IT contractor pilot fish starts work at a client site with tight security -- and as an outsider, he finds relations with the company IT staff difficult.
"Despite my best efforts to work with them nicely, every request for information dragged out and had to be escalated," says fish.
"My security clearance hadn't come through yet, so I couldn't get a network user ID from Fred, the IT Security guy, but I did have local access to the new hardware in the test lab so I could start work on the new, urgent, high-visibility proof-of-concept system."
Fish builds the server for the project, creates the standard user IDs for company IT staff and security-hardens the system according to the company policies he's been able to find.
One of those policies requires that there be no direct admin access, so fish also creates a temporary user ID for himself -- otherwise he won't be able to finish work on the system.
But next morning, that user ID has stopped working. Fish boots the server into single-user mode to diagnose the problem. Turns out his user ID has been deleted and the admin password has been changed -- by Fred, according to the logs.
"I emailed Fred to explain that it was a test server," fish says. "Then I reset the admin password, recreated my user ID and carried on installing applications."
Fish also finds email from the network monitoring team, about alerts his system is sending each time it's rebooted. He promises to notify the monitoring team at every reboot, so they'll know it's planned.
But the following day there's another monitoring team email: The server was rebooted at 7 p.m. without notification. Turns out it was Fred, deleting fish's user ID again. Fish recreates his user ID and this time disables all permanent staff user IDs so he can get on with his work.
Next day, fish's boss says Fred is complaining that fish has locked him out and has also created an unauthorized user ID -- a firing offense.
Fish explains what he's done and then points out that Fred is sabotaging fish's work on an important project, and fish is considering escalating that issue.
Boss says he'll handle it, and fish has no more trouble with Fred. In fact, once fish's security clearance comes through, it only takes Fred an hour (instead of the usual week) to create fish's proper user ID, with access to all company systems -- except the proof-of-concept system, because Fred doesn't have access to that.
Says fish, "To this day, I don't know if my counter-threat got back to him or if he was actually a helpful guy when not hiding behind regulations."
Sharky always needs your help. Send me your true tale of IT life at firstname.lastname@example.org. You'll snag a snazzy Shark shirt if I use it. Add your comments below, and read some great old tales in the Sharkives.
Get your daily dose of out-takes from the IT Theater of the Absurd delivered directly to your Inbox. Subscribe now to the Daily Shark Newsletter.