Ex-alcoholic-admin has put his email in every alert, system, login possible..was still fired
Posted by masterofrants@reddit | sysadmin | View on Reddit | 276 comments
I just started in this new job and this is my best guess of what happened.
Looks like this dude thought if he puts his direct email in all alerts and puts every login in his direct "name@company.com" instead of using something like "support@" - the id the whole team is suppose to use, he thought this will guarantee him a job here since "only he knows everything".
Later when I joined and had my first teams call with him it was obvious he was fucking slosheddd at 2 pm or something.
Within a week I was told to take over as much as I can from him and then we disabled his access and fired him on call..
Guess the point is please don't try this at home, it won't save you and now it's making us miserable trying to figure out all this access and alerts he has setup and change them accordingly.
Guru_Meditation_No@reddit
Alcoholic ex-admin If different from Ex-alcoholic admin
I've worked with fine folks who were In Recovery.
I suspect your colleague's email shenanigans may have simply been rooted in laziness more than any harebrained effort to be unreplaceable. Alcohol doesn't lend itself to overthinking.
AcornAnomaly@reddit
His account's disabled, so he can't access it. Good.
If his mailbox hasn't been deleted, put forwarding on it to send all his emails to you or to the support address.
If it has been deleted, make his old address an alias to yours or the support box.
Then just watch notifications, and if you see any, move them over to the proper address. (This is why I'd recommend forwarding stuff to your own mailbox, at first. Makes it easy to tell the difference for what's been moved over.)
marafado88@reddit
And start the long journey of changing those alert notifications to a different email address or even disable.
KareemPie81@reddit
Or ya know, just delegate access
Hollow3ddd@reddit
And litigation hold before or have good backups in place. We all make mistakes
AcornAnomaly@reddit
Delegating access is probably the right choice for this scenario in general(user leaving the company, another user is assuming his duties), if you still want to retain the original mailbox.
In this specific case, however, some of the stuff going to the mailbox could very well be urgent, which doesn't fly with needing to manually and periodically check another separate mailbox.
KareemPie81@reddit
Just me, I hate forwarding for legal and liability reasons. Throw a litigation hold on it and share it. Do the same with one drive. As matter of fact I have a nice little script that renames mailbox(former employee append), uploads PST to SharePoint, zip of one drive, delagstes box to manager and sets OOO
LibrarianSad7350@reddit
Hey, I'd love this script too if possible. Currently dealing with a client who we've migrated from on-prem to 365. They want to, as they've always done before, keep every old mailbox forever. In the past we've pushed these out to a pst via PS however, MS seem to have dropped that functionality (unless we've misunderstood) and it all needs to done via the compliance centre. Cheers.
KareemPie81@reddit
Do you have a hybrid connection ? This particular function requires it for the PST export, as far as I could script. In the past, we would just leave them in 3rd party backup. I’m working this weekend to cleanup script and better notations. I’ll post it this weekend, was gonna do it today but it’s 75 and sunny and I live two miles from beach so duty calls
pryan67@reddit
RemindME! 3days
bornnraised_nyc@reddit
Any chance you can share that script?
KareemPie81@reddit
Yesh, I can dig it up and sanitize it. I’ll DM you in AM. I pieced it together using allot of the below guys work and got the idea from his tool CIPP which is amazing multi tenant tool.
https://github.com/KelvinTegelaar/CIPP
pryan67@reddit
I would love to see this script as well if you wouldn't mind.
Hertock@reddit
Sorry if I jump on here - could you share this script of yours with me too? Would be greatly appreciated
telaniscorp@reddit
Oh wow I manage multiple m365 and this tool looks amazing. Thanks
KareemPie81@reddit
For the cost, it’s best value tool out there. That and robopack have been lifesavers
lawgiver84@reddit
If you have a chance, i would appreciate a pm with this information as well.
KareemPie81@reddit
Oh boy, I’m bell of the ball. I’ll post it here this weekend.
KnowledgeTransfer23@reddit
belle of the ball.
The More You Know!
KareemPie81@reddit
Huh. Learn something new every damned day.
KnowledgeTransfer23@reddit
Belle in Disney's Beauty & the Beast (and any Belles in real life) are named to evoke the sense of beauty and desirability of the term. It's male counterpart would be "beau" if I'm not mistaken!
KareemPie81@reddit
I was wondering if it was a Disney reference
poetsenigma@reddit
RemindMe! Sunday
30deg_angle@reddit
yeah, haha please do
SirMrDrEvil95@reddit
RemindMe! Next Monday
Spiritual-Syllabub91@reddit
RemindME! 3days
Kahedhros@reddit
I would like it too please!
bornnraised_nyc@reddit
That would be greatly appreciated! CIPP tool looks interesting, I'll definitely check it out this weekend
goingslowfast@reddit
CIPP is game changing if you’re in the MSP space and still great if you’re just one entity.
KareemPie81@reddit
In CIPP has a pre built automation that does just this.
accidental-poet@reddit
Our largest tenant (MSP owner here) has around 1,000 365 mailboxes. When we implemented CIPP last year, the time savings was huge right off the bat.
There's so many fantastic features, but my favorite is the user offboarding page. All of the settings you need are on a single page and it's fantastic.
And /u/bornnraised_nyc, if you decide to go with it, you can self-host for free in your Azure tenant as we do, or let them host it for a measly $100/mo. Our Azure bill is pretty close to that for just this app. We might switch to that in the near future as that includes direct support as well.
Their Discord however, is filled with amazing, knowledgeable folks and a few of the devs are almost always online.
https://cipp.app
KareemPie81@reddit
You nailed it! I used to run MSP and went internal recently. CIPP is such an amazing and affordable tool. Amazing support community like you mentioned. I did the sponsored hosting and was happy.
SirMrDrEvil95@reddit
Can i also get a copy of that script? i legit was about to start to write an off boarding script that does exactly what yours does. I just havent had time
norrisiv@reddit
I would love to see this too if you have a spare minute to DM me once you've sanitized!
KareemPie81@reddit
Sure will. My powershell game has gotten so much better since I used ChatGPT. It has made my life so much easier. Was able to blow through intune and autopilot deployment, automated entra and licensing.
dreamps@reddit
Can you add me as well to the script send please! Have to start using chatgpt as well.
Sasataf12@reddit
I don't think legality or liability is an issue here.
I do hate forwarding because of all the random crap that will undoubtedly hit my inbox.
