Network and Domain Administrator
Job Overview:
Maintaining computer networks and systems including software, mainframes, VPNs, routers and other physical hardware. Installing and configuring network equipment to update or fix hardware or software issues. Oversees everything touching the established network and addresses any issues in a timely fashion.
Job Responsibilities:
• Create new user accounts
• Disable user accounts for xstaff (Remove Password)
• Password reset service
• Creating and routing of tickets related to Active Directory issues
Creation and management of directory infrastructure
• Includes FSMO roles, trusts, Kerberos KDCs, replication topology, etc.
• Creation of all top-level OU hierarchies with LBL standard sub-OUs, groups, and appropriate security permissions. This includes adding the OU Admins to the AddComputers group, Group Policy Creator Owners group, and OU Admins mail list. It also includes setting appropriate permissions on the created objects and linking of default GPOs.
• Monitoring and reporting associated with the reliability and security of the domain
• Use the domain admin account only for actions that require the privilege level of this account
• Monitoring changes to domain root and domain controllers OU to ensure unauthorized changes do not occur
• Day-to-day management of the domain controllers
• Monitoring connectivity, synchronization, replication, net logon, time services, FSMO roles, schema, NTDS database partitions, DNS settings, SRV records, and trust relationships
• Review DC event and security logs and take corrective actions
• Monitor and resolve security situations at all levels of the domain to ensure a stable and secure domain
• Domain Controller Management
• Physical security of the domain controllers in IT Division space and oversite for all domain controllers
• Backups and restores on domain controllers
• Full disaster recovery plan and practice recovery of DCs and core Directory objects
• Policy monitoring and compliance
• Apply and enforce LBL standard naming conventions for objects in the domain
• Comply with LBL AD policies and standards as defined on the AD Web Site
• Monitor compliance with LBL AD policies and standards as defined on the AD Web Site, including Change Management,
Communication and Coordination
• Arbitrate disputes between OU Admins
• Provide OU Admins with assistance when requested
• Coordination with the LBL Cyber Security group to ensure the LBL domain is secure
• Comply with all Cyber Security group orders regarding emergency conditions
• Work collectively with the OU administrators
• Secure remote administration of the DCs and member servers managed by the Infrastructure Group
• Manage group policy at root of domain and for Domain Controllers OU
• Manage the root Users and the root Computers OUs
• Install and manage security reporting tools used to monitor changes to the Active Directory
• Coordinate and configure alarm distribution to OU Admins for OU-related events
• Plan and manage all migrations and upgrades related to the AD or the DCs
• Request drive mapping via login script when needed from OU manager
• Add user domain account to workstation
• Assist data owners with archiving to alternative storage (cloud/solid state device/Blu-Ray/DVD/CD)
• Provide the following (if possible) to the domain admins, when suspecting a desktop related problem stems from a change to the Active Directory or DC configuration
1 event description
2 logon name of affected user
3 name of affected computer
4 time of event
5 relevant warnings and errors in event logs
6 relevant warnings or errors displayed on screen
Request workspace from OU manager
• Setup data access control lists with OU manager
• Provide space usage projections to OU manager
• Maintain house keeping & periodic data cleanup
• Request drive mapping via login script when needed from OU manager
My LETTER TO ADDRESS CONDITIONS AT THE CHURCH
As you know, we have held two meetings addressing my role as the network administrator. I am saddened to say yet again, I have been disrespected, overlooked, and blamed for self-generated problems due to the lack of inclusion on the implementation of replacement hardware for our church network. Father John has made it clear, by now, that anything that touches our network needs to come to me for configuration. This is to ensure the security and efficiency of our entire church’s network. People outside the organization aren’t aware of our Scope and DHCP reservations therefore cannot dictate what IP a device should have or how it should be configured. I need to be involved in the design and implementation of the new devices to make sure we have what we need to have a device perform as expected.
