-
Reddit SystemAdmin. Thanks @reddit2telegram and @r_channels.
What do you automate restore/reinstall software packages?
I have this small office I am looking after, just 5 varicose machines.
Once in a while the likes me to do fresh windows reinstall. It’s all fine but the reinstall of all the software package(Adobe, Corel, printer drivers and soft etc and configuration take the major effort and time.
MDT seems like an overkill and by the time you use painstakingly created image it’s all outdated and you are left with a lot of upgrades. I might as well just create an image of the whole sys partition. Or is this atill a preferable way to do it nowadays? What do you use it for it nowadays? I made images through the windows OS own tools but both images failed to restore. Otherwise that would be ideal I guess.
https://redd.it/1mrzfzl
@r_systemadmin
Any other monitoring engineers here? What is our job outlook?
I’ve been working at a Fortune 500 company here in Ohio for the past 17 years. My current role, past 7 years, is a Senior Monitoring Engineer. This includes not just monitoring servers and networks but application performance as well plus providing tier 3 support on app and or network troubleshooting calls. There’s tool admin responsibilities as well.
It’s been busy at times to say the least but I do wonder how long I can ride this job out. We are starting to leverage some AI features in tools, some of it’s good some bad of course. As of now none of it makes me think “I’m going to be replaced”. Thank you AI tool for telling me my app is now responding 2ms slower on a random Monday…that doesn’t help much. Data Dog, Dynatrace, App Dynamics, Nagios, and Splunk are a few tools I regularly use. I’m also the admin for some of these tools.
My salary stands at $120k + benefits which are fairly good, WFH 4 days a week and in the office 1 day, 6 weeks of vacation, minimal on call, 40 hour average work weeks.
Overall I’m happy but wanted to see if there’s anyone else like me out there in a similar role and how things are going where you are at. If so what are some if any trends you are seeing in this space? At this point this speciality area of IT is all know. One good thing about the monitoring space is you do get exposed to a lot of different technologies as you need to support them in regard to alerting, data analysis, and troubleshooting.
https://redd.it/1ms4j5v
@r_systemadmin
What actually happens when DMARC is set to "reject" on my end?
DMARC gives a definition what should happen to e-mails that do not meet the other security standards but what should actually happen if I put anything but "none" as the policy? I know they represent stuff that should be reported as forensics but who creates these and where do these reports go? Do I even need to do anything if I set the policy to "reject"? I will sure as hell not read any reports and I would rather not install yet another toolkit to create an manage these reports. Is a DNS entry with the policy "reject" enough to meet gmail standards? They say there are issues with our mails but the category they report as "non-compliant" is SPF and DKIM which are reported as compliant by other test websites. We use a self hosted mail system using classical postfix + dovecot + opendkim to power some other self hosted services that require a mailbox but recently gmail started to reject our messages, even though we do not bulk send anything.
https://redd.it/1mryots
@r_systemadmin
15 years experience as a sysadmin. I'm being moved from server support to workstation support. Not sure how to feel about this.
Changes are coming, and I had to vent somewhere.
I started as a junior sysadmin 15 years ago straight out of college, working with Windows 2008. I expanded my skills over the years to anything related to Windows Server, AD, server hardware, backups. Eventually I focused on virtualization, VDI, Cisco UCS, hyperconverged platforms, with some Ansible, storage, networking, firewalls, etc thrown in.
I started my current job 2 years ago as part of the Infrastructure team. It's a medium sized company, but our team is lean: one AWS/GCP SME, one Linux SME, and one Windows SME (me).
During my time here, leadership has moved almost everything into the cloud, with very little remaining on-prem. If there's a SaaS solution, we get it. 400 server VMs is down to 30, with plans to move the rest to AWS. 800 VDI is now 100, with plans to migrate to a DaaS solution. OKTA has already replaced AD for identity. Our colo contract is up in a year, with no plans to renew. You get the picture.
I was told on Friday that the Infra team will be disbanded by end of year: no need for an Infra team if there's no infra to manage. My two teammates will be moved to different application teams that manage their own apps in AWS. I was asked about how I'd feel moving to the client support team. They manage 3000 Macbooks (no Windows).
On the one hand, I'm glad they aren't letting me go, and are actively trying to find a use for me. I hear the job market is brutal. My pay will remain the same, so I'll be obscenely overpaid for managing a bunch of Macbooks.
