Posts made by guyinpv

Just for me? How sweet!

You have a way of thinking about these things.

Have to finish video later, I'm outta here for today.

And all I wanted to do was open up a conversation so they could start looking for a replacement. I wasn't expecting a circus.

I feel no obligations here, except to be honorable to my own words. I'd love to walk out tomorrow except that I did actually promise I would help the next person get situated.

When I first hired on, the previous person took emails from me for over 3 months as I sorted everything out.

All I wanted to do was offer training to the next IT person. Instead it became a cluster of training everybody here in the office who isn't IT, and writing user manuals for every website I have a password for. And writing down a layperson procedure book for every task I ever performed. And writing friggin mind maps to show how every service interconnects with every other service.

The only thing I feel obligation to is my own word that I wouldn't leave them high and dry. There are other people here that depend on their jobs for income, I just wanted a replacement in my seat to keep things going. And I certainly do NOT want 20 daily phone calls because I walked out and everybody has to call me to fix every little thing. I just wanted a replacement.

@scottalanmiller said in Finally leaving my job, and it's just as annoying as I thought it would be:

@guyinpv said in Finally leaving my job, and it's just as annoying as I thought it would be:

This is such a pain! I didn't actually turn in a notice or set a last day, which I'm regretting now. But I'm a non-confrontational person. I just want them to be happy and I want to personally feel like I've done a professional job leaving documentation behind. I'm just trying to figure out a balance.

The more you try to do, the worse it will be. You are going to give them false hope and build up false expectations. The more you do, the more they will be upset.

I feel this already. We had an hour+ meeting the day after I had the first talk. All the crap they want from me, new formats, how they want it, in what order. I already felt the pain of this very thing. Now I know, whatever I document won't be good enough, where it's stored, how it's organized, will never be good enough because there will always be some aspect they don't understand, and if they don't understand it, it must be because I'm not doing good enough.

@scottalanmiller said in Finally leaving my job, and it's just as annoying as I thought it would be:

And if there is no replacement planned, then you are just... done now?

This was the worst part of our conversation.

I fully assumed that when they heard tell of me leaving, the idea would be to start finding my replacement. Sounds reasonable.

Instead it turns into this "document everything so laypeople can follow your how-tos" and "write an IT functions book" and "we can hire an outside IT company for some stuff but you need to document all the internal stuff for us".

In other words, it wasn't "let's look for a replacement" but "how can we NOT NEED a replacement at all?" And I wasn't expecting that kind of thing.

@Dashrender said in Finally leaving my job, and it's just as annoying as I thought it would be:

I have a similar feeling as you - I want the thing to run right, etc. But something that Scott has drilled into me over and over again is - IT serves the business, not the other way around. This means if they don't care, you can't decide they should. No amount of caring on your part is going to make them do the right thing. You have to move yourself to a point where you care only about what they care about, and nothing else, - or leave.

Well, they don't care, until they think they DO need to start caring.

@DustinB3403 said in Finally leaving my job, and it's just as annoying as I thought it would be:

If the "pay reduction" is in writing I'd walk. They've fired you and are wanting you to work for peanuts.

This comment seems to be in relation to what I said about vacation and sick time. Those aren't a requirement where I live, they are a benefit offered by employer, they make the rules.

Technically they are not offered to part time employees, which I currently am. But they let it accumulate anyway, until now. So they just stopped accumulating.

I used to get a cell phone stipend which was kind of a retainer for "please check if we text you or call, just in case something crazy happens." They stopped that, presumably also because my hours are so reduced.

So did they "reduce my pay", well, kinda sorta. Officially their benefits were for full time, but they allowed it for me anyway, then stopped it. So kinda, kinda sorta, bending the rules, playing them a bit.

@scottalanmiller said in Finally leaving my job, and it's just as annoying as I thought it would be:

@Dashrender said in Finally leaving my job, and it's just as annoying as I thought it would be:

Question - did you give two weeks? or did you simply inform them you are looking for other employment and will be leaving when you find it?

He gave six months!

I didn't give any time.

