Projects

I have lead many projects over the course of my career, most of which were completed independently. Below I've highlighted some of my more recent and notable successes.

Office remodel, server room relocation

I managed a massive remodel which involved transforming unused warehouse space into a new office space - this also included relocating the server room.

Goals

  • Ensure the new office space would meet the company's current needs and be flexible for future changes and improvements.
  • Keep downtime to an absolute minimum.

Challenges and Considerations

  • The company operated 24/7 manufacturing and production operations.
  • A network closet in the construction area (which would ultimately be decommissioned) needed to remain online during the remodel to serve other areas of the building.
  • Fiber connections for DMARC and MDF locations, as well as some Ethernet connections for endpoints, needed to be run in parallel to be able to quickly switch connections when the server room was moved.

Process

  • I worked closely with the construction foreman, electricians, and low-voltage technicians.
  • I clearly communicated with management to address any concerns and share project status.
  • I created documentation for end users to reference if they chose to relocate their own office/cubicle hardware on their own.

Results

  • There were zero incidents impacting production during the remodel or the server room move.
  • Downtime was limited to about 3 hours on a Saturday morning while server room hardware (servers, network storage, switches, and firewalls) were relocated.
  • Some workstations, where the existing and new networks needed to run in parallel, experienced interruptions of less than 5 minutes during production during the cutover.

Host server and network storage migration

Goals

  • Migrate from three VMWare ESX host servers to two Microsoft HyperV host servers.
  • Migrate all VMs and storage to a new network-attached storage array.
  • Keep downtime to an absolute minimum.

Challenges and Considerations

  • The company operated 24/7 manufacturing production operations.
  • The new storage array was incompatible with ESX.
  • The iSCSI network needed to support both environments simultaneously.

Process

  • The new host servers and storage array were configured while the previous servers remained in operation.
  • New VM shells were created in the HyperV environment.
  • Backups were verified prior to migration. Fortunately, nothing in this process was destructive, so temporarily reverting to the old servers was a second fail-safe option.
  • Starting with low-priority servers, and done one-at-a-time, VMs were migrated from the old servers and storage in the ESX environment to the new servers and storage in the HyperV environment.
    • This involved converting the .vmx virtual hard drive files to .vhd virtual hard drive files, which created its own challenges, but was ultimately successful with only two .vhd files needing a second conversion step.
  • No unforeseen issues or unexpected problems arose, and the project was a success with very little user impact.
  • The existing VMs had their network connections disabled, so the new VMs could use the same IP addresses. This involved updating the MAC addresses in the DHCP reservations to eliminate any unforeseen routing issues, and had the secondary benefit of keeping the old servers available in the event of unexpected issues.

Results

  • Fourteen VMs were migrated over the course of about 2 weeks.
  • Downtime was limited to roughly 1-3 hours per VM (varying primarily due to hard drive sizes and conversion times). Each migration was strategically planned and communicated to limit user and production impact.
  • The old storage array was obsolete, its hard drives destroyed, and the hardware recycled. The old host servers were donated to educational causes.

PRTG Network Monitor Implementation

Goals

  • Replace the RMM provided by our MSP with an in-house solution.
  • Design prioritized alerting and ticketing.
  • Write scripts to automate recovery as able.

Challenges and Considerations

  • PRTG is very powerful, flexible, and highly customizable - as with most things in IT, that comes with the trade-off of a steep learning curve and a fair amount of manual manipulation to set up.

Process

  • A dedicated server was purchased to run PRTG so it could accurately monitor the primary servers.
  • As devices were added they were organized by location, type, and role to make keep our interface clean and ensure monitoring could be appropriately prioritized.
  • Monitoring and alerting was deployed in order of importance and critically of systems.

Results

  • Roughly 300 networked devices - including workstations, printers, servers, network switches, access points, firewalls, and cameras - were added to PRTG, with nearly 2,200 data points monitored and tracked.
  • Monitoring and alerting was customized to our needs resulting in a 5-minute response time to critical incidents.
  • Custom MIBs were imported as needed to fully monitor devices.
  • Primarily using Windows Service monitors and file monitors, I wrote nearly 100 scripts to automate recovery of common issues and improve other line-of-business workflows.
  • As a value-add, I was able to get PRTG to monitor various aspects of HVAC systems, manufacturing equipment, and the building security system to aid the maintenance department.

Active Directory and Group Policy Alignment

Goals

  • Bring Active Directory and Group Policy into alignment with best practices.
  • Implement group-based security and folder permissions.
  • Replace login scripts with policy-based network drive and printer assignments.