Bradddtheimpaler@reddit
If I have to do that I just give myself read and manage and then favorite the inbox on that mailbox, then you can see the number of unread emails right at the top and check them quickly without clogging up your own inbox with shit you’re not going to need.
tacomatoad@reddit
I use a Power Automate flow to notify my primary email address when a new email is received in a shared mailbox. The notification email has a link to the shared box.
AtmosphereLife503@reddit
Actually delegating access is the best bet and not as noisy. Good call.
mini4x@reddit
Flip his mailbox to shared, delegate access.
chemcast9801@reddit
Who sets forwards in this situation honestly. Change the password and whatever the 2fa is and delegate to the proper account. Or make it a shared inbox to free up the license.
KareemPie81@reddit
It’s scarey reading these replies. It should be automated including removing license
chemcast9801@reddit
I wouldn’t use automation for such an account honestly but all the same I think people who set forwarding rules up are IT Neanderthals with all the alternative options we have.
Altniv@reddit
Can still check mail headers for a rule to a “not moved yet” sub folder
ohiocodernumerouno@reddit
you could make an alias called drunkalerts@tld that could be funny and useful.
gcbeehler5@reddit
Yep, o365 makes this fairly easy to put a mailbox in archive mode, and have it show up in multiple people's in boxes via delegation.
After a certain period we move those to distribution lists, and then eventually retire them. Typically about 3 years later (I'm in the legal field.)
patmorgan235@reddit
Support box is the only viable option here. Don't perpetuate the problem by creating more user specific alerts.
SpycTheWrapper@reddit
Unless you do it temporarily as you find out what’s what so you can change the email they are being sent to at the source. He might be getting other emails you don’t want to create tickets.
Klutzy-Residen@reddit
Might also want to reduce it for liability reasons. If he's receiving personal emails, confidential information etc. that everybody shouldn't have access to it's better to limit that to one person.
Tymanthius@reddit
In the US, this isn't much of an issue. Company email is owned by the company, not the person.
richf2001@reddit
Worked for the doe. The .gov didn’t stop those phd folk from doing it.
Tymanthius@reddit
Not sure what you mean here?
Yea, ppl still use the email for personal use. But once it hits the company server, it's not personal any more.
Doesn't mean you can use it to id steal, but does mean you can't get in trouble for seeing it and/or deleteing.
richf2001@reddit
I meant they use it for personal stuff. And depending on what the support team sees vs the person with the proper clearance? It sure as heck does matter.
darthgeek@reddit
Email is an inherently insecure system. You'd never make the argument that personal email sent to company owned assets is somehow not the company's property.
richf2001@reddit
You’ve never had to deal with sensitive info have you?
Drywesi@reddit
It isn't in certain European jurisdictions.
notHooptieJ@reddit
more accurately:
in the US you have no expectation of privacy when using ANY company resource other than the bathroom, LEAST of all electronic systems.
jmbpiano@reddit
Say the guy used his work email for his bank account, forgot his password and tried to reset it. Someone less scrupulous on the team sees the password reset email come into the support box and decides to be a dick and empty the guy's checking account.
Even though the guy shouldn't have been using his work email for that in the first place, I'm not about to risk a civil lawsuit looping in the business as partly responsible for the damages and "emotional distress" that result.
SpycTheWrapper@reddit
Exactly my thoughts. Mfers still use their work email for personal stuff for some reason!
VectorB@reddit
Ain't no fix more permanent than an temporary fix.
whitoreo@reddit
"a temporary...."
vaud@reddit
This. had a coworker that was similar to OPs. He was setting up off the books lunch & learns and telling folks to email him directly instead of our support desk.
bloodguard@reddit
Probably should be his personal email. We had to do this with a form boss and found out he subscribed to a lot of... odd mailing lists. Then it was decided I should sacrifice my sanity and have the alias set to my inbox until I could unsubscribe and straighten stuff out.
...
Still a bit scared by the ordeal.
/only kind of kidding.
dekyos@reddit
Even if the mailbox has been deleted you can just put a rule in exchange to redirect all emails destined for his former address to the support address. I did that for a former accountant who had a lot of our alerts configured for her personal email instead of the accounting one.
vbman1337@reddit
Convert to a shared mailbox..
Nightcinder@reddit
Or just add his email to theirs and ignore the rest
Illustrious-Count481@reddit
Agreed. Not getting how this wasn't figured out and they were going 'miserable'.
jacenat@reddit
Yeah ... I don't understand how this is even a problem. Archive his mailbox, import the archived pst into your outlook, forward his address to yours, set up a filter.
Should not take longer than 10 minutes + exporting his mailbox.
19610taw3@reddit
If you're on o365 or exchange hosted, I'd add his email as an alias for yours just in case something happens and the account gets permanently deleted.
KareemPie81@reddit
THIs IS WHAT SHARED MAILBoXES are FOR.
narcissisadmin@reddit
I can't tell if you're shouting or if you're doing mOCKiNg sPOngEBoB
KareemPie81@reddit
I was walking and typing. It’s a challenge for me
screampuff@reddit
and archive mailboxes
KareemPie81@reddit
With litagation hold
screampuff@reddit
Yeah, or better now would be global retention policies.
100PercentJake@reddit
Wild how far down I had to scroll to find this suggestion.
KareemPie81@reddit
Now your talking my love language. Finally not some chuck in a truck masquerading as sys admin
james-ransom@reddit
Forward all email from his to support@yourdomain.com
Go to lunch + fire people making this hard.
CharcoalGreyWolf@reddit
Better yet, make it a shared mailbox delegated to several key people.
pegLegNinja1@reddit
Tits is the way
jmnugent@reddit
I had a job once in a small ISP ,. and one of the "emergency procedures" they used.. was having 2 x ID badges .. that were basically a black badge with a skull and crossbones on it. It was basically a "death badge".
On occasion, they'd randomly pick someone and hand them the badge in the morning and say:.. "OK,. you're hypothetically "dead" .. so you can't use your company-laptop or phone (they didn't go so far to disable accounts).. but basically it was a fun game of "you can't talk to anyone today".
It was basically a game of "what knowledge or information does this person keep in their head".. and how F'ed would be if they really had died.
I always thought it was a really cool way to approach disaster-preparedness. (this was decade or more ago.. way long before covid and etc)
Sometimes they would hang the "death badge" on a particular server.. and email out that server was being turned off in 1 hour (to simulate a crash or etc) ..and test our redundancy and failover.
jeffrey_f@reddit
It may be time to bring each "Key" person in for a brain dump. You will be surprised (or not) about how much is not documented.