And I didn't tell them I'm looking for other employment. I run my own business, they know that. They know my business is picking up. In fact you might say they knew this day would come eventually.

@Dashrender said in Finally leaving my job, and it's just as annoying as I thought it would be:

Question - did you give two weeks? or did you simply inform them you are looking for other employment and will be leaving when you find it?

It's complicated, as I've been working fewer and fewer hours over time, but now it's come to a tipping point, I'm ready to leave.

I simply brought this point up, that I can't get everything done if I take more time off, but I also need more time on my own business. So I wanted to open the conversation about reducing my time and eventually getting out.

No real time frames were given. I just said I'd work with my replacement, and answer some emails and questions should the new person need help.

@scottalanmiller said in Finally leaving my job, and it's just as annoying as I thought it would be:

@guyinpv said in Finally leaving my job, and it's just as annoying as I thought it would be:

What should really be expected of the IT person when they leave? I've heard everything from "hand over the passwords and walk" to "as a cornerstone employee it's your duty to not leave the company vulnerable at all."

Just walk is the ONLY answer. Anyone saying otherwise is out to scam you.

It is the job of your boss to ensure that you can walk at any time without seriously impacting the company. If your BOSS hasn't done that, ALL responsibility for problems is on them, not you (unless you intentionally did something secret to screw them, which is not the case here.)

There is a lot of good motivation in here, thanks to everybody.

I understand this point, but I think it's somewhat slippery slope because in a certain way, they don't know what they don't know, hence the odd "secret IT knowledge" remarks. They are kind of relying on me to make sure they know what has to be known for the company to continue operating. Freaking out that some secret SSL will expire that they don't know about, or some secret fee that is manually paid will go unpaid.

When I'm given tasks to do, I use whatever tools I need to get it done. Could be some free app or a little script I write, or a web service with a free account, etc etc. They aren't really aware of these side tools. Obviously I have the passwords stored, but that's about it.

So what they are panicky about is how all these tools inter-relate and what tool is needed to get what sort of task accomplished.

Let me given an example. I had my own free LastPass account when I first arrived. It was a step up from the previous person who basically just gave me a PDF created from MS Word with some passwords in it.

Eventually I started saving passwords into KeyPass with the file saved in an IT folder in the cloud.
The boss doesn't have my LP account pass, nor even the KeyPass master password, because they never asked for it or seemed to care. And I simply didn't offer it out. Nothing in there is stuff they access at all, at least not until I leave.

So I think it's completely reasonable that I can't, or shouldn't, walk out of here with passwords still in my personal LP account, or if they don't know the pass to the KeyPass file.

That's just one example. They need to know my pin to the spare laptop I use sometimes which I just now thought of, since we rarely use the thing. My workstation has a different user/pass than others.

There is just a ton of "stuff" I need to hand over, but what she is most worried about is having no idea how it all relates and what it means and how important it is and how it works and how to use it, etc. Which I know, isn't my problem. I just feel a kind of obligation to at least make the data somewhat easy to search, and somewhat organized. It's organized according to how my brain wanted it organized, certainly not hers.

There are tons of source files like Photoshops and Illustrator and InDesign and Adobe and source video files and graphics and audio and scripts and databases and various kind of tools all used for various kinds of information. It all makes sense in MY head, I know where to look for stuff.
When we dropped a particular service some years ago, I pulled a data dump from the service, which they provided as XML. Well I know how to search through a bunch of XML files for something, but they don't. They've always wanted an "easy" way to search through the old data, which I was going to build into a relational DB on the intranet or whatever. Hasn't happened yet, so they also worried how to access this old data dump, you know, because it's "secret IT knowledge" how to do stuff like that.

This is such a pain! I didn't actually turn in a notice or set a last day, which I'm regretting now. But I'm a non-confrontational person. I just want them to be happy and I want to personally feel like I've done a professional job leaving documentation behind. I'm just trying to figure out a balance.

The whole "they can't make me teach people" because I'm not a professor and it's not in my job description. That was funny, because nobody who has ever worked here has been able to use the "not my job description" line on them. They would say the job description is whatever they say it is, since they are the boss and you work for them!

You all know I've been wanting to leave my messed up job for some time now, been there 8+ years. It's been a roller coaster with management here.

Anyway, I finally had "the talk" about an exit strategy, and that's when the dung hit the wind generator if you follow.

The boss spent the whole night rummaging through my IT folder in our cloud drive, basically making a huge list and a stack of papers about what she "doesn't know" about my job and all the vendors we use, etc.

So she then comes up with a template of all the stuff she wants to know about every vendor made mention of in my files. Who are they, what do they do, is it a service or a plugin, how much is it, is it paid manually or automatically, on what card, do they need an SSL, when is it due, how much, users/passwords, support contact, etc etc etc.

Keep in mind, most all this is in my vendor information files already, she just didn't bother to read any of it. Instead she creates a new template in Word or Excel or something with lots of little fields to put all this info in.
She's asking for things like the physical mailing address of these vendors! lol, like I'm going to spend time finding out the physical address of some place where I bought some sound files once. Fax number, minimum order quantities, just weird stuff.

Lots of lecturing about how she doesn't know what some vendor or another does, and IT people have "secret knowledge" that is complicated so laypersons can't understand it. She says all my notes "might make sense to an IT person, but it's not how my brain as a layperson understands it".

She wants me to write up a "function book" where I write thousands of little "how-to" articles for each "function" I perform as an IT person, but written for the layperson so they can do my job "if they had to". All the information about each vendor, plus all the functions I perform at those vendors, what it's used for, how to make changes, when to make changes, how to troubleshoot it, etc etc etc. Who has SSLs, how are they renewed, when, how...

To top it all off, she won't read stuff that's too long. If I send emails that are too long or detailed, she refuses to even read them and then chides me. But if I write stuff that's too short, she complains it's not written for the layperson.

If I write "right-click the start menu and choose manage" she complains it's too short and written for IT people. What is right-click? Where is the start menu? Is this Windows 10 or 7? Do I right-click the manage link too? ugh
So I write longer, for the layperson, and she complains I write too much and doesn't read it.

Anyway, I'm kind of ranting here, but that's not the point.

The point is, I have a folder in the cloud where I have documents for dang near every vendor that plays even a small role in operations. This document has payment information, user info, support contact info, descriptions, even troubleshooting advice. My password database has access to everything. My computer has loads of other stuff handy for the next IT person, like my scripts, private keys, tons of source files for everything I've ever created.

But instead it sounds like she wants me to rewrite everything I've ever written, only in the format she likes, in the way she likes, along with a "layperson" user manual for every vendor and service along with how-to procedures for every bit of work that could be performed with those services.

Frankly, this is just ridiculous to me. I'll be here for the next 6 months just writing stuff over and over that I've already written, while getting chided because IT stuff is too hard for laypersons.

This just isn't right. They don't even want to replace me, they think I can just write enough user manuals and procedure/how-to docs and vendor information docs so that everybody else here (no technical people at all) can just do my job by following procedure checklists. Managing emails and forwards, troubleshooting internet problems, adjusting router settings and testing it, managing backups and cloud drives and archives.

I've told them, just hire somebody so I can train them for a few weeks, but they don't want to, they don't think they can find anybody as cheap as me! Instead they are looking for IT service companies to remotely manage everything + be on call for those emergencies when they happen. But everything else in house should be able to be handled by my expert layperson procedure guides.

On top of all this writing I'm supposed to do, they want me training at lease 2, maybe 3 people here on taking over support and management of various services and websites I run. Like handing over management of our dedicated server to a person whose never seen an SSH shell before. But it's ok you see, because I'll write up a layperson guide.

What is the right protocol here? I feel like I've already written everything of any value that an IT replacement could use. They are trying to force me to stay until all documentation is written just the way they like. Because if I left, if would put their company in a seriously vulnerable state because they "don't know anything about my job and what needs done" or how to troubleshoot and fix stuff if there is a problem.

Since I've already written stuff, it feels very stupid to RE-write everything just to change its format and looks. Like moving a pile of rocks from here to there, then rolling a ball up a hill and letting it roll back, just to roll it up again. This is busy work!
How much responsibility do I have to rewrite documentation just to change its format to please everybody? And keep in mind they never had any kind of official document store or official documentation guidelines. I just write docs as they make sense to me. Server information and the sites hosted by that server are in a spreadsheet. The financial summary of all the vendors we pay for, is in an Airtable DB as well as vendor Word files. General concepts like our overall backup strategy is contained in its own Word file along with any problems, and future changes I want to make. I separate a dedicated document for a disaster plan with overview of troubleshooting advice and who to call bout various things. I have document with instructions on how to do every scheduled task I have in my calendar. I have how-to procedures for each of those scheduled tasks.
I have user manuals saved, research docs, network diagram.
I have a MySQL database on my local computer where I've recorded all our hardware information, assets, computer specs, purchase and warranty info, model numbers, etc.

I have some docs in a self-hosted documentation tool called BookStack. I like it, but it seems she doesn't want to use a service, she wants everything in Word and Excel files in the cloud folder. So Airtable is no good, BootStack, MySQL, nope.

I have accounting information all laid out nice in an Airtable database which I link to from a doc in our cloud folder. She was confused by seeing a link and didn't even click it.

I really don't want to be stuck here for 6 months training laypeople to do IT work, writing endless user manuals for service providers, and changing formats of everything I've written for the last 8 years to make it conform to style choices.

What should really be expected of the IT person when they leave? I've heard everything from "hand over the passwords and walk" to "as a cornerstone employee it's your duty to not leave the company vulnerable at all." In some corporate high-level jobs, an exit strategy for important positions can take a year or two.

And believe me, there is no benefits while leaving. My vacation and sick pay is already cut off, my cell phone stipend is cut off, there is no severance. Heck we didn't even get a holiday bonus this year. So I'm being practically demanded to stay to do all this, while every benefit is already cut off simply because I've had "the talk" about wanting to leave. We don't even have an official last day.

This whole thing is driving me nuts right now. I consider them friends and I'm happy to have worked here 8 years so I don't want our relationship to blow up at the last second and lose any kind of reference I might have here. I'm sure they are in a bit of a panic, but what they are asking is months of work and to somehow distill 25 years of IT and web dev experience into one little "functions" black book that any layperson can follow to do my job. And there is no explaining to them otherwise.

On top of that, since they don't believe they can find a replacement who does everything I do for a reasonable price, they instead tell me I have to find my own replacement and to "use my circles" to track down a technical person.

I know a lot of responses here might be "just leave", but these things are easier said than done. I don't want their business to suffer, nor our relationship, nor my reference with them.

@Dashrender said in Password manager options for multi-user?:

Also, you don't have to give edit rights to the passwords you share to others, so little risk to shared info. In LP anyway.

This is paid version of LP I presume? I have to buy licenses for all employees here?

I have my free version and other people have shared passwords with me, but I think they were on paid versions.

I've read through this thread already: https://mangolassi.it/topic/15036/password-managers/113

I have all my passwords in LastPass (a free personal account) as well as business stuff in KeyPass which is stored in a NextCloud folder.

I'd like to share out sets of passwords without having to give it all away. A user-based system or perhaps user groups would be nice. I'd like to share passwords one by one to certain people, or just share a folder of passwords to a user/group, etc.

KeyPass would be hard to do this. I suspect I'd have to just split stuff into multiple files and give the master pass to certain people. This could get hard to maintain, especially if I need to have the same account in multiple files.

Then there is LastPass with a paid account for business (and other similar services). I like LP and have used it for years, but it does have quirks. It autofills wrong, it sometimes wants to overwrite/update a password when it shouldn't, it might not detect the domain properly if the login page can show up via multiple domains, etc etc.
In other words, it might be too much of a learning curve to make all our users figure it out, and too dangerous that they might overwrite passwords.

I'd rather have more of a "lookup" style where if they want to log in somewhere, they have to search for and find the password, then copy/paste it over. Much less danger of auto-stuff going on, and accidental wipes of the passwords.

It should also store attachments, specifically storing things like key files if needed.

I've got a list here, with LP, keeweb.info, enpass.io, Bitwarden.com, KeePassXC.

