FredBainbridge

#9 Scheduling - 10 Things You Need As An Enterprise Scripter

Scheduling

This is a pretty simple one, but important to keep in mind and plan for. If you are going to be doing repeated or scheduled automation tasks you are going to need some form of scheduling engine and management to be able to do it at any scale at all. Depending on your size this could be accomplished as easily as using the windows task scheduler on a single server. As you scale out and up there are commercial options available like SQL server agent jobs, Microsoft System Center Orchestrator, SharePoint, SMA and nearly countless other workflow \ automation solutions.

Standardized Usage

Having a regimented and managed scheduling system will become important as you automate more and more. It is important be to be able to safely schedule items to run and be able to report on historical information and upcoming scheduled jobs. No matter what scheduling engine or solution you choose or develop be sure its use is standardized, codified, access controlled, and can be audited.

Dashboards

You want to be able to not only see what jobs have run recently but also what jobs are going to run in the near future. A dashboard of some sort would be useful here (perhaps using PowerBI). Scheduling dashboards and reporting is low hanging fruit to get some decent visibility by management by creating some sexy and eye popping reports and dashboards using available scheduling metrics (remember your scheduling solution should be able to be audited).

Credentials

When possible use a group managed service account! These things are the absolute bomb! They are a far superior solution over standard user accounts and do not require password management.

When running automation jobs that require traditional service accounts be sure to use an account with the least amount of access required to do the job. If this means you need 100 service accounts for 100 things, so be it. It is a bad idea to use over privileged service accounts.

Remember, if you don’t’ take this seriously no one else will. If you are cutting corners and using one service account for AD, Exchange, SharePoint, ServiceNow, Azure, etc., it is going to reflect poorly on you and introduce unneeded risk. Take the time and create proper service accounts and properly manage the passwords using an enterprise supported method. If creating service accounts is too much overhead take a shot at helping automate the process. Try to avoid using personal password managers if possible. Use a corporate standard, if one doesn’t exist ask for guidance or take this opportunity to make suggestions for improvements.


Share