Learning Assessment (Group Exercise)

Instruction: As part of your function in the workplace, your group is assigned to create an IT support
infrastructure. The role of the IT Team is to ensure that all individual computers of the 500 employees
from upper management to front line staff will have at least 90% of system operability at any given
time. You are asked to create a proposal on your strategic plan for the following areas of consideration

1. Sizing
2. Funding
3. Management Chain
4. Skill Selection
5. Infrastructure Team
6. Customer Support
a. Helpdesk
b. Outsourcing
Area of Consideration Sample Guide Questions Strategic Plan (2-3 Bullet
to answer points of your strategy)

1. Sizing How many SAs do you

intend to deploy? What is
your ratio of employee to
ratio?

2. Funding Do you plan to do a

centralized or decentralized
SA funding structure?

3. Management Chain What is your proposed

organizational chart?
Please match your org
chart to your chosen
model (centralized vs
decentralized)

4. Skill Selection What skills do you intend to

have your SAs have? What
are your plans for future
upskilling ?

5. Infrastructure Team What specializations do you

plan to have in order to
support your centralized
structure?

6. Customer Support What is your target level of

customer satisfaction? What
will be your ideal Service
level agreement considering
your SA to customer ratio?

7. Helpdesk What tools do you intend to

use to manage your
helpdesk
tickets? How do you create
your ticket priority tasks?
How will it be assigned to
the SAs?

8. Outsourcing What other SA processes

and functions to you
intend to
outsource? What are your
reasons for outsourcing?

SYSTEMS ADMINISTRATION AND MAINTENANCE 8

Chapter 2: Workstations

We define a workstation as computer hardware dedicated to a single customer’s work. Usually,

this means a customer’s desktop or laptop PC. In the modern environment, we also have remotely
accessed PCs, virtual machines, and dockable laptops, among others.
Consider the life cycle of a computer and its operating system. Workstations are usually
deployed in large quantities and have long life cycles. As a result, if you need to make a change on all
of them, doing it right is complicated and critical.

Remy Evard’s Life Cycle of a machine and its OS (Operating System) – Demonstrates the life cycle of a
machine. It is thought to have its birth stage, usable stage, and death stage. The illustration below is
examined in Remy Evard’s paper “An analysis of Unix System Configuration” (Evard 1997).
Although his focus was UNIX hosts, it can be extrapolated to others.

Figure 7 - Evard’s Life Cycle of a machine and its OS

The diagram depicts 5 states:

1. New – refers to a completely new machine
2. Clean – refers to a machine on which the OS has been installed but no localizations performed
3. Configured – means a correctly configured and operational environment.
4. Unknown – is a computer that has been misconfigured or has become out of date.
5. Off – refers to a machine that has been retired and powered off

SYSTEMS ADMINISTRATION AND MAINTENANCE 9

1. Building and Initialization – since bringing computers into a configured state is important, the
setup process should be fast, efficient, and automated

a. Plan on installation time and repair time

b. Create an installation and repair process

2. Configured State - To extend the time spent in the configured state, we must ensure that the OS
degrades as slowly as possible

1. Choose an OS vendor properly - Some OSs require new applications to be installed by

loading files into various system directories, making it difficult to discern which files are
part of which package. Other OSs permit add-ons to be located nearly anywhere. On the
other hand, because UNIX provides strict permissions on directories, user-installed
applications can’t degrade the integrity of the OS.
2. Design the User Access - An architectural decision made by the SA can strengthen or weaken
the integrity of the OS. SAs must find a balance between giving users full access and
restricting them. This balance affects the rate at which the OS will decay.
3. Refrain from Manual Installation - Manual installation is error prone. When mistakes are
made during installation, the host will begin life with a head start into the decay cycle. If
installation is completely automated, new workstations will be deployed correctly.

3. Reinstallation/Rebuild Process – Is similar to the installation process except that one may
potentially have to carry forward old data and applications

1. Make right decisions first hand - The decisions the SA makes in the early stages affect how
easy or difficult this process will become.
2. Wipe out data before reinstallation - Reinstallation is easier if no data is stored on the
machine. For workstations, this means storing as much data as possible on a file server
so that reinstallation cannot accidentally wipe out data.

4. Retirement - Machines don’t last forever. Various tasks are associated with retiring a machine.
As in the case of reinstallation, some data and applications must be carried forward to the
replacement machine or stored on tape for future reference; otherwise, they will be lost in the
sands of time.

