be said of solutions to every other problem, they will be machine/OS/client sp

Service Management

[_Hellfire_ (170113)]

On the non-technical side of things, formal Service Management is a must. If you haven't already, I would strongly recommend formalising the management of incidents, changes, requests etc. with something like ITIL [wikipedia.org]. Without formal change management you'll get breakages caused by change and unhappy customers. Recording incidents (every incident) allows you to build up a picture of where your pain points are with each customer, makes it easy for billing, and if you get the same incident again, and you can look at the resolution of the previous incident for a head start in solving the current one.

You mentioned manual rebuilds etc. It would pay to automate this as much as possible (I'm sure you'll get some responses on this). Quality can often be equated with consistency. If you give your customers the same thing over and over they will know what to expect, even if it's only 80% of everything they need. They'll be much happier in the long run than if you give them brilliant service one day and crap service the next.

Plan

[Amouth (879122)]

I moved from a small pc shop to a larger company with about 50 people.. i am by my self.. but we are spread out alot.

what you need to is to plann everything. train people that the locations to handel minor things and make them a fire fighting team.. no company is going to complain that you train their people to handel the minor issues so that they don't have to call you. try to make everything in rounds.. if problems can wait let them untill the guys schedualed to come by can get there and have his list and go about his job.

with a good work order system you can plan for the jobs and have job kits for your workers.. a check list ... the simple stuff makes all the diffrence.

and if you can put this in place then hiring people to do the work is alot easier as they don't all have to be experts.

also set up remote admin and monitoring.. companies might fight back alittle but make it fit their policies.. because if you can see a problem and fix it before they notice that is a good thing. also if it is something that could be done remotely you don't have to send people out there..

and for the multi server people a single port KVM over IP connected to a normal KVM rocks.. they arn't cheap but if you are making money from them droping the 500$ for a single port KVM over IP isnt' that bad.. also you can get them with modems so you can dial into them.. makes remote admin easy.

make network maps and keep them where everyone can get to them so that you don't have jsut one guy that can work at a specific place because he is the only one that knows how it is done

just some ideas.. but always plan..

Re:

[Amouth (879122)]

if you understand every word then why does it matter.. the fact that i can't spell well doesn't change the meaning of the words i write.

Re:

[Score Whore (32328)]

Because the discontinuities caused by your shitty spelling and grammar break the flow of information from your words into your reader's heads. Overall you reduce the quality of the communication between you and your reader. Additionally it shows disrespect for your reader that you don't give enough of a fuck to actually take the time to present them with a well written statement.

But go ahead and write like a moron. It just reduces people's impression of you regardless of your actual technical skill and inte

Unattended.

[Geopoliticus (126152)]

Check out http://unattended.sourceforge.net/ [sourceforge.net]

I have been using this at our companies for the past two years and has GREATLY simplified our redeployment strategy. If you have different clients who use different computer systems that all run Windows. Do yourself a favor and check it out.

As others have said...

[Rix (54095)]

Your main problem is staffing. I doubt the problem is actually in finding people, but rather that you're not offering enough to attract them.

Deployment on a budget.

[222 (551054)]

Look into unattended, (http://unattended.sourceforge.net/) an open source alternative to RIS. It makes it possible to use linux servers to push out installs via network. A good unattended install with post installation scripts should make life easier.

As far as application deployment goes, a combination of the psutil psexec.exe and msi installers can make life a breeze. For example, scripting an office 2003 install is as simple as remotely executing the following:


msiexec.exe /i \\server\share\Deploy\O

Where do you need someone?

[Antique Geekmeister (740220)]

Given that each new machine will take some worktime, say 10 minutes/machine/week if you fully automate and have good plenty of spare equipment on service contracts, 200 machines is 2000 minutes/week, or easily 33 hours/week. You obviously need new staff to handle this: the first hire you make should be a competent contractor who's done seriously automated network build systems, suitable for CGI or Beowulf clusters, to reduce the load of OS imaging new machines or rebuilding your existing hardware into some

Yes, but what do you DO?

[Doctor Memory (6336)]

Can you hire the current IT staff at your new clients? Or are you taking them away from a competitor? Do you guys specialize (somebody's the network guru, somebody's the server wrangler, the third guy's the application specialist)? If so, then maybe each of you should hire an "apprentice" and train them in your specialty. Consider trolling around the local community college with a decent IT program (if you have one).

One thing to do is compile a list of best practices for your shop. This will help commu

Re:

[masdog (794316)]

Consider trolling around the local community college with a decent IT program (if you have one).

Or a four year college. A lot of colleges with IT programs give a general overview of the field, and the programs are found wanting in some, or many, areas.

Been there

[kilocomp (234607)]

You have already recognized you have limited time and it is hard to find versatile self starting quality IT people. The next step is to prioritize your clients (people are going to disagree with me here), but the clients who pay the most and who pay on time (collecting money can be a huge time hog) are your top priority. You are switching client profiles and larger clients are more valuable. Trying to get the next big client will be easier if you can say you support 2 200 users bases instead of Mom and P

Establish Procedures, hire someone who knows them

[StewedSquirrel (574170)]

Hire someone who knows corporate IT.

