Less is more

If you don't read xkcd comics, then you are missing out.  The latest one is absolutely hilarious.  Take a look:


There is not much to add to this comic.  The real temptation here is to just stop writing and let this comic speak for itself (some of you are probably cheering for that decision - alas, I cannot hold my tongue).

This a great reminder of reality in security, IT, and life in general.  Who knows how many times in my career I have over-thought something, looking for a solution in the most complicated manner when the fix was right before my eyes?  

I remember a time when I was hard at work as a Senior Network Administrator (this is probably one for the Shark Tank) working on upgrading our Citrix Winframe farm to Metaframe.  The other senior guy and I were working on getting login scripts to work and making sure all of our applications were compatible by running compatibility scripts (this was back in 2000 I think).  We were working on a Sunday night, and the farm needed to be back online by that Monday morning (no pressure).  It was around 11:45pm, and all was coming together.  We had all the kinks worked out that we could find, and we were about to wrap it up and get some sleep so we could be ready for the next morning's inevitable rush of calls.

I logged in as our test user right before midnight to do some final testing.  As the login scripts ran through, I noticed some weirdness.  I started looking at what was going on, trying to figure out what I had seen, and then everything started acting very weirdly.  I could not get into some server resources and other areas.  Applications were not working.  All was going downhill very quickly, and this was the same user I had utilized only 20 minutes before with no issues. 

Of course, I went into full panic and troubleshooting mode.  I checked with the other admin to make sure he had not made any changes.  I started checking scripts.  I started making sure servers weren't down.  I checked everything that popped into my head.  Nothing was working, and I was getting more and more frustrated.

After about an hour of testing, my brain was turning into mush from too much work and the late hour.  I finally decided to get up and take care of a biological need.   As I walked down the hall, I was hoping and praying for an answer.  Then it suddenly struck me.  Login time restrictions.  Yes, we limited the times people could login back then so we could get a clean backup during the night.  We had copied another user to make the test user just like every other user for the sake of realistic testing, and we had simply forgotten about time restrictions.  And that restriction fell at midnight Central time, which fell right in the middle of when I had logged in to do some final testing.  Hence, I was allowed to login to the domain, but some of the resources didn't allow me to access them because of the restriction.  So I went back to the user and took off time restrictions, then logged in again.  All went perfectly, and I sighed a huge relief.

So if you are running into a situation such as this, just take a step back and look at the situation from a higher level before you start digging too deep into the weeds.  You might save yourself some time and sleep.


Copyright © 2009 IDG Communications, Inc.

Shop Tech Products at Amazon