1. Establish a computer lifecycle management – adapt to the depreciation standards and other
governing bodies for electronic lifecycle management standards (e.g. PEZA)
2. Financial Planning for computer assets - an- agers need to learn about financial planning:
Asset depreciation should be aligned with the expected life cycle of the asset. The
modern way is to depreciate computer assets on a 3-year schedule.

Important: In this chapter, we use the term platform to mean a specific vendor/OS combination. Some
examples are an AMD Athlon PC running Windows Vista, a PPC-based Mac running OS X 10.4, an Intel
Xeon desktop run- ning Ubuntu 6.10 Linux, a Sun Sparc Ultra 40 running Solaris 10, and a Sun
Enterprise 10000 running Solaris 9.

SYSTEMS ADMINISTRATION AND MAINTENANCE 10

Workstation Management

Three critical issues are involved in maintaining workstation operating systems. If your site is to be run
in a cost-effective manner, these three tasks should be automated for any platform that is widely used at
your site. Doing these things well makes many other tasks easier. If your site has only a few hosts that are
using a particular platform, it is difficult to justify creating extensive automation. Later, as the site grows,
you may wish you had the extensive automation you should have invested in earlier. It is important to
recognize—whether by intuition, using business plan growth objectives, or monitoring customer
demand—when you are getting near that point.

Figure 8 - https://www.pexels.com/photo/serious-ethnic-field-engineer-examining-hardware-and-working-on-laptop-442152/

1. Loading the system software and applications initially - Automation solves a huge number of
problems, and not all of them are technical. Automation saves money - the time saved by
replacing a manual process with an automated one is a big gain. Automation also obviates two
hidden costs (mistakes by human error and nonuniformity of configuration across the devices)
a. Computers with Pre-loaded
OS -
Computers usually come
with the
OS preloaded. Knowing
this, you
might think that you don’t
need to
bother with reloading an
OS that
someone has already
loaded for you.
It is not advisable to do
that for
several reasons.

• First, you probably would

have to deal with loading
other applications and
localizations on top of a
vendor-loaded OS before the machine -shirt
would work at your site. sitting-on-black-rolling-chair-while-facing-black-co
Figure 9 - mputer-set-and smiling-840996/
https://www.pexels.com/photo/man-in-white-dress

SYSTEMS ADMINISTRATION AND MAINTENANCE 11

• Automating the entire loading process from scratch is often easier than layering
applications and configurations on top of the vendor’s OS install.
Vendors will change their preloaded OS configurations for their own purposes,
with no notice to anyone; loading from scratch gives you a known state on every
machine.
• Using the preinstalled OS leads to deviation from your standard configuration.
Eventually, such deviation can lead to problems.
• Another reason to avoid using a preloaded OS is that eventually, hosts have to
have an OS reload. For example, the hard disk might crash and be replaced by a
blank one, or you might have a policy of reloading a workstation’s OS
whenever it moves from one to another. When some of your machines are
running preloaded OSs and others are running locally installed OSs, you have
two platforms to support. They will have differences. You don’t want to
discover, smack in the middle of an emergency, that you can’t load and install a
host without the vendor’s help.

b. Fully Automated Installation - The most

important aspect of automation is that
it must
be completely automated. The best installation
systems do all their human interaction at the control (MAC) address. The technician
beginning and then work to completion should be able to walk away from the
unattended. Some systems require zero input machine, confident that the procedure will
because the automation “knows” what to do, complete on its own.
based on the host’s Ethernet media access
When the time comes to install the OS, the
Solaris’s JumpStart is an excellent example of a truly technician—who can even be a clerk sent to start
automated installer. A program on the JumpStart the process—need only type boot net - install
server asks which template to use for a new client.
A senior SA can set up this template in advance.

c. Partially Automated Installation - A lack of automation can be justified if there are only a
few of a particular platform, if the cost of complete automation is larger than the time
savings, or if the vendor has done the world a disservice by making it impossible (or
unsupported) to automate the procedure. Partial automation is better than no
automation at all. Until an installation
system is perfected, one
must create stop
gap measures.

Stop-Gap Measure - The

most basic stop
gap measure is to have a
well
documented process, so
that it can be
repeated the same way
every time. The
documentation can be in
the form of notes
taken when building the first system, so
that the various prompts can be answered
the same way.

