Migrating to xxxxx
-
I figured I'd start a slightly more generic business migration thread that will likely still primarily focus on Windows based devices.
@jt1001001 and I are both looking to migrate away from Microsoft Active Directory.
Here are my current known needs:
any user can log into any business owned PC
file storage available to nearly any device from anywhere on the internet
deployment of apps to PC
deployment of settings to PC
print from company PC to company printers
remote troubleshooting of PC -
My current plan is:
All users have M365 Business Premium license (centralized user accounts)
All PCs join AAD
Migrate fileshare data to SharePoint/Teams/ODfB (file storage)
Migrate Documents folders to ODfB (file storage)
Chocolatey for most application installs/updates
PC's from image including business applications
Screenconnect/MC (remote troubleshooting)Investigate Intune and solutions like Salt/Ansible to deploy settings
Printers (several possibilities)
Deploy via Salt/Ansible
Deploy via Intune
Manually deploy for single person machines
MS Universal Print
3rd party universal print -
Interesting. In no way am I being critical / criticising, just asking questions for my own education.
Are all the PCs located within the same building or are they geographically dispersed?
Do you have any Ansible and/or Salt experience, will there be a learning curve?
Could you achieve the required result using AD in less time than by using the proposed apps & services listed?
If you get hit by a bus, will the setup be able to be supported by your replacement?
-
@siringo said in Migrating to xxxxx:
If you get hit by a bus, will the setup be able to be supported by your replacement?
This is a great example of why you want to use things like Salt or Ansible, in fact. If you use industry best tools, you are vastly more likely to end up hiring qualified shops at low cost to do the job. If you run AD, there is a really high chance that a VAR or an inexperienced person that you can't identify as being clueless will get hired because AD is so well "known" and meant to look so easy that anyone can walk off the street and say that they can do it without really knowing anything about it.
There's a lot of "reading in" to these kinds of questions that I think need discussing.
Some key things to consider:
- No one should be in a position of a replacement being found AFTER they are hit by a bus. The replacement or failover position has to be there all along as it has to be part of a business workflow. That's how sick days, vacation, holidays, peer review and more is handled. So that position should already be trained and ready and involved. And I mean always. If you are big enough to hire IT, you are big enough to hire it well. No one can't afford to make money. Good IT is cheaper than bad IT. Even a tiny one person company can afford this. No viable business has any issue covering this cost at all. It's so minimal. I guarantee any company saying that they can't afford this is already spending way, way too much and is throwing away more on IT than it would cost to do things well.
- No environment within this reasonable range should have internal IT, it should be a firm. You can have one man firms, but realistically, you should never hire them unless they are part of a support group. Your IT outsourcer should always have the "hit by a bus" stuff covered for you, that's a huge part of their value. This is, again, so cheap that there is no business that can't afford it. It's cheaper than any other approach.
- No quality industry tools have any shortage of people to support them. None. There is not "can't find someone so we have to pick this inferior tool because it has more support". That's a message that unscrupulous MSPs pushing cookie cutter script reading techs have made into a mantra to trick business people into believing in order to push less than ideal, high cost solutions and lock customers into their services. But it doesn't hold water. I know people on here (not you, but people have) claim that there aren't an excess of skilled IT people on the market, but they are intentionally not hiring them and burying their heads to say that. High quality IT can handle extreme work loads and there is no shortage. No company, anywhere in the world, needs to worry about a lack of skills. The only concern is not hiring good IT and being stuck with IT extorting the business to adapt to IT, rather than IT to adapt to the business. Any IT department or team worth its salt will be constantly adapting to meet business demands, that's its job. That's its value. If someone is a good AD admin and understands that stuff, they can learn SALT in a weekend. Skills aren't an issue in hiring, aptitude is.
So the easy answer is... this point is moot. These aren't quirky one off tools, they aren't a unique paradigm that only some peoples' brains can understand (like functional programming), they are simple, standard components of IT that anyone calling themselves a system admin should be able to learn when necessary quite quickly and any IT department should be ready to take on and any IT outsourcer should be using or ready to use. If your company can't handle this with its resources, you've got other things to fix. Hiding issues by buying products to cover up a lack of IT agility is the start of a very bad IT process that will ultimately create great risk and cost.
The hard answer is... I truly believe it is vastly (and I mean VASTLY) easier in the real world to find and hire qualified, skilled people when you require more "advanced" or less common skills where the market isn't flooded with unskilled people who claim that they know the skill. AD and Windows carry a lot of risk from this, sadly. That's one of the reasons I always want to see Windows administered purely from PowerShell or Ansible or similar - because it eliminates the people who are just pretending. It's also more efficient and repeatable and easier to document. Just do that one thing, take away the crutches that make Windows and AD feel so simple, and the same tools will suddenly become so much better.
