-
Reddit SystemAdmin. Thanks @reddit2telegram and @r_channels.
Moronic Monday - August 04, 2025
Howdy, /r/sysadmin!
It's that time of the week, Moronic Monday! This is a safe (mostly) judgement-free environment for all of your questions and stories, no matter how silly you think they are. Anybody can answer questions! My name is AutoModerator and I've taken over responsibility for posting these weekly threads so you don't have to worry about anything except your comments!
https://redd.it/1mh9bbq
@r_systemadmin
SYSADMIN Question - New Team created with powershell "New-Team -Templace 'EDU_Class', not possible to initialize class notebook.
intentional crosspost of:
[https://www.reddit.com/r/MicrosoftTeams/comments/1mh799v/sysadmin\_question\_new\_team\_created\_with/](https://www.reddit.com/r/MicrosoftTeams/comments/1mh799v/sysadmin_question_new_team_created_with/)
We're automatically creating education class teams for our users. It appears that in our programatically created teams, which have been created since 1st august, it is not possible to initalize the class notebook as a teacher.
If i create a new education course team manually in the Teams-App, i can initialize the class notebook properly.
Powershell-Module: microsoftteams, Version 7.2.0
Command:
`New-Team -Mailnickanme "whatever" -Displayname "whatever" -Description "whatever" -Template "EDU_Class"`
anyone else having this problem? seems kinda microsoft has tampered around with the template.. i don't want to create all the teams manually, thats kinda lame..
https://redd.it/1mh79yk
@r_systemadmin
SMB security hardening results so far — looking for feedback and ideas
I’ve been leading a security revamp for a small business running a traditional on-prem Windows environment. We’re now two months into the process. It’s a local domain controller setup with on-prem file shares and a mix of laptops and desktops. No cloud identity management in play (no Intune or Azure AD), and Purview hasn’t been activated yet — though we’re planning on it.
The goal is to get the environment closer to compliance with HIPAA, CMMC, and NIST 800-171. I wanted to share what we’ve done so far and get insights from others doing similar projects. What worked well for you? Any blind spots you’ve learned to look out for?
Here’s what’s currently deployed:
Identity and access
We’ve rolled out YubiKeys for all users — PIV/FIDO2 login against our local AD domain. It’s made a huge difference in blocking phishing-based credential attacks. Everything is still on-prem.
Endpoint encryption and USB control
BitLocker is enforced with recovery key escrow to AD. We’ve locked down USBs using Bitdefender GravityZone’s Device Control — only specific devices can read, and write is blocked globally.
Antivirus and EDR
Bitdefender GravityZone is installed fleet-wide with EDR active. In July alone we saw 2,562 threat events, mostly web and email based. Around 94.5% were stopped in real time, with the rest picked up in scheduled scans. Top hits were common phishing JS trojans and cloud heuristics.
Patching and management
NinjaRMM is handling OS and app patching, remote support, and alerting. Reboot compliance is the weakest point so far, especially after third-party patches.
Documentation and visibility
Hudu is working well for centralizing our SOPs, asset info, and policy tracking.
Backups
Using NinjaOne Backup. Workstations get file-level backups, while our servers and key staff machines are on full image backup. One successful recovery was already tested.
Proposed additions and upgrades
We’re planning to bring in SpamTitan and PhishTitan for email filtering, link rewriting, and impersonation controls, and use SafeTitan for phishing simulations and training. Teramind is also under evaluation for insider threat monitoring and DLP logging until full enforcement is in place. Long-term DLP policy enforcement will be driven by Microsoft Purview in combination with Teramind.
We’re also evaluating immutable backup tiers and exploring SaaS visibility options even in a mostly non-cloud environment.
July wrap-up stats
2,562 threats handled
0 successful infections
BitLocker is live on all mobile machines, partial on desktops
Patch rollouts are going well
If you’ve hardened a similar environment or have tips around DLP, USB policies, or better reboot handling with RMMs, I’d love to hear about it. What tools or strategies helped you verify encryption coverage or insider risk?
Appreciate any feedback.
Note: This post reflects a real-world project. ChatGPT was used to edit the original write-up to remove company names, personal identifiers, and any sensitive data before sharing.
https://redd.it/1mh47gf
@r_systemadmin
Migrating from Windows Server 2012 what's the best version to migrate to?
