r_systemadmin | Unsorted

Telegram-канал r_systemadmin - Reddit Sysadmin

-

Reddit SystemAdmin. Thanks @reddit2telegram and @r_channels.

Subscribe to a channel

Reddit Sysadmin

Suggestions for sending secure/HIPAA compliant faxes from phone/computer?

Needing to send faxes and the documents are sensitive/secure.

Are there any good ways to send these via phone/computer (direct from email) to a fax number? Would prefer pay per use but understand that may not be an option.

I've heard HP Smart but we do not have an HP printer.

Thank you.

https://redd.it/1mt0eld
@r_systemadmin

Читать полностью…

Reddit Sysadmin

"Add RD Session Host Server" failing installation.

Trying to add a couple more session hosts to one of our terminal server farms.
They add to the Connection Broker in ServerManager no issue under dashboards, but when I go to Remote Desktop Services>Overview, and then click "Add RD Session Host servers", and then attempt to add the 2 new servers, the installation fails.


Heres what I get.
https://imgur.com/a/RebFdrL

I've dived into the event viewer logs on both and haven't found anything. Checked under System, Application as well as all the Remote Desktop event folders.
I've stripped GPO from the new session hosts.
I've ensured I was logged in as my Domain Admin account when processing and ensured it has admin access on the new session hosts.

Where can I start looking for these events? Just so I can at least get an idea of whats going on?

Thanks for any insight.

https://redd.it/1mt1833
@r_systemadmin

Читать полностью…

Reddit Sysadmin

Git commands freezing for 2-10 seconds on Windows - identified as Defender behavioral analysis

TL;DR: Git commands like git diff, git log, and git show freeze for 2-10 seconds on Windows. It's Microsoft Defender Antivirus analyzing how Git spawns its pager (not scanning files - that's why exclusions don't help). After the analysis, the same command runs instantly for about 30-60 seconds, then slow again. Was consistently 10 seconds in the last few days until today, Sunday, now seeing \~2 seconds.

Originally posted with more details on troubleshooting on r/git, with an updated version on r/programming here.

# The Problem

`git diff` freezes for several seconds before showing anything
Running it again immediately: instant
Wait a minute and run it again: slow again
But git diff | less is ALWAYS instant

This affects Python subprocess calls too:

proc = subprocess.Popen('less', '-FR', stdin=subprocess.PIPE, stdout=subprocess.PIPE)
# First run: 2-10 second delay
# Subsequent runs within ~60s: instant

# What's Actually Happening

Microsoft Defender's behavioral analysis examines the process spawning pattern when Git (or Python) creates a child process with pipes/PTY. It's analyzing HOW processes interact, not scanning files.

The delay was consistently 10 seconds (matching Defender's cloud block timeout) in the last couple of days until today, Sunday. Now seeing \~2 seconds, looks like actual cloud analysis completing rather than timing out.

# Test It Yourself

$ sleep 35; time git diff; sleep 20; time git diff; sleep 35; time git diff

real 0m2.195s # Was 10+ seconds before today
real 0m0.114s # Cached
real 0m2.204s # Cache expired

# Solutions

# 1. Disable Pager for Specific Commands

git config --global pager.diff false

# 2. Shell Functions for Developers

alias glog='git log --color=always | less -R'

# 3. Note About Exclusions

File/folder/process exclusions in Defender don't help - this is behavioral analysis, not file scanning. Even disabling real-time protection doesn't consistently fix it.

# Impact

This affects:

All Git operations with pagers
Python scripts using subprocess with pipes
Any tool spawning processes with PTY emulation
PowerShell is also affected (not just Git Bash)

Reproduced on different terminals: Windows Terminal, MinTTY, Cmder, Wezterm.

Environment: Windows 10/11, Git for Windows, Microsoft Defender Antivirus

https://redd.it/1msxc9o
@r_systemadmin

Читать полностью…

Reddit Sysadmin

Looking for sysprep software

I am building a rather simple RDS env. But I want to be able to keep updating a couple of images. When I patch it or update or install software.

Now, standard with windows you can only generalize an OS 3 times.

I cant help but think that there must be software out there that can bypass this. For exmaple with citrix you can update images forever. But, we dont have citrix.

Does anyone have any ‘trick’ or software for this?

