Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Best Tools for a System Administrator


  • Please log in to reply
12 replies to this topic

#1 m1ckrz

m1ckrz

  • Members
  • 39 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Los Angeles
  • Local time:06:27 AM

Posted 13 April 2014 - 03:10 PM

I just recently picked up a few books: "NMAP Cookbook", "Powershell: Deep Dives", and the "Linux Command Line".

 

I have been looking to advance my career (currently a low-level internal support technician) to more development level administration.

 

I wanted to get the community input on the best tools to have in your arsenal. I am currently learning Python, Powershell, BASH, and NMAP. Any other suggestions?



BC AdBot (Login to Remove)

 


#2 Kilroy

Kilroy

  • BC Advisor
  • 3,445 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Launderdale, MN
  • Local time:08:27 AM

Posted 14 April 2014 - 01:05 PM

What do you mean by development level administration?

 

What do you want to do?



#3 m1ckrz

m1ckrz
  • Topic Starter

  • Members
  • 39 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Los Angeles
  • Local time:06:27 AM

Posted 14 April 2014 - 05:08 PM

By development level, I mean AD administration, automation, etc. Currently, I'm basically a hardware tech. I setup new users, troubleshoot office apps, repair PCs, keep track of licenses, etc. However, I'm trying to advance into a better position. My current position provides me a lot of leeway, however. I don't get paid great, but as long as I keep everything running, my free-time is dedicated to projects as I see fit. So, I have a pretty good idea of standard skill sets I need (BASH, Powershell, AD), but I wanted to see if there were any other tools that may help. I've heard of Vim, AutoIT, and various others. Just wanted to get community suggestions.

 

To be specific, in the future I will be managing a Server 2008 AD/DC, file-share server, a Citrix development lab, and a Samba box. Because we have so many old machines, I wanted to (once everyones on the domain) automate the process of pushing software updates, configuration, and images over the network.

 

Sorry if its vague. Let me know if I should be more specific.



#4 Kilroy

Kilroy

  • BC Advisor
  • 3,445 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Launderdale, MN
  • Local time:08:27 AM

Posted 15 April 2014 - 10:28 AM

Learn your remote access tools, Remote Desktop Protocol, Windows Remote Assistance, and any others you have in your environment.

 

Powershell and BASH will serve you well.  As automating as much as you can makes your life easier.  Automation also ensures you do the same thing every time.

 

Automating software installs you will probably want to learn about Microsoft System Center which is great went it works and nothing but pain when it doesn't.

 

Another possibility would be to get the CompTIA Network+ and Server+ certifications.  You might consider studying for and taking the exams for Microsoft server.  It will give you an idea of how Microsoft believes things should be done.  Even if you don't get the certifications the information you would need to study would be a good foundation.

 

If you plan on staying with the same company you are currently working study the things that will help you in the environment that you are in, rather than things that have no bearing on the job you are doing.  After you know the things you need for the job you are doing start working on the things you need to know for the job you want.



#5 m1ckrz

m1ckrz
  • Topic Starter

  • Members
  • 39 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Los Angeles
  • Local time:06:27 AM

Posted 15 April 2014 - 11:15 PM

I'm actually currently trainingf for my Net+, MCITP, CCNA, and Sec+.

 

I'll check out MS System Center. We just installed a Citrix virtualization server (because my boss is not too keen on dropping any cash on new infrastructure).

 

I am pretty familiar with RDP; I use it regularly to interface with the local PCs. I've been considering setting up a tunnel so I can interface from home. Currently, I work during our uptime, so I'm trying to implement remote tools so that I can workl from home and get into the office after hours.

 

Thanks for the tips. I'll stick with my current path. Just wanted to get an idea if there was anything I was missing.



#6 JohnnyJammer

JohnnyJammer

  • Members
  • 1,117 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:QLD Australia
  • Local time:11:27 PM

Posted 16 April 2014 - 08:46 PM

Personally i like to use logon scripts to deploy/uninstall software and WMIC which you can do practiclly anythign on a remote node similar to powershell. Its basic, every machine has the capability and is also agentless.

Updates are done through WSUS, WSUS when you really understand it can be a job in its self!.

Definatley learn how to setup GPO's and secrutiy policies, DFSR etc.

File permissions are also critical, there are sharing and NTFS permissions which require different security and also i never have a visible shared folder its always got the $..

terminal services, there literally is so many thing to advance that i couldnt fit it al in one page but things like learning the Office suite and also Autocad help immensly as well. I would be looking for industry standard software and learn the hell out ofit, i also do all the programming as a side project which i have been given bonuses for as well.

 

In the end, i think you need to ask the manager what they want from you and set a target. Every company has different needs and they like to train you for them.


Edited by JohnnyJammer, 16 April 2014 - 08:47 PM.


