-
Reddit SystemAdmin. Thanks @reddit2telegram and @r_channels.
Anyone in legal managed to intune deploy Intapp Time?
I'm having an issue deploying the intapp time desktop client via intune. It requires admin rights so I install as system but then when a user tries to run it we get edgewebview2 errors about not being able to access the system profile.
https://redd.it/1s6swhr
@r_systemadmin
Open-source monitoring for windows and linux
Hi all,
What do you recommend for observability for classic server monitoring (linux/win) that is not to complex to get into (zabbix). I was running prtg until recently, monitored windows over wmi and Linux over snmp, some internal sites by using host headers and was pretty much satisfied with it. Now since we grew free prtg can't cover us so I need to find something. Checkm (paid) look like a decent replacement, did some testing with promethes which looks promising but shitty devs don't want add logging to their code so I can add loki in the mix so fuk em, I'll just monitoring legacy infra. I have few containers, no k8s (or plans to have it) so not sure which path to go with. Suggestions?
https://redd.it/1s6ynoj
@r_systemadmin
Omnissa Horizon on iOS with Smart Carder Reader not working
Has anyone ever been able to get omnissa to work with a smart card reader? I can confirm my certifcates are installed to the iPad as I can get to other DoD links like webmail, my pay.
I’m unable to use my agencies VDI because when I try to use omnissa, it never prompts me for my pin meaning it’s not checking for a smart card. Login fails.
Any ideas??
https://redd.it/1s6td55
@r_systemadmin
Career Advice, what options do I have?
Hi everyone, kind of stuck and figured I'd ask a bunch of people with more experience.
Little background on me, I broke into IT about 5 years ago working for a small nonprofit. I have a bachelor's degree, but it isn't related to IT in anyway. I did go back to school for about 2 years and took some cybersecurity classes, but did not graduate; my employer at the time paid for my education but obviously ceased once I quit. I also have no certifications.
At the nonprofit, it was just a two person show, me and my boss. My boss eventually quit and I was promoted to IT Manager. I was in charge of the entire on-prem infrastructure (and Microsoft365) and hired a helpdesk employee to assist. I did this for a couple of years before seizing an opportunity to work fully remote as a security engineer for another company, where's I've been for the last 6 months.
I'm not really sure where I should go from here. I make about $75k/year and live in a LCOL area so I don't struggle at all. However, I want to progress my career and make significantly more money. I'm just not sure what I should look into or lean towards; most of my knowledge has been learned on the job so there are definitely gaps in fundamentals and I feel like I know a little about a lot. I'm also mid-30s so I feel like I'm way behind and struggling with imposter syndrome. I guess I just need some insight on picking a direction to go towards and what other skills I may need. Any help or words of wisdom would be greatly appreciated.
P.S. my current job doesn't offer any kind of education reimbursement or leadership programs.
https://redd.it/1s6kgbt
@r_systemadmin
[`keylovely.com`](http://keylovely.com)
[`signalnoble.com`](http://signalnoble.com)
[`modernrudder.com`](http://modernrudder.com)
[`hubimportant.com`](http://hubimportant.com)
[`hedsmudgy.com`](http://hedsmudgy.com)
[`eserratic.com`](http://eserratic.com)
[`signalepic.com`](http://signalepic.com)
[`rebootclever.com`](http://rebootclever.com)
[`stellaraspect.com`](http://stellaraspect.com)
[`reformgenuine.com`](http://reformgenuine.com)
[`mollycollie.com`](http://mollycollie.com)
[`unitdecisive.com`](http://unitdecisive.com)
[`confidentfile.com`](http://confidentfile.com)
[`solidconsole.com`](http://solidconsole.com)
[`backupaching.com`](http://backupaching.com)
[`allyagile.com`](http://allyagile.com)
[`groundagile.com`](http://groundagile.com)
[`aaanature.com`](http://aaanature.com)
[`hurrysixfold.com`](http://hurrysixfold.com)
[`radiuschic.com`](http://radiuschic.com)
[`betterbooted.com`](http://betterbooted.com)
[`nickmammoth.com`](http://nickmammoth.com)
[`faingpush.com`](http://faingpush.com)
[`efficientfile.com`](http://efficientfile.com)
[`scepang.com`](http://scepang.com)
[`outputbold.com`](http://outputbold.com)
[`uniqrain.com`](http://uniqrain.com)
[`globecosmic.com`](http://globecosmic.com)
[`tollmonorail.com`](http://tollmonorail.com)
[`keyambitious.com`](http://keyambitious.com)
[`mutsjouble.com`](http://mutsjouble.com)
[`dolivestock.com`](http://dolivestock.com)
[`mitabashed.com`](http://mitabashed.com)
[`questagile.com`](http://questagile.com)
[`gridinventive.com`](http://gridinventive.com)
[`teseptum.com`](http://teseptum.com)
[`unitbacklash.com`](http://unitbacklash.com)
[`photonlush.com`](http://photonlush.com)
[`gupeak.com`](http://gupeak.com)
[`dawnhonest.com`](http://dawnhonest.com)
[`inessmoaner.com`](http://inessmoaner.com)
[`eradignified.com`](http://eradignified.com)
[`rebootnoble.com`](http://rebootnoble.com)
[`hubfearless.com`](http://hubfearless.com)
[`mirrorstellar.com`](http://mirrorstellar.com)
[`lobyeasiest.com`](http://lobyeasiest.com)
[`biresidea.com`](http://biresidea.com)
[`peakeager.com`](http://peakeager.com)
[`dieselblush.com`](http://dieselblush.com)
[`gesscreasing.com`](http://gesscreasing.com)
[`orbitrobust.com`](http://orbitrobust.com)
[`spobrink.com`](http://spobrink.com)
[`mundefeat.com`](http://mundefeat.com)
[`epslouching.com`](http://epslouching.com)
[`pulselogical.com`](http://pulselogical.com)
[`newsprogeny.com`](http://newsprogeny.com)
[`trendneat.com`](http://trendneat.com)
[`gaussreason.com`](http://gaussreason.com)
[`auspinning.com`](http://auspinning.com)
[`groundhonest.com`](http://groundhonest.com)
[`resspuny.com`](http://resspuny.com)
[`waveinventive.com`](http://waveinventive.com)
[`scancradle.com`](http://scancradle.com)
[`giftedgrid.com`](http://giftedgrid.com)
[`arenalogical.com`](http://arenalogical.com)
[`timecute.com`](http://timecute.com)
[`signalwinter.com`](http://signalwinter.com)
[`hopefulphase.com`](http://hopefulphase.com)
[`enrichedmode.com`](http://enrichedmode.com)
[`echobrisk.com`](http://echobrisk.com)
[`memorableera.com`](http://memorableera.com)
[`sumditto.com`](http://sumditto.com)
[`dismpress.com`](http://dismpress.com)
[`viewdwelled.com`](http://viewdwelled.com)
[`limonhave.com`](http://limonhave.com)
[`firmnovel.com`](http://firmnovel.com)
[`limabrethren.com`](http://limabrethren.com)
[`vectorcosmic.com`](http://vectorcosmic.com)
[`suslunch.com`](http://suslunch.com)
[`panelflexible.com`](http://panelflexible.com)
[`motionsleek.com`](http://motionsleek.com)
[`govecangling.com`](http://govecangling.com)
[`quileasiness.com`](http://quileasiness.com)
[`hubingenious.com`](http://hubingenious.com)
[`comyhangnail.com`](http://comyhangnail.com)
[`echodetailed.com`](http://echodetailed.com)
[`giftedremove.com`](http://giftedremove.com)
[`neatreform.com`](http://neatreform.com)
[`photonbold.com`](http://photonbold.com)
[`verunnerve.com`](http://verunnerve.com)
[`moantpromise.com`](http://moantpromise.com)
[`bercharacter.com`](http://bercharacter.com)
[`globe
Bulk Spam Network Utilizing Spaceship Registrations and Cloudflare DNS
I submitted the abuse reports via the registrar's designated abuse contact: abuse@spaceship.com
Nature of the Abuse:
An abusive entity is utilizing Spaceship (the registrar) to bulk-register multiple domains. These domains are systematically rotated and used daily to send a massive volume of unsolicited commercial spam emails. Furthermore, these emails contain fraudulent and deceptive "unsubscribe" links that do not function, deliberately trapping recipients and potentially serving as vectors for further malicious activity (such as phishing or tracking).
Evidence Provided:
To ensure the registrar had all the necessary information to take immediate action, I strictly followed Spaceship's published abuse reporting guidelines. I utilized an email interceptor to accurately capture the spam campaigns. I provided them with:
The raw, unaltered email source files in standard .eml format (containing full headers and routing data).
A comprehensive .csv file containing all specific data points required by Spaceship's abuse reporting policy.
Registrar's Inaction and Failure to Mitigate:
Despite providing incontrovertible evidence in the exact format they require, Spaceship has failed to take the appropriate mitigation action reasonably necessary to stop or disrupt this abuse.
It has been 25 days since my submission, and they have not effectively addressed the issue or suspended the offending domains. Their only response has been an excuse stating that they "cannot open the attachments." This is an unacceptable response, as .eml and .csv are universally standard, basic file formats used globally in IT and abuse investigations.
Spaceship's refusal or inability to open standard evidence files—and their subsequent failure to investigate the heavily documented bulk-registration abuse happening on their platform—demonstrates a clear lack of reasonable and prompt action to mitigate ongoing abuse.
Spaceship report id: [SPS-QLG-9297\]
I filed a complaint with ICANN, case id: 01576552
I filed a complaint with cloudflare, case id: 22206647
Spam doamins:
Why my backups failed this night
So here's a funny little thing I've never thought about.
I live in a country where we have summer/wintertime, so the clock was set ahead an hour tonight.
Every morning when I wake up, the first thing I do is open my e-mail and check for the e-mail from ProxMox telling me my back-ups were (hopefully) successful.
This morning started a little different, no e-mail. I go downstairs, start my PC, log in to the ProxMox webgui. No errors, nothing about the back-up in the logs. So I go into ProxMox back-up server, once again all green checks across the board, but no mention of last nights back-up.
After about an hour and a half of investigating it hit me, my back-ups run at 2:30 AM. The clock was set ahead by 1 hour at 2 AM, so 2:30 AM never happened last night and now I feel like an idiot that I didn't think about this sooner.
https://redd.it/1s6q983
@r_systemadmin
Labeling cables
I am in the beginning stage of moving DR data center to a new colo. I have ordered all my equipment and I’m about finished my Visio including all cables. I only have 2 cabinets, 3 physical servers, SAN, 2 switches (HA), 2 firewalls (HA). Most connections are 10/25Gb running over OM4 fiber to SFP+ ports. There are a few 1Gb Ethernet for IPMI and management type connections.
What are some suggestions on labeling these cables without getting too complicated? I don’t need to include rack-RU-Device-port-use-etc. I really only want a simple way to identify each end of the same cable. In the past with Ethernet I’ve used electrical tape or lightly attached zip ties. For example a cable may be 1 red on both ends, or 1 yellow, or 2 blue, or 1red/1blue. I’ve always been told not to use zip ties on fiber, no matter how loose they are. Electrical tape as well as printing with a brother label maker have come loose and gotten real sticky when the heat from the hot isle (switches are port side exhaust) melts the glue.
Just looking for something simple that can withstand the heat.
https://redd.it/1s6eqef
@r_systemadmin
Weekly 'I made a useful thing' Thread - March 27, 2026
There is a great deal of user-generated content out there, from scripts and software to tutorials and videos, but we've generally tried to keep that off of the front page due to the volume and as a result of community feedback. There's also a great deal of content out there that violates our advertising/promotion rule, from scripts and software to tutorials and videos.
We have received a number of requests for exemptions to the rule, and rather than allowing the front page to get consumed, we thought we'd try a weekly thread that allows for that kind of content. We don't have a catchy name for it yet, so please let us know if you have any ideas!
In this thread, feel free to show us your pet project, YouTube videos, blog posts, or whatever else you may have and share it with the community. Commercial advertisements, affiliate links, or links that appear to be monetization-grabs will still be removed.
https://redd.it/1s4xvpj
@r_systemadmin
Dell Precision 5680/5690 Crashing on Teams Meetings All Drivers & BIOS Updated, Still No Fix
Users with Dell Precision 5680 and 5690 laptops are experiencing a critical issue: when joining a Microsoft Teams meeting, the system crashes completely.
The laptops become unresponsive, and the only way to restore functionality is by performing a hard reset (power reset).
We have already performed several troubleshooting steps, including updating all drivers and the BIOS. Unfortunately, none of these actions have resolved the issue.
At this point, we have tried nearly all standard solutions, but the problem persists.
Does anyone have experience with this issue or suggestions on how to resolve it? Any insights would be greatly appreciated.
https://redd.it/1rzxnku
@r_systemadmin
VMOBackup Down?
I just setup 2 new clients here for M365 Backup as I can't justify telling them to buy a Synology with current hardware prices and I have seen VMOBackup previously recommended. Well about 6AM EST or 3 hours ago I went to check the backup history and I am getting a timeout. Now a little after 9AM EST DNS I am still getting a timeout. I've also tried via VPN and a remote jump box to rule out firewall issues on my side. The DNS appears to resolve to a single EC2 instance. Is this normal for VMOBackup and if so who do you recommend?
Edit: It is finally back online now.
https://redd.it/1rzrbqy
@r_systemadmin
GPO structure, best practices and pitfalls, and guidance
A long time ago I worked for a company who had amazing GPO's and now I'm trying to recreate it. The company I'm doing this for has zero GPO's and is fully Azure. They have DC's in Azure VM running to manage and maintain all servers and host pools (which is quite alot)
The previous admin did not really use GPO's and was always manually configuring regkeys and language and other stuff.
So company.old had a really great philosophy regarding GPO's, which lines up with the best practices somewhat, a baseline GPO for computer/user wide settings which need to always be set (for instance outlook caching, default apps, languages, timezones etc....) and specific GPO's for really specific scenario's (password policy, naming conventions, shared drives, etc...)
All GPO's were set at the root level (except RDS GPO's) and scoped with security groups and item-level targeting. It worked amazing, no GPO logon delays, no conflicting issues.
IMO, best practices mess up the GPO governance and maintance, it makes it so complex to place GPO's in specific OUs, disable inheritance, lock OUs etc.... I want it scalable
This is an example of our OU structure and how I would like the GPO to be set:
GPO & OU structure
Drive mapping GPO example
Drive mapping GPO delegation
This works, but is complex in setup, I need to specifically scope the com group of the servers I want to apply it to in delegation (same as domain computers = read), otherwise, due to the loopback processing on the AVD servers, it will also get applied on those computers. (User & Computer policies). So the srv - global uc - baseline does not have the domain computers as read, but I'll need to add every srv group to this GPO delegation (or add the GPO to every OU within each business unit and new business unit.
Maybe I'm overcomplicating since I'm doing a deep dive in this, and want to have it perfect and scalable, and am putting too much weight into it, but I would prefer it only to be assigned on one place and work with the least amount of modifications on the delegation
https://redd.it/1rzmfk3
@r_systemadmin
Enabling Microsoft managed Secure Boot toggle on devices without latest BIOS updates
I've been hoping that this specific question would be covered on the hundreds of AMA's for this topic but so far it hasn't (unless I missed one). But, I understand that the device needs to be on a minimum BIOS version for everything to work properly because the proper certs aren't included in older ones. We are in the process of verifying and updating endpoints to BIOS versions that meet this requirement but not everyone has been taken care of yet.
My question is, if I enable the Microsoft managed SB Cert Update toggle in Intune, it will update the cert on devices with the latest BIOS, but what happens to those devices not up to date yet? Do I need to wait until I get everyone updated before flipping that switch or will it just throw EVID 1801 until they get the new BIOS?
I seem to recall reading something about doing one before the other could potentially get you into a situation where you end up replacing the new cert with old somehow and not getting the latest (I know I butchered that explanation but this cert thing is tricky to wrap my head around).
https://redd.it/1rz3uq0
@r_systemadmin
Leaving MSP life for internal IT. Same work, twice the pay
I’m wrapping up my last couple weeks at an MSP and just accepted an internal senior infrastructure role.
What’s bothering me isn’t even the move itself it’s the pay gap. The new role is offering almost twice what I’m making now… for essentially the same responsibilities.
At the MSP, I’ve been handling infrastructure, security, client environments, training new hires; all the usual “this is definitely more than your title” type of work. You stay busy, you get good exposure, but the compensation never really catches up to what you’re actually doing.
Then you interview somewhere internal and realize this is just normal pay on the other side. I’m not even trying to complain, it just puts things into perspective. MSPs are great for learning, but it’s hard to ignore how long you can sit there underpaid while taking on more and more responsibility.
Anyway, looking forward to the change and finally being able to focus on one environment instead of reacting to a new fire everyday.
https://redd.it/1rzd9gu
@r_systemadmin
Slow opening Start Menu on Windows Server 2025 Terminal Servers fixed with registry key
So this has been annoying some of us Citrix and Terminal Server admins using Windows Server 2025: The Start menu takes a few seconds to open the first time after logging in. A user on the Citrix subreddit (all credit to him for not giving up and then sharing the solution for free) got a solution from Microsoft support using a registry key. I've already tried it, and the response time is much better now:
>Path: HKLM:\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\StartMenu
Value: PrelaunchOverride
Type: REG_DWORD
Data: 1
Hope this is helpful for some of you too.
https://redd.it/1rz2u2d
@r_systemadmin
I going into mgmt worth it?
So I have 17+ yoe as systems engineer, worked mostly as Jack of all trades so I can get the shit done myself as I've worked in smaller companies. Last 10 years I am contracting, jiggling multiple contracts (1 man band) but I am thinking of dropping something for better work life balance. Money is obviously nice, I can buy stuff without thinking, travel where I want and stay at expensive resorts but I have to work 14 hours a day... I met many shit for brains directors/CTOs who probably make little less than me now so I am wondering how do you get into those roles when you don't have tech background for those roles?
First requirement for me is that it must be full remote, maybe occasional visit to office once a month is fine. Secondly, all local jobs (EU) I am scouting have deep infosec requirements to get into that role (cissp or iso 27100 implementation knowledge). I am currently contracting as security engineer dealing with everything around IAM in an enterprise (2k+ people) but not even being called for an interview when I apply. CTO roles are mostly startup based and you need to come from development background. Not many IT directors or director of IT infrastructure jobs are posted so I assume people natively progress into those roles by being 10+ years within to company? How many of you applied and got into IT director position that paid well without previous director background? Maybe I am wrong but it seems to me I am condemned to be just a regular Joe till I retire... Especially now in current job market with AI.. I am 44 BTW.
https://redd.it/1s6z8mg
@r_systemadmin
this latest AI tools wave is the new shadow IT nightmare and I don't even know where to start
my whole last week was just random meetings with devs banging 4+ dev tools in parallel, apparently for months (not that it wasnt an open secret) and i'm just thinking of all the secrets being leaked...
what changed now is that people aren't even hiding it anymore, i'm just trying to be ahead of the curve, what are you using to circumvent this? i dont think theres much point in trying to kill it, but what do?
https://redd.it/1s6wkpi
@r_systemadmin
How long do security questionnaires take your team? Feels like an insane time sink
Talked to a CTO last week who said he personally spends 8+ hours on every vendor security assessment his company receives. SOC 2 questionnaires, GDPR compliance forms, custom security questionnaires from enterprise prospects — all slightly different formats asking basically the same things.
His exact words were 'I answer the same 200 questions in slightly different order every time a big client wants to evaluate us.'
For those of you dealing with this:
- How many security/compliance questionnaires does your team handle per month?
- Who actually fills them out? Is it the CTO, a dedicated compliance person, or does it get spread around?
- How much of it is copy-paste from previous questionnaires vs. writing new answers?
- Has a deal ever stalled or died because the questionnaire took too long?
- Have you tried automating any of this or is it all manual?
Trying to understand if this is a universal pain or just something that hits certain company sizes. Any context helps.
https://redd.it/1s6uyi4
@r_systemadmin
sharp.com`](http://globesharp.com)
[`kasureness.com`](http://kasureness.com)
[`pediawealth.com`](http://pediawealth.com)
[`spotcrave.com`](http://spotcrave.com)
[`kellytweed.com`](http://kellytweed.com)
[`coastload.com`](http://coastload.com)
[`stehorrible.com`](http://stehorrible.com)
[`swipossum.com`](http://swipossum.com)
[`fastgeologist.com`](http://fastgeologist.com)
[`modejoyful.com`](http://modejoyful.com)
[`majesticgraph.com`](http://majesticgraph.com)
[`unkcharge.com`](http://unkcharge.com)
[`kledkinetic.com`](http://kledkinetic.com)
[`accessardent.com`](http://accessardent.com)
[`limaapprove.com`](http://limaapprove.com)
[`govesaloon.com`](http://govesaloon.com)
[`tunevoting.com`](http://tunevoting.com)
[`spectrumfine.com`](http://spectrumfine.com)
[`eptspibs.com`](http://eptspibs.com)
[`trentriddance.com`](http://trentriddance.com)
[`stransave.com`](http://stransave.com)
[`momentjoyful.com`](http://momentjoyful.com)
https://redd.it/1s6fxx1
@r_systemadmin
Bulk Spam Network Utilizing Spaceship Registrations and Cloudflare DNS
I submitted the abuse reports via the registrar's designated abuse contact: [abuse@spaceship.com](mailto:abuse@spaceship.com)
**Nature of the Abuse:**
An abusive entity is utilizing Spaceship (the registrar) to bulk-register multiple domains. These domains are systematically rotated and used daily to send a massive volume of unsolicited commercial spam emails. Furthermore, these emails contain fraudulent and deceptive "unsubscribe" links that do not function, deliberately trapping recipients and potentially serving as vectors for further malicious activity (such as phishing or tracking).
**Evidence Provided:**
To ensure the registrar had all the necessary information to take immediate action, I strictly followed Spaceship's published abuse reporting guidelines. I utilized an email interceptor to accurately capture the spam campaigns. I provided them with:
* The raw, unaltered email source files in standard .eml format (containing full headers and routing data).
* A comprehensive .csv file containing all specific data points required by Spaceship's abuse reporting policy.
**Registrar's Inaction and Failure to Mitigate:**
* Despite providing incontrovertible evidence in the exact format they require, Spaceship has failed to take the appropriate mitigation action reasonably necessary to stop or disrupt this abuse.
* It has been 25 days since my submission, and they have not effectively addressed the issue or suspended the offending domains. Their only response has been an excuse stating that they "cannot open the attachments." This is an unacceptable response, as .eml and .csv are universally standard, basic file formats used globally in IT and abuse investigations.
Spaceship's refusal or inability to open standard evidence files—and their subsequent failure to investigate the heavily documented bulk-registration abuse happening on their platform—demonstrates a clear lack of reasonable and prompt action to mitigate ongoing abuse.
Spaceship report id: \[SPS-QLG-9297\]
I filed a complaint with ICANN, case id: 01576552
I filed a complaint with cloudflare, case id: 22206647
Spam doamins:
Will need to transfer out of Network Solutions — Any suggestions to where?
Network Solutions bought Domain-dot-Com last year (who had already bought our original provider a couple years ago). So this is the first time I've had to deal with Network Solutions. Instead of sending me a notice a week in advance (like a normal company would do) they sent a domain"expired" notice 26 minutes after 12 A.M. Expired on the 28th, I got my notice at 12:26 A.M. this morning (the 29th).
Okay, thanks for the reminder... except when I logged and chose to renew, there was a "reinstatement fee" of $36 (on top of the renewal price). So now I see why they didn't send a reminder a week ago or even a couple days ago. Obviously I had no choice but to pay it, but I will go somewhere else next year. (And I will never suggest anyone deal with Network Solutions — ever.)
In December we have another domain that will be up for renewal. I'll want to change that domain provider in November, so I have some time. Just trying to figure out who's still out there and who provides reliable service without ridiculous fees and sleazy business practices.
Thanks for any suggestions.
https://redd.it/1s6p1g7
@r_systemadmin
Trying to make my employees feel appreciated
I recently moved up professionally and am now running our entire IT department. Of course, pay is the #1 to keep people happy. With that I have the limitations of the budget I can get approved (given we are the best company in our region bar none and pay double for tier 1 over any other option.)
I'm trying to think of creative ways to show the guys appreciation for their work outside of what I can do with their pay. I was them 2 weeks ago, so I have an idea of what I'd like. My first thought was some anniversary tier reward. I.E. make it a year get something, 3 years something, 5 years something BIG, 10 years something MASSIVE.
I'm not sure if anybody has advice. My first thought was a custom Leatherman Arc for anybody that makes 3 years. Trying to stay useful for the job but also something people would like.
I've never managed anyone before so any advice is appreciated.
(also fuck dealing with payroll, pto requests, and invoicing. I get why managers are always in such shitty moods now)
https://redd.it/1s6oml9
@r_systemadmin
Left the weirdest company of my career
Easiest job I’ve had.
This job literally wrote me an email that I am not to look into any problems or work any tickets unless being assigned something from my manager.
Getting flown out for thousands of dollars in expenses to plug in cables someone else forgot and perform onsite upgrades.
They wouldn’t allow access to anything I would normally have and I’ve been working F500 companies for 10 years now.
Senior Network engineers who have never logged into a switch or router.
It also took me about 2 months to get a computer.
I stayed a year because anything less I just don’t think is a good luck for future employers but I just left for a 70% pay increase.
It’s sad because it would’ve been a great job and I wouldn’t have been looking if they had just let me do my fucking job.
It seems like all my access was being blocked by security. And the security team a this place was a total joke. Like the entire IT department is being run by a totally doofus security team.
Anyone experienced something like this? Just absolute stupidity
https://redd.it/1s62xjq
@r_systemadmin
Thinking of consulting on the side
Not sure if it’s “general discussion”.
I’ve been in IT about a decade, and I have a CISSP now. Employed full time. I’ve been kicking around the idea of consulting on the side and starting an LLC. Especially with the new HIPAA Security Rule proposals, perhaps the local mom and pop dentist need help understanding the requirements? Could do an SRA, for example.
Or maybe the burger joint owner watched too many movies is worried about the hackerz?
Not an MSP, just consulting so no ownership.
Has anyone done something like this? Am I crazy?
https://redd.it/1s00ovb
@r_systemadmin
Anyone using Graph /beta sign-in logs in prod?
Hey all,
I’m looking at using Graph /beta (sign-in logs) in prod and wondering if anyone here has real experience with it.
How reliable is it actually? any missing data, throttling, or weird limits you ran into? also does it match what you see in portal / log analytics or not?