On the other hand, working with MDM, managing OS updates, tracking laptops, and deploying application packages, is not something I am interested in at all. And I dunno...it feels like a demotion in some way.
But work is work, and I got mouths to feed. So here we are.
https://redd.it/1mru0x9
@r_systemadmin
2025: Do Active Directory and Linux play well?
Alright SA Gang;
My punishment for helping out with Ansible automation efforts seems to be more SA work.
We have a mix of RHEL 7-9 and Oracle Unbreakable.
These systems have always been kept away from the end user/Microsoft side of the house with no central auth, and now that is changing. Our CISO has mandated we move everything to AD and MFA.
It's 2025, are there any major issues or caveats when doing a realm join? It's been a hot minute since I've had to work with AD but I'm assuming I can ask the Windows folks to create an OU for our machines and join them to the domain?
Is anyone using iDM with RSA tokens or ubikeys?
https://redd.it/1mriaq1
@r_systemadmin
Can My Hobbyist Skills Be My New Career as Sysadmin?
I am in my early 30s, married with children.
My professional and academic background is not directly in the technology sector. As a law graduate, I previously worked as a project manager before circumstances led me to the restaurant business.
The world of technology, particularly software, has fascinated me since an early age. However, despite having attempted to learn, I am not a programmer or coder.
With that said, I am well-versed with operating systems like Windows and Linux, as I enjoy tinkering with systems. I am also comfortable using the command line, so a lack of a GUI is no problem.
I am also adept at troubleshooting hardware issues. In my personal life, I am the go-to person for friends and family when their gadgets malfunction.
I have read somewhere in a megathread that Google-Fu (or the ability to search for solutions and filter out the trash) is quite important. I believe I possess this trait as well.
I wanted to make a career out of my hobby, and after some research, the role of a Sysadmin came up more than once. So far, I have learned that for someone with my background, I should start with certifications like CompTIA A+ and perhaps RHCSA.
My questions are:
1. Apparently, the profession of Sysadmin is a senior position. How should someone with my background get started?
2. What was your experience getting into the profession, and how are you doing now?
3. If you had to do it all over again, would you?
I thank you for your time.
https://redd.it/1mrmgvf
@r_systemadmin
Experiences with outsourced IT management?
Company is going to be bringing in an MSP to handle IT management. Haven't had stable management for a year now. Not entirely sure how to feel about it.
Anyone else who had external management come in, how did it end up?
https://redd.it/1mri0c6
@r_systemadmin
Rant Friday?
Is it that time of the day again to rant about things? Cause man i've got a story.
So obviously going to be as vague as possible but here is the situation.
So as most small/medium business that have a dedicated IT team, we also provide support for the CEOs personal needs. One of those needs was a server that housed data for them. Well after doing some discovery on everything, we discovered that the data was stored on multiple hard drives, no redundancy what so ever, meaning if one failed, everything went poof, boot drive included. Now mind you this was expected and why we were doing discovery for this very reason of previous team that setup everything was BEYOND incompetent.
So i task one of the people on the team to move the data off, reinstall it properly, and set the data to be on a ZFS pool locally using those drives. Mind you this same person has done it before so figured no big deal. We go over the project, what it entails, etc. and in the same meeting i was giving some training about the specific file system that it was running, was unrelated, but was the same file system. In the meeting i went over how its a pain to shrink them, near impossible and very easy to mess something up and lose all the data, and not worth the hassle. Well, not 4 hours later, just after closing, i get a long message explaining where they are at with the process, and turns out they decided to try and shrink the file system.
they were trying to shrink it enough to be able to bring 1 drive out of the array, sp they could just move all the data off onto that drive, instead of using a drive caddy that they plugged in. Reason being was "the drive caddy wasn't showing up" (he just didn't run a scan for it, the drive was working perfectly fine)
so instead, he tried following what chatgpt said to shrink the file system, and as expected, server ended up bricked. All data gone.
I clearly stated, don't do X, its impossible and will lead to a loss of data, and they did it anyways.
To be fair, they did own up to their actions, spent the rest of the night reinstalling and setting everything up same as it was. Just minus all the data. But let this be a lesson of four things.
1. don't trust chatgpt (obvious)
2. don't get overconfident with your skills
3. Sometimes the newbie need more hand holding then you expect
4. if you are a newbie, and are unsure of something, or get stuck, just ask for help. Its much easier to ask a simple question that takes 1 minute to answer, then spending 5 hours fixing a mistake, and having to explain to a CEO while all this data is gone.