Ex 1
While working today; I received a call and an email that I answered within 2 hours. I saw a missed text message and three voicemails from Gloria. The text message stated that a new copier machine was being installed and she gave the workers our admin password for the network. I was never made aware that the office staff decided to purchase a new copier, or that it was being delivered the 19th of April. Before I could even call her back once I was already on the defensive from a voicemail that was left on my cell phone. I was under attack by a person falsely making claims about what I have done and not supposed to do, that doesn’t understand networking, or computer security, nor much less the issue at hand with the new copier. Here is the except of her voicemail: “Felix this is Gloria I need you to call now OK you've got this whole system locked down which you were told you were not allowed to do I do not have the password and I think you need to call right now…” but hearing it gives a better picture of the hornet’s nest I was it when I call Gloria. (Audio Exhibit: ask for the voicemail )
After hearing this voicemail, I returned Gloria’s call and spoke to her for the first time. I was greeted with disrespect. This included screaming, cussing at me, and when I tried to tell her she doesn’t have the right to speak to me that way she hung up the phone. As my call logs show I wasn’t even on the phone with her for a minute before she hung up, trying to get to the root of the problem. (see Exhibit 1) Please note, that I didn’t know beforehand what was going on nor the issue, so I would have need more than a minute to fix the problem. Exhibit 2 demonstrates I had no idea what was transpiring. Furthermore, at no time placed in contact with the vendor which would have fixed the issue.
We are coworkers and above all Christians, therefore I should be treated with the same professional respect that I treat her. Secondly, this is a self-generated problem/issue that could have been prevented if she had followed the protocol set in place. The copier is something that touches our church network; and I should have been made aware of the purchased and placed in contact with the vendor to discuss the technical requirements for the new device and to coordinate the install date. As you know new devices often come with upgrades and may have additional needs from the network. I could have arranged to be at the office or could have taken care of all the preparation of this addition and deletion beforehand had I known earlier then the perceived moment of crisis. Creating a problem and calling me to fix it is setting up for failure and not for success.
Ex -2
Thirdly, Gloria stated that she gave outsiders our admin password. I am well aware that not everyone is well versed in the latest cyber security standards, but I have expressed time after time that our admin password is not to be given out to strangers. (see exhibit 2) This is a huge risk to our church’s security. It is basically like leaving the front door opened. She also accused me of giving her a fake admin password; her reasoning was the copier set up was not working. I have not given anybody a fake admin password. She just did not understand what the installer needed. To get the copier functional again. Furthermore, the fact that she wanted the copier to have an elevated privilege only proves my point. Every user/device gets the least access required to perform the job function. This is a fundamental principal of cyber security. By placing the admin password in the copier’s tech hands, she has exposed the network to two outsider threats. The person working for Ricoh can become a disgruntled employee and now has access to our network via the admin password. (Think of Terri and deleting her laptop) Secondly, it exposes us to Ricoh’s standards of device upgrades and security. If the Copier has a flaw in software (all software has flawes) that can be exposed then someone can plant a ransomware and leaves us without use of our machines for days.
This is why, I needed to be there, I don’t expect her to understand the need of the share/email user for the copier. I was not allowed to do my job today. If I may say we have another vendor that handles our VoIP system that will not don’t drop things and run right over. Furthermore, we are not allowed to program our own phones on the phone system. This is standard operating procedures. The Phone admin handles the phones, and the PC/Network Admin handles networking devices and PC.
Lastly, after being met with Gloria’s outright disrespect and her hanging up on me, I called Sandy to inform her that I had given her the right admin password and stated that wasn’t the issue. Less than an hour later, Sandy called me demanding that I get to the church NOW and fix it. I was 90 mins away. I could have been at the church if I was made aware of the new copier. Making these demands to drop everything and rush to the church to fix self-generated problems is not the most efficient method of working together towards success but a recipe for failure. Nonetheless, I rushed back and had it fixed the same day few hours later. This is what normally happens, as I provide same day service for incidents.
This is the fourth time that my Role as Network Administrator has been completely ignored and things have been arranged to happen without my consultation. These four included the installment of the three camera systems, and the new copier. This is also the fourth time that I had to go in fix installations, after the fact which causes extra work in order to keep the network running correctly. I am beginning to think that these 4 times aren’t accidental but rather a continuous attempt to sabotage my job or create problems to then complain about me. All the issues we have faced have been preventable if I were able to make contact with the vendors to see what the technical requirements are and the arrangements for the installation any equipment for the church network.