Figure 10 - https://www.pexels.com/photo/a-man-carrying-a
pile-of-documents-8872512/

SYSTEMS ADMINISTRATION AND MAINTENANCE 12

d. Cloning and Other Methods - Some sites use
cloned hard disks to create new machines.
Cloning hard disks means setting up a host
with the exact software configuration that is
desired for all hosts that are going to be
deployed. The hard disk of this host is then Disadvantages of Cloning:
cloned, or copied, to all new computers as
they are installed. The original machine is
usually known as a golden host. Rather than
copying the hard disk over and over, the
contents of the hard disk are usually copied
onto a CD-ROM, tape, or network file
server, which is used for the installation.
Figure 11 -
https://www.computerhope.com/issues/ch001914.h
tm

1. First, the hardware of the new machine is significantly different from

that of the old machine, you have to make a separate master image.
2. if you want to make even a single change to something, you have to
apply it to each master image.
3. Finally, having a spare machine of each hardware type that requires a
new image adds considerable expense and effort.
4. Some OS vendors won’t support cloned disks, because their installation
process makes decisions at load time based on, factors such as what
hard- ware is detected.

Important Notes:

You can strike a balance in installation by leveraging both automation and cloning. Some sites clone disks to establish a
minimal OS install and then use an automated software-distribution system to layer all applications and patches on top.

Other sites use a generic OS installation script and then “clone” applications or system modifications on to the machine.

Finally, some OS vendors don’t provide ways to automate installation. However, home-grown options are available.

Whether your OS installation is completely manual or fully automated, you can improve consistency by using a written
checklist to make sure that technicians don’t skip any steps. The usefulness of such a checklist is obvious if installation is
completely manual.

SYSTEMS ADMINISTRATION AND MAINTENANCE 13

2. Updating the System Software and Applications - As time goes by, people identify new bugs and
new security holes, all of which need to be fixed. Also, people find cool new applications that
need to be deployed. All these tasks are software updates. Someone has to take care of them, and
that someone is you. Don’t worry, though; you don’t have to spend all your time doing updates.
As with installation, updates can be automated, saving time and effort.

Every vendor has a different name for its system for automating software updates: Solaris,
AutoPatch; Microsoft Windows, SMS; and various people have written layers on top of Red
Hat Linux’s RPMs, SGI IRIX’s RoboInst, and HP-UX’s Software Distributor (SD-UX). Other
systems are multiplatform solutions (Ressman and Valde ́s 2000).

Software-update systems should be general enough to be able to deploy new applications, to

update applications, and to patch the OS. If a system can only distribute patches, new
applications can be packaged as if they were patches. These systems can also be used for small
changes that must be made to many hosts. A small configuration change, can be packaged into
a patch and deployed automatically. Most systems have the ability to include postinstall
scripts— programs that are run to complete any changes required to install the package. One
can even create a package that contains only a postinstall script as a way of deploying a
complicated change.

a. Updates are different from installation - Automating software updates is similar to

automating the initial installation but is also different in many important ways.

i. The host is in usable state. Updates are done to machines that are in good running
condition, whereas the initial-load process has extra work to do, such as
partitioning disks and deducing network parameters. In fact, initial loading
must work on a host that is in a disabled state, such as with a completely blank
hard drive.

ii. The host is in an office. Update systems must be able to perform the job on the
native network of the host. They cannot flood the network or disturb the other
hosts on the network. An initial load process may be done in a laboratory where
special equipment may be available. For example, large sites commonly have a
special install room, with a high- capacity network, where machines are
prepared before delivery to the new owner’s office.

iii. No physical access is required. Updates shouldn’t require a physical visit, which
are disruptive to customers; also, coordinating them is expensive. Missed
appointments, customers on vacation, and machines in locked offices all lead to
the nightmare of rescheduling appointments. Physical visits can’t be
automated.

iv. The host is already in use. Updates involve a machine that has been in use for a
while; therefore, the customer assumes that it will be usable when the update is
done. You can’t mess up the machine! By contrast, when an initial OS load fails,
you can wipe the disk and start from scratch.

v. The host may not be in a “known state.” As a result, the automation must be
more careful, because the OS may have decayed since its initial installation.
During the initial load, the state of the machine is more controlled.

vi. The host may have “live” users. Some updates can’t be installed while a machine
is in use. Microsoft’s System Management Service solves this problem by
installing packages after a user has entered his or her username and password to