Please.

I've dealt with too many "three man IT shops" who treat IT work like auto mechanics. "try it, tweak something, try it again, tweak something, try it again, tweak something, try it again, tweak something". All the while, the company is offline. Corporate IT is about establishing procedures BEFORE the issues happen and about having backup plans for WHEN they happen, all of which is designed to minimize downtime.

Working with an office of 2-3 people... if you're diddling with their router for 2 hours, your time is probably worth more than the time the company has lost. But if you diddle with 200 people's connection for 2 hours, you've just cost their company $20,000, possibly more. Imagine what sort of investments could have prevented that downtime, how much cheaper they are than that downtime and why you should have implimented them :-)

FYI, Documentation is more important than you think.

Stew

Re:

[Kjella (173770)]

FYI, Documentation is more important than you think.

And just as important, a *good* backup system. I had to fix a system down issue not that long ago where a configuration file had been strangely corrupted. Sure, I could probably find it somewhere in the system documentation what all the settings there was supposed to be, but it was a lot easier to check when it was last good, fire up the backup tool and say "I want file X from last friday". It's sort of like documenting code - for the love of Christ, docum

Read: Bootstrapping an Infrastructure

[David McBride (183571)]

I can heartily recommend:

      Bootstrapping an Infrastructure [infrastructures.org].

It describes good design patterns for computer infrastructure design.

Document, Document, Document, baby!

[LibertineR (591918)]

Right NOW, get yourself a CRM solution and a Change Management solution. Next, develop a methodology for multi-tiered levels of support. Have your procedures on paper for how you handle onsite issues, AND what you can handle remotely. As someone else mentioned, drink the MS koolaid and get an MSDN subscription and learn all you can about RIS and other things that will make your life easier. Choose or hire an EXPERT in Active Directory, DNS and Windows Security. PAY THEM WHAT THEY WANT!

Develop a knowledge

"good help is so hard to find"

[SuperBanana (662181)]

Businesses love to complain about how hard it is to find employees when they're being cheap on labor, or how they can't retain good help.

There's no talent problem; there's a "how the IT industry treats workers" problem. Here's the current IT talent pool "problem", as I see it:

• The IT industry is one of the few industries that seems almost completely unwilling to recognize general skill/talent, and expects to hire someone who they can drop in and have productive in a matter of hours. It doesn't work that way- in the IT industry or any other industry. Every new employee needs training and familiarization, every new hire causes lost productivity. GET OVER IT. There are industries where corporations send workers to a WEEK OR MORE of training before they've "worked" a single hour.
• Loads of IT workers were encouraged to drop out of / skip college because their technical skills were all they supposedly cared about. Now it's "degree or don't apply." So much for technical skill.
• Employers and the industry are doing nothing to make training/certification easy or inexpensive. Redhat certification, for example, costs thousands of dollars- out of reach of most job seekers. Furthermore, loads of employers are refusing to invest in their workerforce (continuing education/training) and/or treat them like shit. They're then shocked when said employee's performance drops and they get fired/"laid off"
• Employers are abusing "temp to perm" and "temp" positions, cheating the unemployment and benefits systems and tricking workers into thinking that, if they're good little drones, they'll get the job at the end of 3 months- when in reality, the company will show them the door with a silly little excuse.
• HR departments use all sorts of fancy technology to effectively dump your resume in the trash can without a single eyeball seeing it, after cheerfully sending you a "thanks for sending in your resume!" letter.
• Employers post insane requirements looking for people with a skillset that goes on for PAGES and have grossly unrealistic expectations for years-of-experience. For even the most mundane schlep, I mean help, desk positions. Candidates respond by simply flooding employers with any position the candidate thinks they might be remotely qualified for.

Is it any wonder that IT staff leave the industry in droves after just a few years?

Re:

[Beardo the Bearded (321478)]

They also want someone willing to work 50-60 hours a week.

Re:

[Shados (741919)]

The IT industry is one of the few industries that seems almost completely unwilling to recognize general skill/talent, and expects to hire someone who they can drop in and have productive in a matter of hours. It doesn't work that way- in the IT industry or any other industry. Every new employee needs training and familiarization, every new hire causes lost productivity. GET OVER IT. There are industries where corporations send workers to a WEEK OR MORE of training before they've "worked" a single hour

Oh

S.A.R.

[Jailbrekr (73837)]

Hi, I am solely responsible for a 200 user network over 2 floor, and assist in the support of a 100 user network in another city. For the first year, I busted my ass to implement my 3 point program. Those points are:

1) Standardization
2) Automation
3) Redundancy

1) Standardization.

The more they are the same, the easier it is to administer. Try to have the same hardware and image for each department. Use ghost like its going out of style. Use standard naming conventions. The borg naming convention is NOT standa

from reactive to proactive

[Yonder Way (603108)]

http://www.infrastructures.org/ [infrastructures.org]

Some of these essays are a bit dated especially with regards to the tools they are suggesting but the mindset is still quite sound.

