+ Post New Thread
Results 1 to 4 of 4
How do you do....it? Thread, departing system administrator.. change policy? in Technical; one of our longest serving sys admins is off to pastures new, bigger and better and to a proper salary ...
  1. #1

    RabbieBurns's Avatar
    Join Date
    Apr 2008
    Location
    Sydney
    Posts
    5,532
    Thank Post
    1,341
    Thanked 470 Times in 307 Posts
    Blog Entries
    6
    Rep Power
    200

    departing system administrator.. change policy?

    one of our longest serving sys admins is off to pastures new, bigger and better and to a proper salary for the work done..

    There is no animosity and they're leaving on good terms, but still, I'd like to make sure I cover all bases when implementing a lockout procedure...

    Our written policies only really cover departing teachers and office staff, so this one is kind of new.

    • Disable their account
    • Change DRAC/ILO passwords
    • Change UPS admin console passwords
    • Change Web Domain control panel password
    • Change local admin password on Workstations/Laptops
    • Change local admin password on Servers


    I know Ive forgotton some other things too, so please add to this list.

  2. #2

    FN-GM's Avatar
    Join Date
    Jun 2007
    Location
    UK
    Posts
    16,373
    Thank Post
    906
    Thanked 1,811 Times in 1,559 Posts
    Blog Entries
    12
    Rep Power
    468
    Firewall, Switches, WIFI Encyption, Domain admim, VPN passwords?

    Have you considered service accounts username and passwords he might know?

    Remember other services like your domain name provider, external web hosting etc.

    Also take his name off the accounts of external agencies so he cant get product keys for software or order on the behlf of the school.

    Might also be worth resetting the passwords of other domain admins in the event he knows someone elses
    Last edited by FN-GM; 22nd February 2011 at 01:17 PM. Reason: more added

  3. Thanks to FN-GM from:

    RabbieBurns (28th February 2011)

  4. #3

    SYNACK's Avatar
    Join Date
    Oct 2007
    Posts
    11,271
    Thank Post
    884
    Thanked 2,749 Times in 2,322 Posts
    Blog Entries
    11
    Rep Power
    785
    BIOS passwords (not high risk but it is another password)
    Online service passwords (MVLS, online backup, whatever sites you use)
    Possibly Service account passwords
    audit local accounts and passwords on servers
    Any remote managment tools in use like logmein if that has been used anywhere
    Printers, Switches, routers (last two are way more important)
    Any sundry we services that don't use AD, wiki etc.

    Much of this may be overkill but these are the passwords that they probably have stored in their brain somewhere.

  5. Thanks to SYNACK from:

    RabbieBurns (28th February 2011)

  6. #4


    Join Date
    Dec 2005
    Location
    In the server room, with the lead pipe.
    Posts
    4,715
    Thank Post
    288
    Thanked 789 Times in 616 Posts
    Rep Power
    226
    Also consider linking device accounts (where it's supported) to radius (and have one impossible to remember local password locked in a safe somewhere). That way it's much easier to manage this next time.



SHARE:
+ Post New Thread

Similar Threads

  1. Your first day as System Administrator
    By albertwt in forum How do you do....it?
    Replies: 16
    Last Post: 10th January 2011, 01:41 PM
  2. [Website] The system administrator
    By computer_expert in forum Jokes/Interweb Things
    Replies: 0
    Last Post: 11th September 2010, 04:02 PM
  3. [Video] System administrator song
    By _Bat_ in forum Jokes/Interweb Things
    Replies: 0
    Last Post: 19th June 2009, 04:25 PM
  4. Bulk Change Local Administrator Passwords.
    By Nij.UK in forum Windows
    Replies: 14
    Last Post: 15th June 2007, 02:45 PM
  5. Replies: 8
    Last Post: 12th November 2006, 03:02 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •