I’m sending this to my boss to remind him why monitoring disk space is vital.

You are viewing a single thread.
View all comments View context
9 points

…it triggered a scream test for our users.

This phrase has brought me much joy.

permalink
report
parent
reply
7 points

It’s such an accurate term. I worked in IAM for a while and when no one claimed ownership of an application account, we’d go with a scream test. Lock the account and see who screams at us lol.

permalink
report
parent
reply
4 points

We had that some time ago with a service account for a specific system where individual personal accounts weren’t (yet) feasible. The credentials were supposed to be treated with confidence and not shared without the admins’ approval. Yeah, you can guess how that went.

When the time came to migrate access to the system to a different solution using personal accounts, it was announced that the service account password would be changed and henceforth kept under strict control by the sysadmin, who would remotely enter it where it was needed but never hand it out in clear text. That announcement was sent to all the authorised credential holders with the instruction to pass it on if anyone else had been given access, and repeated shortly before the change.

The change was even delayed for some sensitive reasons, but eventually went through. Naturally, everyone was prepared, had gone through the steps to request the new access and all was well. Nobody called to complain about things breaking, no error tickets were submitted to entirely unrelated units that had to dig around to find out who was actually responsible, and all lived happily ever after. In particular, the writer of this post was blissfully left alone and not involuntarily crowned the main point of contact by any upset users passing their name on to other people the writer had never even seen the name of.

permalink
report
parent
reply
5 points

When I was working in that old job we had one particular fiasco that legit stresses me to remember. We have this account, no one knows what it does, but the password has never been rotated, it’s not vaulted, etc. There’s 5 apps that share the DB. I contact all the app owners, no response.

I wait a week and escalate the their bosses. No response. I send emails every single day to everyone including all the dev teams. Not one “lemme check on that” or anything. Our policy was to wait 90 freaking days for a non single user account. I’m getting yelled at to get this ticket closed when the day comes.

I go in, lock the account, change the password, and kill all DB sessions. Within 15 minutes I’m paged for a priority one incident because a trading app is down, causing the whole floor to be out and they’re losing millions every minute.

I tell them what I did and forwarded emails to everyone. The executive director is screaming at me, telling me I’m gonna be fired soon and I better fix it right now.

Sure, I can unlock the account and even force the password back to the old version. What’s that? No one knows what the old password was? Nothing I can do. Fortunately my executive director was awesome and stepped in to take the call. Overall they were down for an hour and a half. I looked at the incident later and they claimed $100 million in losses. The app owners wanted me fired. They got the uno reverse though and lost their jobs over it.

Fuck that job lol.

permalink
report
parent
reply

Sysadmin

!sysadmin@lemmy.world

Create post

A community dedicated to the profession of IT Systems Administration

No generic Lemmy issue posts please! Posts about Lemmy belong in one of these communities:
!lemmy@lemmy.ml
!lemmyworld@lemmy.world
!lemmy_support@lemmy.ml
!support@lemmy.world

Community stats

  • 429

    Monthly active users

  • 204

    Posts

  • 2K

    Comments