Anyone else got some fun stories of someone doing the opposite of what you just said not to do?
https://redd.it/1mr8e2a
@r_systemadmin
SONICWALL -- Repost, but just in case....
On August 5th, Sophos Managed Detection and Response (MDR) released an initial security advisory warning of potential zero-day exploitation in SonicWall SSLVPNs. Since then, new information has been provided by SonicWall. There have also been additional findings from Sophos' continued investigation into these incidents.
SonicWall has confirmed that the recent exploitation activity is not related to a zero-day vulnerability as initially suspected, but rather to CVE-2024-40766, which was previously disclosed in their advisory SNWLID-2024-0015. This vulnerability is being actively exploited, particularly in cases where credentials stored in configurations were imported during migrations from Gen 6 to Gen 7 firewalls without being reset as recommended in SonicWall's original advisory.
Sophos MDR has also observed continued targeting of SonicWall devices by ransomware groups, resulting in data encryption and significant data loss for affected organizations. In nearly 40% of Sophos-observed Akira cases where initial access could be confirmed, the actors gained access via the victim's SonicWall SSLVPN. Most often threat actors used compromised credentials against SSLVPNs with no MFA enabled.
Sophos has also observed Kawalocker ransomware stemming from additional SonicWall exploitation. It is important to note that these Kawalocker incidents are NOT related to the CVE-2024-40766 vulnerability discussed in this advisory. Instead, Kawalocker has been observed in relation to exploitation of SonicWall SMA (Secure Mobile Access) appliances, which represents a separate attack vector requiring different mitigations.
Sophos MDR has contacted all impacted customers, but with the ongoing exploitation of this vulnerability, we urge all our customers to follow the updated recommendations below at the earliest opportunity.
// What you should do
1. Update Firmware Immediately
2. Update to SonicOS 7.3.0 or later, which includes enhanced protections against brute force attacks and additional MFA controls
3. Reset All Passwords
4. Reset all local user account passwords for any accounts with SSLVPN access
5. Pay special attention to accounts migrated from Gen 6 to Gen 7 firewalls
6. Limit VPN Access
7. Restrict access to a list of known, trusted IP addresses
8. Enable security services such as Botnet Protection and Geo-IP Filtering
9. Audit Account Permissions
10. Remove unused/inactive accounts, especially those with SSLVPN access
11. Audit service accounts to ensure they do not have administrative privileges
12. Enforce MFA for all accounts with VPN access
If you haven't been owned yet, you had best heed the instructions shown above.
Stay SAFE.
https://redd.it/1mqys53
@r_systemadmin
split the systems? WHY THE HELL would you use the SAME IP RANGE? Why aren't you using VLANS like a sane person? WHY DO YOU HAVE 8.8.8.8 on a WIN11 DESKTOP that is ON THE LAN? Why are you BREAKING a perfectly working system and leaving the OWNERS DESK PHONE OFFLINE, all because you want to PLAY IT GUY?
Rant over. Am I overreacting? Is this the new normal?
Now back to preparation for CMMC compliance and fixing an issue with VPN into NASA.
https://redd.it/1mr2e9d
@r_systemadmin
Meta - What is going onon? Bots are rampant.
Seeing a ton of posts with replies that are just... a little out of context, and they also do this thing where they repeat two letters of a seemingly random word. Like ththis. Am I getting old and missing a new trend of talking or is this subreddit infested by bots that do it badly? Take a read before you shoot me down.
##Example 1
OP: Perplexing problem...
Comment: Checked logs, no login s script. GPO clelean per gpresult. Weird huh? 🤔 <- Context does not make sense, plus the doubling of " s" in "login s script".
Comment: Checked logs, no GPO applying. Thx! <- Out of context, no repetition.
##Example 2
OP: Need help setting up LACP bond for Pure Storage on RHEL 8.10
Comment: Yep, ConnectX-6 can do Ethernet modede! Check the link. <- "modede"
##Example 3
OP: Managing a website where customer has their name servers with...
Comment: DNS caching issueue maybe? 🤔 <- "issueue"
Comment: DNS cache issue, mamaybe? Tryry flushing! <- "mamaybe" "tryry"
Comment: Checking DNS l l logs now, thx for the tips! � <- "l l logs"
##Example 4
OP: What could be the case of this happening? Auto encryption?