To put some context our lead dev left and management thought it would be good idea to migrate and upgrade our server. Is it advisable to migrate to Windows Server 2025 or Windows Server 2022, are both versions stable?
https://redd.it/1mh31o2
@r_systemadmin
Small IT repair shop, optimize system imaging?
Hi all,
I am a service tech for a small mom & pop IT repair shop. The majority of my daily tasks are reinstalling Windows 11 onto systems, and the biggest time sink is waiting on Windows updates to download each and every time.
Any thoughts on how to optimize this? I am looking for something simple, the shop owner is someone who is very confident in "how things are done" as long as the way is his way, and is adverse to change.
Still though not waiting for 24h2 every time would be nice.
https://redd.it/1mgwl4y
@r_systemadmin
Dhcp failover test
I want to do a dhcp failover test. I am using Hot Standby. I have a simple question.
Let's say I shut down the primary dhcp server.
1 - In the lost partner phase the standby server will distribute ip address for the test client, right?
2 - Do I need to wait for mclt + state failover time for the standby server to distribute ip?
https://redd.it/1mgu7xm
@r_systemadmin
Should S/MIME certificates contain a self-signed root?
I’ve used Zoho paid email as one of my work emails and have recently changed my S/MIME certificate provider. I use the cert mainly to digitally sign emails.
However, when I uploaded the new certificate I got an error message. Zoho supports wrote this after several back and forth exchanges:
“Hello ,
We would like to clarify that this is not specific to Zoho Mail. Other trusted secure email services such as Google and Microsoft also do not accept S/MIME certificates without a self-signed root. The root certificate is essential to establish a complete chain of trust.
Without it, the S/MIME certificate cannot be verified and will be treated as incomplete or untrusted across all major services.
Both Thunderbird and macOS Mail are desktop clients which includes many pre-trusted root CAs (e.g., DigiCert, GlobalSign). So if your certificate’s root is already in that store, they will validate it successfully even without bundling the root.
In contrast, Zoho Mail operates within a web-based environment, not a local OS. It does not have access to your system’s certificate store. So unless the full certificate chain (including the root) is embedded in the uploaded .pfx, Zoho cannot verify the certificate.
If the root is missing, the S/MIME certificate cannot be verified and will be considered incomplete or untrusted.
We suggest you contact your certificate provider and request a version of the certificate bundle (typically .pfx or .p12) that includes the root certificate.
Thank you for your understanding.
Regards,”
I asked my certificate authority and they said it is not good practice to include root.
Can anyone shed some light on this? I’m not an expert at all, but just want to know if there is a right or wrong answer and whether I should modify the certificate so that it includes root, or whether Zoho is not following good practice standards.
Thanks!
https://redd.it/1mgpxvx
@r_systemadmin
Extended rsync.net outage
For at least 16 hours, we are unable to access our rsycn.net services. The rsync.net support folks replied yesterday letting us know that their upstream transit provider - he.net \- is having an outage, but that the rsync.net systems themselves are all up and healthy, they just cannot be reliably reached. My experience is that our account's rsync.net server cannot be reached at all and I have tried from several places across the internet.
Can others who are impacted opine on what you are seeing? The length of this outage is really making me question if rsync.net can be relied upon to the degree that we do today for backups and disaster recovery procedures.
https://redd.it/1mghq1t
@r_systemadmin
Looking for advice - New 'sys admin'
Hey everyone, long time lurker, first time poster.
Note: Not gonna lie, I did use ChatGPT for most of the text as English is not my native language. Sorry in advance*
I'm currently in the process of transitioning from a Data Analyst role into more of a SysAdmin/Helpdesk position within my company. It's not a complete jump into the unknown - I’ve always loved troubleshooting, digging into tech stuff, and I have a solid understanding of how most systems work - but I haven’t worked in a proper IT/sysadmin environment before.
Right now, during this transition period (before the switch becomes official), I’m juggling both roles. On the IT side, I’ve mainly been working on:
Migrating users from local AD to Entra ID
Reviewing Microsoft licenses
Creating/managing users
Troubleshooting random issues
Getting used to Microsoft Admin Center, etc.
Setting up new hardware for newcomers
So far, I feel like I’m getting the hang of it, but I’d love to hear from you guys with more experience in this field.
My question to you is:
Any general tips or “I wish I knew this earlier” advice for someone entering sysadmin/helpdesk?
Any go-to tools or apps that make life easier for you? Especially inventory management... I've noticed that it's almost non-existent here, and it's hectic...
