Alternatives to Site 24x7

We currently use Site 24x7. Is there anything better or comparable to it that you have used?

https://redd.it/1nbnl20
@r_systemadmin

Our postmortem process was basically "let's not do that again"

Used to just ping whoever was online when stuff broke. Last month our checkout died during a huge sale prep and it was a shitshow 4 different people spinning up war rooms

3 hours later we figure out it was a config change from that morning. Not because it was hard to fix, but because we spent half the time just figuring out who was supposed to be doing what.

CTO walks over like "fix this process or I'm buying whatever's at the top of Google."

So now we have this bot that creates channels and pulls in the right people automatically. Feels weird having Slack tell me what to do when everything's crashing down, but last incident took 45 minutes instead of 3 hours....

Our retros actually make sense now instead of just "well that sucked, let's try not to break it again."

Still hate getting paged but at least now I know who else is awake and panicking with me.

https://redd.it/1nbq51r
@r_systemadmin

On prem break in

Welp, my companies satellite office got broken into. We’ve been here for a short time and still have another group of people to move in here. Overall wasn’t the worst as they mostly got a few ipads/iphones that come free from our cellular provider. They’re in our MDM, as well reported stolen with apple so as far as im aware they’re pretty much useless now. However I did keep a demo/loan unit on the desk I have at this office that might get used every other week, and sure enough they where able to rip the lock off the laptop which sucks, luckily it was the oldest generation in our collection and some end user dropped it a crap ton before it came back to us so we couldn't assign it to anyone else. But the whole thing gave me a chuckle as our main building security would be really anal about laptop locks and here's one finally put to the test and it folded relatively instantly. I know they're more for protecting from a grab and go during the day but I still kinda expected a little bit more from it. From now on Ill be keeping the new one in the locked IT Supply closet of course, but I was curious to see if anyone else has similar stories of cable lock failures. Also I added a picture of a paper clip I found on my desk too, looks like they wanted to pick the lock to my file cabinet?? Not sure why when they pried open two other ones but wanted to pick this one open.

https://redd.it/1nbp9sj
@r_systemadmin

Justification for not implementing MFA

Would it still be considered Multi-Factor Authentication if the individual computer only has local user accounts, but in order to even get to the computer you must have RFID badge to access the room where the computer is located? These badges require special approval by both the contractor company and the entity (government) that holds the contract. The locations require approval for accessing the campus, additional approval required to access the specific building, and additional approval required for the specific rooms the equipment is in.
We are trying to justify a waiver from having to implement MFA due to the above requirements already, plus the equipment does not store or process user/company/contract data. The systems provide either a simulation of hardware for testing software that is developed on separate MFA enabled devices, or connects to real hardware in special access facilities to enable testing against the real hardware. These systems get completely wiped and rebuilt regularly. Isolated systems may not be used for months or years until specific tests are needed. And if implementing MFA per user, the user base per location may be large, turn over regularly, and we won't have people at each site to fix any authentication problems when they randomly decide to perform their tests (air-gapped/no remote access). Only in one location is there even remote access and that can only be done via an MFA enabled computer and must know the NAT'd address of the only handful of machines that can connect.
Trying to see if can say we are already implementing MFA in some form, or justification as to why we will not implement MFA. There are also some contract requirements that would make MFA extremely difficult or outright impossible for those kinds of systems.

https://redd.it/1nbs74r
@r_systemadmin

SMB between Win11 -> Win2k/XP/7 in 2025

Hello

So, before everyone goes "BUT YOU SHOULDNT RUN WINDOWS 2000 TODAY" well, I don't have a choice. These are CNC routers that cost somewhere between 500.000 and 1 million Euro and have life expectancy measured in decades. The controller boxes for these run random Windows versions between 2000, XP and 7, one or two run some proprietary system. Some manufacturers may sell updated versions of the controller that run a newer version of Windows, like Windows 7 (I just today heard that we might be buying a new lathe that will come with Windows 10...), but such an upgrade might cost €40k. So buying new ones isn't really an option at this point.

These machines are mostly interfaced with via SMB shares directly on the machines. The GUI on these is always filled by the controller software and doing anything from the machine end of things is just not really a great time.

Now, I have already separated all these machines out on separate VLANs for each machine. None of these have access to the Internet, but can be reached from the production VLAN where our technicians design the programs for the machines and then push them via SMB.

Now, the latest versions of Windows 11, and apparently 10 as well, seem to have changed something so that especially old ones running Windows 2k no longer allows you to log on to the network shares on them. You just get a "password invalid" error. I tried all the other stuff about changing various things in the SmbClient via powershell, but this does not fix it.

