Early on in my sys admin days, I was hired into a small “lean” I.T. department, and promptly put in charge of the “near-completed” Novell to A.D. Migration. After a few days, while I was plugging away in the server room, I was approached by the Senior Network Engineer who proceeded to tell me what a hunk of junk this “A.D.” was.
The explanation he offered was that in Novell, you “can at least secure files so not everyone can see everything.” Confused, but still new to system administration, I just nodded my head until he left. After he walked out, I spent a few minutes on tracking down the issue.
What I found gave me one of those explosive out loud laughs that can get you in trouble. It didn’t stop there, tears and laughter flowed, they must have thought I’d lost my mind. Turns out in the early attempt to access files, the engineer had placed “Domain Users” into the “Domain Admin” group.
No need to ask, I still have the screenshot at home… I’ll withhold it from the web though, as to not incriminate anyone. But to this day, it still makes me laugh when I pull it up.
Don’t worry, I’ve created a mock-up for you… -Rob