If you've read the previous articles you might think that I would say that we should do every good Idea that comes our way and talking to the base of techs you employ is the best source of ideas. It's not to far off but I do not believe every good idea is one you should do.
In any given IT department there are tons of good ideas floating all over the place, to fix this, or change the way we do that. I doubt there is a single tech in your department worth his/her salt that doesn't have a half dozen good ideas sitting in there pocket. So why not just start implementing all these great ideas?
Well that's when good ideas start to break down, implementation. In many cases a good idea would take hundreds of man hours to implement and only net you a 5% gain over what you have right now. To the tech responsible the idea is very critical and will dramatically improve whatever they are responsible for. But in the grand scheme of managing the enterprise, chances are it will have very little to no impact. These ideas are generally only worth it if they are easy to implement, or are core services like Active Directory that lots of other services key off of. 5% gain in AD means 5% in SCCM, in Exchange, etc.
The other trouble is that many many good ideas are great, but take you down the wrong path for your overall IT vision. Well first you have to have an IT vision (Something Third Rail Inc lacks in a big way right now, examples to come), those departments that lack it wont be able to tell the difference between a good idea, and a "bad" good idea. Your IT department will be pulled to pieces with nothing but good ideas if you have no overreaching direction to follow.
Example Problem
We have a licensing problem in our IT department, we seem to be un-able to track what's installed where. So we had a fairly good idea which is to enhance are already existing Network Operations Web Site to track licensing. They've gone to the trouble of figuring out what information they need and have half an idea of how to get the information off the machines, and even a splash of how to track the licenses over time. Sounds like a good idea, sounds like something someone has put some thought into. The problem is the whole system is built on top of in-accurate information.
Running inventories on systems to find out whats install is a great way to find out how many licenses of a particular application you have installed. But at Third Rail our machines are splattered all over the US, and many many systems do not regularly report into the network. To deal with this in our client management solution and in AD we just say that machines that have been offline for more than 60 days get deleted automatically. Then if they check back in down the road we re-add them. Works ok as long as you don't care to much about licensing, or knowing how many machines you have.
But it gets worse machines can be reimaged at 7 different locations around the US and the techs doing the reimages don't necessarily report to the main IT group. In many cases we will get machines reimaged or replaced with no notification to us that they have been. If a machine was re-imaged and all licensed software reinstalled under our current system the old enteries for the system would stay for 60 days, forcing us to account for 2 licenses of each item installed for those 60 days, because we have no system for knowing it was a re-image vs a new machine. For one machine not such a big deal, when your overall IT averages 30 re-images a week that's a 264 machine churn rate for the 60 day period, or a lot of extra licenses we may not need.
But again it gets worse, we have a ton of remote users. Many of these remote users do not regularly connect to the VPN or come into the office. So even though they fall out of our systems we should be tracking and holding licenses for there machines.
Over the whole we have an average churn rate of 200 machines per month that either come on or off the network, and have no way of knowing which ones are just returning, which ones are re-images, and which ones are new machines. And this is the system you want to build your licensing system on top of.
So while a licensing system in and of itself is a good idea, and the particular system they want to implement is pretty decent. It's a bad idea to spend hundreds of man hours implementing without first addressing the underlying issue of not having good life cycle management and asset tracking of our machines.
Tuesday, August 23, 2011
Tuesday, August 9, 2011
Building a Better Enterprise takes Talent
Under using a technology should be a criminal act. Yet I see us at Third Rail commit to it every day. Some technologies are free and extremely useful to the population. For example indexed searching on Windows servers is pretty straight forward to implement, and can greatly help users find what there looking for on file shares. But more criminal acts such as failing to use software we've purchased seems much worse. Pay 100k a year for an asset management and licensing tool, and then just don't use it. Then pay various software vendors millions for having hundreds of licenses installed that we failed to purchase.
These are examples of having the tools but not taking advantage of them. Part of the reason these things don't get done is that it can become difficult to even know whats out there. What do we own exactly and what do those tools do, and what tools are available to us for free and we just need to implement them. But just knowing what tools you have doesn't mean you know how to implement them. This is where talent comes in; people who can pickup a new technology and turn it into a true enterprise class production solution are few and far between.