The job world is flooded with people who claim that they can admin Windows and can move around a GUI and can memorize cert answers. Those that know PowerShell are few and are between and, of course, you can get a terrible idiot that just happens to know PowerShell... but by forcing that (or using Linux or making someone use Ansible) you automatically eliminate 99% or more of the fakers who dont' know what they are doing and you make the process of selecting a candidate much safer and easier.
Now people will say "but there aren't very many people that can do that, that's risky". It's true that there are far, far fewer skilled admins than unskilled admins, sure. But you should never want to hire one of the unskilled ones, and there's not a shortage of skilled ones. So while there aren't as many in relative numbers, it's an irrelevant statement. There aren't as many skilled admins as there are McDonald's cashiers either, but that doesn't mean we want to hire a cashier instead of a qualified admin. It's a statement meant to make us emotionally feel that unqualified people might be better than qualified ones, but when you actually think about it, it's a red herring (shot!)
There is a world full of qualified admins and qualified IT shops that are ready to handle this task. If you make it hard for the "fluff" of the industry to apply for the job, you'll actually find a replacement really easy to find.
And in the real world, there are plenty of people on this thread that could do this, that no real world number of companies that you will ever encounter won't be able to leverage this specific pool, let alone the universal pool, of that talent.
-
@siringo said in Migrating to xxxxx:
Could you achieve the required result using AD in less time than by using the proposed apps & services listed?
In many cases I'd say yes, possibly up front. But for his listed requirements, I'm going to say no. Since he wants internet based resources, that cripples AD and makes setup take much longer than if you eliminated that requirement. AD can do it, obviously. But AD doesn't like manage it out of the box for you. I think for this specific case, AD will slow you down.
-
@scottalanmiller Interesting.
But how do you/we get around the problem of an interview panel asking " so how much experience do you have with Ansible, Salt, AD etc"If you're the interviewee and you say none and 90% of job respondents reply with none, that business is going to have trouble finding a suitable replacement, which becomes a business problem.
You have to remember the majority of businesses are small businesses without IT departments, they don't understand IT and an IT issue is usually a major headache.
I guess what I'm saying here is, is it a good idea to use technologies that aren't as well known Vs ones that are well known.
I'm not anti this or that, I don't care what anyone uses.
The last interview I went to I was asked "what experience do you have managing iPads in an MDM environment?" I answered none, because I had none. Then I inherited 2 sites that were managing iPads with an MDM and both sites I have improved and made the management of the iPads easier and more efficient than what was configured by the so called highly paid expert that set it up initially.
So I do agree with what you say about how an experienced IT person should be able to just sit down and figure it out, but it's hard to get that opportunity when applying for a new position, interview panels want immediate results most times.
-
@siringo said in Migrating to xxxxx:
But how do you/we get around the problem of an interview panel asking " so how much experience do you have with Ansible, Salt, AD etc"
Either don't interview for those positions, or get experience doing the stuff you want to be doing.
-
@siringo said in Migrating to xxxxx:
But how do you/we get around the problem of an interview panel asking " so how much experience do you have with Ansible, Salt, AD etc"
In this case, YOU are the panel. Don't ask those questions. This means the panel isn't qualified to hire someone in IT and/or isn't bothering to do their job. Either hold them accountable or get someone else to do it.
I had this conversation this week on LinkedIn actually.
This is a great question, but it is really important to frame its context. Because basically what we end up doing is this.... we make bad IT decisions with the anticipation that our company will also do a bad job at managing the company, and will hire bad IT, so we give them bad solutions that feel like maybe bad IT will be able to handle it.
Every step of that process is bad. It's a bad approach. Maybe your company IS bad, but if it is, you can't fix that. But don't be the problem, be the solution. If they screw it up after you are gone, that's 100% their problem. If you give them a bad solution believing that they are screw ups or can't be helped, that's your problem. Don't make it your problem, make it theirs. Leave them with the tools to do things well. If they choose not to, there was never anything that you could have done about it.
Basically, never use politics as an excuse to do IT badly. To IT well and ensure that true blame can never fall to you. Bad companies will always be bad. Just don't add to the problem.
however, even if they did ask this question, going to less common tech will still make them more likely to get reasonable results from a bad process. Using AD sets them up for the worst likely results.
-
@siringo said in Migrating to xxxxx:
If you're the interviewee and you say none and 90% of job respondents reply with none, that business is going to have trouble finding a suitable replacement, which becomes a business problem.
No, that business has ZERO issue finding a candidate. They CHOOSE not to hire them. That's a completely different problem. Don't give them a free pass on doing their jobs. They have a CEO, his job is to not let this happen. If he does, that's on him, not on you.
