-
Reddit SystemAdmin. Thanks @reddit2telegram and @r_channels.
Recovery partition keeps reappearing in File Explorer after removing drive letter - tried everything
I have a 1GB recovery partition on my Windows laptop that keeps getting assigned a drive letter (D:) and showing up in File Explorer every time I restart, even after I remove the drive letter.
**What I've tried so far:**
1. **Removed drive letter via Disk Management** \- comes back after restart
2. **Changed partition type ID via DiskPart:**
​
set id=de94bba4-06d1-4d40-a16a-bfd50179d6ac
1. **Set GPT attributes:**
​
gpt attributes=0x8000000000000001
1. **Both methods combined** \- still reappears after restart
**My setup:**
* Disk 0: 476.92 GB
* Partition 1: 100 MB EFI System
* Partition 2: 16 MB Reserved
* Partition 3: 475 GB Primary (C:)
* Partition 4: 1024 MB Recovery (keeps showing as D:)
Has anyone else dealt with this? What am I missing? I want this recovery partition to stay hidden permanently.
https://redd.it/1p4p8mu
@r_systemadmin
What’s your guys top Christmas wishlist items?
Looking for inspiration for this holiday season.
Looking for something cool/useful for both work and play. I feel like the cool tech of the last couple decades are slow and boring now.
Looking for some cool fun tech! That’s also useful potentially.
https://redd.it/1p4dvb4
@r_systemadmin
Ahhh Hell Nah - Copilot Authoring PowerShell Core
Copilot is not only authoring commits, but whole PRs on the PowerShell Engine:
\- https://github.com/PowerShell/PowerShell/pull/26443
https://redd.it/1p4drh9
@r_systemadmin
mariadb vs mysql
We run both of these, seemingly at random and we need to pick one and standardize. Which do you run and why?
https://redd.it/1p4bunv
@r_systemadmin
Do you content filter guest WiFi?
We have guest WiFi that a few thousand random users use per day.
How do you filter it? We want to allow low on-boarding friction to provide a good user experience, but the high-friction methods provide better filtering. We are legally supposed to filter out certain types of porn and other illegal sites, where I work, but the law is slightly ambiguous on how strong-armed the filtering has to be, so most entities have taken the stance of "best effort."
What we have done:
1. At the IP-level, we have blocked the top 30 or so public IP revolvers (Google, Cloudflare, Quad9, etc.).
2. Heavily filtered sites in the DNS resolver we provide to clients via DHCP.
3. Used some of Palo Alto's IP lists to block some sites at the IP level if there is 1:1 relationship (this does not do much these days, admittedly).
Are there any other best-effort things I have forgotten to do?
https://redd.it/1p3yzfz
@r_systemadmin
Azure File Shares now support kerberos for entra only in preview
https://learn.microsoft.com/en-us/fslogix/how-to-configure-profile-container-entra-id-hybrid?pivots=hybrid-identities
I'm currently running an AVD setup using the Nerdio storage key injection workaround, and so far so good. Mostly for Intune only computers to run Remote Apps, a few teams use privileged desktops, like for database access.
With AVD you can schedule your session hosts to allocate off and on as needed. Same with things like Azure SQL or other back end systems.
I know everyone has their thoughts on cloud, but this basically means that SMBs don't need to run anything 24/7. Your entire infrastructure can allocate on and off on demand or schedule. If you're a 9-5 company this might mean pausing compute for 50% of the year. On-prem is a hard sell over that capability.
I guess the last big hurdle is SMB shares. Not sure we will see an Entra-only workaround for that any time soon, but Entra DS is not so bad if SMB is your only requirement.
https://redd.it/1p3voik
@r_systemadmin
Is there any DLP that’s designed specifically for AI applications?
What I mean is checking at the prompt level by not just blocking but semantically assessing the prompt against policies (e.g. no PII, relevance, etc.) before letting it through
https://redd.it/1p3t826
@r_systemadmin
Rant: "I'm not technical" is not a badge of pride
When I started in the industry users didn't do computers at school and the home computing revolution hadn't begun, so "I'm not technical" was perhaps a valid claim
Fast-forward 35 years and this phrase is still being said and as if it's a badge of pride.
There are not enough swearwords in the universe to describe what I want to say...but I am sure I am not alone in thinking in '25 ...it should actually be followed by "and I need to fix that"
https://redd.it/1p3rlkq
@r_systemadmin
Stuck in the land of zero motivation
Making this hoping it'll boost me toward getting back in IT and building up my resume.
Took this leap of faith by following my wife overseas and putting pause on my career so we can experience living in Europe. I didn't think it would be too hard to find work but with the government shutdown, adjusting to life here, and realizing the lack of job opportunities have burnt me out on looking for work or even looking at anything IT related. Going from dream job to part time babysitter sucks.
I bought a raspberry pi in hopes of doing projects and built a pc that should handle mini projects but I haven't had the motivation of trying to do anything with it. I've just given up on working on things with the minimal job opportunities/lack of true worth of spending time on a project.
But I've realized I can't just sit here and let time past so here's to getting back to the grind with projects then certifications. Maybe I'll get lucky and find a tech job somewhere...
Good luck to me and anyone else needing that push to keep going.
https://redd.it/1p3eq35
@r_systemadmin
Hired into company with near-zero IT infrastructure, tasked with bringing them up to speed
Edit: Wow! Didn't expect the support I've received so far! Thank you all!! Happy to be "joining" this community and can't wait to pay it forward.
Hi! Up front - I know I am probably in over my head, but hoping to focus less on that and more on what I CAN do! Try not to roast me too hard haha.
That said, I am a BIM Manager by trade that was hired into a 30-40 person AEC company to fulfill both that role and some/all of their IT requirements. They currently don't have an IT staff besides me now, but they do have some BIM folks, so my focus is more on the IT side at the moment. I do have fairly extensive experience using KACE for endpoint management, handling software deployments, GPOs, scripting, and I'm pretty well versed in hardware, networking, etc., since these are all things I had to do in my past role. I interfaced with our IT team frequently and like to think I speak the language.
However, I'm moving on from that and into a company with no endpoint management and where every computer has the same password (*dies*) for ease of access haha. Quite different. Their networking was handled by an outside consultant, so it's fairly robust, and they have what I would consider the essentials in place in that regard (hardware firewalls, VPN, etc.). Hardware-wise we're doing OK. The most tech savvy person here has been in charge of getting folks computers and such by running to Microcenter. No other setup is done really. He has been doing a great job of maintaining an Excel log of everything as well, but definitely not the best format for this sort of thing and certainly not "live".
I feel like my first step towards being able to get us compliant with some basic cybersecurity requirements, as well as being able to effectively distribute software, fixes, scripts, policies, etc., is to get us on Microsoft 365 Business Premium and rolling out Microsoft Intune. It seems like Intune is pretty well regarded and will help me check a ton of boxes in terms of bringing us up to speed, and it integrates well with the Microsoft 365 suite we already have. But I know that I don't know what I don't know.
Any other essentials I should be working towards immediately for a company starting from zero? Anything Intune doesn't handle well that would be better done by something else? Eventually I will be tasked with moving us towards CMMC Level 2 (NIST 800-171) compliance, but I know I need to walk before I can run and that is a wayyyyys off.
Thanks for all of your help!
https://redd.it/1norpd1
@r_systemadmin
Someone just learned how to use ChatGPT
We have a massive addition being done to the service shop at one of our locations. Construction has been underway for months and is (hopefully) going to be done by the end of the year. I've been in the majority of meetings with the contractor to make sure IT needs are covered.
Cut to today. I get the following email from a random service manager at that location:
>Good afternoon, nlbush20.
>
>I just wanted to touch base and see if there were already some plans/approvals for WAPs in the new building. I want to make sure that the heatmaps for the WAPs provide enough coverage to include factors such as interference from infrastructure yet at the same time not oversaturate, as this could create its own problems. Also, wanted to make sure that they will mesh in with the current WAPs in the existing structure, so we do not lose a connection going from one side of the wall to the other. With us relying heavily on remote troubleshooting connection session I need to make sure that we have adequate throughput speeds and that our firewall and network switch can accommodate the additional porting.
>
>Your thoughts when you have time. Please and thank you! Much appreciated!
Gonna go out on a limb and say someone just showed him what ChatGPT is, and he believes that he has just crafted an extremely intelligent question/statement.
Thanks, buddy. We've got it covered.
https://redd.it/1not4s2
@r_systemadmin
US Government: "The reboot button is a vulnerability because when you are rebooting you wont be able to access the system" (Brainrot, DoD edition)
The company I work for is going through an ATO, and the 'government security experts' are telling us we need to get rid of the reboot button on our login screens. This has resulted in us holding down the power or even pulling out the power cable when a desktop locks up.
I feel like im living in the episode of NICS where we track their IP with a gui made from visual basic.
STIG in question: Who the fuck writes these things?
https://stigviewer.com/stigs/red\_hat\_enterprise\_linux\_9/2023-09-13/finding/V-258029
EDIT - To clarify these are *Workstations* running redhat, not servers. If you read the stig you will see this does not apply when redhat does not have gnome enabled (which our deployed servers do not)
https://redd.it/1nomec1
@r_systemadmin
Trying to pick a SASE vendor, what’s your experience?
Hey everyone,
We're currently evaluating different Secure Access Service Edge (SASE) providers and are finding the marketing materials a bit... generic. Has anyone here had practical experience with a few of the major players? I'm curious about the actual day to day usability, especially concerning things like integration complexities, management console intuitiveness, and the overall performance in a real world environment.
Specifically, what are some of the hidden costs or unexpected challenges you've encountered? Were there any features advertised that didn't quite live up to expectations? Any insights you could share on different vendor strengths and weaknesses would be invaluable.
https://redd.it/1nogvjr
@r_systemadmin
Is it just me or a "sys admin" now needs to be licensed in literally everything in existence and beyond nowadays JUST to be employed with an inhumane workload?
I can't even get a job that doesn't require 5 different certifications with 10 years of experience. What the fuck is this? I was an intern for 2 weeks once and they asked me to do literally everything related to the IT department, including programming. I had to speedrun python while managing the entire server alone. I didn't get a position, obviously. Couldn't keep it.
Honestly I'm a labyrinth right now, continuing studies and trying to get more licenses like the Oracle Databases one which is apparently important for most jobs I've seeked.
https://redd.it/1nocs17
@r_systemadmin
Google indexed my website under a different domain (boot-phone.com) — why does this happen?
Hi everyone,
I’m facing a strange issue and I’d really appreciate your advice.
My actual website is (running in a Docker container with Apache, behind an Nginx reverse proxy + Let’s Encrypt).
But recently I discovered that some random domains like `boot-phone.com` and `mail.kulturplaner.org` were showing my website content — even though I never configured these domains.
When I checked Google Search Console, I found that Google did not index my real domain . Instead, it indexed the duplicate domain (boot-phone.com) as the canonical version of my content.
I have since fixed my Nginx config:
Added strict `server_name`
Added a default_server block that forces 301 redirects for all other domains → my Domain
Now my questions are:
1. Why would someone point their domain to my server IP?
2. What benefit do they get from this? (SEO spam, phishing, something else?)
3. Could this have damaged my SEO since Google indexed the wrong domain instead of mine?
4. Now that I’ve forced 301 redirects, am I safe?
5. Is there a way to monitor if new domains start pointing to my IP in the future?
Thanks a lot for your help!
https://redd.it/1nob3xq
@r_systemadmin
IT ops and sysadmins. What would your ideal office include?
A rare chance has come up. I am planning the layout for a brand new space for our IT team of 18 that we will move into next year. What features, amenities, and tools do you wish your office had. I am also toying with a small decompress corner using a modular floor sofa that can switch from quick huddle seating to a short rest between imaging cycles https://adorncroft.com/product/french-daybed-sofa-evan/?utm\_source=reddit&utm\_medium=social&utm\_campaign=product&utm\_content=sysadmin
I am after ideas that are useful for the business and for quality of life.
Context. We image and service about 1,700 rugged field tablets for first responders, so devices cycle through the room often. Suggestions that account for staging, charging, and repair flow are very welcome.
https://redd.it/1p4gh1k
@r_systemadmin
What makes a good sysadmin?
What do I have to do and need to know to be a sysadmin? I'm currently still new to the IT field, but I know I want to be a sysadmin one day, but I don't think I fully know what it takes.
https://redd.it/1p4dptn
@r_systemadmin
Stepping back
Not even sure why I'm posting this other than I don't have anyone else to rant to.
I've been in IT since 1988. Got my start in the dealer channel back when there was such a thing. Been with a non profit for the last 15 years and I'm just burned out. I've watched things go down the tubes since Covid. Quality of the people being hired has gone down the toilet (talking about "regular" staff, not IT. Shit... I am IT except for the CTO.)
Currently putting out resumes for a lower level desk side support to help desk position. Don't give a shit about pay cuts. Just need to get through the next few years till I can file for SS.
The only reason I don't call it quits tomorrow is because my wife needs health insurance. I can get covered through the VA. She can't and she's not old enough to get medicare yet.
I used to love what I do. Now I'm just disgusted with the level of stupidity, apathy, and lack of respect for our profession that seems to permeate my company.
Thanks for listening to this old jarhead rant.
https://redd.it/1p4d5ev
@r_systemadmin
Why aren’t more companies feeding their internal docs/code into an internal RAG system?
One of the first things I thought of when ChatGPT went mainstream was what if it actually knew our internal docs?
I recently built a system that feeds our team’s wikis, docs, and code into a vector DB for RAG queries, and the feedback has been great. Next we’re planning to use it as the foundation for an agent that helps with ops.
What’s the reason your team hasn’t done this yet?
https://redd.it/1p42jsz
@r_systemadmin
WHFB + FIDO2 - looking at SCRIL
Users have an issued FIDO2 security key. They use this key to register WHFB and setup a 6 digit pin for WHFB (Cloud Kerberos trust).
Some users on shared workstations will use the FIDO2 key to avoid the (10) machine limit.
They are no longer using their password with Windows or Mobile and no 3rd party apps require the user of their password.
Sadly almost all machines are still hybrid joined - but going forward will be ENTRA only.
I want to start rolling out SCRIL and fine grained passwords but had some questions:
1. Can you still use LAPS with SCRIL? For UAC prompts?
2. Are you changing users passwords before turning on SCRIL? If so, do the users see anything different during login when this happens?
3. Once fine grained passwords is configured and SCRIL enabled - do users see anything on their end as these policies are taking place?
Thanks in Advance!
https://redd.it/1p3xub4
@r_systemadmin
What's the point of having VLAN tagging functionality for server management port (IPMI)?
To my knowledge, unless a port is a shared port (used by hypervisor), vlan tagging should be done on the switch, not by the node itself (IPMI).
My workplace supermicro server have the functionality to vlan tag the traffic going out of the IPMI port.
Why this functionality exists? What is the used for it?
https://redd.it/1p3t47c
@r_systemadmin
DRAM Prices - lol WTF?
You guys seeing this? I know it's slightly off topic of sysadmin stuff, but we do upgrade some systems with 1 year EOL left, take them from 16GB to 32GB just to get them through their final year in service before RPL.
So I decided to lookup the RAM kit I bought for my personal setup. A few days ago, I paid $219.99 at BestBuy. (Solid RAM low timings BTW).
2 Days ago it was $679.99 and today... well.... today it's $906.99.... yep, for 2x32GB DDR5 6400
This isn't 3rd party, it's retail at BestBuy - https://www.bestbuy.com/product/corsair-vengeance-rgb-64gb-2x32gb-ddr5-6400mhz-c32-udimm-desktop-memory-black/J39QHTC43T
Newegg also: https://www.newegg.com/corsair-vengeance-rgb-64gb-ddr5-6400-cas-latency-cl32-desktop-memory-black/p/N82E16820982255
Price Charts: https://pcpartpicker.com/trends/price/memory/
https://redd.it/1p3sbrq
@r_systemadmin
Microsoft 365 Local is Generally Available
Is anyone planning to investigate / deploy? It was promised a while ago as the ultimate answer to data sovereignty issues - as expected, looks like a fairly out-of-the-box Azure Local (formerly Azure Stack HCI) deployment of Exchange Server, SharePoint Server, and Skype for Business Server with a hardened security baseline and some cloud-based orchestrations. Not surprisingly there’s no on-premises Microsoft Teams functionality but this is still a disappointment. Useful or just another marketing innovation?
https://techcommunity.microsoft.com/blog/azurearcblog/microsoft-365-local-is-generally-available/4470170
https://redd.it/1p3q3td
@r_systemadmin
Why is r/ITCareerQuestions so much gloom and doom all the time?
You always see people posting negative shit like applied to 2000 jobs and no interviews. I see lots of good posts about people getting their first help desk job with no experience. We need optimism and hope. Every sub for nursing, lawyers, mechanics, etc has that kind of negativity and I hate it.
https://redd.it/1noxik1
@r_systemadmin
Password policy for 2025?
Out of the blue I get sent a password policy for review. We have already had a password policy in place for many years. Don't understand why someone thinks we need a new one.
The "new" policy is like walking backwards 10 years. There is no mention of biometrics, SSO and very brief mention of MFA.
What are others using for password policies these days, does anyone have a template to share?
https://redd.it/1norwci
@r_systemadmin
Drivers, drivers, drivers
Can someone explain to me why so many people are against pushing out firmware updates to enterprise equipment?
I’ve spent the last month updating PC / Laptop drivers that were years behind. Magically, our ticket volume has dropped by 19%.
Updated our network gear and magically everything is fine now.
What am I missing?
https://redd.it/1noq94o
@r_systemadmin
Laptops won't take image from server
I hope this is the right group and I'll try to keep this short. The company I work for recently bought new laptops to replace the old ones. We use PXE Boot to pull an image from our server using Windows Deployment Toolkit. The old ones worked fine, running Win 10, the new ones, running Win 11, connect to the server but always end in the same error: "A connection to the deployment share (local\server) could not be made. The following networking device did not have a driver installed. PCI\VEN8086&DEV550A&SUBSYS0CB91028&REV20". I don't believe the OS has anything to do with it but I felt it was important to mention it.
I may be wrong but I suspect a driver issue (probably obvious). The only thing is I cant find any driver other than the exe or msi files and those don't work.
The laptops are Dell Latitude 5550. Any help or advice would be greatly appreciated.
https://redd.it/1nogm7x
@r_systemadmin
Why is Unifi gear not suitable for enterprise?
Hi everyone,
I’m new here and still learning, hoping to break into the sysadmin field soon. Up to now, I’ve mostly been the “friends & family IT person,” but I really enjoy this work and want to understand the industry better.
I’ve noticed in many threads that UniFi gear often gets a bad rap for enterprise use. People seem fine with using their access points, but rarely recommend their gateways or switches for serious deployments.
Could someone help me understand why? On paper, UniFi advertises a full “enterprise” lineup with high-availability options and centralized management, so I’m curious why it’s often dismissed in professional environments. Are there reliability issues, missing features, or something else that makes admins stay away?
I’m not trying to start a vendor war - just looking to learn from real-world experience. Thanks!
https://redd.it/1nodkip
@r_systemadmin
Hey, I made an article about LVM
Hello folks,
I'm a junior Network Engineer and I have a few things running at home : about 25 vms & 25 containers, some storage & network equipements. I've recently started a blog of my own, documenting things, trying things and playing with my homelab.
I just posted my first article about LVM and migrating to it / using it and I would like to know what I could do better. Please be kind and keep in mind that this is my first one, thanks.
https://blog.interlope.xyz
If this is not allowed by the TOS (advertising is not allowed but i'm not here to sell anything, there's no ads or whatsoever, simply IT), please remove it.
Thanks for reading me
https://redd.it/1noc1x0
@r_systemadmin
Do you have any browser Zero Trust solution? need advice
600 employees, not very tech like company.. wondering if we should go for zero trust policy or should we find some other solutions in the middle. I would love to hear from those who have either fully embraced zero trust or found alternative approaches that actually work. including products to stay away from…
https://redd.it/1noa52n
@r_systemadmin