Tips specifically around Microsoft Entra ID, M365 management, or hybrid AD environments?
What are your time-savers or process automators?
I know every environment is a bit different, but any info is appreciated. Just trying to soak in as much as I can early on, so I don’t have to learn everything the hard way.
Any help is appreciated, so thank you in advance!
https://redd.it/1mgfbty
@r_systemadmin
I have a 6 and a half years old burglary charge ...
Can I get a job I'm network with a 6 almost 7 year old felony , I'm planning on getting my comptia a + and ccna and was just wondering
https://redd.it/1mgajc7
@r_systemadmin
Windows Update brought back all Microsoft bloatware
I made an autounattend.xml file for our virtual machines (I have others, like for basic data entry type users, low hardware, etc.) basically stripping down all junk (it's for a VM for crying out loud!!) becase apparently some users always get a BSOD when running some VPN software and legacy apps on their computers but works just fine on VMs.
Anyways, after a fatal error with their VM I decided to delete it altogether and test my freshly made autounattend.xml file with the https://schneegans.de/windows/unattend-generator/ page. Everything worked but upon reboot I let it Windows Update do its business because I didn't want the user to have to wait ages for backlog pending updates. First reboot after applying updates and all the junk was there, apps such as Spotify (IT'S A VM!!!), Microsoft Solitaire, Climpchamp and whatnot. Oh and Skype, which is already EOL. The VM is supposed to run government legacy apps only, not even Office, Chrome or multimedia codecs are necessary, only a shared folder with the host to export generated CSV and other files.
What the heck Microsoft?
https://redd.it/1mg38qu
@r_systemadmin
Microsoft Remote Desktop
So with them getting rid of the Remote Desktop app. ( Version 10.2.4010) what is everyone else using? I just got a new laptop and I'm about to keep the old one. My love for this is it would re size the screen for each window.
https://redd.it/1mfsj7j
@r_systemadmin
Blocked by Proofpoint – No response to delisting requests, what are my options?
Hi everyone,
We're currently dealing with an email delivery issue: our domain has been blocked by Proofpoint, and emails to certain recipients are being rejected.
We've submitted multiple delisting requests using Proofpoint’s "Check IP" tool, but we never receive any response or follow-up. It’s been several days, and it honestly feels like no one is reviewing the submissions.
We use IONOS as our hosting provider, and all other services accept our emails just fine — this issue is only happening with domains protected by Proofpoint.
Our SPF, DKIM, and DMARC records are properly configured, and we do not send spam or bulk emails. Our email usage is 100% legitimate and transactional.
Has anyone here gone through the same situation with Proofpoint?
What alternatives do I have without migrating providers or changing IPs?
Any advice or experience would be appreciated — we've followed all the "official" steps and submitted requests repeatedly, but so far... radio silence.
Thanks in advance.
https://redd.it/1mfvo6d
@r_systemadmin
i feel like I'm working with a real-life Dwight Schrute
I have to say, it is really not funny in real life. Like holy F@#$2...
He is a micromanager who is not a manager.
he has the type of mindset that if you don't do it his way, you are doing it wrong.
you could do 95% of the work, and he will come over adjust some cables, adjust a some monitors, take a picture of the setup, and in his head he basically did the work (even tho no one ask him to do so)
Brother would start to update random confluence pages on Saturday and Sunday.
he would be creeping on everyone's ticket in the ticket queue.
He assigns tickets to you without asking or telling you if you have the time.
He is the type of person that if you were to make a mistake, even tho you fixed it before it affected any users, he would tell the manager in order to get good boy points.
Mind you, it is not like this guy is some IT god that would solve any issues or would get to the solution that no one could think of. His IT knowledge is on par with the rest of the team.
Our manager is chill in the sense that as long as you do your tickets and work on your project, he is not on top of you, but on the other hand, this guy always tries to pseudo-manage people.
I already confirmed this is not a me thing, and the other guys think the same thing.
I'm not a confrontational type of person, but this guy is getting to me; I'm about to start shit. I just want to rant a bit because it is starting to frustrate me.