Challenges and Considerations

  • Most existing folder shares were assigned per-user at the folder level.
  • Existing folder shares had multiple levels of nested permissions.

Process

  • I created new Active Directory groups in a more intentional and organized fashion. I applied existing policies and moved existing users so there was no immediate change for users.
  • With the new AD groups in place, I was able to start creating new, specific group policies with the principle of least privilege and apply them to the appropriate groups and resources.
  • After testing the new policies, existing permissions were removed methodically over the course of a week.

Results

  • Active Directory was significantly cleaned up and organized, making user and permission management significantly easier.
  • All folder-lever, per-user permissions were removed and replaced with group-based permissions.
  • Multiple access violations were discovered and corrected.
  • For most users the process was completely invisible and they encountered no issues.
    • The handful of issues that did arise existed in HR and Accounting, where security was much more important, and was the result of the existing nested permissions and the approach of least privilege access.
    • The appropriate permissions were quickly added with minimal interruption to workflows.

Company Intranet

Goals

  • Create a company Intranet for documentation, communications, and SOPs.

Challenges and Considerations

  • Not all employees had Office 365 accounts, so SharePoint was not an option.
  • The end-user functionality needed to be accessible to all skill levels.

Process

  • I created an internal WordPress deployment on a new VM.
  • Custom plugins were developed for documentation organization.
  • I worked with department leads to get feedback on the design process to ensure good workflows were established for each department.

Results

  • The WordPress Intranet site went live in under a week, and was quickly adopted by everyone.
  • HR staff, department leads, and production supervisors were given Contributor-level accounts so they could make their own posts and documentation. I also provided three separate training sessions to familiarize them with WordPress.
  • It provided a much-needed solution for a single home and source-of-truth for documentation and SOPs, which was ultimately an instrumental part of the company achieving ISO certification.

Visitor Check-in System

Goals

  • Create a solution for automated visitor check-in.

Challenges and Considerations

  • Limited budget.
  • Ease of use and maintenance.

Process

  • I worked with HR and department leads to determine our needs for documenting visitors and data retention.
  • I looked at commercial systems for inspiration and comparison.

Results

  • I created a custom web page hosted on an internal server which loosely resembled a contact form - but with the appropriate fields for collecting visitor information.
  • This page was displayed on a standard Android tablet and securely mounted in the lobby. An Android app was used to "lock" the device to only display this web page.
  • A visitor would complete the short form and, upon submission, the employee they were there to see was notified via email (along with HR and department leads). These emails were saved in the mailbox which served as our visitor record.
  • This project was completed in about a week with a one-time total cost of roughly $500.

Barcode-based Production Component Verification

Goals

  • Create a flexible solution for verifying production components using barcodes to reduce human error.

Challenges and Considerations

  • Limited budget.
  • The end-user functionality needed to be accessible to all skill levels.

Process

  • I worked with production supervisors to understand the need and workflow.

Results

  • I created a custom stand-alone web page on a computer with four barcode scanners. Production workers could scan an item when placing it in the bin corresponding to the scanner, and the webpage would display a green or red background to easily identify if the part was being placed in the correct bin.
  • I designed a "control card" with various master barcodes which would trigger the web page to recognize a new barcode as being "correct" for that bin - a simple way of telling the system what was correct, making changing jobs easy.
  • This project was completed in about two weeks as workflows adjusted with a one-time total cost of roughly $700.

This Website

Goals

  • Assist in my job search by highlighting my skills and accomplishments.
  • Serve as proof of some of my skills and abilities.

Challenges and Considerations

  • Creating something simple and lightweight with little to no maintenance needs.
  • I wanted something flexible and custom - not something that looked "off-the-shelf".

Process

  • I registered my domain with Cloudflare, set up the appropriate security, and connected it to hosting.
  • I have experience with WordPress but I knew before I even started it would be way too much work and maintenance for my purposes. I briefly researched other content management systems, including Ghost, Kirby, and Grav - but none of them really fit what I was looking for either.
  • I settled with the tried-and-true, albeit slightly painful, Notepad++.

Results

  • You're looking at it - a nice, simple, clean website to meet my needs.
  • To further highlight my understanding of website hosting, DNS, and Cloudflare's tools, you're welcome to review my site's security header report, and dig into the great reports provided by MXToolbox.
  • Two pots of coffee and three Tylenol were consumed in the creation of this website. It was created, tested, and completed in about a day.