No business can't hire this stuff. Maybe the Fortune 100 where you need people in big droves, but I don't know of any actually making a huge effort to hire this stuff because, I assume, they don't need to as they have enough and just need normal turnover.
You are seeing a business failure and trying to hedge an HR/CEO problem with IT. that will never work well. It might feel plausible, but it is not. Forcing them to do their jobs will have better results than letting them not even bother.
-
@siringo said in Migrating to xxxxx:
You have to remember the majority of businesses are small businesses without IT departments, they don't understand IT and an IT issue is usually a major headache.
Right, and they shouldn't understand IT. They should understand business, that's their job. So their one job is to hire a good IT firm and that's it. Step back and let qualified CIOs do their job. Everything I am saying is because they are small businesses and don't know anything about IT. IT is only a headache because they aren't following good business processes.
If small businesses acted like smart businesses, IT would be easy. It's that they refuse to hire IT like they would any other department (legal, accounting, etc.) and they refuse to not override IT department and take over decision making that generally they fail. Their IT failures are typically just our view of general business failings. None of that is really about IT.
-
@siringo said in Migrating to xxxxx:
I guess what I'm saying here is, is it a good idea to use technologies that aren't as well known Vs ones that are well known.
What I've been trying to say is YES. It's a REALLY good idea. Really important.
Not because OF the tech. Because it is not overly popular. Windows and AD are huge problems for small businesses for exactly that reason. That's my whole point. It's not at all that Windows is bad or AD makes zero sense, no. Windows isn't all that bad (the best, hack no, but good enough.) And AD can work, it has a place.
But because they are so well known, they present a unique and hard to describe just how huge problem. If you stop using well known tech, and stop allowing your business (meaning the CEO stop allowing hiring managers to not do their job) IT in the SMB gets really easy. But if you use common tech (and I'm not saying that tech is bad) then the hiring people have a daunting task of weeding through unlimited numbers of unqualified resumes.
Well known tech really carries no advantages based on being well known. If you need the tech for the tech's sake, then you need it. But all other factors being equal, you actually want to avoid well known tech because well known tech (nothing specific, just the fact that it is well known) creates a hiring and security challenge that small businesses essentially have little to no means to overcome. Remove that well known tech and everything essentially will solve itself.
-
@siringo said in Migrating to xxxxx:
So I do agree with what you say about how an experienced IT person should be able to just sit down and figure it out, but it's hard to get that opportunity when applying for a new position, interview panels want immediate results most times.
Absolutely you are completely correct. But don't keep hopping back and forth here. Meaning... you are at one moment looking at how a business should behave based on how to get the right tech and skills for the business. Then hopping to how do I get hired as an IT person.
These are extremely different situations. In one case, we decide if we are a good or bad company. In the other we have to decide if we want to work at a good or bad company.
The company choosing the tech, the company choosing how they hire have zero concern over the "but no one will hire me" problem, since they get to hire all those highly skilled people that stupid shops are dismissing because they lack some specific skill or whatever.
What is risky for an IT professional (not having AD on your resume) is a boon for the hiring managers (the best people are still out there and available.) So the very concern you are picturing as the IT guy, is actually an artefact of why the company is protected by "doing the right thing"!
-
@Obsolesce said in Migrating to xxxxx:
@siringo said in Migrating to xxxxx:
But how do you/we get around the problem of an interview panel asking " so how much experience do you have with Ansible, Salt, AD etc"
Either don't interview for those positions, or get experience doing the stuff you want to be doing.
Sorry, I wasn't clear.
What I meant was, how de we, the interviewer, interviewee and industry, get around panels asking that style of question?
I believe it would be more useful to ask questions like 'how would you solve this?', or 'what's something you've done that you've taken great pride in completing?'
Questions that dig into how a person thinks and solves, rather than past job history.
-
@siringo said in Migrating to xxxxx:
What I meant was, how de we, the interviewer, interviewee and industry, get around panels asking that style of question?
If we are the interviewer, that means that we are the panel. So the point becomes moot.
The real question is, what CEO is letting people on hiring boards act so poorly? This isn't an IT thing, this is pretty basic "how to interview" skills.
-
@siringo said in Migrating to xxxxx:
I believe it would be more useful to ask questions like 'how would you solve this?', or 'what's something you've done that you've taken great pride in completing?'
Questions that dig into how a person thinks and solves, rather than past job history.Exactly, and anyone with business or interview training would tell you that that's kinda day one training in that stuff. If you are getting deep into specific skills, it suggests that no one interviewed you on being an interviewer, LOL.
I find even better than questions is just discussion. It's hard, but just dive in and get people talking. If they are passionate and knowledgable they will be able to talk and it is really hard to bluff conversation of a technical nature of any large period of time.
