September 23rd, 2005, 03:25 PM
Real geeks do it ... well, they just do it, OK?
This very methodical pilot fish has a well-defined and very efficient way of handling permissions for data she's in charge of.
"I share these eight folders to six different groups according status: hourly, salaried, programmers, supervisors or casual observers," fish says. "Each group has shared permissions according to their need to know and need to access or write back data.
"All this was set up five years ago and everything worked just fine. If I needed to add or delete names from the groups, I called the help desk and sent them the specifics, and usually within three hours the changes were made and the changes would propagate through the domain.
"Then management decided to sequester the IT security staff from the IT staff."
Not long after, fish asks to have four new employees added to one of the groups. She provides the specific, detailed information to the help desk, which forwards it to IT security.
Two days later, fish receives confirmation that the process is complete for the four new users. Result: Access denied.
"I am very anal about keeping a journal of daily activities," says fish. "One page, single spaced, half-inch margins left, right, top and bottom. It took the whole page of 'one-liners' to list each and very time I called, called again, e-mailed, re-e-mailed, called and called again. I escalated the help desk case all the way to the manager of IT.
"But I was never allowed to talk to IT security about the problem. I was never allowed to know who IT security is. Or where IT security is. Or the phone number for IT security.
"The IT manager passed me off to a senior analyst. His reply via e-mail said to 'call the help desk and tell them to put the people into the group.' He promptly left his desk and I haven't seen or heard from him since.
"I told the IT manager that I was going to forward my one-page journal of activities to the IT director and ask if there was anything I could do to help him or his people sort this out."
And that's what breaks the logjam. "Suddenly I had access to a real computer geek," fish reports. "We sat down together and he logged onto the server in question as administrator.
"I looked over his shoulder at the shares assigned to one of the folders. 'Look,' I said, 'Right there. That ain't right.'
"It took another 25 minutes of typing to get it straightened out, but in half an hour, all was well.
"Total elapsed time: 25 days."
\"The only truly secure system is one that is powered off, cast in a block of concrete and sealed in a lead-lined room with armed guards - and even then I have my doubts\".....Spaf
Everytime I learn a new thing, I discover how ignorant I am.- ... Black Cluster