So, this luser calls me up from Atlanta or somewhere and wants me to unlock another users account. This happens occasionally - a tech goes out to someones desk and needs to call in on their behalf. Fine, no biggie - BUT we stil need to positively identify a user before we can do anything to their account. After all, we don't want someone calling in to change someone elses password, right?

Well, the other user had just gone on vacation. He was using her login and password to run some reports. Apparently he doesn't have a login of his own. Well, that likely means he's not SUPPOSED to have access.

Since she was on vacation, I could not do anything to her account. NOTHING. Policy is quite explicit on this matter. He goes off on me a little bit - "You're stopping us from working until she gets back!"

Ok, NO. I am not stopping you from working. YOU stopped yourself from working when you got her account locked out. Not to mention that this company considers that a serious breach of security. They give out access freely here, IF you have a real need. If you were supposed to have access to that system, you'd have your own account. Period.

I told the guy he'd have to go through his manager, HR, and Main Security to get this resolved. He declined. ;) Probably knew he'd get in trouble...

Now, get off my back while I go tattle to my boss. :P

-OC

You're just like Cindy Brady from The Brady Bunch episode where she snitches on everybody...a tattletale. :P

Originally posted by faither
You're just like Cindy Brady from The Brady Bunch episode where she snitches on everybody...a tattletale. :P Heh. I only mentioned it to bossman to cover my *ss in case this guy decides to try to get me in trouble. :wavey:

-OC

remember the "old style" hacking?... where people would call in and convince computer system admins that they were teh user and had forgotten their password?... hehe - sounds like the same thing to me.

not many people have the guts or personal skills to pull it off, but occasionally they do it.

Ah, nothing like flexible responsive tech support to keep the company productive. :rolleyes: I mean, why look for a creative solution to this problem when you can just bring the dept. to a halt.

I understand that security is an issue but uninturrupted business should be the top priority.

Quick question...If the user called in and said he was locked out of the IT dept.'s payroll system and nobody there would get paid would the response still be the same?

OC, I'm with you on this one.

The guy already broke the rules, wants you to break more rules to help him out, you refuse (like you're supposed to) and now it's suddenly your fault that they can't get work done? Puh-leeze! If the rules are stupid, go talk to your boss about it... don't ask the support guys to break them!

Try using this guy's approach with a cop:

"But officer, I was going 90MPH because I'm late for work and I have an important deadline!"

"Sir, the speed limit posted here is 65MPH..."

"That doesn't make any sense. My car can go over 100MPH, and I'm a safe driver. Plus, I need to get to work on time - I have to be able to drive that fast. Now because of you and your stupid rules, my project won't be finished on time. My boss sure is going to be mad at you!"

:rolleyes: /writes ticket

Originally posted by Merlin
Ah, nothing like flexible responsive tech support to keep the company productive. :rolleyes: I mean, why look for a creative solution to this problem when you can just bring the dept. to a halt.Merlin, if I had been "flexible" (to use your own word) I would have been violating a very clear-stated security policy and put my own job in jeopardy. No way in hell I'm going to do that for some bozo that can't follow the rules. Would you be willing to put YOUR new job on the line? And I would very much like to hear what you might call a "creative solution" for this specific circumstance. This guys problem was this guys fault, period.


Quick question...If the user called in and said he was locked out of the IT dept.'s payroll system and nobody there would get paid would the response still be the same? That is an apples to oranges comparison, but I'll answer it anyway - YES, my response would have been exactly the same. Yes, it is my job to assist users, but it is also my job to do my part to ensure the security of the corporate network. And network security comes before user convenience, as it should.

There was a solution to the guys problem, but he chose not to pursue it. And again, HE was not locked out - he was using someone elses login information - in blatant violation of corporate security policy - and through his ineptitude got THAT account locked out. And as for the severity of the problem, I explained the situation to him and what I was and was not allowed to do. I then told him he could contact my manager if he wanted to. He declined. Again - I gave the guy the option of going through proper channels and he refused. So, you tell me how "severe" the problem was.

I remember a sign that was posted in the main office at my high school - A lack of planning on your part does not constitute an emergency on my part.

-OC