I know the trick with hyper-v and creating a checkpoint and then reatore it. That is too much hassle though, and I dont want to use that.

https://redd.it/1msvy56
@r_systemadmin

Читать полностью…

Reddit Sysadmin

What are the hot job hunting boards these days? Looking for remote infrastructure / systems engineer roles.

I haven't done job hunting in close to 8 years and I'm sure things have changed.

I currently am a Senior Systems Engineer, I manage all aspects of our infrastructure. The networking, our VPN tunnels and remote access client, the Microsoft tenant, Defender, Intune, Exchange. Cloud platforms like AWS and Azure, things like Azure VDI environment, virtual servers and appliances, managing the VNets and security/routing for them. Our security and vulnerability management scanning. Resource monitoring, log retention. I write power shell scripts all the time either for information gathering, report building, or automation. Integrations with 3rd party platforms.

Basically everything except actual programming and DevOps stuff, and I don't really work with databases, not super familiar with the internals of things like SQL.

I feel like I've reached a salary cap at my current employer and as much as I love the job, environment, and management, I need to be able to start getting ahead financially. I live in a high cost of living area, which I'd prefer not to leave for various reasons, so increasing my income is the other solution.

I'm hoping to find job boards that are geared more toward remote work. I've been looking through Indeed, the last place I recall using, and there's not a whole lot of remote jobs there and 90% of the listings show "pay information not available" which probably means they're indirectly telling me to not bother anyway.

https://redd.it/1mss6be
@r_systemadmin

Читать полностью…

Reddit Sysadmin

UPDATE: 24 hours later - built the terminal assistant you told me to build

Hey r/sysadmin!

Yesterday I asked about building a local terminal tool for plain English commands. You gave me brutal (helpful) feedback. Today I have a working demo.

# What you demanded, what I built:

**"Don't auto-execute, show me the command first"** → Done
**"Explain what each part does so people learn"** → Added --learn mode
**"Make it actually local, not another ChatGPT wrapper"** → Curated command database
**"Prove it works with a real example"** → Live demo at [praxis.hezico.com](http://praxis.hezico.com)

# Here's what 24 hours of coding looks like:

Built a visual terminal demo showing exactly how this would work - you're troubleshooting a container that keeps crashing at 3AM.

The animated walkthrough shows:

* Plain English: "which container keeps restarting and why"
* Tool analyzes and suggests kubectl diagnostic commands
* Safety prompt: "Execute this safe, read-only diagnostic plan? \[y/N\]"
* Shows realistic output finding the OOMKilled container
* Demonstrates the --learn command that explains syntax
* Shows the business value (faster resolution, air-gap friendly, etc.)

# The visual demo: [praxis.hezico.com](https://praxis.hezico.com/)

60-second terminal animation showing the complete incident workflow and how the confirmation/explanation system works.

# What I learned from your feedback:

1. **Security concerns are real** \- so everything is read-only diagnostics first
2. **Learning curve matters** \- so there's explicit explanation mode
3. **Trust is earned** \- so I show exactly what commands run and why
4. **Context matters** \- so it suggests logical diagnostic approaches

# Current status:

* ✅ Working visual demo showing the interaction model
* ✅ Waitlist to gauge interest and validate demand
* 🔄 Building the actual CLI tool based on this design
* 🔄 Adding more command patterns (Docker, systemd, networking, etc.)

# Still want your input:

1. **Watch the demo** \- does this interaction model make sense?
2. **What command scenarios** should I prioritize? (Docker debugging? Log analysis?)
3. **Would your security team** approve this approach vs external AI tools?

**If this resonates**: [praxis.hezico.com](https://praxis.hezico.com/) \- join the waitlist to stay updated on development

Thanks for the reality check yesterday. This concept is way better because you told me what was broken.

*24 hours from idea to concept demo. Worth building the real thing?*\# UPDATE: Built the terminal assistant based on your feedback - here's what changed

Hey r/devops and r/sysadmin!

A few days ago I asked about building a local terminal tool that converts plain English to commands. Got tons of feedback (some brutal, all helpful) and spent the weekend building based on your suggestions.

# What you told me to fix:

**"Don't auto-execute commands, that's dangerous"** ✅ Fixed
**"Show the command and explain what it does"** ✅ Fixed
**"This will make juniors dumber"** ✅ Added --learn mode
**"What if something breaks and they don't understand it?"** ✅ Read-only commands first
**"It's just a ChatGPT wrapper"** ✅ It's a curated local database, no LLM calls

# Here's what it actually looks like now:

$ ask "which container keeps restarting and why"

🔍 Searching local command database...

📋 Suggested Command:
kubectl get pods --all-namespaces | grep -v Running && kubectl get events --sort-by=.metadata.creationTimestamp

📚 Explanation:
• kubectl get pods --all-namespaces - List all pods across namespaces
• grep -v Running - Filter out healthy running pods
• kubectl get events - Show recent cluster events
• --sort-by=.metadata.creationTimestamp - Sort events chronologically

⚠️ This is a READ-ONLY diagnostic command. Continue? [y/N]


> y

🚀 Executing...

nginx-prod 0/1 CrashLoopBackOff 47 3h
redis-cache 0/1 ImagePullBackOff 12 1h

Recent Events:
47m Warning

Читать полностью…

Reddit Sysadmin

Any way to keep using the old OneNote for Windows 10 after October 14th?

My organisation needs me to use the old OneNote for Windows 10 and it needs to keep syncing to the cloud, but Microsoft is removing support for it and making it read-only after October 14th. Is there any way I'd be able to keep using the old one after the change? I have done some research and it seems I probably wont be able to suppress updates to the app, as it would likely still stop syncing to cloud. Any help would be greatly appreciated :)

https://redd.it/1msnexo
@r_systemadmin

Читать полностью…

Reddit Sysadmin

Copilot 365 testing and user help

I am beginning to test copilot with our company and in our test group one of the users who has same permission groups and settings and confirmed licensed is not able to get copilot to read or access her outlook . She also isn’t able to use it in OWA . Since she has same settings and all as others I can’t figure out why ?

Also in copilot she doesn’t show the work/web tab at the top.


Thanks for any suggestions as even all the suggestions I was given in copilot didn’t help

https://redd.it/1msgk38
@r_systemadmin

Читать полностью…

Reddit Sysadmin

Is it me or are you finding the new generation of techs have little to no troubleshooting skills?

We are mainly a windows shop. I always hope when new positions are filled they know the basics.

1. Basic commands in command prompt.
2. How to open a log file at the very least.
3. At least heard of sysprep.

Why am I constantly disappointed? Tell me your stories of disappointment to cheer me up please

https://redd.it/1msakpy
@r_systemadmin

Читать полностью…

Reddit Sysadmin

"Receive updates for other Microsoft products" through GPO

Hi, I'm trying to activate "Receive updates for other Microsoft products" through GPO on a domain-joined device:

1. I checked the box "Install updates for other Microsoft products in the policy "Configure Automatic Updates" (... Windows Components -> Windows Update -> Manage end user experience)
2. I created the value AllowMUUpdateService = 1 in HKLM\\SOFTWARE\\Policies\\Microsoft\\Windows\\WindowsUpdate\\AU
3. In "Configured update policies" on a targeted device I see "Get updates for other Microsoft products" is set to 0, but I can't find out where that comes from (already tried to dig into gpresult)
4. To test I also enabled "Enable optional updates" in ... Windows Components -> Windows Update -> Manage updates offered from Windows Update, though this only seems to affect the behavior of "Get the latest updats as soon as they're available" (which I actually would prefer to be force disabled anyway)
5. The policy reaches the device and works, meaning that other settings from the same policy are applied
6. No WSUS is configured

Thanks for any advise.

PS. No screenshots allowed? Too bad, would probably help.

https://redd.it/1ms3s5c
@r_systemadmin

Читать полностью…

Reddit Sysadmin

Class action lawsuit filed against Otter ai

Interesting to see legal action related to the sketchy tactics used by otter.ai to spread virally: https://www.npr.org/2025/08/15/g-s1-83087/otter-ai-transcription-class-action-lawsuit


Curious what folks think - is legal action valid here?

https://redd.it/1mrz4sd
@r_systemadmin

Читать полностью…

Reddit Sysadmin

osquery processfileevents returns nothing

Hi everybody, I'm working on a thesis about system administration/cybersecurity and my professor wants me to use osquery for rocess auditing and file integrity monitoring.
I apologize if this is not the right subreddit, I know there is a dedicated one to osquery, but this is much bigger and I was hoping to find more help.

Anyway, one of my assignement was to monitor the /etc/sudoers file, and my idea was to use the process_file_events table since it gives information actions on the file and the process which performed that operation, but it returns always blank. The tables process_events and file_events work fine so it is not a problem of audit, pub/sub. It may be a problem of flags, but on the official documentation or on blogs/forums online I find nothing newer than mines, which are the following (i did not include events_expiry and events_max in this):

osqueryi \
--verbose \
--disableaudit=false \
--audit
allowconfig=true \
--audit
persist=true \
--auditallowprocessevents=true \
--disable
events=false \
--auditallowfimevents=true \
--enable
fileevents=true

ran, of course, with superuser privileges.
Whereas the configuration file is this:

{
"schedule": {
"ssh
logins":{
"query": "SELECT FROM user_events WHERE path LIKE '/usr/sbin/sshd';",
"interval": 300
},
"sudoers_monitoring":{
"query": "SELECT
FROM fileevents WHERE targetpath LIKE '/etc/sudoers%';",
"interval":300
}
},
"filepaths":{
"sudoers":[
"/etc/",
"/etc/sudoers.d"
]
},
"file
accesses": "sudoers"
}

I usually try by command line first and with the daemon later, and the result is always the same, so there is not a difference in behaviour.
I'm currently working on Debian 12, but sometimes I tried it on Ubuntu 24.04 too; the version of osquery is the 5.18.1.

I don't know to proceed, I tried every flag possibile, there isn't much material online from 2023 onwards.
I have seen though that in the past there have been many issues with this table and I' like to know if these bugs are still in existence.

Does anyone know how I could solve this problem? If I cannot get the table to work properly, how could I join other tables to put together the right informations?

Thank you all in advance

*EDIT: the verbose messages show no warnings or errors, indeed the print this message:
I0816 12:27:30.478456 9500 eventfactory.cpp:390\] Starting event publisher run loop: inotify
I0816 12:27:30.478528 9498 eventfactory.cpp:390\] Starting event publisher run loop: auditeventpublisher
I0816 12:27:30.478590 9495 auditdnetlink.cpp:372\] Attempting to configure the audit service
I0816 12:27:30.478618 9495 auditdnetlink.cpp:400\] Enabling audit rules for the process_events (execve, execveat) table
I0816 12:27:30.478623 9495 auditdnetlink.cpp:427\] Enabling audit rules for the process_file_events table

https://redd.it/1mrvsnj
@r_systemadmin

Читать полностью…

Reddit Sysadmin

IT Documentation What's new?

Hey everyone,

I'm a longtime lurker who recently landed my first IT role at a small company. I'm still getting the hang of business IT, and my manager has tasked me with finding a better way to manage our documentation store. He thinks my fresh perspective might help, as he feels a bit stuck in his old ways.

I've tested a few open-source/free tools like Confluence and Read the Docs, but I'm not a fans with them. We hesitant to go with paid or cloud ones due to the sensitivivity of some of our documentation (no passwords stored, though) and my manager's concerns about price hikes and security risks with monthly subscriptions.

Right now, we store everything on a file server as Word, PDF, and .txt files, which makes finding anything a pain.

Any suggestions would be greatly appreciated! Please remove if this isn't allowed as I'm sure many like this get posted (tried posting few days ago but this new account)

Thanks!

https://redd.it/1mrq9mu
@r_systemadmin

Читать полностью…

Reddit Sysadmin

Seeking structured Windows learning resources and roadmap for sysadmin/cybersecurity

Hi everyone,

I’m trying to learn Windows deeply, with a focus on sysadmin and cybersecurity tasks. I want to understand practical Windows internals, like:

Filesystem structure

Registry

Task Scheduler

Permissions, services, and processes

CMD and PowerShell for administration


The problem is that most resources I’ve found are either too basic, too advanced, or scattered. Official docs cover everything but aren’t organized in a step-by-step, practical way—there’s nothing like Linux Journey for Windows.

I’m looking for structured, hands-on guides, tutorials, or courses, ideally with a recommended learning order or roadmap so I can progress from beginner to intermediate/advanced in a practical way.

Any suggestions would be greatly appreciated!

https://redd.it/1mrp4yc
@r_systemadmin

Читать полностью…

Reddit Sysadmin

Do you manage fiber & has fiber training been useful?

Our org uses fiber to interconnect buildings - we have between 40 and 50 active fiber connections. The longest being about 3 miles - all buried, most in conduit.

Since I've been here we've only had 2 issues with fiber (beyond a damaged fiber patch cable that we could easily replace.)

The first is when we had a mouse get in one of our fiber boxes and broke all the strands - we paid a company to cut and fuse new ends on - i don't remember what we paid, i think it was under $1k. The second time, a (fiber) vendor was doing work, surveying a handhole to verify fiber for a new buildout - when he closed it, he pinched and broke an active strand. He fixed it. We've had other fiber work done - I've helped relocate fiber patch panels, We've had vendors pull and terminate fiber in new buildings.

What prompted me to look is I recently had to replace an open rack with an enclosed one & getting the fiber patch panel in the new one gave me a few more gray hairs because I would not be able to fix it if i broke something. I can fix or figure out low voltage cabling, but I'm a bit of a novice nor do i have tools to deal with fiber.

I did a quick google search & found a local college that has a one week fiber program, expensive at just over $3k. Wondering if this would be overkill and instead just ask for a fusion splicer kit & wing it. I have the most experience with fiber on the team so if I can't figure it out, we call a vendor.

https://redd.it/1mrc647
@r_systemadmin

Читать полностью…

Reddit Sysadmin

Help upgrading to Windows 11 Pro at my school

I apologize if this isn't the right place to post this, but I'd really appreciate any help you can give, even if that's just pointing me toward the right sub.

I'm an English teacher at a small high school. Since we can't afford to hire an actual Sysadmin or IT person, they've asked me to be the "tech coordinator" this year since I'm "good with computers," but I've got no background in tech whatsoever...

The math dept. recently ordered what they thought were 30 new Chromebooks, but it turned out they're PCs with Windows 11 Home on them. We need them to have Pro so they can be added to our domain.

We do not have an established relationship with any Microsoft partner/reseller as far as I know, and I've tried contacting Microsoft partners on the MS website, but they're all saying they don't do one-off sales.

So my question is: Where can I buy a volume license for Windows 11 Pro to upgrade these PCs? Is that even an option for such a small number? Or do we have to start a relationship with a MS partner/reseller? Do we just have to bite the bullet and buy a bunch of single licenses? Or should we just return them?

Again, I appreciate any help you can give. I'm in way over my head.

https://redd.it/1mt1128
@r_systemadmin

Читать полностью…

Reddit Sysadmin

Sysadmins - post your backpacks!

What backpacks do you all use? What’s in them?

https://redd.it/1msxp20
@r_systemadmin

Читать полностью…

Reddit Sysadmin

It’s my turn

I did MS Updates last night and ended up cratering the huge, the lifeblood of the computer sql server. This is the first time in several years that patches were applied- for some reason the master database corrupted itself- and yeah things are a mess.


So not really my fault but since I drove and pushed the buttons it is my fault.

https://redd.it/1msyetr
@r_systemadmin

Читать полностью…

Reddit Sysadmin

Share SMB to computer but not user

Is it possible to share an SMB so that scripts running as NT System for domain computer objects have access, but a non admin domain user who logs onto the PC does not have access?

I'm going to try on Monday the obvious set the user permissions to deny and set the computer permissions to allow, but wanted to post in case someone has done this

Edit: for context, I've inherited a system with an SMB that had everyone read/write including generic public use accounts. I've already set the generic accounts to read only, but I was looking at cleaning this setup up further

https://redd.it/1msr2gt
@r_systemadmin

Читать полностью…

Reddit Sysadmin

BackOff pod/nginx-prod Back-off restarting failed container
46m Warning Failed pod/nginx-prod Error: OOMKilled

✅ Found your problem: nginx-prod is getting killed for using too much memory
💡 Try: kubectl describe pod nginx-prod -n default


# For the "juniors won't learn" concern:

$ ask "show memory usage" --learn

📚 Command Breakdown:
free -h

• free - Display memory usage statistics
• -h - Human readable format (GB/MB instead of bytes)

💡 Related concepts:
• Virtual vs Physical memory
• Buffer/cache vs actually used memory
• When to worry about memory pressure

📖 Want to learn more? Try: man free


# What makes this different from "just use ChatGPT":

* **Actually local** \- works in air-gapped/secure environments where external AI is blocked
* **Curated commands** \- no hallucinations, just vetted syntax patterns
* **Instant response** \- no API calls, sub-second results
* **Context aware** \- understands your environment and suggests appropriate flags
* **Educational** \- designed to teach, not just execute

# I built a quick demo page: [praxis.hezico.com](https://praxis.hezico.com/)

Shows the full flow with a realistic 3AM incident scenario.

# The honest questions I still have:

1. **Would you actually use this?** Or is the learning curve of a new tool not worth it?
2. **Security teams**: Would you approve a local-only tool vs external AI assistants?
3. **For complex environments**: How important is customization vs out-of-the-box commands?
4. **Pricing model**: One-time purchase, subscription, or freemium?

# What I'm building next:

* **Alpha version** with 100+ common DevOps command patterns
* **Custom command support** \- add your own organization's specific commands
* **Audit logging** \- everything gets logged for security/compliance
* **Plugin system** \- extend with your own command databases

If you want to try the alpha: [praxis.hezico.com](https://praxis.hezico.com/)

Looking for 50-100 DevOps/SRE folks who deal with this pain daily and want to test it in real environments.

**TL;DR**: Took your feedback seriously. Built confirmation prompts, explanations, educational mode, and local-only processing. Still think it's stupid? Let me know why.

*Thanks to everyone who gave honest feedback on the original post. This is way better because of your input.*

https://redd.it/1mso7au
@r_systemadmin

Читать полностью…

Reddit Sysadmin

UPDATE: 24 hours later - built the terminal assistant you told me to build

Hey r/sysadmin!

Yesterday I asked about building a local terminal tool for plain English commands. You gave me brutal (helpful) feedback. Today I have a working demo.

# What you demanded, what I built:

"Don't auto-execute, show me the command first" → Done
"Explain what each part does so people learn" → Added --learn mode
"Make it actually local, not another ChatGPT wrapper" → Curated command database
"Prove it works with a real example" → Live demo at praxis.hezico.com

# Here's what 24 hours of coding looks like:

Built a visual terminal demo showing exactly how this would work - you're troubleshooting a container that keeps crashing at 3AM.

The animated walkthrough shows:

Plain English: "which container keeps restarting and why"
Tool analyzes and suggests kubectl diagnostic commands
Safety prompt: "Execute this safe, read-only diagnostic plan? \[y/N\]"
Shows realistic output finding the OOMKilled container
Demonstrates the --learn command that explains syntax
Shows the business value (faster resolution, air-gap friendly, etc.)

# The visual demo: praxis.hezico.com

60-second terminal animation showing the complete incident workflow and how the confirmation/explanation system works.

# What I learned from your feedback:

1. Security concerns are real \- so everything is read-only diagnostics first
2. Learning curve matters \- so there's explicit explanation mode
3. Trust is earned \- so I show exactly what commands run and why
4. Context matters \- so it suggests logical diagnostic approaches

# Current status:

✅ Working visual demo showing the interaction model
✅ Waitlist to gauge interest and validate demand
🔄 Building the actual CLI tool based on this design
🔄 Adding more command patterns (Docker, systemd, networking, etc.)

# Still want your input:

1. Watch the demo \- does this interaction model make sense?
2. What command scenarios should I prioritize? (Docker debugging? Log analysis?)
3. Would your security team approve this approach vs external AI tools?

If this resonates: praxis.hezico.com \- join the waitlist to stay updated on development

Thanks for the reality check yesterday. This concept is way better because you told me what was broken.

24 hours from idea to concept demo. Worth building the real thing?\# UPDATE: Built the terminal assistant based on your feedback - here's what changed

Hey r/devops and r/sysadmin!

A few days ago I asked about building a local terminal tool that converts plain English to commands. Got tons of feedback (some brutal, all helpful) and spent the weekend building based on your suggestions.

# What you told me to fix:

"Don't auto-execute commands, that's dangerous" ✅ Fixed
"Show the command and explain what it does" ✅ Fixed
"This will make juniors dumber" ✅ Added --learn mode
"What if something breaks and they don't understand it?" ✅ Read-only commands first
"It's just a ChatGPT wrapper" ✅ It's a curated local database, no LLM calls

# Here's what it actually looks like now:

$ ask "which container keeps restarting and why"

🔍 Searching local command database...

📋 Suggested Command:
kubectl get pods --all-namespaces | grep -v Running && kubectl get events --sort-by=.metadata.creationTimestamp

📚 Explanation:
• kubectl get pods --all-namespaces - List all pods across namespaces
• grep -v Running - Filter out healthy running pods
• kubectl get events - Show recent cluster events
• --sort-by=.metadata.creationTimestamp - Sort events chronologically

⚠️ This is a READ-ONLY diagnostic command. Continue? y/N


> y

🚀 Executing...

nginx-prod 0/1 CrashLoopBackOff 47 3h
redis-cache 0/1 ImagePullBackOff 12 1h

Recent Events:
47m Warning

Читать полностью…

Reddit Sysadmin

Can I share a nfs mount via smb

Hi, first time posting.

I have read about this topic and only found post on the Internet where people try to share the same folder via nfs and smb from one system.

My question is can I have a central storage exposing nfs mounts and mount them on different linux boxes (all via nfs) and then share them from there with smb in different scurity levels (smb1,smb2,smb3) depending on client.

Storage <-nfs->proxys<-smb->clients

Thanks for taking your time to read and maybe answer.

https://redd.it/1msm3vx
@r_systemadmin

Читать полностью…

Reddit Sysadmin

Troubleshooting - What makes a good troubleshooter?

I've seen a lot of posts where people express frustration with other techs who don't know troubleshooting basics like checking Event Viewer or reading forum posts. It's clear there's a baseline of skill expected. This got me thinking: what, in your opinion, is the real difference between someone who is just 'good' at troubleshooting and someone who is truly 'great' at it? What are the skills, habits, or mindsets that separate them?

https://redd.it/1msbw16
@r_systemadmin

Читать полностью…

Reddit Sysadmin

What do you automate restore/reinstall software packages?

I have this small office I am looking after, just 5 varicose machines.
Once in a while the likes me to do fresh windows reinstall. It’s all fine but the reinstall of all the software package(Adobe, Corel, printer drivers and soft etc and configuration take the major effort and time.
MDT seems like an overkill and by the time you use painstakingly created image it’s all outdated and you are left with a lot of upgrades. I might as well just create an image of the whole sys partition. Or is this atill a preferable way to do it nowadays? What do you use it for it nowadays? I made images through the windows OS own tools but both images failed to restore. Otherwise that would be ideal I guess.

https://redd.it/1mrzfzl
@r_systemadmin

Читать полностью…

Reddit Sysadmin

Any other monitoring engineers here? What is our job outlook?

I’ve been working at a Fortune 500 company here in Ohio for the past 17 years. My current role, past 7 years, is a Senior Monitoring Engineer. This includes not just monitoring servers and networks but application performance as well plus providing tier 3 support on app and or network troubleshooting calls. There’s tool admin responsibilities as well.

It’s been busy at times to say the least but I do wonder how long I can ride this job out. We are starting to leverage some AI features in tools, some of it’s good some bad of course. As of now none of it makes me think “I’m going to be replaced”. Thank you AI tool for telling me my app is now responding 2ms slower on a random Monday…that doesn’t help much. Data Dog, Dynatrace, App Dynamics, Nagios, and Splunk are a few tools I regularly use. I’m also the admin for some of these tools.

My salary stands at $120k + benefits which are fairly good, WFH 4 days a week and in the office 1 day, 6 weeks of vacation, minimal on call, 40 hour average work weeks.

Overall I’m happy but wanted to see if there’s anyone else like me out there in a similar role and how things are going where you are at. If so what are some if any trends you are seeing in this space? At this point this speciality area of IT is all know. One good thing about the monitoring space is you do get exposed to a lot of different technologies as you need to support them in regard to alerting, data analysis, and troubleshooting.

https://redd.it/1ms4j5v
@r_systemadmin

Читать полностью…

Reddit Sysadmin

What actually happens when DMARC is set to "reject" on my end?

DMARC gives a definition what should happen to e-mails that do not meet the other security standards but what should actually happen if I put anything but "none" as the policy? I know they represent stuff that should be reported as forensics but who creates these and where do these reports go? Do I even need to do anything if I set the policy to "reject"? I will sure as hell not read any reports and I would rather not install yet another toolkit to create an manage these reports. Is a DNS entry with the policy "reject" enough to meet gmail standards? They say there are issues with our mails but the category they report as "non-compliant" is SPF and DKIM which are reported as compliant by other test websites. We use a self hosted mail system using classical postfix + dovecot + opendkim to power some other self hosted services that require a mailbox but recently gmail started to reject our messages, even though we do not bulk send anything.

https://redd.it/1mryots
@r_systemadmin

Читать полностью…

Reddit Sysadmin

15 years experience as a sysadmin. I'm being moved from server support to workstation support. Not sure how to feel about this.

Changes are coming, and I had to vent somewhere.

I started as a junior sysadmin 15 years ago straight out of college, working with Windows 2008. I expanded my skills over the years to anything related to Windows Server, AD, server hardware, backups. Eventually I focused on virtualization, VDI, Cisco UCS, hyperconverged platforms, with some Ansible, storage, networking, firewalls, etc thrown in.

I started my current job 2 years ago as part of the Infrastructure team. It's a medium sized company, but our team is lean: one AWS/GCP SME, one Linux SME, and one Windows SME (me).

During my time here, leadership has moved almost everything into the cloud, with very little remaining on-prem. If there's a SaaS solution, we get it. 400 server VMs is down to 30, with plans to move the rest to AWS. 800 VDI is now 100, with plans to migrate to a DaaS solution. OKTA has already replaced AD for identity. Our colo contract is up in a year, with no plans to renew. You get the picture.

I was told on Friday that the Infra team will be disbanded by end of year: no need for an Infra team if there's no infra to manage. My two teammates will be moved to different application teams that manage their own apps in AWS. I was asked about how I'd feel moving to the client support team. They manage 3000 Macbooks (no Windows).

On the one hand, I'm glad they aren't letting me go, and are actively trying to find a use for me. I hear the job market is brutal. My pay will remain the same, so I'll be obscenely overpaid for managing a bunch of Macbooks.

On the other hand, working with MDM, managing OS updates, tracking laptops, and deploying application packages, is not something I am interested in at all. And I dunno...it feels like a demotion in some way.

But work is work, and I got mouths to feed. So here we are.

https://redd.it/1mru0x9
@r_systemadmin

Читать полностью…

Reddit Sysadmin

2025: Do Active Directory and Linux play well?

Alright SA Gang;

My punishment for helping out with Ansible automation efforts seems to be more SA work.

We have a mix of RHEL 7-9 and Oracle Unbreakable.

These systems have always been kept away from the end user/Microsoft side of the house with no central auth, and now that is changing. Our CISO has mandated we move everything to AD and MFA.

It's 2025, are there any major issues or caveats when doing a realm join? It's been a hot minute since I've had to work with AD but I'm assuming I can ask the Windows folks to create an OU for our machines and join them to the domain?

Is anyone using iDM with RSA tokens or ubikeys?

https://redd.it/1mriaq1
@r_systemadmin

Читать полностью…

Reddit Sysadmin

Can My Hobbyist Skills Be My New Career as Sysadmin?

I am in my early 30s, married with children.

My professional and academic background is not directly in the technology sector. As a law graduate, I previously worked as a project manager before circumstances led me to the restaurant business.

The world of technology, particularly software, has fascinated me since an early age. However, despite having attempted to learn, I am not a programmer or coder.

With that said, I am well-versed with operating systems like Windows and Linux, as I enjoy tinkering with systems. I am also comfortable using the command line, so a lack of a GUI is no problem.

I am also adept at troubleshooting hardware issues. In my personal life, I am the go-to person for friends and family when their gadgets malfunction.

I have read somewhere in a megathread that Google-Fu (or the ability to search for solutions and filter out the trash) is quite important. I believe I possess this trait as well.

I wanted to make a career out of my hobby, and after some research, the role of a Sysadmin came up more than once. So far, I have learned that for someone with my background, I should start with certifications like CompTIA A+ and perhaps RHCSA.

My questions are:
1. Apparently, the profession of Sysadmin is a senior position. How should someone with my background get started?
2. What was your experience getting into the profession, and how are you doing now?
3. If you had to do it all over again, would you?

I thank you for your time.

https://redd.it/1mrmgvf
@r_systemadmin

Читать полностью…

Reddit Sysadmin

Experiences with outsourced IT management?

Company is going to be bringing in an MSP to handle IT management. Haven't had stable management for a year now. Not entirely sure how to feel about it.

Anyone else who had external management come in, how did it end up?

https://redd.it/1mri0c6
@r_systemadmin

Читать полностью…
Subscribe to a channel