-
@siringo said in Migrating to xxxxx:
Questions that dig into how a person thinks and solves, rather than past job history.
That's one thing to look for when you are the one being interviewed. I've interviewed for shitty companies that don't know how to interview and I basically let them know afterwards I'm no longer interested in the position.
-
@Obsolesce said in Migrating to xxxxx:
@siringo said in Migrating to xxxxx:
Questions that dig into how a person thinks and solves, rather than past job history.
That's one thing to look for when you are the one being interviewed. I've interviewed for shitty companies that don't know how to interview and I basically let them know afterwards I'm no longer interested in the position.
Exactly. The interview process is your best chance to see how well a company runs, what its priorities are and what they think of themselves. If they don't know the basics of business or IT, what kind of environment will it be and what will the other people that they have hired be like?
-
@scottalanmiller said in Migrating to xxxxx:
@siringo said in Migrating to xxxxx:
I believe it would be more useful to ask questions like 'how would you solve this?', or 'what's something you've done that you've taken great pride in completing?'
Questions that dig into how a person thinks and solves, rather than past job history.Exactly, and anyone with business or interview training would tell you that that's kinda day one training in that stuff. If you are getting deep into specific skills, it suggests that no one interviewed you on being an interviewer, LOL.
I find even better than questions is just discussion. It's hard, but just dive in and get people talking. If they are passionate and knowledgable they will be able to talk and it is really hard to bluff conversation of a technical nature of any large period of time.
Ah. So that may be why I've been interviewing shitterly for the past 12 months.
I've been in the game for a long time, i've aqcuired lots of knowledge about business, technology and life and when being interviewed I probably don't appear all that interested? When asked about something I may seem half hearted, the thing is though, I've been in front of so many 'how the crap am I going to do this' moments that not much worries me anymore. I've learnt that almost everything can be solved, fixed, upgraded or replaced, all you need is time.
Sorry, this is way off topic.
-
@siringo said in Migrating to xxxxx:
@scottalanmiller said in Migrating to xxxxx:
@siringo said in Migrating to xxxxx:
I believe it would be more useful to ask questions like 'how would you solve this?', or 'what's something you've done that you've taken great pride in completing?'
Questions that dig into how a person thinks and solves, rather than past job history.Exactly, and anyone with business or interview training would tell you that that's kinda day one training in that stuff. If you are getting deep into specific skills, it suggests that no one interviewed you on being an interviewer, LOL.
I find even better than questions is just discussion. It's hard, but just dive in and get people talking. If they are passionate and knowledgable they will be able to talk and it is really hard to bluff conversation of a technical nature of any large period of time.
Ah. So that may be why I've been interviewing shitterly for the past 12 months.
I've been in the game for a long time, i've aqcuired lots of knowledge about business, technology and life and when being interviewed I probably don't appear all that interested? When asked about something I may seem half hearted, the thing is though, I've been in front of so many 'how the crap am I going to do this' moments that not much worries me anymore. I've learnt that almost everything can be solved, fixed, upgraded or replaced, all you need is time.
Sorry, this is way off topic.
I have a similar situation. There's no more panic. Just "let me do my job and get on with it." People sometimes see that as not taking it seriously when really, I'm just that much more on top of things.
-
@scottalanmiller said in Migrating to xxxxx:
@siringo said in Migrating to xxxxx:
@scottalanmiller said in Migrating to xxxxx:
@siringo said in Migrating to xxxxx:
I believe it would be more useful to ask questions like 'how would you solve this?', or 'what's something you've done that you've taken great pride in completing?'
Questions that dig into how a person thinks and solves, rather than past job history.Exactly, and anyone with business or interview training would tell you that that's kinda day one training in that stuff. If you are getting deep into specific skills, it suggests that no one interviewed you on being an interviewer, LOL.
I find even better than questions is just discussion. It's hard, but just dive in and get people talking. If they are passionate and knowledgable they will be able to talk and it is really hard to bluff conversation of a technical nature of any large period of time.
Ah. So that may be why I've been interviewing shitterly for the past 12 months.
I've been in the game for a long time, i've aqcuired lots of knowledge about business, technology and life and when being interviewed I probably don't appear all that interested? When asked about something I may seem half hearted, the thing is though, I've been in front of so many 'how the crap am I going to do this' moments that not much worries me anymore. I've learnt that almost everything can be solved, fixed, upgraded or replaced, all you need is time.
Sorry, this is way off topic.
I have a similar situation. There's no more panic. Just "let me do my job and get on with it." People sometimes see that as not taking it seriously when really, I'm just that much more on top of things.
This ^^^ absolutely.