I considered removing passwords and users on the 2k machines - I don't know if this will work around the underlying issue. So I didn't try it yet, because I felt that it would just be another security weakspot that might stop the most baseline breach... but maybe I'm just dumb and should have removed the passwords and called the microsegregation good enough for security. (I also clone the disks in them all at regular intervals)

I also considered a new approach, setting up a middleman server of some sort in another segregated VLAN that would run some older software that would allow me to create a network share on that for each machine and then run some noscripts to auto-copy anything in those folders on to the machines at some set interval or maybe triggered by changes.

No software etc. can be installed on the controllers.

Any of you have any insights you might be able to share for this kind of setup? And yes, some of the newer devices do support USB transfer, but this is seen as a major downgrade in user quality of life. But doesn't really fix that some of the machines do not support it and that I'd really like for all the machines to follow the same kind of workflow to reduce user stress in an environment where friction with IT systems is particularly unwelcome.

Thanks for reading, and any insight.

https://redd.it/1nbp9du
@r_systemadmin

Hey, today I discovered that this is default for ALL users in the organization:

https://imgur.com/a/BtWN9p5


So, quick question: is this normal?

You'll see that POP is blocked, OWA is blocked (but how can this be??? OWA is just Outlook.com email, and apparently it does work but it's showing as blocked.)

https://redd.it/1nbsx30
@r_systemadmin

Out of Office

When someone is out of office and a line manager wants "access" to the employee's emails - what is usual - a forwarding or delegate access?

https://redd.it/1nbvl0c
@r_systemadmin

Ten rounds of interviews to be asked the same thing two hundred times.

I have to be honest, I’m getting really worn out with the way interview processes are run these days. I just finished ten rounds of interviews, each lasting between an hour and an hour and a half. By the tenth one, I was completely drained. Nearly every round involved the same repetitive questions: “Tell me about yourself, tell me about your career, tell me about your expertise.” After repeating myself countless times, I started giving shorter answers simply because I couldn’t keep restating the same points over and over.

The final interview in particular was exhausting. The interviewer spent almost the entire time pressing me on “what I’m passionate about,” rephrasing the same question dozens of times as though trying to trap me in a “gotcha” moment. On top of that, they asked overly abstract architecture questions that are rarely touched in day-to-day practice, things you configure once and then never revisit.

After being asked about my “passion” for the fourth time, I finally told him, politely but firmly, that I wasn’t interested in being treated like an intern. After twenty years in this field, I don’t think anyone deserves to be subjected to repetitive, superficial questioning that doesn’t actually evaluate their capabilities.

The guy’s eyes sank like I had just committed a crime. This only ever happens with people over 40 in corporate environments, I’ve never had these kinds of interactions with younger staff. I honestly don’t know how to bridge that gap anymore, and at this point, I don’t care to try.

Why is it that people act like work is supposed to be the only thing that defines you? I do my job because it pays well. I work hard to keep it, and I pick up new skills because I have to, not because I “love” doing it. Nobody stays passionate about the same thing after doing it for 15 or 20 years. You deal with the nonsense, push through it, and get the work done. That’s what a job is. If it were truly a passion project, I wouldn’t be getting paid for it.

https://redd.it/1nbzbak
@r_systemadmin

On-Call Compensation

TLDR: is it common to receive no extra pay for being on-call?


I've been working in IT for over 15 years. I've worked for MSPs, small companies and large corporations. In every position, I was part of an on-call rotation. Every job before my current role included additional compensation or benefits for being on-call. My current role did include a 10% increase in pay but I don't feel that it covers the difference in pay or responsibility. I get more on-call alerts in this role than any other place I've worked. Sometimes I go several nights without enough sleep and am expected to work a full shift. Is it common to have on-call just be an expected duty without additional compensation?




https://redd.it/1nbzmrh
@r_systemadmin

GPUGate Malware Targets IT Firms Using Google Ads and Fake GitHub Commits

**Date:** September 8, 2025

**TL;DR:**

* Malware campaign uses Google Ads and fake GitHub commits to spread malware.
* GPU-gated decryption helps attackers evade sandboxes and analysis tools.
* Targets IT and software development companies in Western Europe.

A new malware campaign called GPUGate is leveraging Google Ads and malicious GitHub commits to trick users into downloading trojanized installers disguised as popular tools like GitHub Desktop. Once installed, the malware uses GPU-based checks to bypass virtual machines and sandboxes, making detection and analysis significantly more difficult.

For sysadmins and security teams, this attack highlights the growing threat of malvertising and supply chain-style impersonation. IT departments should closely monitor traffic for suspicious domains such as gitpage\[.\]app, enforce strict download policies, and educate teams on verifying software sources. This campaign also suggests the need for updated endpoint detection rules that account for GPU-based evasion techniques.

**Full Story:**

[https://thehackernews.com/2025/09/gpugate-malware-uses-google-ads-and.html](https://thehackernews.com/2025/09/gpugate-malware-uses-google-ads-and.html)

https://redd.it/1nbwnfg
@r_systemadmin

Biggest fuck up you made?

I was new onsite and accidently restarted the Host machine... And panicked looking for the physical machine.

https://redd.it/1nc44gg
@r_systemadmin

Trapped sysadmin.

49 years old with 4 kids. Oldest just started college and the youngest is in 5th grade. I have been in the IT feild since I was 22 years old. I absolutely hate it! I am miserable everyday but I just cannot start over doing something else as I have responsibilities that cost money. The idea that the last quarter of my life will be spent working in a feild that gutts me is just depressing. I do not see a way out and really just needed to vent. Anyone else trapped like me? Misery loves company.

https://redd.it/1nc717a
@r_systemadmin

Your Favorite Co-Worker?

Making this post to add entertainment for the night,

Come join the campfire and tell us nerds about your favorite co-worker! Good or Bad.

Have a great evening!

https://redd.it/1nc60ws
@r_systemadmin

Patch Tuesday Megathread (2025-09-09)

Hello r/sysadmin, I'm u/AutoModerator, and welcome to this month's Patch Megathread!

This is the (mostly) safe location to talk about the latest patches, updates, and releases. We put this thread into place to help gather all the information about this month's updates: What is fixed, what broke, what got released and should have been caught in QA, etc. We do this both to keep clutter out of the subreddit, and provide you, the dear reader, a singular resource to read.

For those of you who wish to review prior Megathreads, you can do so here.

While this thread is timed to coincide with Microsoft's Patch Tuesday, feel free to discuss any patches, updates, and releases, regardless of the company or product. NOTE: This thread is usually posted before the release of Microsoft's updates, which are scheduled to come out at 5:00PM UTC.

Remember the rules of safe patching:

Deploy to a test/dev environment before prod.
Deploy to a pilot/test group before the whole org.
Have a plan to roll back if something doesn't work.
Test, test, and test!

https://redd.it/1nc91oa
@r_systemadmin

How I went from Help desk to Cloud Engineer in 2 Years

I have been in IT for 2 years and during that time I have been on a constant grind to learn and better myself. This was especially difficult with having two young toddlers and being in online school full time and studying for certifications and working a full time job while my wife also worked her full time job. This is what I did to get hired and get promoted quickly and move up and out of the Help desk role into more specialized higher paying jobs.

2023 Help Desk level 1 6 months -- 24/hr

Towards the tail end of 2023 I landed my first job in IT, this was extremely difficult and took me MONTHS to get, I was at the time jobless and in online school full time while also watching my 2 year old. I started off applying to everything and anything I saw in job board postings and realized after application 200 that this was not the play. I changed my strategy and adjusted my resumes to each of the jobs I knew I had a better chance at getting. This meant I would rework my resume to include keywords I noticed in their job advertisement that I knew I was capable of doing. I adjusted prior roles to showcase they included the soft skills and some hard skills needed for the role. This started landing me interviews and allowed for me to get my first job as a help desk level 1.

During this time I went into full grind mode, I would ask our system admin, network engineer, and security engineer and unbelievable amount of questions to try and learn my companies environment. I spent and unhealthy amount of my free time (always at night) studying certifications, networking, servers, etc. I would watch countless hours of Help Desk videos explaining various job duties and responsibilities, I would watch "how to" guides on things like GPO, AD DS, Entra ID, Azure, Intune, and more. I created labs at my house so I could get more hands on practice creating and breaking my lab environments. The constant learning and practice in the lab environments expedited my learning IMMENSLEY and gave me the confidence to voice my opinion when I would find misconfigurations in our on-prem and cloud environment. This lead to me being brought up in conversations and for management to take notice of my efforts.

2024-2025 Junior System Administrator 1 year 6 months -- 70k/yr

I was promoted to Junior System Administrator, my only problem, my senior was not a good teacher and as I would find out later did not have the necessary experience or expertise to be in their position. This caused for me to have to amp up what I was already doing by finishing my degree and getting my first certification. This certification was the Security+ and was able to teach me some very good information, however it was not entirely needed for my daily job and was more of a resume builder than anything. Gaining this role and constantly studying and learning more and more about Microsoft's best practices I realized there was still A LOT to configure in my current organizations Entra and M365. So this provided me the opportunity to become deeply familiar with solving security issues in our IdP like MFA enforcement, Risky User, Risky Sign-in policy, SSPR, Security Group reconfiguring, PIM Implementation. Resolving issues with Exchange, SharePoint, Teams, and creating retention policies. Finding new vendors for the company such as Cloud backups for the m365. I also went a got a few certifications such as the AZ-104 and SC-300 which really improved my ability and gave me so much more confidence in the azure and Entra platform.

Now Cloud Engineer 100k+/yr

I was recently hired by another company who offered me a six figure salary and will be starting my new role as a cloud engineer. I did the same thing I did when I was looking for a Help Desk job I tailored my resume to the jobs I was applying and used the key words in the job posting to be included in my resume. It was definitely easier now that AI is better than it was. I used AI like ChatGPT to adjust my resumes bullet points to focus on bypassing ATS and utilize

resources like Harvard resume builder links to improve the way my resume looked so it would be more appealing to hiring managers. I then instructed ChatGPT to tailer the resume to the specific jobs I was interested in and focus on my experience that fits those jobs. I made sure that every bullet point that was in my resume was something I have done in my job and all the knowledge displayed was something I could actually do. On each interview I would type up multiple questions that are common interview questions and have answers ready to go. I would also write a quick summary of my experience in bullet points and place it on the screen so I could be clear and concise on my remote interviews. All of this (while probably sounding like overkill) I feel greatly helped me getting the multiple offers I got. Most importantly I still applied to a lot of jobs not nearly as many as I did for Help Desk but it will take time.

https://redd.it/1ncb4nn
@r_systemadmin

mac and intune in general is horrible

I just wanted to rant a little about how unfun it has been to integrate Intune as our first MDM. We already had the licenses sitting around, but never got around to actually setting up an MDM. With the growing number of colleagues, it finally became a top priority, so we decided on Intune mainly because the licenses were already there.

The project scope was huge: Windows, Android, and Apple devices all needed to be fully managed by Intune. On top of that, different departments required different apps, and we had to enforce a ton of security policies: no app store, no admin rights, encryption, Defender for Endpoint, etc. Doing all of this on my own while trying to learn how everything works was brutal.

The last piece of the puzzle was getting Apple devices set up, and I’m not going to lie this was the absolute worst experience of the entire project. Just setting up Apple Business Manager took days. Then figuring out how to actually enroll Apple devices was nothing short of a nightmare. Half the time it barely works: you reset the device, use the Configurator app, cross your fingers that the Microsoft Entra login actually shows up, then sit there waiting for Intune configurations to apply. It’s slow, clunky, and honestly miserable to deal with.

And don’t even get me started on Microsoft’s documentation. Why are there 20 different guides for the same thing, all giving slightly different instructions? Finding the one guide that actually matches reality is a mess. Between the inconsistent documentation, the awful speed of Intune, and the painful Apple setup, this project has been one of the least enjoyable IT tasks I’ve ever worked on.

I really don’t understand why there aren’t more people screaming about how bad some parts of Intune are. It feels like everyone just quietly suffers through it.

https://redd.it/1nccgdc
@r_systemadmin

sysadmin but no infrastructure actually exists

Hello everyone,

I’ve finally been accepted for a SysAdmin role and signed the contract, as I really wanted to move on from my previous position in application support. But there’s a catch:

1. The company I’m joining is a vendor a partner with multiple providers offering data applications like Informatica, Denodo, and Cloudera.


2. I found out that vendor companies don’t usually maintain their own infrastructure, since they don’t host services for customers.


3. They only have about three or four servers with one or two applications installed for testing purposes, plus a Windows Server domain controller that, oddly enough, everyone in the company has access to.


4. This left me a bit confused about my role. When I asked my team lead, he explained that I’ll be responsible for installing and configuring applications on the customer’s side starting from setting up the OS, through application installation and configuration, until go-live. After that, my responsibility ends.

i am really confused i don't know what to ask you guys and don't know what to do exactly but I'm open for any advice.



https://redd.it/1ncezle
@r_systemadmin

npm got owned because one dev clicked the wrong link. billions of downloads poisoned. supply chain security is still held together with duct tape.

npm just got smoked today. One maintainer clicked a fake login link and suddenly 18 core packages were backdoored. Chalk, debug, ansi styles, strip ansi, all poisoned in real time.

These packages pull billions every week. Now anyone installing fresh got crypto clipper malware bundled in. Your browser wallet looked fine, but the blockchain was lying to you. Hardware wallets were the only thing keeping people safe.

Money stolen was small. The hit to trust and the hours wasted across the ecosystem? Massive.

This isn’t just about supply chains. It’s about people. You can code sign and drop SBOMs all you want, but if one dev slips, the internet bleeds. The real question is how do we stop this before the first malicious package even ships?



https://redd.it/1ncf87f
@r_systemadmin

For anyone having issues installing nuget this morning...

might just be a caching thing in my area but I'm seeing an expired cert right now for *.azureedge.net on the nuget download endpoint I've been shown to.

Not the first time, it seems: Fix NuGet PackageProvider No Match Found Error

https://redd.it/1ncdqnh
@r_systemadmin

User cant use password to log into office portal

Recently while trying to log in to the office portal, Microsoft asks for your PIN or Facial recognition instead of a password, is there any way to just use the password? At this stage what is the point of even creating a password if the user is forced to use the PIN for everything?

https://redd.it/1ncilre
@r_systemadmin