I’m also thinking to skip Event Hub and just poll Graph (cheaper 😅) and build some detection logic on top — curious if anyone tried that and how it worked out.
are you using it as main source or more like best effort?
any quick thoughts would help a lot, thanks!
https://redd.it/1rztx2g
@r_systemadmin
Network Beginner
I haven't been working in IT for very long, and I think I might have misunderstood something. I have a Unifi Cloud Key and a Layer-2 switch (not from Unifi) at one location. Now I want to set up multiple subnets and a firewall there.
That’s why I bought the following:
\- Unifi Gateway Lite
\- Ubiquiti Pro Max (Layer-3)
I bought the Ubiquiti Pro Max because I thought the switch had to be Layer-3 capable so I could configure multiple subnets on a single switch. But I’m realizing now that’s actually wrong, isn’t it? If I understand correctly, does that mean the Gateway Lite handles inter-VLAN routing, rather than the switch?
https://redd.it/1rzoyp7
@r_systemadmin
Those in non profit tell me if im paranoid
Small IT team. Manager basically says I have the job . 2 weeks go by I assume im not hired. Someone not the alleged boss says they want to bring me in, ok. Then week later says offer pushed back. Then a week later says they need asap but not perm but contract so I can work asap.
I wont lie. I likely fucked up every interview ive had (5 total since july) because im bad at interviews (also I just given generic responses given i dont know what their environment is like for help desk).
I am about to lose my house so I grabbed a short contract which is asset management and deploy aka warehouse. This shit takes a heavy toll on my disabled body. Basically open laptop boxes label ajd repack
For shipping.
Now this job wants me to stop what im doing(guaranteed checks) to start asap as a contract .
Red flags are burning for me, saying this non profit cant pay me as permanent
Am I wrong? I feel like I cant burn my current gig for a bs likely short non profit (both are same pay just non profit os permanent with bennies).
Fml.
https://redd.it/1rzirkz
@r_systemadmin
Thoughts on self managing MS365 Business Premium security for 2-4 business users without an IT background myself?
Long story short, I'm a CPA firm owner and am going to pay a consultant a 1 time fee to set up all that Business Premium has to offer (Autopilot, InTune, Email Encryption, SharePoint set up, Backups for everything, Endpoint/Defender protection). I've shopped MSPs and prices are $200/month/user+ and I don't know that I'll get a ton of value from this in the short immediate term. Definitely something I will 100% hand off once I'm at 4+ users and have more revenue growth.
I consider myself pretty tech savvy on the personal side but business security is a bit outside my depth and obviously higher stakes. Is the Business Premium suite and built in device management tools/file and email security and monitoring for employees sufficient for a very small business to self manage once set up professionally? Or does an MSP make sense due to security concerns?
https://redd.it/1rzfavu
@r_systemadmin
Am I Getting Fucked Friday, March 20th 2026
Brought to you by r/sysadmin 'Trusted VAR': u/SquizzOC with Trusted Telecom Broker u/Each1Teach1x27 for Telecom and u/Necessary_Time in Canada
PMs are welcome to answer your questions any time, not just on Fridays.
This weekly thread is here for you to discuss vendor and service provider expectations, software questions, pricing, and quotes for network services, licensing, support, deployment, and hardware.
Required Info for accurate answers:
* Part Number
* Manufacturer/vendor
* Service Type and Service Location (DM Service Location)
* Quantity (as applicable)
All questions are welcome regarding:
* Cloud Services - Security, configurations, deployment, management, consulting services, and migrations
* Server configs
* Storage Vendor options, alternatives, details,
* Software Licensing - This includes Microsoft CSPs
* Single site and multi-location connectivity – Dedicated internet access, Broadband, 5G
* Voice services- SIP, UCaaS, Contact Center
* Network infrastructure - overlay software, segmentation, routers, switches, load balancing, APs
* Security - Access Management, firewalls, MFA, cloud DNS, layer 7 services, antivirus, email, DLP….
* POTS replacement lines
https://redd.it/1rz0uci
@r_systemadmin
Azure Outage?
Anyone else having issues connecting to Azure VMs or having host pools dropping and coming back up constantly?
https://redd.it/1ryz7en
@r_systemadmin