Courses for administrators! For what?

Foreword

I am a Microsoft Certified Trainer. And for a long time I have been teaching various courses for system administrators. Different people come to training: from novice administrators to highly skilled system administrators. Objectives beginners easy to understand: familiarity with the product and gaining skills to configure it. And why experienced administrators come to the courses? I will try to answer this question. I do not want to use any common phrases, but I want to show specific examples of what the long-working specialists in my courses have learned. I will write a few examples on Windows Server and SQL Server.

Backup sql

It would seem that everyone has a backup set up, everyone somehow does it, it works, there are no questions. However, in fact, there are a lot of details.

The real situation. The working database of the listener 2TB. Configured backup third-party tools. Time to create a full copy is 3-4 hours, which, in general, suits. However, the stability of the third-party system leaves much to be desired. Means MS SQL time to create a full copy of about a day, and it is already very long. In the SQL course that the listener went through, the topic of backup was revealed in great detail. Recently, I received a letter where he writes that after compression was turned on, the backup time using MS SQL was reduced to 2 hours.
')
Another situation. The specialist is tasked with setting up a backup to a network folder. The task is solved extremely simply: the archive is created on a local disk, only after that it is copied by third-party tools to a network folder. We deliberately recreated a similar configuration on the course. After several operations to configure the SQL server services, accounts and permissions, we were able to set up a backup to the network folder right away.

Active Directory

Recently, a friend of mine said the following phrase to me: “What can be so complicated there — created a user and that's it. You can figure it out on your own. ” Of course, he is right: if you learn to learn at the beginning of your IT career, then you can learn a lot yourself. However, there are some moments that you do not pay attention to when studying independently, but they can significantly simplify the solution of the problem.

At each AD course, at least half of the students grab their heads when they find out such an interesting fact. It turns out that by default, in AD each user can enter computers into the domain. Those. in general, any AD user can add his personal laptop to the domain without the administrator's knowledge. To block this feature, you need to change only one attribute.

If we talk about group policies, the most important thing is that everyone can use them. Of course in varying degrees, but that's all. But on courses, students are very interested in the following points in this topic: an overview of group policy settings, the sequence of applying group policies, issuing permissions, WMI filters.

Recently I was asked a question: “How to create folders for users on a network ball and then connect them as network drives? And then I'm writing a script in BASIC. ” And I would write, and the script would somehow work. But Group Policy already has a built-in Group Policy Preferences toolkit that can do this. Using Preferences, you can create folders on a network share by a user name, create network drives on these folders and properly configure permissions and much more, which is usually done by scripts.

Windows server

Audit, VPN, quotas, firewall - this is not a complete list of what students get a fresh look after learning.

Simple problem. The network folder has full access to the user group. In this situation, it is not uncommon to contact the IT department of the following type: “Who deleted the file? Can you restore it? ”, Or even worse:“ Why did YOU delete the entire contents of the folder? ”. The solution is simple - setting up an audit of the file system so that you can see who deleted the file and when. And if you configure shadow copying, users themselves will be able to recover deleted files. But for some reason, only a few people for my entire experience confirmed that everything was exactly that set for them.

Strange, but in most companies, users store any files anywhere and in any quantities. But the configuration of the same quota in Windows Server is implemented in a wonderful way. Not enough space on a network drive? You can, for example, limit the amount of downloadable files to a network folder for each user. Tired of removing FullHD movies from network drives? You can prevent users from saving certain file types. And if you add to this a lot of reports for the administrator and the user - then this is a find for the responsible. Setting up all the capabilities of file storage is so simple and clear that when asked to the listeners: “Why haven’t you set it up so far?”, The answer usually comes down to the following: “We didn’t know that it was possible and didn’t know that it was so simple".

Conclusion

I tried not to talk about any complex technologies, because Questions on them much more. I presented simple examples of how experienced administrators discovered something new in the course. Maybe it will seem to you that I have demonstrated the most primitive situations. However, one should not think that during training only something simple is considered. On the contrary, the courses are filled with very complex material, which is really difficult for self-development and needs additional explanation from a knowledgeable specialist.

I would like you to think a little about a few questions:

• Do you really know the software products that you administer?
• What are your outstanding challenges?
• Are you completely satisfied with the work of your information network infrastructure?
• Maybe it's time to call the training center and find out the schedule of courses and prices?