#7 m1ckrz

m1ckrz
  • Topic Starter

  • Members
  • 39 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Los Angeles
  • Local time:06:27 AM

Posted 17 April 2014 - 04:05 AM

I have sharing/permissions down pat. I setup a file-share server completely through icacls with obfuscated shares and assigned permissions. I'm currently learning AD at home and mapping all our users over to the domain at work, so hopefully it shouldn't be too long till I have my MCITP. I'll check out WMIC and WSUS. I have been playing around with the WAIK in hopes of setting up an imaging environment for our machines. Our turnover rate is pretty high and I like to reimage machines in between users.



#8 Kilroy

Kilroy

  • BC Advisor
  • 3,445 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Launderdale, MN
  • Local time:08:27 AM

Posted 17 April 2014 - 12:12 PM

PsExec is another useful tool.  You can use it to run things on a remote machine with your rights.

 

I really only use WMIC to list the software installed on a machine and uninstall it remotely I'm sure there is more you can do with it, but those are the two most useful things I've found to do with it.

 

Using an elevated command prompt

runas /user:%COMPUTERNAME%\Administrator cmd

can allow you to do a ton of things when remotely connected to a limited user's machine, launch device manager or disk manager, reg edit,  and manage BitLocker are a few that I've things I've used it for.

 

The best advice I can give you is to learn and use the tools you already have available.


Edited by RKilroy, 17 April 2014 - 12:14 PM.


#9 m1ckrz

m1ckrz
  • Topic Starter

  • Members
  • 39 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Los Angeles
  • Local time:06:27 AM

Posted 18 April 2014 - 12:55 PM

Thats exactly what my motivation is: mastering the integrated aspects of multiple operating systems. I love using BASH and I'm getting into Python too because I hear it is a good scripting language and is relatively good for beginner programmers. That said, as much as I can't stand Windows, its sort of a necessity for the industry. I just downloaded PsExec and it looks pretty sweet. WMIC is awesome! The ability to add/remove programs is a big help because a lot of the machines are configured as admin so there is a lot of bloatware. This provides easy remote cleanup.

 

UPDATE: Just used WMIC to provide malware removal for one of our office admins! All from the comfort of my office and my coffee maker!


Edited by m1ckrz, 18 April 2014 - 01:51 PM.


#10 Kilroy

Kilroy

  • BC Advisor
  • 3,445 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Launderdale, MN
  • Local time:08:27 AM

Posted 18 April 2014 - 03:07 PM

Getting rid of users with Administrative rights needs to be a priority in any organization with formal IT support.  Yes, it is a battle with the users who believe they need Administrative rights, but it is a battle worth fighting because it doesn't allow users to foul up the machine to a point where reimaging is the best/only option.  Support tickets will increase initially, but they are all quick tickets to install or configure.  Removal of Administrative rights will free up IT for more proactive work rather than the reactive role they are currently in.



#11 m1ckrz

m1ckrz
  • Topic Starter

  • Members
  • 39 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Los Angeles
  • Local time:06:27 AM

Posted 28 April 2014 - 07:30 PM

Thanks for the advice. I quoted your post and showed it to our CEO and it was the catalyst for a discussion about the future of infrastructure =D



#12 JohnnyJammer

JohnnyJammer

  • Members
  • 1,117 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:QLD Australia
  • Local time:11:27 PM

Posted 21 May 2014 - 01:44 AM

Yes WMIC does rock, you can use it for practically anything. Some ahndy ones are,

 

Start remote registry for edit (wmic /node:targetcomputer service where name='remoteregistry" call startservice)

Another might be for getting usernames from AD(wmic useraccount get name | sort)

get SID of users(wmic useraccount where name="administrator" get sid)

When editing registry on terminal server it can be hard to tell which user the SID belong to so this command helps(wmic useraccount where sid="SID------" get name)

So many more man, if you want some tips and scripts let me know.

wmic /node:targetcomputer process call create "defrag C:"


Edited by JohnnyJammer, 21 May 2014 - 01:45 AM.


#13 m1ckrz

m1ckrz
  • Topic Starter

  • Members
  • 39 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Los Angeles
  • Local time:06:27 AM

Posted 28 May 2014 - 07:19 PM

Yes WMIC does rock, you can use it for practically anything. Some ahndy ones are,

 

Start remote registry for edit (wmic /node:targetcomputer service where name='remoteregistry" call startservice)

Another might be for getting usernames from AD(wmic useraccount get name | sort)

get SID of users(wmic useraccount where name="administrator" get sid)

When editing registry on terminal server it can be hard to tell which user the SID belong to so this command helps(wmic useraccount where sid="SID------" get name)

So many more man, if you want some tips and scripts let me know.

wmic /node:targetcomputer process call create "defrag C:"

 

I referred to this post a few times last week and used a good number of those examples. WMIC is the jam. I also found that NMAP is integrated into a number of enterprise network inventory apps. Getting familiar with it helped me with a number of third-party programs.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users