Inuyasha-rules@reddit
I know of a small town that lost a lot of their underground infrastructure because it wasn't written down. Mostly water mains and sewer, but some old gas lines. It was crazy working with that guy, he was way more accurate than the modern maps and locates.
jmnugent@reddit
I do not think it would suprise me (having worked in IT for roughly 30 years)
What sucks is most Employers won't staff properly to give enough cross-coverage and availability to do "Pair-mentoring".
I'm in a new job now (July will be my 2yr).. I took over Windows kiosks from the guy who left before me.. pretty much none of it was properly documented, and in the time technology changed, probably wouldn't have mattered because he was using an old approach and I basically had to re-do everything. But I figured it all out alone,. and to be honest, haven't done a great job of documenting it myself.. so if I end up leaving.. that cycle just keeps repeating.
Last year around July.. if figured out how to Enable macOS in Apple Business Manager and all the different configurations and profiles in Workspace One (our MDM) to get them properly setup .. so that the "out of box setup" an End User walks through is automatic and smooth and works reliably. Except.. I'm the only one who knows that.. so again.. not enough staff or time to cross-train or pair-mentor. I wrote some KB's and simple documentation on it. .but the entire backend config and etc is fairly complex. It's something you can't really understand unless you've wiped and setup a MacBook 5 to 10 times to really understand the process. Too bad I can't get approval for a Work-mac of my own. ;(
It's a cycle I see repeated in a lot of places. Totally fixable. if Employers would focus on something other than "rushed goals of efficiency" and "cheap at any cost".
SAugsburger@reddit
This. Many orgs don't do enough cross training so inevitably when somebody leaves that has too much institutional knowledge that isn't documented it becomes a problem.
jeffrey_f@reddit
You need one more person so you can document, but I am sure that once you break the brain-dam, you'd have it all written in a few days.
This is why nothing or very little ever gets documented. The only reason you documented X and Y is because you actually needed the guide because you only do that a few times per year......
I get it!
JJaska@reddit
For every 4 years we have people get 2 months of extra paid leave that you are supposed to take with your 1 month summer vacation. This is very effective way of finding out who is "irreplaceable" (meaning have not documented things). And, cannot deny, a very very nice way of dealing with threat of burnout.
Grrl_geek@reddit
Yea, and a nice way of laying off people who may be costing you too much. This is a reason I have of why I'm still leery of taking long vacations. Think PTSD but for vacations.
sparkyblaster@reddit
Omg I love this so much.
LaserKittenz@reddit
Chaos engineering at a company level. Very cool.
EggsInaTubeSock@reddit
JFc I love this, I may even approach with this mindset in non-it teams
agent-bagent@reddit
Ha! This reminded me of when I was working on Win98.
Win98 was the first version of Windows to support USB and holy FUCK was that a bitch to implement. Long story short, we had the "USB cart of death". Someone from sdet would wheel around a cart from office to office. The cart had like 100 different usb devices - printers, POS scanners, microphones, etc etc. They'd stop by your office, plug-in the USBs to your dev box, and watched all the way your windows build would bugcheck.
It worked pretty damn well but good lord was that a pain.
RabidTaquito@reddit
I would love to have this happen at anywhere I've worked.
lazylion_ca@reddit
We have something like this. It's called vacation.
ClimbsNFlysThings@reddit
This is an awesome idea.
circling@reddit
Americans will do anything to avoid giving employees paid time off.
ReputationNo8889@reddit
Ive had a CEO regularly go into the Datacenter and just unplug stuff. Of course with someone that has access but he turned up, and went "ima do a stress test today" and just unplugged stuff. This resulted in the company implementing really good monitoring and failover. The first time he did this, they babysat everything but after 2 times he didnt give any headup. Now they just get a ping that a server went down, but everything still works.
dl_mj12@reddit
This is great, I think I'll implement it in my next team
bbbbbthatsfivebees@reddit
I have done that with servers in the past to find any potential issues with redundancy/replication! I also regularly run scenarios on servers where I will just up and format all drives and then restore both to confirm that the backups are working, and to time the restore process to see how long it it would take.
teeweehoo@reddit
It's common in the finance industry to have a compulsory 2 week holiday every X years, with your access temporarily removed. That way it's much harder to hide fraud.
will_you_suck_my_ass@reddit
If I had an it team under me I'd do this
gleep52@reddit
With a name like that, I can see you doing more than just this. Hehe
ARasool@reddit
That's honestly badass!
CelestialFury@reddit
We did that a lot in the Air Force Guard as well, when I was in. The inspectors would come and figure out who knew what the most and then "killed" them so their subordinates would have to take over. Then they would take the "killed" infrastructure guy to the main comm room and randomly pick what network devices to kill to see how fast the rest of the team could respond and figure it out.
Ssakaa@reddit
So, your phrasing there is a bit backwards, he's an ex-admin, now. An alcoholic ex-admin, if one needs to convey one of the details driving the "why".
That attaches the 'ex' to the alcoholic facet, and I have a strong feeling that lesson likely still has some settling in to do, after the anger, denial, and blame cycles.
Grrl_geek@reddit
Like my ex-husband is an alcoholic yet he's certainly not an ex-alcoholic. Gotcha.
OcotilloWells@reddit
He was, but he is, too
CinnamonRollIncense@reddit
“Alcoholism is a disease, but it’s the only disease you can get yelled at for having. Goddamnit Otto, you’re an alcoholic! Goddamnit Otto, you have Lupus! One of those two doesn’t sound right.”
OpenGrainAxehandle@reddit
Try parking in a handicap spot, with a placard, but not "looking disabled"
Anders_142536@reddit
I guess people get yelled at for all kinds of drug dependencies and/or mental health issues.
Initial_Western7906@reddit
🤓 "well ackshually..."
Taur-e-Ndaedelos@reddit
Nothing 'well acksually' about this. Words have specific meanings they convey. Use them wrong and you hinder the info being relayed.
Initial_Western7906@reddit
🤓☝️
Calm_Run93@reddit
...says the drunk man.
biglawson@reddit
You're technically right. The favorite kind of right for any good sysadmin.
narcissisadmin@reddit
That was the only way to interpret OP's title.
masterofrants@reddit (OP)
Dude I can't understand your comment at all.. Read it thrice now.
themanbow@reddit
I think "alcoholic ex-admin" may be a better phrase.
masterofrants@reddit (OP)
Ahhhhh lol that makes sense now.
whitoreo@reddit
Thank goodness!
whitoreo@reddit
Jeeze. What's so hard to understand?
Oneioda@reddit
"The old man thinks he's in love with his daughter."
Firefox005@reddit
An ex-alcoholic is someone who used to be an alcoholic but isn’t anymore. The phrase ex-alcoholic-admin doesn’t really make sense—you can’t just toss hyphens around like seasoning.
An ex-alcoholic admin would refer to someone who used to be an alcoholic but is still an admin.
If you’re trying to describe someone who is still an alcoholic but no longer an admin at your company, the correct phrasing would be ex-admin alcoholic. That makes it clear: they’re no longer an admin, but still currently an alcoholic.
TL;DR: Ex- only applies to one thing at a time. Extra hyphens don’t magically extend its reach.
masterofrants@reddit (OP)
Amen. This makes sense yes
timmah1991@reddit
Really? It makes perfect sense to me.
masterofrants@reddit (OP)
Ya got it now.. I'm slow.
UpUpDownQuarks@reddit
He's an alcoholic admin that was fired, so now an ex-admin. He was not an ex-alcoholic admin that was fired.
DramaticErraticism@reddit
Ugh, alcoholism is a disease, I do pity that man. I hope this is bottom of the barrel for him and he gets some help and comes out the other side. No one chooses to be an addict, it's something that just happens and some people are wired more for the risk than others.
notHooptieJ@reddit
Yeah, but most people dont enjoy being all cancered out of their mind.
and to be fair, someone with dimentia pissing themself in the corner shouldnt keep their job either.
Its one thing to have some sympathy for addicts, its entirely another to deal with a PROBLEM addict in your home or workplace all the time.
DramaticErraticism@reddit
Of course, these things aren't mutually exclusive, you can have empathy while also understanding he needs to be removed from his role. I've known companies who offer an ultimatum to long time workers, rehab or your job, which I think companies should do if an employee has been a hard and loyal worker for many years.
notHooptieJ@reddit
thats not empathy, thats business sense; employees are hard to keep, ones that are good at their job, moreso.
ones that are good coworkers and humans yet so so much harder.
I understand your empathy.
You should also understand how it evaporates when you're the person that takes the brunt of the problem. If you have actual experience with problem addicts, then i applaud you still having it. But i dont think you have, or you wouldnt.
the coworkers picking up the slack, or cleaning up the mess.. the spouse, child or roommate dealing with it the other 70% of their time.
I understand your empathy, but I no longer share it after learning the hard way, from both sides.
Kodiak01@reddit
We had one of the front-office admins (non-IT) get caught with a bottle of vodka in her desk. They held her position open (filled in with shitty temps) for several months while she went into rehab.
She came back to work and lasted 2 days before quitting in a rage. Fast forward 2 years and she was arrested in a Walmart parking lot when they found her passed out, an open container in the center cup holder, and her BAC well over 4 times the legal limit.
Three months after that, arrested for DUI again. This time, a nearly-empty bottle of vodka on the floor and a half-empty Bud Light in the cup holder. According to that news report, police were called in the preceding week at least 4 times because she was sitting drunk in a private lot. That last one? She blew a .38 and .40.
No idea if she is still alive, but I sincerely hope she finally got herself right.
DramaticErraticism@reddit
Oof, that hurts my soul to read.
narcissisadmin@reddit
It's not a disease.
DramaticErraticism@reddit
If you literally google 'is alcoholism a disease', you have your medically studied information right there. Lack of empathy isn't a disease, but it is a concerning disorder.
isomorphZeta@reddit
Despite you not wanting to call it one, it still is.
centizen24@reddit
I also always think about edge cases and hope (weird word to use here) that it's something they are certain of rather than something they are assuming when they say someone is an alcoholic.
I've lost multiple jobs for what people assumed was drinking or doing drugs on the job when really I was just struggling to survive. I had severe untreated sleep apnea and that manifested in a lot of the same symptoms that alcoholics/drug addicts have. To suffer is one thing, to be suffering and have everyone assume you are doing it to yourself is a special kind of hell to be in.
Junior-Warning2568@reddit
Nailed it
bruce_desertrat@reddit
We once hired a sysadmin on good recommendations, and a good interview.
Ok, so he showed up to the interview with a huge shiner, that he explained as from a mud and obstacle run the previous weekend. He was a big athletic guy, so that didn't raise any flags.
Brought him on board, he was good, fit in, we got some nagging issues fixed by him.
Then he started taking long lunches, and had to leave early a few times "because of a family issue"
Then one day when he'd called in sick, we got a teams message from a user at one of our facilities telling us to go look at one of the local TeeVee news sites.
Turns out he was a junkie, and liked to get some by pulling over other junkies in his car, which had illegal police lights in it, and flash a badge he'd found in a thrift shop.
That day he pulled over an off-duty BP agent, who most defintely was NOT a junkie he could rob, and he showed up on the 12:00 news
I think we set a new world speed record for revoking privileges...
SugarLandSooner@reddit
😳 just when I thought I had heard everything. How does one maintain being a junkie, peak physical appearance, as well as work a sys admin job? 2 of those inevitably lead to the degradation on the other one, you’d think.
bruce_desertrat@reddit
You would be surprised, not all junkies look like they live in needle park...and there are more of 'em in "professional" jobs than you realize.
SugarLandSooner@reddit
Yeah, I’ve been around enough to know there are a lot of functioning alcoholics and dope fiends in our profession. I knew a guy who couldn’t do his helpdesk job without being completely blazed out of his mind. Didn’t mind that so much except for the smell. I did a little myself back in the day.
timmah1991@reddit
That’s a whole lot to conclusions you’ve jumped to.
masterofrants@reddit (OP)
Literally said I'm guessing jfc
EggsInaTubeSock@reddit
No, you literally didn’t say that.
Alcoholism and addiction sucks, mental health is critical, and the person is a person.
This isn’t some celebratory tale.
Assuming you’re right and he was sloshed - you’re saying “we fired someone who needs serious medical interventions”.
masterofrants@reddit (OP)
No they fired him after giving him 6 months and multiple chances to explain what's the issue and why he doesn't show up or updates tickets or works on them properly.
All they got was more lies about family being sick, the day of firing he's telling us about getting some kind of bird flu lol.
His addiction and mental health issues are not the company's problem wtf are you even ranting about here.
mrtuna@reddit
no you didnt.
Necessary-Icy@reddit
If you've got domain and email server control just alias his account to the somewhere temporary to unsubscribe from all the porn then gradually move things over to your real address...
I think I'd be more worried about all the other crap that would come along for the ride if their address was just made an alias of the regular support address
rustytrailer@reddit
Been through this. We had to keep his address active for years after. I think his motto was “security by obscurity”
sparkyblaster@reddit
Ex-alcoholic?