If your lucky enough to have one of these guys, pay them well because they will keep your enterprise lean and efficient if you let them. Someone who can take a set of tools and put them together and build a service, then train up other techs on how to use them, and implement the business processes to make the service useful. This might be two people in your organization depending on the techs you have; one business oriented tech and one introvert super tech.
These are examples of having the tools but not taking advantage of them. Part of the reason these things don't get done is that it can become difficult to even know whats out there. What do we own exactly and what do those tools do, and what tools are available to us for free and we just need to implement them. But just knowing what tools you have doesn't mean you know how to implement them. This is where talent comes in; people who can pickup a new technology and turn it into a true enterprise class production solution are few and far between.
If your lucky enough to have one of these guys, pay them well because they will keep your enterprise lean and efficient if you let them. Someone who can take a set of tools and put them together and build a service, then train up other techs on how to use them, and implement the business processes to make the service useful. This might be two people in your organization depending on the techs you have; one business oriented tech and one introvert super tech.
Wednesday, July 13, 2011
ScriptRail - Altiris Agent update config script in PowerShell
I recently re-wrote a script I made for our Help Desk team to remotely force the our Altiris Agent to run an update config to a PowerShell script. In this case it worked out really well and let me combine the cmd and vbs files into one, while at the same time significantly shortening the code.
When you run this script it will prompt you to enter a computer name, then will create a new WinRM session to the machine, execute the Altiris Agent update agent DCOM and then close out the WinRM session. This is great for the HelpDesk to quickly get jobs that have been queued up for the machine without granting them access to the Administrative Console.
Requirements To run this script you must have the execution policy configured to RemoteSigned or something similar to allow you to run powershell cmdlets. In addition you need WinRM 2.0 enabled. Code Block $compName = read-host "Enter the name of a computer: " $RS = new-pssession -computername $compName invoke-command -session $RS -scriptblock {$Client = new-object -com Altiris.AeXNSClient -strict} invoke-command -session $RS -scriptblock {$Client.ClientPolicyMgr.Refresh()} remove-pssession -session $RS |
When you run this script it will prompt you to enter a computer name, then will create a new WinRM session to the machine, execute the Altiris Agent update agent DCOM and then close out the WinRM session. This is great for the HelpDesk to quickly get jobs that have been queued up for the machine without granting them access to the Administrative Console.
Monday, July 11, 2011
Bad Financing - The death of any tech department
Bad financing has been killing us recently. It mainly shows up in the form of delays or poorly done projects. For example:
We renewed our license for our 100K+ a year solution to manage all clients and severs in the enterprise. But we cannot migrate to the new version of the software. We have the license to the software, and the "new" hardware installed in the server room, but can't begin migration because of about 10k in SQL license and OS purchases required.
We've been waiting on what we call upper management for well over a year now to purchase all the required pieces, the decision to renew the license of the application took a year, the purchase of the hardware took another 8 months, and it's been 6 months and were still waiting on the needed SQL and OS licenses.
The delay is killing us, the current solution were on is nearly completely out of support by the company, the backup solution has been end-of-lifed and doesn't work on Windows 7 or 2008 R2. The hardware is over 6 years old and starting to fail. We do our best to keep this aging beast up and running but it's just a matter of time before it comes toppling down and there is no support to fix it.
This type of problem seems silly, we spent up wards of 150k to renew the applications license and buy new hardware but it goes unused because they forgot about 10k in OS and SQL license. But this type of problem happens all the time.
The real issue is that the tech department just assumes that the business end knows what they are doing when it comes to this purchase. They ask for the price on the application license and we give them just what they asked for. But from the businesses point of view they are asking how much will it cost to upgrade this software. So when we come back after the license is purchased and go, oh by the way we need 50k in hardware, and then again for the OS license and SQL, they suddenly don't want to pay anymore.
This is the Tech Departments fault, we should be smart enough to know the cost of Application is significantly greater than the licensing fees. These are all services that need to be provided on an on-going basis, they need to be maintained and upgraded on a regular basis. So any pricing presented for a service should be in the form of a re-occurring charge.