SYSTEMS ADMINISTRATION AND MAINTENANCE 14

log in but before he or she gets access to the machine. The AutoPatch system
used at Bell Labs sends email to a customer two days before and lets the
customer postpone the update a few days by creating a file with a particular
name in /tmp.

vii. The host may be gone. In this age of laptops, it is increasingly likely that a host
may not always be on the network when the update system is running. Update
systems can no longer assume that hosts are alive but must either chase after
them until they reappear or be initiated by the host itself on a schedule, as well
as any time it discovers that it has rejoined its home network.

viii. The host may be dual-boot. In this age of dual-boot hosts, update sys- tems that
reach out to desktops must be careful to verify that they have reached the
expected OS. A dual-boot PC with Windows on one par- tition and Linux on
another may run for months in Linux, missing out on updates for the Windows
partition. Update systems for both the Linux and Windows systems must be
smart enough to handle this situation.

b. One,Some,Many Technique - The ramifications of a failed patch process are different from
those of a failed OS load. A user probably won’t even know whether an OS failed to
load, because the host usually hasn’t been delivered yet. However, a host that is being
patched is usually at the person’s desk; a patch that fails and leaves the machine in an
unusable condition is much more visible and frustrating. You can reduce the risk of a
failed patch by using the one, some, many technique.
and gain
confidence that it won’t melt
someone’s hard drive, slowly,
slowly, move to larger and larger
groups of risk-averse customers.

ONE
machine may belong to you, so
First, patch one machine. This If the patch fails, improve the process until it works for a single
machine without fail.

there is incentive to get it right.

Then test it on a few friendly customers outside the SA group.

SOME
other
Next, try the patch on a few

machines. If possible, you should

test your automated patch process
on all the other SAs’ work- stations
before you inflict it on users. SAs End
are a little more understanding.

MANY As you test your system

SYSTEMS ADMINISTRATION AND MAINTENANCE 15
Important Notes!

An automated update system has potential to cause massive damage. You must have a well-documented process around it to
make sure that risk is managed. The process needs to be well defined and repeatable, and you must attempt to improve it
https://ebookreading.net/view/book/EB9780133415087_18.html
after each use. You can avoid disasters if you follow this system. Every time you distribute something, you’re taking a risk.
Don’t take unnecessary risks.

Here are a few tips for your first steps in the update process.
https://www.coursehero.com/file/p12vahjr/EVARDS-LIFE-CYCLE-OF-A-MACHINE-AND-ITS-OS
New-refers-to-a-completelyAn automated update system has potential to cause massive
damage.
• Create a well-defined update that will be distributed to all hosts. Nominate it for distribution. The nomination
You must have a well-documented process around it to make sure that risk is
begins a buy-in phase to get it approved by all stakeholders. This practice prevents overly enthusiastic SAs from
distributing trivial, non-business-critical software packages.
managed. The process needs to be well defined and repeatable, and you must attempt
• Establish a communication plan so that those affected don’t feel surprised by updates. Execute the plan the same
to improve it after each use. You can avoid disasters if you follow this system. Every
way every time, because customers find comfort in consistency.
time you distribute something, you’re taking a risk. Don’t take unnecessary risks. -new •
When you’re ready to implement your Some phase, define (and use!) a success metric, such as If there are no
machine/ the previous group. If there is a single failure, the group size
failures, each succeeding group is about 50 percent larger than returns to a single host and starts growing again.

• Finally, establish a way for customers to stop the deployment process if things go disastrously wrong. The process
document should indicate who has the authority to request a halt, how to request it, who has the authority to
approve the request, and what happens next.

3. Network Configuration - The third component you need for a large workstation environment is
an automated way to update network parameters, those tiny bits of information that are often
related to booting a computer and getting it onto the network. The most common system for
automating this process is DHCP. Some vendors have DHCP servers that can be set up in
seconds; other servers take considerably longer.

If you don’t use DHCP, they’ll rear their ugly heads sooner or later. Eventually, you’ll have to
renumber the IP subnet or change the subnet netmask, Domain Name Service (DNS) server
IP address, or modify some network parameter. If you don’t have DHCP, you’ll spend weeks
or
months making a single change, because you’ll have to orchestrate teams of people to touch
every host in the network. The small investment of using DHCP makes all future changes
down the line nearly free.

a. Use Templates Rather Than Per-Host Configuration - DHCP systems should provide a
templating system. Some DHCP systems store the particular parameters given to each
individual host. Other DHCP systems store templates that describe what parameters
are given to various classes of hosts.