OtherOtherDave@reddit
“Alcoholic-ex-admin”, I think
skat_in_the_hat@reddit
lol why would that work? They fire him, and change the email address to an alias for support@company.
masterofrants@reddit (OP)
He was basically a button pusher anyway
Mental_Patient_1862@reddit
Used to have a subordinate who told all new hires, "If you figure out a thing - how to fix X problem, how best to configure Y setting - don't tell anyone. You having all this 'secret knowledge' makes you more valuable to the org."
uhh... no, that makes you less valuable to the org.
I'm glad he thought a new job offering at another org was going to be his golden ticket. And I can't help the schadenfreude I felt when he didn't last a year at said new org.
SugarLandSooner@reddit
Buddy, this was the mindset back when I was a pup. Good luck watching over the shoulder of a senior admin on anything. Their mantra was “knowledge is power. As long as I have all the knowledge, I have all the power.”
Then google showed up and they were all stuck working on legacy shit like Novell over NT4.0 and AS400 boxes. Schadenfreude indeed. 😆
SugarLandSooner@reddit
Even better is when they use their personal AD account as service account too. The turn-it-off-and-watch-shit-break, is something you could sell tickets to.
SugarLandSooner@reddit
Many times this happens because the guy (or gal) was basically furniture. There from the start, never thought they’d ever leave, why bother setting up other emails for things they’ve always been the one to deal with. When growth happens, this stops being convenient for everyone and should always be addressed if you’re not too drunk. 🤓
FranzAndTheEagle@reddit
Man I worked for a guy just like this. When I asked him about this incredibly stupid arrangement my first week, he said "job security, baby." Dude got fired like a year later.
Mindestiny@reddit
I have never once worked for a company who gave the tiniest shit about the business impact of suddenly firing someone.
They don't even think about it, it certainly doesn't give you job security.
icxnamjah@reddit
I experienced the same. I just placed their email in a distro with myself in it to get all the notifications and update as I saw them come in. No biggie.
RabidTaquito@reddit
So here's a quick idea: Just put all of his email aliases into your own mailbox.
StatusOk3307@reddit
As long as you have control of the email domain I don't see why one couldn't recover from this....
QuantumBit127@reddit
This happened where I work too and it’s been a nightmare plugging up all the holes he has his credentials stuffed into. I’ll randomly get a phone call about an Internet outage and it’s bc this yahoo put his company card in the payments details instead of the main one we used for subscriptions. So goofy.
FourEyesAndThighs@reddit
Some days I wanna be drunk by 2pm as well, so I’m not going to judge. The job do suck sometimes.
Bubby_Mang@reddit
Do you guys ever not jump to conclusions and just do your job?
axle2005@reddit
Place I used to be at had the main sys admin create ssl certs using their personal Gmail account... That was super fun.
1a2b3c4d_1a2b3c4d@reddit
Former company where a former owner still owned an in-use domain name. Apparently, it wasn't in the transfer agreement when he sold the firm.
That bastard made us pay him $10k for his time to just click on an email link to transfer the domain back to the company!
hasthisusernamegone@reddit
Good man. If I had the opportunity to rinse a former company for ten grand I absolutely would.
1a2b3c4d_1a2b3c4d@reddit
I agree. The new owners should have done their due diligence and paid the price for not doing it.
j5kDM3akVnhv@reddit
Lol. Been there. Done that. Got the T-shirt.
Moral of the story: read all contracts and all included domains carefully.
NextDoorSux@reddit
I ran into a situation where a company asked me to come in and evaluate their systems after firing their IT provider. The previous guy that serviced them not only had everything configured in a way to make it near impossible for someone not familiar with the tricks rid everything of him. I found countless backdoors, several email accounts used for nefarious reasons, two personal websites hosted on a server used to run a large scale milling machine, etc. etc. etc. It took near two months to clean it all up. And the kicker... all of the software that didn't 'phone home' was using licensing that I found later was being used in other companies. Guy was pocketing the money people were paying when ordering software through him.
SevaraB@reddit
lol; Nothing a forwarding rule can’t fix. Just be sure to log the hits so you know what to log into and update the notification settings.
JohnBeamon@reddit
Putting his personal email address everywhere suggests he’s never heard of an email alias.
Afraid-Donke420@reddit
You can’t use “support@“ for everything
Things like Facebook or apple developer accounts require you to be an individual - same now with our snowflake logins.
Anywho that part is the easiest problem ya got. Just monitor the inbox lol
dracotrapnet@reddit
*shrugs.
I have most device alerts sent to me. I would ship it to everyone else but I get a lot of alerts and have them all handled into folders pretty specifically depending on severity. Things that are unusual hit my inbox. I used to ship everything to itdepartment@ but that kind of caused complaints from non network/hardware team members. The only thing everyone in IT gets is new UPS alerts, the old UPS just goes to me (they are noisy). Everyone just files them into a folder it seems as nobody is aware something has gone bad until I say something.
Years ago (and 2 SANs) I used to have our SAN sending emails to Ticketing but that got ugly. It emails about random things here and there that do not need to be tickets.
If/when I leave they will likely just forward my mailbox to my boss until they get a handle on things.
Apps/SQL guys have a few dist lists for their alerts.
I have made a vmware-alerts dist list, me and the boss are on that dist list. I should work on building more dist lists like that. We started replacing some older gear and it's just been quick to throw my email address in there for now. I should make that a Monday/Friday/off-project task to build those lists and change the email alert contacts to dist lists.
On some of our systems, each admin has an account and alerting is their preference.
IamNotR0b0t@reddit
I worked with this exact type of person. I was the first person he hired and when he later left a few years later there was about 4 of us. He was the gatekeeper of everything and kept us in the dark intentionally to create the illusion he was needed. He would "work" 60+ hours a week and brag about it but, never made progress on anything that mattered. On top of that he would gas light anyone who needed a shred of personal time or a day off because he was "working" all these extra hours without thanks.
When he left all accounts were in his name. MFA went to his phone there are still accounts today that we can literally not change without having to recrate the whole environment. We were left in the dark on 80% of the environment as he had everything so messed up. This was about 8 years ago and today we will still find a shred of this here and there and I cant help but sigh.
Outrageous_Device557@reddit
In 30 years you will probably look back and start to understand this guy better.
the0riginalp0ster@reddit
This is exactly what I was thinking. Man, they really have abused and screwed the General IT Crowd haven't they? Now we are being AI'ed out, but that was expected.
robsablah@reddit
Or maybe just leave on "terms" quietly and go to the next thing.
danstermeister@reddit
Hope that guy doesn't have kids that depend on him. So fucking sad.
the0riginalp0ster@reddit
Sometimes, its not about you as much as it is giving the finger to the world. Please have mental disabilities and rely on substance abuse. Corporations don't bring out the best in people.
arrivederci_gorlami@reddit
The email part is easy to setup forwarding.