Use monthly, yearly, multi-year, etc doesn't really matter. As long as your presenting the cost of a given application as an on-going one.
A cost sheet for any given service might look like this:
Now, clearly this leaves out a lot of detail but covers all the major sections to adding a server. This gives the business end a significantly better picture of what it will take to not only purchase this new software but also maintain it for the life of the license. If this is done for every service in the enterprise it gets a whole lot easier to budget IT, which if done properly should simply be the sum of all the services you have installed. Because the billing for any given service also includes the cost of the staff required to maintain it, as well as surrounding items like client machines for staff every 3 years, phone lines, supporting applications, etc. In fact some services will likely pay for other services, such as a service for Support and Maintenance of Client machines, would have the cost for the application used to manage those clients baked into it.
Doing financing in this way also allows for incremental pricing changes, you have to renew every 3 years and maybe you found maintenance on average was higher for this service, so you can calculate that number higher on the next renewal. Assuming you have 15-20 services you provide, it allows you to constantly re-calculate the budget, making it easier to keep on pace with a growing or shrinking company.
But getting this type of billing right is tuff to say the least, and many items have to be estimates, and things like labor costs over 3 years for a given server can be difficult to calculate. So I would highly recommend putting on the IT staff a dedicated IT Accountant.
We renewed our license for our 100K+ a year solution to manage all clients and severs in the enterprise. But we cannot migrate to the new version of the software. We have the license to the software, and the "new" hardware installed in the server room, but can't begin migration because of about 10k in SQL license and OS purchases required.
We've been waiting on what we call upper management for well over a year now to purchase all the required pieces, the decision to renew the license of the application took a year, the purchase of the hardware took another 8 months, and it's been 6 months and were still waiting on the needed SQL and OS licenses.
The delay is killing us, the current solution were on is nearly completely out of support by the company, the backup solution has been end-of-lifed and doesn't work on Windows 7 or 2008 R2. The hardware is over 6 years old and starting to fail. We do our best to keep this aging beast up and running but it's just a matter of time before it comes toppling down and there is no support to fix it.
This type of problem seems silly, we spent up wards of 150k to renew the applications license and buy new hardware but it goes unused because they forgot about 10k in OS and SQL license. But this type of problem happens all the time.
The real issue is that the tech department just assumes that the business end knows what they are doing when it comes to this purchase. They ask for the price on the application license and we give them just what they asked for. But from the businesses point of view they are asking how much will it cost to upgrade this software. So when we come back after the license is purchased and go, oh by the way we need 50k in hardware, and then again for the OS license and SQL, they suddenly don't want to pay anymore.
This is the Tech Departments fault, we should be smart enough to know the cost of Application is significantly greater than the licensing fees. These are all services that need to be provided on an on-going basis, they need to be maintained and upgraded on a regular basis. So any pricing presented for a service should be in the form of a re-occurring charge.
Use monthly, yearly, multi-year, etc doesn't really matter. As long as your presenting the cost of a given application as an on-going one.
A cost sheet for any given service might look like this:
| Up Front Cost for Renewal of Service (priced for 3 years) | ||
| Application License Renewal | $314,000 | |
| Hardware Purchases | $48,900 | |
| Windows Server 2008 R2 Std License | $2,600 | |
| MS SQL Server 2008 R2 Std | $5,230 | |
| Total Up Front Cost | $370,730 | |
| On-going costs not charged at renewal (priced for 3 years) | ||
| Maintenance and Support Provided by Third Rail Inc. | $35,000 | |
| Backup Service (estimated on 450gb of required storage) | $3,000 | |
| Estimated Power and Cooling Cost | $3,500 | |
| 24/7 Monitoring | $3,225 | |
| Estimated cost for next renewal | $339,000 (3 year) | |
| ---Billed Monthly at a cost of | $9,417 (a month) | |
| Total Maintenance Costs (over 3 years) | $367,725 | |
Now, clearly this leaves out a lot of detail but covers all the major sections to adding a server. This gives the business end a significantly better picture of what it will take to not only purchase this new software but also maintain it for the life of the license. If this is done for every service in the enterprise it gets a whole lot easier to budget IT, which if done properly should simply be the sum of all the services you have installed. Because the billing for any given service also includes the cost of the staff required to maintain it, as well as surrounding items like client machines for staff every 3 years, phone lines, supporting applications, etc. In fact some services will likely pay for other services, such as a service for Support and Maintenance of Client machines, would have the cost for the application used to manage those clients baked into it.
