Your Favorite Co-Worker?

Making this post to add entertainment for the night,

Come join the campfire and tell us nerds about your favorite co-worker! Good or Bad.

Have a great evening!

https://redd.it/1nc60ws
@r_systemadmin

Patch Tuesday Megathread (2025-09-09)

Hello r/sysadmin, I'm u/AutoModerator, and welcome to this month's Patch Megathread!

This is the (mostly) safe location to talk about the latest patches, updates, and releases. We put this thread into place to help gather all the information about this month's updates: What is fixed, what broke, what got released and should have been caught in QA, etc. We do this both to keep clutter out of the subreddit, and provide you, the dear reader, a singular resource to read.

For those of you who wish to review prior Megathreads, you can do so here.

While this thread is timed to coincide with Microsoft's Patch Tuesday, feel free to discuss any patches, updates, and releases, regardless of the company or product. NOTE: This thread is usually posted before the release of Microsoft's updates, which are scheduled to come out at 5:00PM UTC.

Remember the rules of safe patching:

Deploy to a test/dev environment before prod.
Deploy to a pilot/test group before the whole org.
Have a plan to roll back if something doesn't work.
Test, test, and test!

https://redd.it/1nc91oa
@r_systemadmin

How I went from Help desk to Cloud Engineer in 2 Years

I have been in IT for 2 years and during that time I have been on a constant grind to learn and better myself. This was especially difficult with having two young toddlers and being in online school full time and studying for certifications and working a full time job while my wife also worked her full time job. This is what I did to get hired and get promoted quickly and move up and out of the Help desk role into more specialized higher paying jobs.

2023 Help Desk level 1 6 months -- 24/hr

Towards the tail end of 2023 I landed my first job in IT, this was extremely difficult and took me MONTHS to get, I was at the time jobless and in online school full time while also watching my 2 year old. I started off applying to everything and anything I saw in job board postings and realized after application 200 that this was not the play. I changed my strategy and adjusted my resumes to each of the jobs I knew I had a better chance at getting. This meant I would rework my resume to include keywords I noticed in their job advertisement that I knew I was capable of doing. I adjusted prior roles to showcase they included the soft skills and some hard skills needed for the role. This started landing me interviews and allowed for me to get my first job as a help desk level 1.

During this time I went into full grind mode, I would ask our system admin, network engineer, and security engineer and unbelievable amount of questions to try and learn my companies environment. I spent and unhealthy amount of my free time (always at night) studying certifications, networking, servers, etc. I would watch countless hours of Help Desk videos explaining various job duties and responsibilities, I would watch "how to" guides on things like GPO, AD DS, Entra ID, Azure, Intune, and more. I created labs at my house so I could get more hands on practice creating and breaking my lab environments. The constant learning and practice in the lab environments expedited my learning IMMENSLEY and gave me the confidence to voice my opinion when I would find misconfigurations in our on-prem and cloud environment. This lead to me being brought up in conversations and for management to take notice of my efforts.

2024-2025 Junior System Administrator 1 year 6 months -- 70k/yr

I was promoted to Junior System Administrator, my only problem, my senior was not a good teacher and as I would find out later did not have the necessary experience or expertise to be in their position. This caused for me to have to amp up what I was already doing by finishing my degree and getting my first certification. This certification was the Security+ and was able to teach me some very good information, however it was not entirely needed for my daily job and was more of a resume builder than anything. Gaining this role and constantly studying and learning more and more about Microsoft's best practices I realized there was still A LOT to configure in my current organizations Entra and M365. So this provided me the opportunity to become deeply familiar with solving security issues in our IdP like MFA enforcement, Risky User, Risky Sign-in policy, SSPR, Security Group reconfiguring, PIM Implementation. Resolving issues with Exchange, SharePoint, Teams, and creating retention policies. Finding new vendors for the company such as Cloud backups for the m365. I also went a got a few certifications such as the AZ-104 and SC-300 which really improved my ability and gave me so much more confidence in the azure and Entra platform.

Now Cloud Engineer 100k+/yr

I was recently hired by another company who offered me a six figure salary and will be starting my new role as a cloud engineer. I did the same thing I did when I was looking for a Help Desk job I tailored my resume to the jobs I was applying and used the key words in the job posting to be included in my resume. It was definitely easier now that AI is better than it was. I used AI like ChatGPT to adjust my resumes bullet points to focus on bypassing ATS and utilize

resources like Harvard resume builder links to improve the way my resume looked so it would be more appealing to hiring managers. I then instructed ChatGPT to tailer the resume to the specific jobs I was interested in and focus on my experience that fits those jobs. I made sure that every bullet point that was in my resume was something I have done in my job and all the knowledge displayed was something I could actually do. On each interview I would type up multiple questions that are common interview questions and have answers ready to go. I would also write a quick summary of my experience in bullet points and place it on the screen so I could be clear and concise on my remote interviews. All of this (while probably sounding like overkill) I feel greatly helped me getting the multiple offers I got. Most importantly I still applied to a lot of jobs not nearly as many as I did for Help Desk but it will take time.

https://redd.it/1ncb4nn
@r_systemadmin

mac and intune in general is horrible

I just wanted to rant a little about how unfun it has been to integrate Intune as our first MDM. We already had the licenses sitting around, but never got around to actually setting up an MDM. With the growing number of colleagues, it finally became a top priority, so we decided on Intune mainly because the licenses were already there.

The project scope was huge: Windows, Android, and Apple devices all needed to be fully managed by Intune. On top of that, different departments required different apps, and we had to enforce a ton of security policies: no app store, no admin rights, encryption, Defender for Endpoint, etc. Doing all of this on my own while trying to learn how everything works was brutal.

The last piece of the puzzle was getting Apple devices set up, and I’m not going to lie this was the absolute worst experience of the entire project. Just setting up Apple Business Manager took days. Then figuring out how to actually enroll Apple devices was nothing short of a nightmare. Half the time it barely works: you reset the device, use the Configurator app, cross your fingers that the Microsoft Entra login actually shows up, then sit there waiting for Intune configurations to apply. It’s slow, clunky, and honestly miserable to deal with.

And don’t even get me started on Microsoft’s documentation. Why are there 20 different guides for the same thing, all giving slightly different instructions? Finding the one guide that actually matches reality is a mess. Between the inconsistent documentation, the awful speed of Intune, and the painful Apple setup, this project has been one of the least enjoyable IT tasks I’ve ever worked on.

I really don’t understand why there aren’t more people screaming about how bad some parts of Intune are. It feels like everyone just quietly suffers through it.

https://redd.it/1nccgdc
@r_systemadmin

sysadmin but no infrastructure actually exists

Hello everyone,

I’ve finally been accepted for a SysAdmin role and signed the contract, as I really wanted to move on from my previous position in application support. But there’s a catch:

1. The company I’m joining is a vendor a partner with multiple providers offering data applications like Informatica, Denodo, and Cloudera.


2. I found out that vendor companies don’t usually maintain their own infrastructure, since they don’t host services for customers.


3. They only have about three or four servers with one or two applications installed for testing purposes, plus a Windows Server domain controller that, oddly enough, everyone in the company has access to.


4. This left me a bit confused about my role. When I asked my team lead, he explained that I’ll be responsible for installing and configuring applications on the customer’s side starting from setting up the OS, through application installation and configuration, until go-live. After that, my responsibility ends.

i am really confused i don't know what to ask you guys and don't know what to do exactly but I'm open for any advice.



https://redd.it/1ncezle
@r_systemadmin

npm got owned because one dev clicked the wrong link. billions of downloads poisoned. supply chain security is still held together with duct tape.

npm just got smoked today. One maintainer clicked a fake login link and suddenly 18 core packages were backdoored. Chalk, debug, ansi styles, strip ansi, all poisoned in real time.

These packages pull billions every week. Now anyone installing fresh got crypto clipper malware bundled in. Your browser wallet looked fine, but the blockchain was lying to you. Hardware wallets were the only thing keeping people safe.

Money stolen was small. The hit to trust and the hours wasted across the ecosystem? Massive.

This isn’t just about supply chains. It’s about people. You can code sign and drop SBOMs all you want, but if one dev slips, the internet bleeds. The real question is how do we stop this before the first malicious package even ships?



https://redd.it/1ncf87f
@r_systemadmin

For anyone having issues installing nuget this morning...

might just be a caching thing in my area but I'm seeing an expired cert right now for *.azureedge.net on the nuget download endpoint I've been shown to.

Not the first time, it seems: Fix NuGet PackageProvider No Match Found Error

https://redd.it/1ncdqnh
@r_systemadmin

User cant use password to log into office portal

Recently while trying to log in to the office portal, Microsoft asks for your PIN or Facial recognition instead of a password, is there any way to just use the password? At this stage what is the point of even creating a password if the user is forced to use the PIN for everything?

https://redd.it/1ncilre
@r_systemadmin

Best IT asset management for a small business? Ideally a plug and play option

Just need a good rec ofr something solid to replace sheets. Anything that’s real easy to set up and manage. We’re not big enough for full-on enterprise stuff, but I still need to know who has what and when it was last used. Any tools out there that you’ve used and liked? Would prefer SaaS, but open to ideas if the setup’s not a pain. And before you guys say it, snipe it is not a good plug and play option. Budget isn’t a major issue, I just need something that works with minimal manual oversight

Thanks.

PS: I’m relatively inexperienced, and this is my first HR job in a fairly large company. I’ve only done most of my work manually, granted it was for much smaller businesses, hence my avoidance of snipe it. I’d rather just have the business pay for something more convenient

https://redd.it/1nck487
@r_systemadmin

Microsoft announces a return-to-office mandate of three days per week

Article here: https://www.theverge.com/report/774414/microsoft-return-to-office-policy-announcement

It'll start with those currently around the Seattle office, and then move to those around the US and internationally.

https://redd.it/1ncmclm
@r_systemadmin

Anyone else experiencing their Remote Desktop window closing automatically

Several users so far this morning have had their Remote Desktop window vanish on them. I logged into the AVD as well as I was looking around, BLOOP, my window went away as well. I logged back in, windows were still like I left them, so session was disconnected. Seeing if this is happening to others.

https://redd.it/1ncmc4p
@r_systemadmin

ChatGPT Fixed it

Can you relate? https://imgur.com/a/JunuRtY

something my coworker said when dealing with a vendor support tech.

https://redd.it/1ncutbg
@r_systemadmin

What are good Jira alternatives for IT support and workflows?

Jira feels like overkill for smaller IT teams that just want to track requests, handle approvals, and keep things moving without a ton of overhead. What tools are you all using instead that actually fit well inside day-to-day workflows?

Keep hearing about Foqal, any thoughts on it?

https://redd.it/1ncvesm
@r_systemadmin

IT Miracles

I'll go first.

The sprinkler pipe burst in our data center right over our storage rack. One of our NetApp shelves got filled with water. We pulled the shelf and emptied about two gallons of water into the garbage can. We carried the shelf to the boiler room and let it sit there for two hours to dry out. We popped the shelf back in and it fired up like nothing happened. No disks were lost.

https://redd.it/1nd1q4i
@r_systemadmin

Salary expectations?

Hi everyone, I had some questions regarding the salary in the field as I’m nearing graduating college with a B.S. in Cybersecurity and spoke to my boss about a full-time position post graduation.

For context, I have been working part-time (~24 hours a week, 40 hours a week over summers) as a Junior IT Analyst for about a year and a half now at a mid size government contracting company in the Washington D.C. area (~400 employees, most on government sites while only about 40-50 work in HQ). Although my noscript is Junior IT Analyst, I manage myself and report directly to the CFO. He was in charge of all IT things before alongside his actual work, and I am the first and only IT hire in the company. This is actually my first job in my career, other than like retail stuff in highschool. My work basically consists of this:

Assisted the CFO in the migration of all employees from commercial Microsoft 365 to Microsoft GCC High. This allowed a level of CMMC compliance that opens up many contracts.

Created the first internal IT ticketing system for employees. It’s basically just an app I made built into our employees MS Teams. It allows to submit tickets, software requests, view FQAs, etc. I use this to manage the tickets and requests people have.