Just wait until you get to the part where MFA is setup for all of the accounts under his personal cell SMS!
furay20@reddit
My company was too cheap to buy me a work phone (or re-imburse me for mine), so I use my personal number for everything.
So, I mean, malicious compliance I guess?
InternalCultural447@reddit
....why forward, just delegate access? As for the MFA, just put on a bypass. These are very easy fixes.
teeweehoo@reddit
How do you bypass when he's the only one with an account, and he's using his personal cell phone number?
robsablah@reddit
Reset his mfa and set it up again. Surely more than 1 person has the ability to reset mfa.
supple@reddit
That's quite an assumption though. Also it only covers systems you're already in and not external apps that have MFA attached that you need to get into.
c_loves_keyboards@reddit
Alcoholism is a disease. You treat disease, you don’t fire the person.
Has management given your reason to trust them? Trust them for your entire career? If you document everything well, what is the reward?
Valencia_Mariana@reddit
No you fire someone who is intoxicated during work hours...
GhoastTypist@reddit
We work for companies, we don't own the companies. Yes our work isn't common knowledge, but unless we're the top experts in the world, we are replaceable.
Your guy learned that the hard way. Is it too much to ask employee's to be professional?
calladc@reddit
Ive been working with a client recently, their admin has done the same. His email is everywhere, including the ruf and rua on dmarc. Everything I uncover brings up something new he's gettingg alerts to
Gadgetman_1@reddit
I'm assuming tht you were hired to take over his position. They just didn't say it outright.
Someone was probably keeping a close eye on you to see if you had what it takes to take over 'cold'. The fact that it took less than a week before they booted him off the premises either means that they consider you very good, they were desperate or both.
Most likely you'll end up factory resetting a lot of stuff because you can't 'take over' his account on them. That can't be helped, unfortunately.
Illustrious-Count481@reddit
My first thought is "Way to kick a guy when he's down."
My second thought is "First rule of sysadmin club...we dont talk about other sysadmins"
My third thought is "If a team of you couldn't 'figure out all this access and alerts...and change them accordingly', maybe you needed him. And how the heck did the 'team' allow for this."
No. I'm not that dude.
Mah story and I'm stickin to it.
ayycapsy@reddit
Walked himself out of the door if you ask me.
lazerspewx2@reddit
I had a team member do the same thing on a grander scale and instead of creating job security and made them a liability and they were let go because they were intentionally making everything run poorly so that they were needed.
You should look into a SSO like Okta or BitWarden. Super easy to onboard or offboard someone with minimal issues. I also like to keep signed in as the offboarded person in an email client like Thunderbird so I can see things pop in in real time, but they don't clutter up my email as forwards. Nothing could be more annoying than deleting all their random personal reminders and newsletters that folks sign up for using their work emails.
If there's a free trial for 'new' users out there, it's definitely been signed up with using work email after the personal email trial runs out...
Yoros@reddit
just setup his mail as a shared mailbox and give it access to yourself ?
bedel99@reddit
shared logins are bad.
spazmo_warrior@reddit
alias his email to support@, problem solved.
jdog7249@reddit
And then in 5 years someone wonders why there is a random email address that is aliased to the support email and that all the automated alerts are sent to that alias instead of support@
chum-guzzling-shark@reddit
And I recently found out that you can't figure out what is being sent to an alias in 365
accidental-poet@reddit
And every time a new email is received from the local liquor store at this account, a new ticket is generated. Fun times!
bluegrassgazer@reddit
Yeah, this *should* be a temporary solution until all of the instances of his email have been tracked down and replaced.
berryer@reddit
It should, but nothing's as permanent as a temporary solution
BaPef@reddit
You're telling me
Khyta@reddit
The floors at my company have a post-it note on each entrance door to designate the current floor. I think they were supposed to be replaced with some metal plates, but the post-its have been there as long as I have been working there.
iwinsallthethings@reddit
Hey, i know it was 5 years ago, but we have this old system that requires MFA again. Can I get access to bobs email?
habitsofwaste@reddit
It sounds more like he wasn’t good at his job and was constantly implementing these anti-patterns and it eventually led to him losing his job.
FWIW, I have a till that’s been tracking federal .gov domains for changes. And there were/are so many domains setup with a person’s email rather than a list and I have been seeing that get updated to mailing lists/aliases. So at least that’s one good thing that’s been happening in the administration? lol
Ok_Conclusion5966@reddit
i wonder if this increased or decreased his drinking
i would point to decrease suprisingly
Steeljaw72@reddit
Once heard a guy say he wasn’t willing to update the documentation because having it all in his head was job security. Well, he messed around and found out when they fired him, promoted someone else to his position, and they fixed all his missing documentation on in about a week and a half.
ImpressiveExtreme696@reddit
Why not just turn his user account into the team service account. Then no wasted work for no real benefit :)
MrHaxx1@reddit
Happy to hear he's no longer alcoholic, since he's an ex-alcoholic admin!
ConstantSpeech6038@reddit
You just started there. That guy was possibly product of the environment. Stay safe and don't judge too quickly
Geminii27@reddit
Not to mention that his email can just be rerouted to support@.
Now if it was a personal, external email...
jamesowens@reddit
Bruuuuuh: “This could have been an email (alias)”
ovationelite@reddit
Temporary fix, either convert his mailbox to a shared mailbox, or change his username/email address to something else (to retain current mail in his mailbox) then just set an alias on the support@ (or whatever distro you use) as his email address. Either way, this will allow you to still get all the alerts through, and/or 2fa to get into certain services until you have fully identified and updated emails on all your services. Both options will also free up a license.
lrosa@reddit
Couple of years ago I took control of a bankrupted company whose assets were bought by another company.
We didn't get access to the old Exchange server, but we knew the list of recipients.
First thing I did when I got the control of the master domain name was to set an alias of all IT people to my mailbox. With that trick I enumerated/recovered a lot of external accounts services that were unknown at the moment of handover.
1_________________11@reddit
Email alias and groups are your friend
randidiot@reddit
Lol my dude just forwarded his emails to your own till they stop coming?