Update: I forgot to add, based on his personality, I'm 100% sure that he is aiming to be the next in line for the manager position, so my fear is that anything I say or do could come back to bite me.
https://redd.it/1mfs8hi
@r_systemadmin
On-prem to Cloud
I'm the sole IT for a business that is 100% on-prem with a 24/7 based business, we have machines running all day that require an interface with servers, and remote users who VPN and RDP. I took over this office and have slowly brought it to the modern era since COVID (they had Windows Server 2008 as a DC in 2019 when I took over). I'm hoping that you guys can either tell me that I'm right, or that I need to re-evaluate how the office is setup.
All of a sudden the C suite asked me about moving everything to the cloud (most likely from interacting with other company execs) and I started going through the numbers and workflow. From my point of view, there's almost no reason for us to go to the cloud for a couple of reasons:
\- Cost: We don't have a lot of servers. 6 physical servers, 1 is our main DC, 1 is a backup DC and file server, 3 are VM hosts, and 1 is a dedicated terminal server. A new server for us would run about 20k, but if we put everything into the cloud, with our usage, we would hit about 10k/year. We just did a full hardware refresh, so I don't expect to need to replace our servers for at least 5 years.
\- Workflow: We are a 24/7 operating business with users all over and we have machines that are also running 24/7 and transferring data to both our on-prem and our cloud servers (this would also add onto our cloud usage costs). We recently switched over to a redundancy ISP to make sure we keep our connection, but in the worst case scenario, if we lost internet, our internal office would still be able to function. If we were in the cloud and lost internet, then our entire office would be at a standstill, which is not acceptable to the execs.
I have considered papering some form of a hybrid setup, but it would end up just being some sort of a cloud sync, where our on-prem servers would be mirroring the cloud, and I don't see the point of it for our specific setup.
Thanks for any suggestions you guys might have.
https://redd.it/1mfjood
@r_systemadmin
Non SysAdmin Posts
Correct me if I’m wrong, but I get a feeling there’s a lot of non-Systems Administrators posting here trying to get by without hiring a real IT team. I think this violates the community rules, as this isn’t an outside troubleshooting forum; it’s a forum of Systems Administrators helping each other out, complaining about our jobs, and just anything we all go through. With all of the IT cuts and AI push, I don’t think this should be the forum that allows this. Also, it should be fairly obvious who doesn’t know the IT basics and just had some meetings to find out enough to seem to know what they’re talking about.
https://redd.it/1mh7zcz
@r_systemadmin
Benifits of LAPS when default Administrator account is disabled
I am starting the cyber security improvements journey for the organisation I work for and have just configured LAPS for my device to test before rolling it out organisation wide.
This has lead me to a question, what benifits does LAPS offer when it is rotating the password for the local Administrator account which is disabled by default in Windows?
I can understand if you had had made the same local Administrator account with the same password on each machine how having the password be unique and change automatically on a regular basis would be a good thing but when the built in default Administrator account is disabled by default in Windows and cannot be used without enabling it,what does adding LAPS actually do to enhance security?
https://redd.it/1mh5c1x
@r_systemadmin
How do you protect file servers from data exfiltration during ransomware attacks — and make stolen files useless?
We’ve all seen ransomware evolve from just encryption to full-blown double extortion, where attackers copy sensitive files before encrypting them.
I'm curious how other orgs are dealing with this — not just detection and response, but prevention and damage control, specifically:
What do you do on file servers to prevent or limit mass copying of data during an attack?
Is anyone deploying methods to render copied files unusable if they’re exfiltrated (e.g. encryption-at-rest that doesn’t travel, MIP sensitivity labels, conditional access, etc)?
Are you relying on Windows ACLs, NetApp/SAN features, SIEM triggers, honeypots, or endpoint agents to block rogue file access?
Any luck with tools like Varonis, Microsoft Purview, Code42, or newer DSPM players?
This isn't about stopping encryption — it's about minimizing data leakage impact when the attacker already has internal access and starts copying SMB shares.
Would love to hear how you're tackling this — especially layered approaches that combine classification, DLP, decoys, or user behavior analytics.
Thanks!
https://redd.it/1mh4rin
@r_systemadmin
4 Malware Hits in 20 Minutes – Bitdefender Saves the Day, But Here's What It Missed
Had an intense week on the blue team side. I wanted to share a real case from a small org environment that reinforces the **importance of email-layer security**, not just AV.
# Context
One of our users (call her "User A") had her Windows 10 Pro machine hit **four separate times within 20 minutes** with JavaScript-based and heuristic malware—all delivered through **Outlook profile files (.ost/.htm)**.
