1

What would you do if you got offered a job to replace the existing IT guy that recently died due to some unfortunate accident?

He had nothing documented, you don’t have any passwords, and you can’t find the keys to the server room. What now?

Today my supervisor came to me and we discussed this situation just in the off chance that something bad happens to me, he doesn’t want to experience what it will take to get a new IT guy in to figure out our system within a reasonable amount of time. He tasked me to create a document that basically points to how to find things and information that would help the next IT guy.

So I need some ideas, If you accepted a job in a situation where the previous IT guy wasn’t around, what would be some things that you wish you had so that you can figure out how everything is tied together? I got the basics like where to find the passwords etc, but what else could i include in this document?

18 Spice ups
2

I can think of 4 big things that would be beneficial to have. First is a network map with IPs, so I know what is in the network and where it’s located. Second is a password database. Third is a list of vendors and contact info. Lastly are steps for setting up and maintaining the software used.

12 Spice ups
3

Do what the other guy didnt. Document everything, save pws somewhere secure(and give copy of these to the boss), keep keys on your keychain and in someone else’s office at work.

Then make some basic procedures that someone can do for common issues. Say you have a print server that crashes often, make a ‘how to’ to get it working. Save all this stuff, print copies and put in a binder.

4 Spice ups
4

How about all the licence information? It would be good to have evidence of when and what software had been purchased and where it is used.

1 Spice up
5

Seconding everything listed above so far.

Consider the things you need access to on a daily basis - those would be the first things I’d document. Passwords especially. I know one way of doing it is having a digital password database somewhere that the execs can access it on the network, and giving a sealed envelope to your boss with the password to the database that s/he can keep locked up. In case of rogue bus, the envelope can be opened for the master password. Documenting how to use and administer software the company uses is another big one. Probably not quite as important on things easily researchable, like Office, Exchange, etc, but for things like this you should absolutely document your environment’s specific settings, as well as why they’re in place. In addition to a network map, documentation on different vlans is important, if you have multiple vlans. If you have a backup IT provider, their contact info should be included.

3 Spice ups
6

Nasty!
Let’s see, if I die I can’t give a fcuk, can I?
And of course, we know better in securing passwords than pass them to the CEO.
But on the other hand, I would be glad to have AD credentials along with all of the above said.
And tbh, the vendor/contacts list was the most difficult thing to make out when I took the job, because in some cases there weren’t even receipts for the software/hardware.

1 Spice up
7

Use a Password Manager, which you and your boss have access to. Do not use your personal login account for anything. Create service accounts whose passwords change periodically and store them here. Save detailed information in the notes section, where used, why used, when last changed, etc…

Any software\licensing\cloud\billing accounts are sent to a generic email address… be it a shared mailbox or a distribution group.

Find an asset management system and document warranty, unique software, etc…

Create a Wiki somewhere, MS Teams, Microsoft SharePoint Server 2016, wherever, and document how\why\where

2 Spice ups
8

This. This right here.

1 Spice up
9

We keep detailed logs of systems and Equipment on top of the other suggestions to know if continued troubleshooting or re-use is worth it or if it is time to replace

1 Spice up
10

Thank you guys!

Keep it up with the very helpful information. I think I at least have an idea where to start.

It honestly kinda bothers me about the whole thing. I understand why they would like it, but still, its like filling out your own Will

1 Spice up
11
  1. Network Map with all devices listed by ip address, VLANS, DMZ

a. Any managed device should have login information listed in a password protected doc

b. Backup of configuration saved to a network location\

c. Firewall: VPN access, open ports and documentation on each rule and why it exists

  1. Password list locked with password or password manager

a. for service accounts

b. for vendors

  1. DNS settings

a. Hosted by

b. MX records, as well as other hosts

  1. Server list with applications and purposes for each

a. SQL/database, SA/root password

b. Update protocol

  1. IT assets lists

a. Warranty information

b. Age/ refresh cycle

  1. Software licensing

  2. Vendor lists

a. Phone vendor with Site ID, password

b. Data/internet vendor with circuit ID, password

  1. Physical access

a. keys, cards or locations

  1. Workstation image builds for each type (admin/workstation/exec)

Since no one is bringing this up, I will. Typically you should already have some form of these for your own sake. A situation where your boss is asking for this documentation it means that they are looking at replacing you or bringing in a MSP provider.