Supposedly there is also a keypass connection via NextCloud plugin, or some other plugin in NC, but nobody has given that good reviews, haven't looked into it.

My ideal situation is a multi-user offline interface. Something with an icon on my user's desktops, similar to how KeyPass works, but uses a saas type sync service or what-not.

Then everybody just looks at their specific list of stuff based on how the root/admin user shares it out.
Of course they could have either/both view and edit abilities as needed. And if someone edits one, it could alter the admin and even keep a record of the previous one. Like an audit trail.

I mean seriously, multi-user password management is like, there is nothing that great out there. With encryption and all that. We could obviously just use some kind of multi-user note taking app, but that isn't quite as secure as we'd like.

@Dashrender said in Can we force drivers to install any more in Windows?:

Did you try the F8 option that JB mentioned?

Yes.
From my research it seems that this is only for when you have truly unsigned drivers. In my case, they are signed but with an expired cert, although others have said this doesn't matter.

To complicate matters more, I've now tried two other computers, and been on remote tech support with the company who remote-logged in to both Win7 and Win10 and got neither to work. He just said the USB is having communications errors and wants to send back the device for a $450 service repair.

But I had a spare unit (our previous model) which itself was repaired and I kept it as a spare. But trying to install that, I'm getting all the same issues! Even though it uses a different drive for its own model.

@marcinozga said in Can we force drivers to install any more in Windows?:

@guyinpv I had similar issues with certain USB dongle, on Intel USB controllers, after upgrading to Windows 10. I had a PCIE USB controller lying around, non-Intel chip, and that allowed me to install drivers. If you have a spare controller, it's worth a try.

It's not a controller, it's a dual DVD duplicator/printer device.

On Win7 I cannot make it load anything past the driver signing error box. Absolutely nothing works.

On Win10 it immediately loads a MS driver and calls it "Unknown USB Device (Device Descriptor Request Failed)". It won't let me change or update the driver in any way, it just instantly install that as soon as it scans for changes, even in safe mode.

I even went so far as to rename the windows\inf folder so that it would have no drivers to search through, and it still loaded that default MS unknown driver!

Setting the date didn't do anything on the Win10 box I'm trying.

In fact, Win10 didn't really report any problems as far as signing, it just popped up a box asking if I wanted to install the driver and I said yes.
Then nothing happened. I checked Device Manager but still not loaded, I have a "Unknown USB Device (Device Descriptor Request Failed)" device.

When I try to uninstall this, it comes back the same. When I try to update, it refuses to find the drivers I have, says no drivers exist or that Windows already chose the right driver.

In fact, on the screen where I'm supposed to select the driver from a list (where the "Have Disk" button is), it actually says "This driver is digitally signed".

But when I use Have Disk and go to the driver folder, it doesn't even attempt to show me it. It just says "The folder you specified doesn't contain a compatible software driver for your device."

Keep in mind, the driver manufacturer specifically lists the driver as being Win 10 compatible. I'm assuming it doesn't see the driver because it's actually looking for the unknown usb device which is a Microsoft driver already loaded. In other words, even though it's an unknown device, MS has still loaded some kind of signed MS driver. Somehow the two aren't matching up.

So now I can't get it working on Win7, nor Win10.

I'm currently trying to set up a Win7 virtual machine with an older copy of 7.

In this thread, a commenter suggests that the expiration date for the certificate is not taken into consideration at all when Windows checks code signing.
https://stackoverflow.com/questions/20569189/how-did-this-unsigned-driver-get-installed-on-windows-7-64-bit

Here is a person over at Toms that seems like they ran into same thing: http://www.tomshardware.com/forum/id-3730907/disable-driver-signature-enforcement-working-anymore.html
No answers there however.

If it's the expired cert, then I either need to remove the cert entirely, perhaps allowing force of "true" unsigned cert? Or I need to somehow reup the cert somehow, probably not possible I would guess.

I have a DVD duplicator machine from Primera that is about 8 years old. The drivers they provide at the website claim support for Vista / 7 / 8 / 10, etc. They are dated November 2012. https://www.primera.com/bravo-pro-xi
It comes with 32bit and 64bit versions.