Uberbenutzer@reddit
It’s sad how many sys admins do this shit. Everyone is replaceable.
grnrngr@reddit
Don't take OP's assumption that the guy was trying to protect his job. A lot of us either do it for convenience or laziness or neglect. All relatively innocent.
narcissisadmin@reddit
When my IT director passed suddenly the first thing I did was create an email licensing@domain.com and switch to it for all of our vendors. For this very reason.
grnrngr@reddit
Meh. Whatever the email address, the only thing that matters is your ability to access it (and control access to it.)
The kind of mentality OP is pushing is exactly why my employer was tracking everyone's passwords when I came onboard.
I still have occasional a arguments on the subject. As long as I have the ability to change the passwords and lock someone out, I don't give a shit what your password is.
Same thing with the issue of this post.
(And to be clear, if the guy wanted to fuck you over and register the accounts to a personal address outside of your control, there's have been nothing you could've done about that besides policing all your employees to an extreme degree - or taking matters into your own hands, forever.)
Pay for everything from the corporate accounts and there isn't a company out there that won't re-register something under threat of non-renewal/non-payment/legal action.
meagainpansy@reddit
This is what you get for making him stop drinking dumbass.
KevinBillingsley69@reddit
Just forward his email to the address he should have been using. But yeah, crappy ex-employees and their crappy documentation habits is a serious pet peeve of mine too.
Loud_Professional150@reddit
Not trying to derail this, but he was the *only* actual person who can do anything about those notifications, he likely sent them to himself to stop the absolute SPAM which would go to countless other people who would then start asking questions about every fkng thing that happened....
It's a way to control stress, ultimately.
It's not that he felt he was hoarding all of the notifications - believe me, he didn't want them.
Rather the contrary, he was shielding the support@ from nonsense, inaction-able emails that would just cause noobs to ask more questions.
I've been doing that for 30 years.
It works.
He is smarter than you think, and it's all for their own well-being.
You do not need to ramp anxiety up amongst a tilted IT dept...
Forward his emails to you, setup Outlook rules to filter requests sent to his email via the header and shift the handling of them one at a time.
It's easy surgery, just takes a bit of time for all accounts to expose themself.
DNS/Domain registrations will be your nemesis. so no matter what, NEVZER delete his email address, assign the alias to yourself forever. You can buy a domain for 5 years...dont just assume quiet is good, you can ge4t caught long-term with this, easily.
*I still receive pertinent emails from an ex-admin that has been gone since 2007.
Never trust that your vendor databases are as up to date as yours.
SpeltWithOneT@reddit
Oddly enough there are reasons to use your direct account for alerting rather than a "shared" account. Too many times do you hear that something was missed because they thought someone else was monitoring the inbox, or someone turned off the notifications in the previous shift and so on. I believe that's why using it as a relay to others people(s) inbox is a better idea than just simply sharing it out to the team.
masterofrants@reddit (OP)
This is definitely a problem here. I want to get to it ASAP at some point yes.
SpeltWithOneT@reddit
Without naming vendors and products, I think the more ideal solution is to raise alerts via API (guaranteed delivery) and then use the product to do escalation rules so you can alert individuals doing on-call (and not everyone urgh) and track who picks up for your reporting.
Electronic-Cod740@reddit
Left out the second possibility of why all the alerts go to him. He was STUPID. We had an admin at a job her admin account was the owner of a ton of network shares. She got fire and the shares stopped working. I had to reenable her account log in with it and transfer the ownership of the files. She didn't do it for job security she did it out of stupidity. NEVER UNDERESTIMATE THE POWER OF STUPID.
narcissisadmin@reddit
Speaking of the power of stupid...I've lost track of the number of times I've seen a supposed "admin" try to browse to a local folder they don't have access to and they fucking STUPIDLY just click OK to give themselves permission.
classicolden@reddit
There's maybe nothing lamer in system adminning than trying to do job security by not sharing. Don't do it kids, not even once.
narcissisadmin@reddit
You can't get promoted if you can't be replaced.
Sagail@reddit
Jesus fucking christ sloshed at 2pm. For fuck sakes don't make us high functioning alcoholic sysadmins look bad asshole.
Yeah sure be a Rockstar and occasionally cut out early to get fucked up at 4:30...but 2...unacceptable
narcissisadmin@reddit
To be fair, sometimes still sloshed at 2pm.
psychalist@reddit
This
dansedemorte@reddit
not everything can be a shared account though, depending on your environment.
and not every organization wants to allow shared e-mail boxes either.
we still have a few of them but cyber "security" keeps wanting us to remove them.
some of these shared accounts are how the various linux based systems talk with each other and keep file owner/permissions correct.
but, i'm sure where I work is fairly unique
Sasataf12@reddit
I highly doubt this. This was most likely done because it was easier (for him) at the time. It's trivial to reset a password when you have access to the user's mailbox, and most/all support teams can assist with resetting MFA, etc, if you can prove the user has been terminated.
I'd be surprised if your ex-alcoholic-admin didn't know this.
RichardJimmy48@reddit
People with that mindset always find out the hard way that companies can and will get by just fine without them. If anybody thinks refusing to document things or refusing to give people access to stuff or refusing to train their junior peers will make them untouchable, think again.
jeffrey_f@reddit
If necessary, they will bring in your predecessor or hire a consultant to figure it all out
geekgirl68@reddit
I created a distribution group called “IT Collective” where former IT staff email aliases go once their mailboxes have been deleted. (We’re talking after keeping them shared for a year or more.) It has saved my bacon a few times for those long expiration date certificates, domain names you didn’t know exist and other flotsam that would otherwise be missed or completely unknown.
jeffrey_f@reddit
Nope. I make an ADMIN or more email groups and add my business email to that.
If for some stupid reason I used my personal email for work related stuff, I would make a dead-man switch which removes my personal email from all email groups if my profile no longer exists or has been disabled, indicating that I no longer work there.
smeggysmeg@reddit
I had a situation like this. The sole IT tech at this local utility, who was massively underpaid and mistreated, finally had it after years of being treated like shit, and he locked out the execs demanding to be given PTO (he got none in 10 years of working there). They gave him a week of PTO, a bonus of $200, and he unlocked their accounts and walked away for his week off. That's when they called the MSP I worked for.
I spent 2 days assessing the environment using his manager's credentials to access everything, writing a plan for quickly disabling the tech's access. Wednesday comes and I execute my plan - first cutting all of his remote access (and other various backdoors he had), then his primary accounts, then all sorts of service accounts and their dependencies. He called when I was nearly done, asking the manager if there was an outage (the guy was REMOTELY WORKING on his first PTO in a decade). They asked him to come in and gave him the bad news.