2 Spice ups
12

In these situations, it will feel like they are asking you to do this so that someone else can take over so they want to “milk your knowledge”. Perhaps, keeping all the information in his head or private note books kept the last guy in his job! However, you have to be professional. Hopefully, you have your contract settled so that you have satisfactory conditions for you to do the job. You can only document and maintain the system to your best ability. Perhaps, go slower on some critical details until you see how things are going. Having made a good start talk to the Boss about your concerns.

1 Spice up
13

Don’t forget the physical security measures, where to keep spare set of keys to all the facility doors and server rooms etc.

2 Spice ups
14

Off the top of my head, the basics I would need would be a complete IT inventory (IP, Location, Name, etc.), a fairly detailed network diagram, listing of everyone’s phone numbers/extensions, all credentials related to administration, list of vendors and their point of contacts, and my direct Chain of Command.

1 Spice up
15

Think of it differently.

What if you want to go on vacation? What if they hire someone to help you? Same info will be very helpful…

1 Spice up
16

Gotta love the “what if you get hit by a bus” documentation. On one hand, you don’t want to make yourself too expendable, but on the other hand, you don’t want to sabotage your employer from the grave. (Or do you?)

Personally, as a one man IT department, I try to keep:

  • Documentation of all important vendor contacts.

  • Network diagrams including LAN, WAN, and WiFi networks, and backup connections if applicable.

  • Inventory with IP addresses, OS, and any licensed software listed. Also warranty information and anything else you find pertinent.

  • Licensed software information like purchase dates, expiration dates, maintenance renewal dates, invoices and license certificates, etc.

  • Process lists or diagrams showing what’s installed where and what depends on what.

  • A folder of instructions for solving common issues, and who to contact if you can’t solve them.

  • A list of standard procedures, network naming conventions, PC setup standards, user setup conventions, and any forms you use.

  • Admin user names and passwords for various systems (encrypted and password protected, of course).

  • A list or index of all of the above would be handy.

There’s probably more that I’m forgetting, and your environment might require more, or less. Of course all of these items need to be reviewed and updated periodically, or they’ll be useless after a while.

1 Spice up
17

In addition to the major stuff, keep a list of quick fixes too. You know, those maddening little things that really have no resolution but require a specific SQL command to get things running again…

1 Spice up
18

Okay, you beat me to it.

Anyone with any analytical chops at all should be able to see this. Unfortunately, unless you’re willing to confront your boss, your only choice is to get this done. And don’t just update your resume, get it out there so you don’t have to sit on the bench for months between this job and the next one.

Good luck on your next gig!

1 Spice up
19

I don’t think they are going to replace me or bring in an MSP. It was just brought up because my supervisor went to a seminar and they put a lot of “what if” scenarios in his head to get him thinking. This is literally just “what if you get hit by a bus…” that needed to be addressed.

But honestly most of this stuff should have been documented to begin with, but the last IT guy that I replaced screwed up everything, so nothing is really documented

20

Welcome to my world.

I happen to love the SDLC phase called “Discovery” almost as much as I love “Analysis” and “Design”, but it’s hard work to dig up every little detail, especially if “the last IT guy” was a bad Googler & didn’t really know what s/he was doing. Writing it down as you find it helps worlds in keeping track of where you’ve been plus gives you the interactive documentation creation you’ll need next year when you’ve moved on to other tasks & don’t remember what raft of stuff was in your head when you first found it. Whatever “it” is…

Maybe this is a good time to ask your boss to allow you the time to do that Discovery and Documentation process, and let someone else take the random daily “I can’t print” or “I can’t E-mail” tickets?

:^)

1 Spice up