Here’s the rundown:
# Timeline (All Detected on July 27)
**Device:** WIN10-USERA-PC (Workstation)
**IP:** (internal, redacted)
* **01:35 AM** – [`Suspicious.Cloud`](http://Suspicious.Cloud) flagged in Outlook OST
* **01:43 AM** – `Trojan.JS.Agent.VAK` embedded in a fake HTML “invoice”
* **01:44 AM** – `GT:JS.Acsogenixx` variant in user’s Documents\\Outlook backup
* **01:53 AM** – `Trojan.Agent.GNSP` detected in the local Outlook cache
All were blocked by Bitdefender (on-demand scan), but only **after** user interaction or post-processing. They were all deleted/quarantined.
Another user in the same org had a similar detection minutes later.
# What Caused It?
User A clicked a fake Microsoft billing email a few days earlier. We assume some of the OST contents were preloading via Outlook caching or HTML rendering.
# Lesson
AV did its job **after exposure**, but this is one of those moments where you realize the real problem is upstream.
The org **wasn’t using any dedicated spam/phish filters**. No URL rewriting. No impersonation detection. Basic M365 filtering was the only gate. So:
* User clicked
* HTML processed in Outlook
* Bitdefender caught the payloads *after access*
We’ve since rolled out:
* SpamTitan for pre-delivery filtering
* PhishTitan for URL rewrite + impersonation logic
* Replacing passwords with hardware MFA keys
* Full BitLocker + Secure Boot lockdown
* SafeTitan for employee training
# TL;DR:
* User got 4 malware payloads in 20 min from Outlook profiles
* Bitdefender quarantined them—but only *after* user interaction
* AV isn't a firewall for email stupidity (or MS filtering gaps)
* Layer your defense with actual email filtering
* Hardware MFA and Intune hardening are coming next
Ask me anything. I'm still cleaning up.
https://redd.it/1mh2r6t
@r_systemadmin
SSO/MFA Confusion
Hi.
When MS Passkeys became Preview, I enrolled my 365 Premium Account in it. It's been working well, though it's a little tedious as you need to wait for the prompt on screen, select the device that has your PK, unlock the device, wait for the connection prompt, accept it, then fingerprint again to login.
We now have WFHB capable cameras on our desktops (and laptops) and I'd like to move to primarily authenticating with that. I can login to the PC OK, and some apps like Keeper Password Manager give an option for Biometrics, but other apps we use, insist on asking for the Passkey. I still want to keep my passkey for now, but I'd like it to be a secondary authentication option if Biometric Login isn't possible.
I am unsure if it's the type or mode of the SSO connection bit that determines that, ie something the app developer needs to enable, or if it's possible in my own settings to set WFHB as the primary so it defaults to that if available?
Hopefully, that makes sense.
TIA
https://redd.it/1mgxaxm
@r_systemadmin
Batteries stuck inside UPS - looking for suggestions
I have a bit aged CyberPower PR2200LCD and it's time to change the batteries. Something I've probably done dozens of times over the decades with all kinds of UPSes - usually straight forward and no manual needed. But I ran into issues with this model - the "plastic" puller that's stuck to the underside of the battery tore off, and it did that as the battery refused to move out more than 1-2 cm or so when I tried to pull it out. I couldn't even get to the wires to disconnect the battery.
The trick with this unit is that it takes two rather large batteries (RB12170X4) that are at the top of weight that I've seen for UPSes. It means that trying to pull with your fingers on the very small areas exposed is pretty useless. Add that I think the battery wires/connectors were blocking the pull initially I'm not sure how to proceed.
On the front side where I pull out from, I don't see corrosion and I cannot feel anything sticky. I can "lift" the battery up and move it slightly side to side within the bracket, but pulling it out is not working. That plastic thing you usually would pull on broke.
Any suggestions?
https://redd.it/1mgqbg3
@r_systemadmin
Do 2 servers directly attached to SAN require witness?
I am planning to set up a high-availability failover cluster by directly attach 2 Hyper-V / ESXi servers to a shared SAN storage hardware appliance (not using SDS like vSAN / S2D), is it a must to set up a witness node? Will split-brain occur if there is no witness?
thank you in advance
https://redd.it/1mgkmgv
@r_systemadmin
DHCP Consolidation through Server Migration
Need some input as it seems there are a couple ways to go about this. I am actively supporting a domain controller migration from two Windows Server 2016 instances to a single Windows Server 2022 instance. The 2016 domain controllers currently support DHCP load balancing 50/50, both cover the same scopes in our environment.