I went back for the next couple days, fixing a host of technical problems and bad design choices. Hyper-V host running Exchange with the DC as a VM, for example. This place heavily invested in BNC when the tech first came out and never switched to CAT5 (this was in 2011). All sorts of scripts that had to be babysat or bad things would happen to the business.
Anyway, at the end the manager offered to hire me at the guy's shitty pay rate. Huge nope.
FabulousFig1174@reddit
This should be pretty simple. Disable login, convert to Shared Mailbox, give yourself access, done.
TellMeAgain56@reddit
Remember when Homer Simpson worked from home.
hornetmadness79@reddit
Did he find the any key?
Responsible-Pie-7461@reddit
Assuming you have access as an exchange admin, find out external email forwarding. Any dummy accounts he may have created, go through the list of privilege admin list to spot the odd ones out.
gerryn@reddit
Unfortunately if you are a principal or senior engineer (well nobody would do some stupid shit like that anyways), you can get away with a lot of stiff that doesn't involve meetings.
infamousbugg@reddit
I worked at a place where the admin before me put a bunch of Office Home and Business licenses on his personal hotmail account. When I was doing audits after starting I saw that we were missing Office licenses. I don't recall how, but I figured out that all of these licenses were on his hotmail account. He had set his recovery email as his old company account, so I just did a recovery and regained access to our missing licenses. I just thought it was an abandoned account. About an hour later my boss gets a call from the admin pleading for his account back. Turns out it was his main account for personal stuff, and he lost access to some things when we recovered the account. I was told to give the account back to him because he had promised to settle up with the company which he did.
ilikeyoureyes@reddit
Don’t attribute to malice that which is adequately explained by stupidity
SecretSquirrelSauce@reddit
Pro-tip: setting yourself up as "the only one who knows anything" is self-identifying yourself as a problem. You're painting yourself as someone who intentionally hoards knowledge and doesn't share knowledge with the team. You're just painting a giant target on your back.
BrianKronberg@reddit
4 years from now…”why do we have a group named OldAdmin with a bunch of aliases on it?”
ScumLikeWuertz@reddit
heh, I haven't heard the term sloshed in awhile. you from the midwest?
nascentt@reddit
Wed just reuse him email as an alias to support@ or set an OT of office on his amount redirecting people to support@
Least effective way of guaranteeing your job I can think of.
reactor4@reddit
I read the logins under his username as more lazy than “this will keep my job”
Dtrain-14@reddit
I’d be more worried about the 1-off non-sso’d or “break glass” shit he might have.
But hopefully he’s just an addict and not a full on idiot that would try to retaliate.
Toilet hooch ain’t for the faint of heart bruh…
AmbassadorDefiant105@reddit
I swear this is starting to be a common trend .. I have already met two admins that were let go because they were drunks.
ultraspacedad@reddit
ok, so convert his mailbox into a shared inbox then remove the license. Add it to your as delegation then make a support a distribution list. The fix the alerts as they come and when you are done you can nuke the inbox and add an alias to yours to catch any of the Bullshit he probably has connected.
DatBoiC02@reddit
Sounds like he accomplished his goal. To make y'all life miserable if he fired.
neckbeard404@reddit
How would you fix this if it was HR ? that is how you fix it .
DasBrin@reddit
I really hope for you that he didn't have access to create a exit gift that triggers, the moment his account gets deleted/deactivated. If he has access to alot of systems, maybe check for that too.
jayleel98@reddit
Ah yes can’t rule out the classic exit gift!!
ExceptionEX@reddit
Convert his box to a shared mailbox, monitor it for what alerts go to it for change, and forward to support to insure they aren't missed
For good measure you can use a policy to inject text into his forward mails as a reminder to change this alert to point to support.
The logins on the other hand are a pain, we use password vaults for everything so generally this isn't as bad, but if you got someone willing to get smashed at work, you likely have someone who wouldn't put everything in the vault.
Don't envy your task.
masterofrants@reddit (OP)
Yes he kept his own password keepass with his own master key and now we can't get into that as well and then we also have a bitWarden account and I'm still trying to figure out what he has done with that.
We did call him for the keepass master key and it's not working now.
Unable-Entrance3110@reddit
If that was his motivation, then he did it wrong. As soon as he goes away, "his" e-mail account effectively becomes a shared account. He, presumably, would have known this, being an admin and all. More likely, he was just incompetent.
ncc74656m@reddit
You either need to have everyone up to the CIO/CTO on your side, and probably some good will or ignorance from the COO/CEO as well, as happened at a previous job, or you need to be ready for this to backfire. And usually, if you do have that level of cache, you are probably the fall guy for the CIO/CTO, too.
I was at a place that got nailed by ransomware. Their "security" guy was in name only, he did the phones, it was just so someone could be called the security officer on paper. His security plan was literally just terrible copypasta with wildly different styles and even entirely different fonts. The sysadmin was using his forest admin creds on random websites, which is how we got the ransomware - they deployed it with our own GPOs. 😂 Both were "untouchable" and kept everything to themselves. So we just reset their accounts when they got canned and started using the alerts and stuff to figure out what needed to be shifted, then did it.
RCTID1975@reddit
I mean, just monitor his mailbox? Every time an alert comes in, go fix it. All the details of where it came from are there.
Annoying sure, but in the grand scheme of things that's a "whatever" thing.
codifier@reddit
Speaking of alcoholic coworkers. Worked at a place where the principal would call me during maintenance windows all hammered demanding with slurred speech to know what I was doing despite the fact we went over it in peer review just the day before.
Good times.
mjradjr@reddit
just nuke his email and set a proxy and move on.
bigdaddybodiddly@reddit
That's some real r/shittysysadmin action right there.
OP - if it's not already you may as well cross-post it there
DamDynatac@reddit
Forward his mailbox for a year. If you’re still getting useful alerts (think certificates) towards the end of that period consider further extending but really try and get that stuff migrated and under your ownership. If you don’t know how it works you’ll need to either learn it or replace it
Ssakaa@reddit
18 months, to make sure you catch everything.
1a2b3c4d_1a2b3c4d@reddit
Yea... those certs are going to expire in the future...
RequirementBusiness8@reddit
I’ve never wrapped my head around that mentality. Even if it does work, it means you’ve just pigeonholed yourself into what becomes the crap hole.
But being sloshed by 2pm probably explains the rest. Jeeze.
Good luck
LousyDevil@reddit
Running into almost the exact same situation, but, he got some jail time for his drinking.
Still working through and finding things he did like that.
bhambrewer@reddit
can't that email address be made an alias for a role account instead? That would help with sorting out what is an alert vs an Amazon email...