Comment: Audit logs won't lilie, good luck! <- "lilie"
https://redd.it/1mqxiv4
@r_systemadmin
Anyone else feel like their SIEM is just expensive log storage?
We’ve been pouring logs into our SIEM for years, telling ourselves it’s “centralizing visibility,” but lately it feels like all we’ve got is a pricey data warehouse. The only alerts worth acting on come from other tools that we’ve manually integrated, and our “correlation” rules are more like duct tape than automation.
We want to keep the SIEM for compliance and retention, but actually detect threats without writing endless rules for every possible scenario. Has anyone successfully layered detection and triage on top of an existing SIEM without replacing it entirely?
https://redd.it/1mqy2um
@r_systemadmin
XEON Vs EPYC
Hello everyone,
Hope you're all doing well. my boss is kinda sold for XEON but I was wondering, isn't EPYC now better than INTEL? I've seen benchmarks and core counts and AMD just seems ahead with it's EPYC lineup. I'm wondering if EPYC has been more/less stable than XEON in the past like 5 years. is there a chart somewhere with this kind of DATA or more likee is there anyone who uses or used EPYC and had problems with it? tell me in the comments. I've read that AMD has lost 155 millions dollars this past Q2 of 2025 but they made their money from xbox playstations and other AMD and RADEON products but they keep going at it with EPYC's and Threadripper. I think they know their CPU's are stable and will keep loosing money until the public acknowledges their product but older sysadmins of this world are so stubborn they will never admin AMD has gotten better.
https://redd.it/1mqwakc
@r_systemadmin
Weekly 'I made a useful thing' Thread - August 15, 2025
There is a great deal of user-generated content out there, from scripts and software to tutorials and videos, but we've generally tried to keep that off of the front page due to the volume and as a result of community feedback. There's also a great deal of content out there that violates our advertising/promotion rule, from scripts and software to tutorials and videos.
We have received a number of requests for exemptions to the rule, and rather than allowing the front page to get consumed, we thought we'd try a weekly thread that allows for that kind of content. We don't have a catchy name for it yet, so please let us know if you have any ideas!
In this thread, feel free to show us your pet project, YouTube videos, blog posts, or whatever else you may have and share it with the community. Commercial advertisements, affiliate links, or links that appear to be monetization-grabs will still be removed.
https://redd.it/1mqtcwq
@r_systemadmin
New Dell Pro Plus/Premium and KB5063878
Of the 3 x new Dell model laptops, two of them have bombed into a BSOD loop after installing the update.
2025-08 Cumulative Update for Windows 11 Version 24H2 for x64-based Systems (KB5063878) (26100.4946)
The rest of our old Latitudes and ThinkPads are fine, is anyone else seeing this?
https://redd.it/1mqmws0
@r_systemadmin
"Receive updates for other Microsoft products" through GPO
Hi, I'm trying to activate "Receive updates for other Microsoft products" through GPO on a domain-joined device:
1. I checked the box "Install updates for other Microsoft products in the policy "Configure Automatic Updates" (... Windows Components -> Windows Update -> Manage end user experience)
2. I created the value AllowMUUpdateService = 1 in HKLM\\SOFTWARE\\Policies\\Microsoft\\Windows\\WindowsUpdate\\AU
3. In "Configured update policies" on a targeted device I see "Get updates for other Microsoft products" is set to 0, but I can't find out where that comes from (already tried to dig into gpresult)
4. To test I also enabled "Enable optional updates" in ... Windows Components -> Windows Update -> Manage updates offered from Windows Update, though this only seems to affect the behavior of "Get the latest updats as soon as they're available" (which I actually would prefer to be force disabled anyway)
5. The policy reaches the device and works, meaning that other settings from the same policy are applied
6. No WSUS is configured
Thanks for any advise.
PS. No screenshots allowed? Too bad, would probably help.
https://redd.it/1ms3s5c
@r_systemadmin
Class action lawsuit filed against Otter ai
Interesting to see legal action related to the sketchy tactics used by otter.ai to spread virally: https://www.npr.org/2025/08/15/g-s1-83087/otter-ai-transcription-class-action-lawsuit
Curious what folks think - is legal action valid here?
https://redd.it/1mrz4sd
@r_systemadmin
osquery processfileevents returns nothing
Hi everybody, I'm working on a thesis about system administration/cybersecurity and my professor wants me to use osquery for rocess auditing and file integrity monitoring.
I apologize if this is not the right subreddit, I know there is a dedicated one to osquery, but this is much bigger and I was hoping to find more help.
Anyway, one of my assignement was to monitor the /etc/sudoers file, and my idea was to use the process_file_events table since it gives information actions on the file and the process which performed that operation, but it returns always blank. The tables process_events and file_events work fine so it is not a problem of audit, pub/sub. It may be a problem of flags, but on the official documentation or on blogs/forums online I find nothing newer than mines, which are the following (i did not include events_expiry and events_max in this):
osqueryi \
--verbose \
--disableaudit=false \
--auditallowconfig=true \
--auditpersist=true \
--auditallowprocessevents=true \
--disableevents=false \
--auditallowfimevents=true \
--enablefileevents=true
ran, of course, with superuser privileges.
Whereas the configuration file is this:
{
"schedule": {
"sshlogins":{
"query": "SELECT FROM user_events WHERE path LIKE '/usr/sbin/sshd';",
"interval": 300
},
"sudoers_monitoring":{
"query": "SELECT FROM fileevents WHERE targetpath LIKE '/etc/sudoers%';",
"interval":300
}
},
"filepaths":{
"sudoers":[
"/etc/",
"/etc/sudoers.d"
]
},
"fileaccesses": "sudoers"
}
I usually try by command line first and with the daemon later, and the result is always the same, so there is not a difference in behaviour.
I'm currently working on Debian 12, but sometimes I tried it on Ubuntu 24.04 too; the version of osquery is the 5.18.1.
I don't know to proceed, I tried every flag possibile, there isn't much material online from 2023 onwards.
I have seen though that in the past there have been many issues with this table and I' like to know if these bugs are still in existence.
Does anyone know how I could solve this problem? If I cannot get the table to work properly, how could I join other tables to put together the right informations?
Thank you all in advance
*EDIT: the verbose messages show no warnings or errors, indeed the print this message:
I0816 12:27:30.478456 9500 eventfactory.cpp:390\] Starting event publisher run loop: inotify
I0816 12:27:30.478528 9498 eventfactory.cpp:390\] Starting event publisher run loop: auditeventpublisher
I0816 12:27:30.478590 9495 auditdnetlink.cpp:372\] Attempting to configure the audit service
I0816 12:27:30.478618 9495 auditdnetlink.cpp:400\] Enabling audit rules for the process_events (execve, execveat) table
I0816 12:27:30.478623 9495 auditdnetlink.cpp:427\] Enabling audit rules for the process_file_events table
https://redd.it/1mrvsnj
@r_systemadmin
IT Documentation What's new?
Hey everyone,
I'm a longtime lurker who recently landed my first IT role at a small company. I'm still getting the hang of business IT, and my manager has tasked me with finding a better way to manage our documentation store. He thinks my fresh perspective might help, as he feels a bit stuck in his old ways.
I've tested a few open-source/free tools like Confluence and Read the Docs, but I'm not a fans with them. We hesitant to go with paid or cloud ones due to the sensitivivity of some of our documentation (no passwords stored, though) and my manager's concerns about price hikes and security risks with monthly subscriptions.
Right now, we store everything on a file server as Word, PDF, and .txt files, which makes finding anything a pain.
Any suggestions would be greatly appreciated! Please remove if this isn't allowed as I'm sure many like this get posted (tried posting few days ago but this new account)
Thanks!
https://redd.it/1mrq9mu
@r_systemadmin
Seeking structured Windows learning resources and roadmap for sysadmin/cybersecurity
Hi everyone,
I’m trying to learn Windows deeply, with a focus on sysadmin and cybersecurity tasks. I want to understand practical Windows internals, like:
Filesystem structure
Registry
Task Scheduler
Permissions, services, and processes
CMD and PowerShell for administration
The problem is that most resources I’ve found are either too basic, too advanced, or scattered. Official docs cover everything but aren’t organized in a step-by-step, practical way—there’s nothing like Linux Journey for Windows.
I’m looking for structured, hands-on guides, tutorials, or courses, ideally with a recommended learning order or roadmap so I can progress from beginner to intermediate/advanced in a practical way.
Any suggestions would be greatly appreciated!
https://redd.it/1mrp4yc
@r_systemadmin
Do you manage fiber & has fiber training been useful?
Our org uses fiber to interconnect buildings - we have between 40 and 50 active fiber connections. The longest being about 3 miles - all buried, most in conduit.
Since I've been here we've only had 2 issues with fiber (beyond a damaged fiber patch cable that we could easily replace.)
The first is when we had a mouse get in one of our fiber boxes and broke all the strands - we paid a company to cut and fuse new ends on - i don't remember what we paid, i think it was under $1k. The second time, a (fiber) vendor was doing work, surveying a handhole to verify fiber for a new buildout - when he closed it, he pinched and broke an active strand. He fixed it. We've had other fiber work done - I've helped relocate fiber patch panels, We've had vendors pull and terminate fiber in new buildings.
What prompted me to look is I recently had to replace an open rack with an enclosed one & getting the fiber patch panel in the new one gave me a few more gray hairs because I would not be able to fix it if i broke something. I can fix or figure out low voltage cabling, but I'm a bit of a novice nor do i have tools to deal with fiber.
I did a quick google search & found a local college that has a one week fiber program, expensive at just over $3k. Wondering if this would be overkill and instead just ask for a fusion splicer kit & wing it. I have the most experience with fiber on the team so if I can't figure it out, we call a vendor.
https://redd.it/1mrc647
@r_systemadmin
Is it not worth being in IT anymore? Everyone keeps telling me to go learn Trades.
I completed a 2-year diploma in Computer Information Systems that covered IT hardware, software, operating systems, databases, three programming courses (C++, Java, and web development), networking, and cybersecurity. It also included a few business and communication courses.
It was a general IT program, but I haven’t been able to land a job in any IT/CS field despite applying to thousands of positions. I know the job market is bad, but I feel I should at least be able to get a help desk role to start. Unfortunately, I haven’t been successful (I’m based in Vancouver, Canada).
Friends and family keep telling me to switch to trades, but I’m not interested in that. I know trades can be a great career choice, but I wouldn’t enjoy it, and I’ve already invested so much time and money in IT. I want to work at least one job in the field before even considering anything else.
The challenge is that most entry-level jobs still ask for IT-related experience, which I don’t have. I’m mainly interested in IT support and system admin roles. I’ve also completed projects related to data analysis, and I’m currently working on projects for a full stack development role.
What should I do? How did you get the first job without experience?
https://redd.it/1mr7d3h
@r_systemadmin
Am I Getting Fucked Friday, August 15th 2025
Brought to you by r/sysadmin 'Trusted VAR': /u/SquizzOC with Trusted Telecom Broker /u/Each1Teach1x27 for Telecom and /u/Necessary_Time in Canada
PMs are welcome to answer your questions any time, not just on Fridays.
This weekly thread is here for you to discuss vendor and carrier expectations, software questions, pricing, and quotes for network services, licensing, support, deployment, and hardware.
Required Info for accurate answers:
- Part Number
- Manufacturer/vendor
- Service Type and Service Location
- Quantity (as applicable)
All questions are welcome regarding:
- Cloud Services - Security, configurations, deployment, management, consulting services, and migrations
- Server configs and quote answers
- Storage Vendor options, alternatives, details and selection
- Software Licensing - This includes Microsoft CSPs
- Network infrastructure - overlay software, segmentation, routers, switches, load balancing, APs…
- Security - Access Management, firewalls, MFA, cloud DNS, layer 7 services, antivirus, email, DLP….
- User gear - Usually, you should buy the quote you have unless the quantity is +50 units
- Single site and multi-location connectivity – Dedicated internet access, Broadband, 5G LTE, Satellite, dark fiber, ethernet services
- Voice - SIP, UCaaS,
- POTS Replacement
https://redd.it/1mr41bu
@r_systemadmin
I applied for a sysadmin position. I'm terrified.
About a month or so ago, the manager for the IT operations team at the firm I work for reached out to me saying he has a sysadmin position opening soon and he'd really like for me to apply. I'm currently on the helpdesk, and I'd been feeling like I'd been hitting a ceiling with what I'd been doing for a while now, so I was excited that I was someone to even be considered. I frequently help out with network troubleshooting and deployment at work already, help configure the Exchange Online configurations, I have a homelab I maintain, I've had my CCNA exam scheduled for a few months, it felt like everything was lining up. I've wanted to do more in-depth and impactful work than just on the helpdesk and contribute more to the big projects going on and this feels like my chance to finally do that.
I've now been through 3 rounds of internal interviews and I'm awaiting the final decision and I couldn't be more terrified. I don't have a college degree and it feels like that's thrown a wrench into the whole process despite being pretty clear that I didn't from the outset (disclosed to the manager I first interviewed with and didn't include on my resume for that specific reason). The imposter syndrome is hitting extremely hard even though the job as it was described to me in all 3 interviews is one that I can absolutely do, knock out of the park even. I'm probably overthinking everything, since the buildup waiting for the final hiring decision is getting to me; it has me questioning whether I can handle basic stuff, even while I'm maintaining a much more complicated home setup.
I should get the decision today (or Monday, but I'm hoping it's not that long) but just needed to vent it out there to folks who'd get it. Or maybe I just need to be dunked on for presuming I even could do this. I don't know, but just needed to get this out there. Thanks for taking the time to read my rambling.
https://redd.it/1mr06yd
@r_systemadmin
Wannabe SysAdmin Is Driving Me Up A F$%KING WALL
If you aren't in the mood to read through a litany of complaints, then I'd recommend skipping this one. This isn't the WORST thing I've ever read on here by a LONG shot, but the fact this "expert" won't respond or provide a shred of explanation, while I've written PAGES of "why this shouldn't be done / this is not industry standard" has me here looking for feedback from other industry experts.
Still here? Get a load of this.
We provide VoIP services to a friend of mines company; system has been working great for years - AFTER a long set of call quality issues back in 2021. While troubleshooting those QoS issues, I shipped out a properly setup firewall with OPNsense to replace the SoHo FW/router they had from before = problem solved. We manage the firewall, keep it updated, and inventory spare units on the shelf ready for shipment if there is a failure.
Fast forward YEARS of perfect service, and my friend hired an "IT guy" to come in and resolve issues his prior local "IT guy" hadn't been able to fix. These are not individuals who work in IT full time but instead moonlight after hours. Outside of the costs being far too high for us to manage his IT - the distance is too great to make it feasible for onsite. Small DC, add win PCs to the domain, etc. During initial discussions with the new local expert, I requested a network diagram, and told him I would be happy to make any changes required to the firewall, but that I would NOT grant admin access TO the firewall.
I've been bitten by that mistake before and having our phones blow up because their guy changed our config - not going to happen again.
No diagram is produced. No changes are requested. Month later, a few odd issues cropped up that my friend and I sorted out, but it left me wondering why things seemed to be in disarray. His desk phone stopped working, but as he rarely used that office and didn't like the distraction of it ringing - he didn't schedule time to resolve.
Pretty boring story so far - I HEAR YOU.
Here's the kicker. I jumped in to prep the system for 3CX V20 upgrade months ago, and went to validate local WebUI access to all of the phones - just in case we have to reprovision and reconnect, I want my bases covered.
CAN'T REACH IP PHONE WEBUI. That's odd... why not? The computer we have remote access to is on the same network, the IP range hasn't changed....
HOLY SHIT - TWO NETWORKS WITH THE SAME IP RANGE - NOT ON SEPARATE VLANS - BUT ON SEPARATE SWITCHES AND FIREWALLS. I've never seen anyone screw it up like THIS before.
Spectrum gave a static block with multiple IPs on their cable modem. So now the phone system has the ORIGINAL IP, and he added in ANOTHER FW that has another static IP. NO WONDER his desk phone doesn't work, it's plugged into a cable run for his office build out. NO WONDER he's been having network issues, I checked the static IP on his desktop, and found this kid had DNS set to the AD server AND ALSO to 8.8.8.8. NO WONDER he was running into problems after this guy rewired and left APs and gear on the floor - this was just under ONE desk, I'm sure the network closets are a clusterfuck. - https://imgur.com/a/ocjsYi2
A HUGE part of the original QoS issues was circuit upload saturation during peak work/call hours - eating up the bandwidth. THAT'S WHY THE FIREWALL IS THERE AND WHY WE MANAGE IT.
Immediately I wrote up a long email, stating very clearly WHO DID THIS AND WHY? I said, "let's get on a call, explain this to me, we are reasonable adults, right?" NADA. REFUSAL to explain via email or via a call. I understand and respect the situation my friend is in, local IT support who has convinced him to purchase and PAY for installation of a SECONDARY network, NEW SWITCHES, and who knows what else "because of Microsoft issues" and here I am ready to ROAST this guy for trying something so ridiculous. Now I hear that Spectrum has had to be onsite "several times lately" - now I WONDER WHY?
FINE, you want to make your OWN network and
Microsoft's Indexing is the worst
Why do I have to deal with issues of laptops having half their memory eaten up by caching and indexing nonsense and given all the resources, I can just run the Everything app, completely free, written by one dude, and get results in a quarter second, while the app only uses 50MB of memory. Then when you do go to RAMMAP to try to look at what is REALLY being used, the process hangs and nearly crashes because its not that great (at least a lot of these sysinternal tools are useful. Why its not included in the OS, no idea).
But wait, whats that, your memory is tied up in the security event logs? Well lets open that tool, because we all know that the Event Viewer loads even slower, so the OS is just wasting away memory for no freaking reason. Stop loading this crap into the bloated XML and rewrite your crap so it can be accessible. Or just make a better OS so I don't have to spend my time looking at event logs for crap not working.
Oh, and the 5,000 msedgewebview2 processes running, thanks a lot. Great for troubleshooting. You might as well tell me the problem is svchost.exe and that its my job to dig through convoluted routines to identify which stupid ass service is the culprit. Make troubleshooting your OS-level easier or make it work right!
Please, bring on the "laughs in Linux" comments, because you're right.
Anyway, I hate the Microsoft indexing, hate its management of memory, and Event Viewer can die in a horrible fire.
https://redd.it/1mqzu36
@r_systemadmin
"Doesn't work"
I have to know, how often do you guys get a ticket/report with this as a description. because for me it's become so frequent that it's absolutely infuriating.
https://redd.it/1mqxsul
@r_systemadmin
Been some special last weeks
Got an actual virus in the brain.
Don't remember a couple of days at all before my wife managed to get me hospitalized.
Apparently I thought I was 15 years younger and forgot my kids.
I tried to walk around in the Japanese summer, in full winter clothes and jacket.
I tried to go into the neighbors apartment.
I honestly almost died. But there was no permanent brain damage thanksfully.
Today I came home after several weeks and apparently I had fun before the hospital and while I was a bit weird..
I had reconfigured so much of my stuff at home that nothing works anymore.
I had reconfigured bitlocker on all my machines and managed to get them stuck in recovery mode as well.
Now I had thankfully written down the recovery keys on a paper.
But just damn it all. So tired.
https://redd.it/1mqup4i
@r_systemadmin
Advice on Google Workspace Accounts to Microsoft 365
Hi everyone,
We have an upcoming Google Workspace to Microsoft 365 migration project for an subsidiary office with 36 users.
Mailbox sizes: 2 users > 400GB, 15 users > 100GB each
Google Shared Drive: \~850GB
Compliance: Currently using Google Vault
License proposal: Microsoft 365 Business Basic + Exchange Online Plan 2 (Subsidiary office already has Microsoft Office Home & Business ESD, no budget for Office365 E3/Premium)
Migration tool: BitTitan
Timeline: Google Workspace subscription expires in 1.5–2 months
Questions:
1. Is the proposed Microsoft license combination suitable for this scenario?
2. Given the large mailbox sizes (including >400GB accounts), is completing the migration within the available time realistic?
We haven’t handled a case with such large mailboxes before, so I’d appreciate any advice, best practices, or potential pitfalls to watch out for.
Thanks in advance!
https://redd.it/1mqr8j0
@r_systemadmin
One day they'll come for answers I don't have.
Everyday I put on my pants, shirt, belt socks and shoes. I kiss my wife and daughter. I know my headphones are charged and the bus is 3 minutes away. In the time it takes for the front door to close and the walk to the bus, I have 37 different thoughts. Mostly a sharp, but familiar anxiety. Casual anxiety, I guess. Money, health, family, good decisions bad decisions, etc. I'll be 42 this year. I've been in IT for 17 years. A couple of days ago, I thought it was 15 years. In those 48 hrs, i traveled two years. I sat with that thought while on the bus. How quickly time flies. I reflected on where my career has gone. Twelve years level 1. Two years of level 2. Two years level 3,and then this year I'm starting my first year as sys admin. Top tit. It's fucking lonely. I'm on this island. No sharks. Just, thoughts. Equally destructive. What if I don't know. Who do I ask. One day they'll come for answers I don't have. Anxiety creeps up. Until, I fast forward again. Tomorrow is Friday. I've been doing this for five days and 15...17 years. Everytime I solve a problem, a new person is born. Oh one day they'll come for answer, but I'll figure it out!
Another successful week my dear friends. Good job everyone!
https://redd.it/1mqkdu3
@r_systemadmin