I understand the process involved in moving DHCP services but I am having trouble finding the best way to migrate the the DHCP configs, including all lease information. Is this as simple as exporting the DHCP config (and leases) from the primary HA server and then importing on my new 2022 box? Would there be any reason I need to export scopes and leases from both servers and merge them in this setup?
I was also exploring dropping the secondary 2016 server as a load balancing partner, then adding my new 2022 box and letting everything replicate. Once done I would drop the then primary 2016 server as a partner, retaining the production config on my new 2022 box.
Once DHCP scopes, leases ect are migrated I would then disable services on the now legacy servers, authorize my new server, update the IP helpers ect.
I know this is very straightforward. I just need to button-up the best way to get everything over to my new instance without leaving anything behind.
https://redd.it/1mghw3e
@r_systemadmin
Any ideas on faster fixes to a full storage mailbox in Outlook??
Client has 150,000+ emails in their Online Archive for a shared mailbox but the problem is that they're in the Deleted Items folder and not all of them can be deleted (Only those beyond a few years of age). I ran a retention policy but apparently they take up to 2 weeks to apply, Outlook rules keep crashing (probably because of the size), and they're not willing to get an Exchange 2 License. Honestly not sure on what I can do next, does PowerShell offer cmdlets for these types of things?? Thanks
https://redd.it/1mgcaap
@r_systemadmin
Kaseya
For people who've used Kaseya products, any insights to share? Technical usage, support, products prices etc.
Also interested about move overs from/to a kaseya products and the why.
Thanks for sharing!
https://redd.it/1mg987h
@r_systemadmin
User cant open heic files - thought this was fixed already - apparently not?
User calls in to me today that they cant open the HEIC files someone sent them. The heck? Its 2025, I thought this was old news.
I grab the file, throw it on a brand new Windows 11 setup (24h2) and opens fine, no fancy anything.
This machine is 23h2 and refuses to open.
I grab my msstore link from ages ago, says its not compatible.
What gives, is it something that they fixed in later versions?
https://redd.it/1mfxjxz
@r_systemadmin
So many cyber security software companies calling
I now get more calls about cyber security applications for an organization then I do duct cleaning these days. They're a dime, a dozen and they all offer a similar product which includes endpoint security, email, data governance, etc
Anyone else getting tons of calls?
https://redd.it/1mfx2bu
@r_systemadmin
Why so many 'single pane of glass' applications?
Am I the only one who doesn't want all my eggs in a single basket?
I don't need a EDR + MDR + SIEM + XDR + Backup + RMM in one. I don't want that in the slightest. It's not difficult to log into separate tools. If I want them to integrate/trigger each other, that's what API's are for!
Every vendor out there is flabbergasted when I tell them a 'single pane of glass' platform is a negative mark for us.
Am I the problem? Am I taking crazy pills?
https://redd.it/1mfvyu6
@r_systemadmin
Anybody switched from SCCM for patching?
Just curious to know if any of you have switched away from SCCM to another product for patching (windows and 3rd party), if so what did you move to and why?
Especially looking to hear from people who are in tightly controlled environments, e.g. patches can only be applied on certain days at certain times
Thanks
https://redd.it/1mfox9v
@r_systemadmin
I'm embarrassed and I need a grey beard. Access 97 is the bane of my existence. How the hell do you deploy it silently.
Please, please, ignore the fact we're still running Access 97 for now please. I need a better way of getting this bullshit deployed silently.. Right now I have just about everything automated but this stupid thing I can't figure out. Takes a decent amount of time to get it to actually work on Windows 11.
Finding documentation from before 2005 is a nightmare. I try to install "Microsoft Network Installation Wizard 2.1" and it just refuses to read any .LST or .STF files I throw at it saying its not from a "post-admin network image". What does that even mean?
We're a small company and our dev team sucks. Our 15+ year DBA refuses to touch his precious ancient SQL servers to update the database to something more sane. No one else can do his job so here I am with this shit.
6 years ago we hired a new CTO who blew millions of dollars on a rebuild of the entire application in Azure. It failed spectacularly, never worked at all, and now the whole company is scrambling to make sales and polish up this old turd of an application that runs on old SQL code and has our internal users still interacting with it on Access 97.
https://redd.it/1mfm1ff
@r_systemadmin