TwistedSifter

Clever IT Employee Got A Chance To Ruin A Business, And He Absolutely Enjoyed It

Sarrah Murtaza
Man in white shirt in office

Pexels/Reddit

Sometimes it is important to do that one risky task!

This guy shares how he messed up at work on purpose to get some results.

Check out the full story!

Today I nuked a business critical prod on purpose

Hi,

I’m a 3rd level supporter and backend admin for Microsoft onprem systems. AD, DFS, GPO, server OS. At least my official fields of work and I fight to keep it that way.

This is where things went downhill!

Today I caused a major problem on purpose by executing our default policies. No change involved.

We start with a high priority ticket about some guy needing rdp permissions on a group of business critical servers. Nothing special at first glance.

Look up the groups and done, right? Nope. The groups are there, but their reference user was not in them.

We have this same app also on VDI for some reason, so maybe he needed that?

UH OH…

Reference user checks out with that security group. Better call the super important person that ordered the permissions to verify what they want.

“Hi Hosenkobold, he needs permission to those servers I mentioned.”

“But you as the reference user don’t have permissions to it. That confused me.”

“But I do!”

At this point, I had to put on my best pokerface as my mind began calculating how that was possible and how much damage control was needed. Boy, were my calculations underestimated.

That’s INSANE!

I thanked the person and looked through the groups. We have tier 2 users for clients, tier 1 users for servers and well, tier 0 for important stuff.

Only tier 1 users in the rdp groups. No other groups. This person shouldn’t be able to connect, according to our rules.

Now we go to checking the servers itself. Truly, this can’t be happening. Only IT can change THAT and everyone was schooled on not doing it. But as I open the local rdp and admin groups, I see the horror.

Nobody expected that…

Dozens of tier 2 users with permissions on the server, baked directly into the local groups.

GPO should remove them though. But well, GPO got exceptions build in to keep these users. Someone truly violated security policies. Better call my boss to ask what to do.

“Make screenshots and nuke it. This is done wrong and is against several policies.”

“Nuke it? That will take down access to a major part of the company and cripple it.”

“I’m already writing the mail. They can complain with security and federal security requirements. Who did it?”

“Derp Derpson.”

Finally the satisfactory part!

“We’ll have a meeting in 30 minutes with him. Disable his accounts and bring the screenshots somehow to the meeting room.”

I got so much respect for my boss today and an oddly satisfying feeling about purging such a violation from our systems. And we got a new open position for senior system engineer for some unknown reason.

GEEZ! That could have gotten out of hands!

Let’s find out what people on Reddit think about this one.

This user knows this is the best part about being in IT.

This user has an important question for this guy.

This user finds this story unreal!

This user thinks this must be very refreshing!

This user knows how to break rules!

Somebody’s being really clever here!

If you liked that post, check out this post about a woman who tracked down a contractor who tried to vanish without a trace.

Exit mobile version