With that said I believe that if you talk to any other office staff, some will agree with me that it has become a hostile work environment. I should not have been spoken to like a child, nor cursed at and hung up on. It is truly sad that these occurrences of disrespect and verbal abuse are happening at the office of a Catholic Church. My person and character were slandered, and I was made the target of profanity for no justifiable reason and a self-generated issue. This was done in front of my fellow parishioners and office staff. Sadly, I say this because I know that people have heard what I am saying and are suffering from the verbal abuse there. This verbal abuse problem is bigger than just me and I am sure others are suffering as well! I would advise individual interviews with the church staff and see what they say.
Lastly, I sincerely hope, you will decide to not only keep me but hire me as an employee, rather than keeping me as an outside contractor. I am told I care too much about the church, but I will defend St Sebastian, and the Church. I have prioritized whatever I am doing to come to the rescue for issues of negligence and interference in my ability to perform my job. Treating me as an outside vendor and not informing me of what is happening is the problem. This attitude that I am not to be informed or need to be, in the planning and implementation has led to work related outages and is a direct violation of Father John’s leadership as Pastor placing me in charge of the network. This approach places our network in jeopardy and can take down systems such as phones and data.
In closing, I have also given countless hours volunteering to the church to make the Liturgy come to those who could not come, by streaming services, recording music for Masses. I believe my record speaks for itself this has always been a mission and not a job. In how I treat others there and assist with whatever they need. I am sure that others will testify that I have made it a point to bring technology to the point where it is reliable and assisted in bring Jesus to the congregation. I do all of this for minimal cost, giving of my free time, and I have not charged for any of the extra work even when it is preventable as it was this week.
A Separate Matter
I would also ask you to speak with the head usher at the Rich I believe he is at the 4PM Saturday mass about some irregularities that were asked of him on Good Friday for the procedures about closing the bag and signing it for the collection.
​
​
​
FlexTech Computers
238 Barbossa Dr
Sebastian, FL 32958
914-715-1113
St Sebastian Church
13075 US HWY 1
Sebastian, FL 32958
772-589-5790
Re: NOTICE NETWORK IS AT RISK
Dear Rev John Morrisey:
On 8/10/2022 I responded to Sandy’s request to install a printer that was installed previously. I searched for the PC online and found it nonresponsive, so I had to go in. What I found upon my arrival was the Phone and PC were both offline as the ports were in error state. Apparently, things were not connected properly to the network and have been causing errors for some time. The background for this started in early July when someone from the staff authorized installation of cameras and other networking equipment in the rectory. I received a call from Mark as he was installing network cameras, and video doorbell. This was done without my input. When I spoke with Sandy, I was told that they can do whatever they like as it is the guest network when I offered my help, I was told she will handle it. It was at this moment I was excluded from the network install. On August 10th, I have observed what was done and I am making this notification that there are significant problems with the work.
This letter is to notify you that the actions undertaken by the staff in installing devices to the office network and the guest network are misconfigured. By taking this action you have exposed your internal network (OFFICE NETWORK DATA) and have significantly reduced the operation of the network. In addition, it is in direct contradiction to the very contract we sign just a few months ago. FlexTech Computers was contracted to install network devices and configured them. FlexTech Computers was denied the opportunity to configure network devices regardless of any input or install. Since I am an outside contractor, I am compliant with the staff’s wishes after they had turned down my assistance, and therefore I wasn’t able to correct what was wrong. Therefore, for the record, FlexTech Computers cannot be held liable in any way. This may also apply to my business liability insurance for any damages that may incur because of these installs, and any performance issues that these misconfigured devices may cause. My insurance company’s coverage is for work performed by FlexTech Computers, and not the church’s lawn service or staff. If you wish to be covered the misconfigured devices will need to be properly installed, by FlexTech Computers. The misconfigured devices include Video Cameras, Doorbells, Access Points, Extenders.
Regards,
Felix Reyes
System Admin
A copy of this letter was delivered to Sandy who refuse to sign to signify reception of this letter.
Signing is just an acknowledgement that the letter was received.
I, John Morrisey, received this letter on 2022/08/_____ ________________________________
Sign
___________________________
___________________________
​
​
​
©2024 Way of Life Shotokan Karate of Florida
11628 US 1
Sebastian, Florida 32958