Laptops on Domain

Associate
Joined
29 Aug 2007
Posts
424
Location
Leigh-On-Sea, Essex
Again - I didn't come up with the naming convention. But I understand why they have used rooms in the names - there are approx 1500 machines - spread across 6 sites and about 150-200 rooms. No-one has ever kept any asset data - no one knows where each asset is or indeed what it is so as I understand it they use the room name in themachine name to locate the machine - of course this falls apart when the machine is moved!

Before I tackle that though, I'm going to have to get this laptop thing sorted. It's beginning to annoy me inside!!!!

OK then, sounds like the IT department needs to get a clue and start auditing all the equipment and most importantly keep it up to date or it becomes a complete waste of time very quickly.
 
Soldato
Joined
18 Oct 2002
Posts
5,783
Location
Liverpool :-)
I'm assuming that only people with laptops use owa or outlook anywhere, if so. You could use the log files from IIS to compile a list of people logging in via owa, at least then you might have some idea of how many laptops are being used on a regular basis.

I definitely would start to push for a new naming convention, ie abbreviation of company name 001 and go from there, get that excel spreadsheet started :)

Edit: Have a look at logparser, you can use it with the iis logs
 
Last edited:

Ev0

Ev0

Soldato
Joined
18 Oct 2002
Posts
14,152
On a wider note - how does everyone else cope with asset management? We have NOTHING at the moment. Someone kept an access database of machines a while ago but it's useless. I have set up Systems Center Config Manager which helps - but only if active directory is free of clutter and the machine sits on the network periodically!

Setup SCCM functionality for internet based client management?

Means you can manage clients (patches etc) no matter what connection they are using, i.e. not on your domain, over any web connection.

Personally I don't and wouldn't use SCCM as my asset register/CMDB, it's too faffy to add in all the extra info. I use it purely for management of the assets, not for storing the records/information on them.

I'm assuming the problem is with them being off your domain you have no visibility or management? If not that, then in a way why do you care if they don't touch your domain for x days?

tbh it all sounds a bit of a mess, asset management is bread and butter stuff and if your place aren't even doing that I'd be worried. I'm guessing your not subject to 'proper' external audits often? (the joys of working for government) :p

Going by ITIL type stuff you should have a config database which contains your assets. For instance each item will have a unique asset tag, and certain details will be attached to that tag. You'd have what it is (make/model/serial number etc), where it is, who has it, how much did it cost, when was it bought, that kind of thing.

It could be just an excel spread sheet with all the info in, it could be a full on asset management/service desk tool, doesn't matter. The important thing is that you have the information.

I shudder to think what your software asset management (SAM) is like, however I am available at very unreasonable rates :)

*edit* just found this which has some info for you to look at http://www.itil-itsm-world.com/itil-1.htm
 
Last edited:
Associate
Joined
30 Jan 2003
Posts
340
Location
Peterborough
For AD management try the trial of ADManager Plus from Manageengine it's pretty good and has a free mode as well (limited to 100 objects at a time).

Do you have a heldpesk system? If not look a servicedesk plus again from Manageengine they do a full ITIL version with asset managment builtin along with change control etc very competitively priced. We use the older non ITIL version currently trying to persuade them to upgrade.

If you have no policies/docs for asset control that's a good place to start so that you can gain control of your estate... check out tech republic they have loads of examples.
 

Ev0

Ev0

Soldato
Joined
18 Oct 2002
Posts
14,152
I was being quite sad and actually thinking about this and I'm a little shocked really.

You're obviously not some tin pot organisation with 1500 machines.

Say an average cost of £500 per machine, that's £750,000 worth of assets alone that you don't know what they are, where they are, or who has them???
 
Associate
OP
Joined
5 Feb 2009
Posts
424
I was being quite sad and actually thinking about this and I'm a little shocked really.

You're obviously not some tin pot organisation with 1500 machines.

Say an average cost of £500 per machine, that's £750,000 worth of assets alone that you don't know what they are, where they are, or who has them???

You're not wrong - although obv some machines have depreciated in value - but also think about the other kit - printers, networks etc. It's a complete joke. We obviously know where the majority of kit is, but laptops - in general, we have no idea!

This isn't even my job, but I'm so fed up of things as they are that I want to make a stand. My official title is Software Dev. Myself and a colleague who joined at the same time as me both feel the same way. The way things are just makes it very very difficult to work and make progress. There is a great resistance to any change.

And - to whoever said Govt - no. Public money - yes. We are not subject to audit controls in IT per se. Finance audits tend to cover larger items of expenditure like our servers but desktops - nothing.

Thanks all for the suggestions - it's certainly given me some good ideas. Hasn't really told me anything I don't know but I'll definitely push for some of the changes recommended.
 

Ev0

Ev0

Soldato
Joined
18 Oct 2002
Posts
14,152
And - to whoever said Govt - no. Public money - yes. We are not subject to audit controls in IT per se. Finance audits tend to cover larger items of expenditure like our servers but desktops - nothing.

I did mention gov. but I was talking about my place, we have external audits from kpmg and we'd be hung drawn and quartered if we didn't do all the stuff we do!

Here's how crazy it is, a couple of the facilities girls came round the office the other day and were auditing the furniture, everything is asset tagged! Infact I'm surprised they don't slap an asset tag on us on our first day :p
 
Soldato
Joined
25 Nov 2004
Posts
3,792
I work for an SHA in the NHS and I appreciate the lack of asset management. Bar the office equipment, anyone with a laptop that leaves the company could quite easily just walk off with it and no one would be any the wiser. It really boggles the mind.

As for the laptops being on the domain if they are never physically on your network, why bother? As said previously if they use OWA or local apps, surely you could create a nice locked down laptop build (thinclient so to speak if you use Citrix) or with a local account that gives the functionality the user requires without giving them the functionality to potentially bugger it all up? As for routine maintenance for updating windows/av etc, something like logmein not an option?
 
Associate
Joined
23 Jul 2004
Posts
1,994
Location
Dublin / Southend On Sea
We use a script which disabled computer accounts if not logged in over a certain amount of days.

We also name all machines as the users surname and first initial so we are able to identify which people have left and consequently removed computer objects.

Our asset management isn't great at the moment. Currently when a user logs in, the login script writes all machine, user details, last logged in etc. to an excel file on the network. We also have Altiris which i have nearly got all machines on so we can track machines through that. I guess this won't be much use if you have a lot of people rarely in the office.

Do your users not use VPN?
 
Soldato
Joined
9 Dec 2007
Posts
10,492
Location
Hants
Yes we do.

Part of the thing that concerns me is that these machines are not getting their updates. I want to try and standardise versions of software etc and get licensing sorted because seriously - no-one knows what is where.

what AV are you using? i know sophos lets you specify primary and secondary update servers for example so 1 could be LAN server and the other an internet source. works great for our mobile users..
 
Back
Top Bottom