Contract some of the work out

[MrJynxx (902913)]

Work on getting a working relationship with vendors, contract out a desktop hardware support company to manage the hardware breaks, contract out a helpdesk function. So that should leave you and your very small but focused team on dealing with managing the vendor and processes, and all of the projects relating to this small company (hardware refresh, software deployments, etc).

I say small because 200+ workstations is not the enterprise, the enterprise is something much much bigger (talkin multiple platform

Lesson #1 of IT

[HockeyPuck (141947)]

Do NOT play LAB in a production environment.

aka

Do not LEARN on the job. LEARN in class or in a proper lab... not during an outage or during an install.

That is proper IT, anything else is flying by the seat of your pants which will cost ..your customer's their data, ...your company revenue and ....you your job.

Huge decision to make

[syousef (465911)]

Do you want to keep doing what you're doing, or do you want to be a manager? Being the manager is more lucrative if you're successful but you're not going to get to both play IT admin and manager of a large company. You'll be spread way too thin.

The job you don't want to do, you need to hire for. If that's the mangerial role, you need to make sure you don't end up a lowly surf by managing the hiring process very very carefully to ensure you retain control at all times.

If you are unable or unwilling to find

Simple

[Cervantes (612861)]

It's not that hard, I've been in the same boat.

Step 1: Think of the coolest things you can do to make things quick and easy.
Step 2: Implement it.
Step 3: Document it.

Really, whether it's thin clients, giving all the pc's bootable nics, setting up network images for reimaging, using VNC or other remote service/admin tools... think outside the box and then do it. Because with 200 people you're not going to have time to walk to every machine, nor can you spend time bringing the boxes in for simple reimage.

And d

SMS/AD/RIS

[Skuld-Chan (302449)]

Microsoft has tons of tools that are pretty good at managing large enterprises with few people, but its helpful to know something about Windows scripting, and locking down Windows to prevent user misconfiguration.

400 desktops

[silas_moeckel (234313)]

400 or so desktops might be one or two people at worst. As to the os install bits, I did that gig 15 years ago and had automated remote installs with one floppy, PXE gets rid of the floppy. I mean it the oh no my machine got eaten by a virus should be no harder than a please reboot hit f12 and go get a drink. In the background you should have setup the machine to PXE boot into the virus scanner image and exported it's VNC session to your desktop across the site to site VPN. Find anything that you dont l

Work Harder

[lewp (95638)]

Here's a secret about big corporate IT deployments (I've worked in a couple very large ones, and observed a few more belonging to equally large "partners"): The tools they use don't really save you that much work.

You wind up maintaining solutions to help you maintain your solutions. You train people to train people. You automate your processes, and in return you get to create a whole slew of new processes to oversee the automation. You lose techs thanks to the new "productivity", but you gain project manage

Read This Book! Live This Book!

[DaGoodBoy (8080)]

The Practice of System and Network Administration [amazon.com] by Thomas A. Limoncelli and Christine Hogan is the definitive reference to build, and more importantly, maintain any network and system infrastructure. It is written in an accessible style with plenty of real-world examples that focus on the importance of key infrastructure. It is not a "How To" book exactly, rather it offers advice and specifications for the kind of support infrastructure you have to build to be successful supporting large system and network infrastructure. If you are familiar with this book, please add your comments on it.

Re:

[Tribbin (565963)]

First read before being smart-ass.

"..., and hiring competent IT staff has been difficult."

Re:

[wonkavader (605434)]

Have to agree. CS degrees on resumes of people I've interviewed in the past year or so are badges of inadequacy in the same way a Network+ cert used to be.

Re:

[syousef (465911)]

Experience is a necessary but not sufficient condition to not making newbie mistakes, and by that I mean decisions that sound logical and intuitive/plausible until you actually try them in the real world. Experience is very important. Yes you can have a very bad mechanic with 17 years in the trade. But I guarantee you no one in their right mind is going to let someone work on a multi-million dollar race car with 3 months experience just because they're intelligent. You need both.

As for scientific discoverie

Re:

[marcello_dl (667940)]

When i hear about linux deployment i figure a local apt repository for tested packages, an apt-upgrade at shutdown and happy users. Today i crashed office by pasting three paragraphs and a table into a new word doc from a secure site browsed by IE6. Not to mention that when it works, same action is faster on my linux home machine whose specs say it's 5 times slower. and i don't get warnings about certificates while doing that. For the record, the only problem with that page is missing doctype and one spuri

Re:

[itwerx (165526)]

outsource your work and call yourself the VP of marketing and operations.

This is better advice than the poster may have intended. With your current size you really don't want to add FTE's just for two clients. Use that good old "people network" and see who you can shanghai on board temporarily (with an eye towards possibly making them FTE down the road). Otherwise you're investing heavily on what is essentially a gamble at this point.