Courses for administrators! For what?
I am a Microsoft Certified Trainer. And for a long time I have been teaching different courses for system administrators. Different people come to training: from beginner admins to highly qualified system administrators. The goals of beginners are easy to understand: getting to know the product and getting the skills to configure it. Why do experienced administrators come to courses? It is to this question that I will try to answer. I don’t want to use any general phrases, but I want to show specific examples of what long-working specialists have learned in my courses. I will write some examples on Windows Server and SQL Server.
It would seem that everyone has backed up, everyone somehow does it, it works, there are no questions. However, in fact, there are a lot of details.
The real situation. The listener has a working database of 2TB. Backup set up by third-party tools. The time to create a full copy is 3-4 hours, which, in general, suits. However, the stability of a third-party system leaves much to be desired. By means of MS SQL, the time to create a full copy is about a day, which is already very long. In the course on SQL, which the listener passed, the topic of backup was described in great detail. I recently received a letter where he writes that after enabling compression, the backup time using MS SQL was reduced to 2 hours.
Another situation. The specialist has the task to configure the backup to a network folder. The problem is solved very simply: the archive is created on the local disk, only after that it is copied by third-party means to the network folder. We specifically recreated a similar configuration on the course. After several operations to configure SQL Server services, accounts and permissions, we were able to configure the creation of a backup immediately to a network folder.
Recently, my friend told me this phrase: “Yes, what can be complicated there - created a user and that’s it. You can deal with everything yourself. ” He, of course, is right: if you learn to learn at the beginning of your IT career, you can master a lot on your own. However, there are some points that you do not pay attention to while studying on your own, however, they can significantly simplify the solution of the problem.
In each AD course, at least half of the students grab their heads when they learn such an interesting fact. It turns out, by default, in AD, each user can enter computers into the domain. Those. in general, any AD user can add his personal laptop to the domain without the knowledge of the administrator. To block this feature, you need to change only one attribute.
If we talk about group policies, the most important thing is that everyone knows how to use them. Of course, to varying degrees, but that's all. But the following moments in this topic are very interesting for students in the courses: an overview of group policy settings, the sequence of applying group policies, issuing permissions, WMI filters.
Recently I was asked the question: “How to create folders for users on a network share and then connect them as network drives? And then I’m writing a script in BASIC. ” And I would write, and the script would somehow work. But Group Policy already has a built-in Group Policy Preferences toolkit that can do this. Using Preferences, you can create folders on a network resource by user name, create network drives on these folders and configure permissions correctly and much more, which is usually done by scripts.
Auditing, VPN, quotas, firewall - this is not a complete list of what students get a fresh look after training.
Simple problem. A network folder is granted full access to a group of users. In this situation, it is not uncommon to contact the IT department as follows: “Who deleted the file? Can you restore it? ”, Or worse:“ Why did you delete the entire contents of the folder? ”. The solution is simple - configure the file system audit so that you can view who and when deleted a particular file. And if you configure shadow copy, then users themselves will be able to recover deleted files. But for some reason, only a few people in my entire work experience have confirmed that everything is set up exactly like that.
Strange, but in most companies, users store any files anywhere and in any quantities. But setting up the same quotas in Windows Server is implemented in a wonderful way. Out of space on a network drive? You can, for example, limit the amount of downloaded files to a network folder for each user. Tired of deleting FullHD movies from network drives? You can prevent users from saving certain types of files. And if you add to this a lot of reports for the administrator and the user - then this is a godsend for the responsible. Setting up all the features of file storages is so simple and understandable that when asked by the audience: “Why haven’t you set it up yet?”, The answer usually comes down to the following: “We didn’t know what was possible, and didn’t know what it so simple".
I tried not to talk about any complex technologies, because questions on them an order of magnitude more. I presented simple examples of how experienced administrators discovered something new in courses. It may seem to you that I have demonstrated the most primitive situations. However, you should not think that during training only something simple is considered. On the contrary, the courses are filled with very complex material, which is really difficult for independent mastering and needs additional explanation from a knowledgeable specialist.
I would like you to think a little about a few questions:
- Do you really know the software products that you administer?
- What are your outstanding tasks?
- Are you completely satisfied with the work of your information and network infrastructure?
- Maybe it's time to call the training center and find out the schedule of courses and prices?