I've used this duplicator on a Windows 7 computer for years until the HDD died. I simply tried to install it onto another Windows 7 Pro computer but it absolutely will not install, I've tried so many things to get this to work.

The primary problem is that there is a signing error:

However, these drivers are in fact signed. If I dig into the cat file however, the only problem I can find is that the certificate is expired:

When I used Microsoft's signtool.exe tool, it passes the basic test for PnP device installation signing requirements. Reference here: https://docs.microsoft.com/en-us/windows-hardware/drivers/devtest/signtool

When I test for kernel mode code signing, it does fail, saying it "does not chain to a Microsoft Root Cert."

I have tried 4 or 5 techniques to allow or force Windows to install the drivers anyway. I've used registry entry to ignore driver sign errors. I've used gpedit to change policy and allow install of unsigned drivers. I've restarted and used F8 menu to boot without driver sign verification. I've set Windows to "test mode" and allow such drivers, gpdedit.
I've set policy to not let Windows attempt auto-install of drivers.
I've tried to force both the 32bit and 64bit driver, all the same errors no matter which I try to use.

The error in Device Manager is this:

All the tricks I find online seem to apply to Windows from years ago. I think some changes came with Win10 that MS decided to basically ignore all those policies and completely enforces not allowing drivers with signing issues, for Win 8 and 7 as well I think. Except that my driver is not unsigned, it's signed and has a valid cert, but the cert is expired, and it apparently doesn't chain to a MS root cert. So it's not like I'm trying to force an unsigned driver, just one with a couple signing issues I guess.
And further, only the 64bit driver should be dealing with kernel mode issues, that shouldn't be a thing with the 32bit version.

So the point is, no tricks to force the driver are working, and I think it has to do with Win7 updates within the last year. When it was originally installed on the first Win7 computer, all I had to do with click the typical box that pops up to "allow device installation anyway", which is a common thing IT folks have seen forever when dealing with older drivers. But Windows ain't doing that any more.

If the only option to run this printer is install some old Win7 version and not update it, I don't think that's a good idea. I don't think I want to even bother trying to load this on a Win10 computer even though the driver says it will work on Win10.

And I can't replace the machine that easily since they cost many thousands of dollars.

I'm either completely screwed here, or there is still some way to load this driver that I haven't found yet. Or somehow inject the MS root cert into the chain (if that's the issue), or somehow renew the cert so it isn't expired (if that's the problem).

So I'm done fighting this for the last 2 weeks. What am I missing?

@scottalanmiller said in I have to change cloud drive service yet again:

@guyinpv said in I have to change cloud drive service yet again:

@Obsolesce said in I have to change cloud drive service yet again:

Users aren't saving a copy to their hard drive, then putting it back after someone else moves or renames it?

Using the NextCloud Sync client, all the files are already local on their drives. So the users are using CTRL-X to cut files and paste them into other folders. And occasionally, those file operations reverse and a moved file goes back to where it was. Or a renamed files gets reversed. Or worse, a renamed and moved file because a duplicate in its original folder, leaving us with 2 copies with multiple names.

yeah, that's a behavioural thing that has to stop. Has to, period. Simply isn't something that they can do when using that kind of system, any system like that.

What behavior is better?

Assuming you mean they should stop using ctrl-x to cut and paste files. Are you suggesting they should, say, copy the file to their desktop, then delete the NC one, then copy the file back into the new folder location?

Funny thing is, when they ctrl-x and move a file, NC literally records the activity as a file move operation. It knows what just happened. That just makes everything that much more weird.

@Obsolesce said in I have to change cloud drive service yet again:

Users aren't saving a copy to their hard drive, then putting it back after someone else moves or renames it?

Using the NextCloud Sync client, all the files are already local on their drives. So the users are using CTRL-X to cut files and paste them into other folders. And occasionally, those file operations reverse and a moved file goes back to where it was. Or a renamed files gets reversed. Or worse, a renamed and moved file because a duplicate in its original folder, leaving us with 2 copies with multiple names.