The benefit of templates is that if you have to make the same change to many hosts,
you simply change the template, which is much better than scrolling through a long
list of hosts, trying to find which ones require the change. Another benefit is that it is
much more difficult to introduce a syntax error into a configuration file if a program is
generating the file. Assuming that templates are syntactically correct, the configuration
will be too.

b. Know when to Use Dynamic Leases - Normally, DHCP assigns a particular IP address to
a particular host. The dynamic leases DHCP feature lets one specify a range of IP addresses
to be handed out to hosts. These hosts may get a different IP address every

SYSTEMS ADMINISTRATION AND MAINTENANCE 16

time they connect to the network. The benefit is that it is less work for the
system administrators and more convenient for the customers.

The right time to use a dynamic pool is when you have many hosts chasing a small
number of IP addresses. It is often better to lock a particular host to a particular IP
address; this is particularly true for servers whose IP address is in other configuration
files, such as DNS servers and firewalls. This technique is termed static assignment
by the RFCs or permanent lease by Microsoft DHCP servers.

Typical office LANs are better suited to dynamically assigned leases. By ensuring that
certain machines always receive the same IP address, you prevent those machines from
not being able to get IP addresses when the pool is exhausted. Another reason for
statically assigning IP addresses is that it improves the usability of logs.

c. Using DHCP on Public Networks - Before 802.1x was invented, many people crafted
similar solutions. You may have been in a hotel or a public space where the network was
configured such that it was easy to get on the network but you had access only to an
authorization web page. Once the authorization went through—either by providing some
acceptable identification or by paying with a credit card— you gained access

Important Notes:

There are automated processes, and then there is process automation. When we have exceptionally high
confidence in a process, our minds are liberated from worry of failure, and we start to see new ways to use the
process.

If a standard configuration is going to be inflicted on customers, you should involve them in specifications
and design.
Having multiple standard configurations can be a thing of beauty or a night- mare, and the SA is the person
who determines which category applies.

SYSTEMS ADMINISTRATION AND MAINTENANCE 17

Instruction: As part of your function in the workplace, your group is assigned to create an IT support
infrastructure. The role of the IT Team is to ensure that all individual computers of the 500 employees
from upper management to front line staff will have at least 90% of system operability at any given
time. You are asked to create a proposal on your strategic plan for the following areas of consideration

1. Sizing
2. Funding
3. Management Chain
4. Skill Selection
5. Infrastructure Team
6. Customer Support
a. Helpdesk
b. Outsourcing

Now that you have produced your SA plan, your first task is to deploy workstations for your
employees. Here’s the breakdown of the departments and the number of employees for each
department:

1. C-Level Positions (1 CEO, 1 CFO, 1 COO, 1 CIO,) Your SA Team will be under the Chief
Information Officer. C-Level positions include 1 Executive assistant each
2. Under the Finance Department, you will have the following staff. All of these will have 5
administrative staff each
a. Finance Director
b. Finance Budget Officer
c. Finance Accounts Receivable Officer
d. Finance Accounts Payable Officer
e. Finance Cashiering Unit Officer
3. Under the Operations Department, you will have the following
a. Operations Manager (5)
b. Operations Supervisor (10)
c. Operations Personnel (Office = 50)
d. Operations Personnel (Field = 20)
e. Quality Assurance (10)
f. Human Resources (10)
4. Under the IT Department, you will have the following
a. Your SA staff
After being hired, you are informed about the nature of the business. The business is a large workforce
of Sales and Marketing team that sells condominium units across different parts of the country. Their
target market are the middle class population. Their office hours are from 8:00AM – 5:00 PM (Monday
to Friday) and they often ask field employees to render work on Saturdays in a flexible time.

In order to start their business, the SA team needs to do the following:

1. Deploy Workstations that will be used by in-office and field employees
2. Deploy Operating Systems for all computers brought from an international supplier (IBM)
3. Create User Accounts and define their roles

Deliverables:

1. Create your user policies for each department

2. Create an OS installation and repair plan
3. Create a process for machine cycles

SYSTEMS ADMINISTRATION AND MAINTENANCE 18