20 May, 2013

Encryption

Let's see if I remember how to do this. It's been a while, but that's a not-very-interesting tale for another time.

I've been trying to work out whether all our servers have the right software licences. This has not been without its challenges. Firstly - and I'm going to generalise here based on my experiences to date - sysadmins are a territorial, focussed breed who are about as fond of sharing information as they are of letting themselves be distracted by finicky things like software licensing, which is a menial task best left to lesser mortals like me.

I think you can see where problems might arise.

We have an arrangement with the server team at work where we ask them just to let us know when they're adding new servers so we can make sure we're licensed correctly, and they ignore us for as long as possible. We've now reached that time of year, and so I got in touch with Lurch, the elder statesman of the sysadmins, to see how far what we owned diverged from what we were using.

He sent me a spreadsheet. It was written in code. Everything was an abbreviation, with arcane references to servers that might be physical or might be virtual. I puzzled over it for a day or two, which was long enough for me to form the suspicion that the abbreviations described what the servers were used for without actually giving away what was installed on them. Then I admitted defeat and asked Lurch what the abbreviations meant, information he was only too happy to provide ... over the phone.

So I explained what I needed to be able to see, and what I couldn't see from his spreadsheet. So Lurch sent me a new one. At first glance it looked great. There was more detail, there were hints of connections between the physical and virtual servers ... and there was absolutely no resemblance to any of the server names listed in the first spreadsheet.

Back to first principles.

After a week or two, with deadlines drawing near and a hundred other things clamouring for attention, I'd finally deciphered the new spreadsheet by the simple expedient of assuming there was never meant to be any resemblance to the earlier version, and that server names were essentially devoid of any meaning whatsoever. During this, there was also a meeting with Lurch where he commented, without the slightest trace of irony, that what would be really useful would be a list of what was actually installed on each server.

At any rate, problem solved.

Except.

Lurch's manager, the Supreme Sysadmin, decided that what was required was A Definitive Spreadsheet (there's a corporate policy against creating unapproved databases, so an incalculable volume of critical corporate data resides in individually-maintained spreadsheets instead) listing all the servers, and so it came to be.

I looked at The Definitive List. Two things came as no surprise at all: none of the server names matched anything on the previous spreadsheets, and there was no record of what was installed anywhere. Back to translating the latest server names, working out their purpose, and what software they probably needed to do it.


Of course in one sense that translation is quite simple. The message "Screw you, outsiders" came through loud and clear.