Doing financing in this way also allows for incremental pricing changes, you have to renew every 3 years and maybe you found maintenance on average was higher for this service, so you can calculate that number higher on the next renewal. Assuming you have 15-20 services you provide, it allows you to constantly re-calculate the budget, making it easier to keep on pace with a growing or shrinking company.
But getting this type of billing right is tuff to say the least, and many items have to be estimates, and things like labor costs over 3 years for a given server can be difficult to calculate. So I would highly recommend putting on the IT staff a dedicated IT Accountant.
Welcome to the TechRail
Hi all, and welcome to the TechRail.
About the Site
The site's intent is to shed light on many of the idiosyncrasies of enterprise class IT.
I've been working in IT for 7 years now, and among the geeks there's always been talk of doing things the right way. Forever talking about how this tangled mess we call an enterprise got this way, and what we would like to do to fix it. It's usually a pretty narrow view of the environment and rarely includes things like financing, staffing, politics, and business.
In my blog I will likely pull many examples from my personal experience in IT. For the purposes of this blog well call the company I work for Third Rail Inc. While every IT shop has it's problems, Third Rails shop is more broken than most.
I'm all over the place with this little blip about what the blog is going to be about. That's partly because I'm still figuring it out myself, and part because IT is a messy complex place. But we will figure it out as we go, and hopefully make the mess a little more understandable.
About Me
Like I mentioned earlier, I've worked in IT for 7 years at two different companies. At my current company my official title is Help Desk technician, but my actual job is closer to Enterprise Desktop Administrator. Today I have played a major role in designing and setting up nearly every aspect of how we maintain our client machines. From the base configuration of the OS, GPO's applied, the whole imaging environment, all the applications we support and how we support them. Really from end to end on the technical aspects of client management.
In the 3 years that I've worked at this company I've won Employee of the quarter, and Employee of the year. I'm generally well liked and respected for my high level of technical knowledge, and strong work ethic. While Third Rail Inc. has a host of issues I generally like working here, and the environment isn't overly hostile.
I tell you this because I don't want to give you the picture that I am a renegade tech, who hates his job and thinks everyone is an idiot. I'm quite the opposite where I generally like my job and want to work within the system to make it a better place to work.
About the Site
The site's intent is to shed light on many of the idiosyncrasies of enterprise class IT.
I've been working in IT for 7 years now, and among the geeks there's always been talk of doing things the right way. Forever talking about how this tangled mess we call an enterprise got this way, and what we would like to do to fix it. It's usually a pretty narrow view of the environment and rarely includes things like financing, staffing, politics, and business.
In my blog I will likely pull many examples from my personal experience in IT. For the purposes of this blog well call the company I work for Third Rail Inc. While every IT shop has it's problems, Third Rails shop is more broken than most.
I'm all over the place with this little blip about what the blog is going to be about. That's partly because I'm still figuring it out myself, and part because IT is a messy complex place. But we will figure it out as we go, and hopefully make the mess a little more understandable.
About Me
Like I mentioned earlier, I've worked in IT for 7 years at two different companies. At my current company my official title is Help Desk technician, but my actual job is closer to Enterprise Desktop Administrator. Today I have played a major role in designing and setting up nearly every aspect of how we maintain our client machines. From the base configuration of the OS, GPO's applied, the whole imaging environment, all the applications we support and how we support them. Really from end to end on the technical aspects of client management.
In the 3 years that I've worked at this company I've won Employee of the quarter, and Employee of the year. I'm generally well liked and respected for my high level of technical knowledge, and strong work ethic. While Third Rail Inc. has a host of issues I generally like working here, and the environment isn't overly hostile.
I tell you this because I don't want to give you the picture that I am a renegade tech, who hates his job and thinks everyone is an idiot. I'm quite the opposite where I generally like my job and want to work within the system to make it a better place to work.
Subscribe to:
Posts (Atom)