Seriously, I’m starting to get pissed off at a consistently stupid issue I see with a LOT of IT environments. It’s a crappy little song that goes like this (you can hum along to it…)…
CLEAN UP YOUR ACTIVE DIRECTORY MESS!
DO NOT WAIT FOR TOMORROW
DO IT NOW!
READ SOME ARTICLES ON SETTING UP WINDOWS DNS PROPERLY
IF YOU DON’T HAVE A ‘REAL’ NETWORK ENGINEER ON STAFF, HIRE SOMEONE and FIX YOUR SUBNETTING MESS
STOP PLAYING AROUND WITH GROUP POLICY OBJECTS (**)
(**) = Until you ABSOLUTELY NEED TO CHANGE THE ENVIRONMENT
If you have someone on your staff that blatantly ignores this stuff, grab them by the ears, drag them outside and beat them with a foam noodle (the kind you use in swimming pools, any color will do).
Some general sores to apply first aid to…
Oh yeah, and one more thing…
- Build a virtual lab environment. Stop fucking around with your production environment. It’s not a test lab. Sorry for the profanity, okay, not really.
SO MUCH stuff in a given Windows computing environment is directly AND INDIRECTLY impacted by AD, DNS and GROUP POLICY. That includes web servers, database servers, client communications, application deployments, patch management, user account management, and on and on and on.
It’s getting to the point now that when I start seeing the familiar signs, I slowly place my hands on my face, close my eyes, and mumble some shit that has to be mumbled in order to avoid being arrested or fired.
That is all. Thank you.