I deploy any software our employees might need, especially our software developers that always need different things deployed.

Use PowerShell to automate lots of process for HR, like new user creation.

Set up devices for all new hires.

And overall keep the day to day IT procedures running, managing the system from Microsoft Admin Center, Entra, Intune, etc.


I’m currently payed $20 an hour. However, once I graduate and can work as a full-time employee, I’m obviously hoping for a decent salary. I’ll have my degree and a TS clearance. So basically my question is, what would be a fair salary to request? I just want to have a good idea of the average salaries in the industry before discussing finances with my boss.

https://redd.it/1nd3dq3
@r_systemadmin

Help understanding how laptop was compromised

Hi guys, reaching out for some understanding on how someone has got around some security controls...

Situation: We have a laptop that has been "borrowed" by someone and they have been able to create a local admin account on the device and install a hyper-v vm, disable ASR rules and run hacky tools etc.


We want to understand how this may be possible. For context:

* The person had physical access to the device away from where it was borrowed - we have since regained possession
* Dell Latitude Laptop
* No evidence the person has any admin credentials or that an admin has modified anything
* Bitlocker not enabled currently - we are unsure as to whether it was already off or they have turned it off
* BIOS admin password was set (and still is )
* Kali Live USB was seen on the device (Defender Timeline)
* Person has deleted security event logs
* MCM reporting is flaky - but a small percentage of laptops from the same area reporting bitlocker off - the person may have had access to these at some point

My questions

* If bitlocker was on - is there a way to disable it / bypass it without Local admin?
* If bitlocker was already off (or if turned off by the person) - I understand there are ways to create a local admin account via Registry/SAM offline, so that would explain that
* If bios has admin pw - how were they able to boot Kali Live?

Thanks!



https://redd.it/1nd21ss
@r_systemadmin

I Launched a Federal Investigation into Microsoft

So I was recently employed at Microsoft and previously, I've worked for big tech companies like Meta, and the general consensus seems to be that the work culture has declined significantly, especially with the advent of AI and after the death of Satya Nadella's son.

What I started to see was a culture of gaslighting, psychological projection, and scapegoating. Critical internal documentation was missing, coworkers behaved in a passive aggressive manner - there was deliberate information siloing, and all the on campus IT support was offshored to third party contracting companies causing significant delays on tasking that would frequently reach boiling points. I was shamed for asking completely relevant questions about legacy systems and processes that would be perfectly reasonable to ask about as a new employee (such as questions about their database).

Then came the mass layoffs - thousands of people every month were not only suddenly let go - entire departments and teams - but thousands more started receiving PIPs and then terminated. Now, neither of these things crosses a line into illegally, but then I started noticing my manager blatantly lying about my performance - in particular, delays on my feature work which my manager claimed was the reason for issuing my PIP were completely outside of my control - in fact it took 3 months just to get a replacement laptop that could at minimum access teams and a month delay because of yubikey shortages alone (I would go to the campus, call IT support, and send DMs/ emails every day).

I was told I had an option between a severance or a 45 day PIP period to "improve" my performance, and then for the entire duration of my PIP I did not have access to any basic functional assets required to do any tasking at all that could even at minimum turn on. Then, only 4 days in to my PIP after having a coworker message my manager on teams (because I no longer had access to teams and I had to ask a coworker I met in one of the ERG groups to DM him and he wasn't answering my emails), I was terminated citing "performance."

What is troubling is that once going public with my story people who both have been wrongfully terminated and even who still work there in director level roles have messaged me thanking me for saying what they are afraid to bring up - what is going on at Microsoft is not legal.

There are refusal to provide ADA accomodations, firing employees on family medical leave, whistleblower retaliation, physical intimidations outside of work - they create more and more "security" processes for engineers to jump through but then dont provide any documentation for them - all while offshored IT contractors in other lands seemingly don't have to jump through them, and then microsoft gets hacked by those other countries. I've even had folks in India message me claiming that Microsoft has violated worker protections and lied to them there. There seems to be a culture of institutionalized gaslighting, denials of reality, clear lack of accountability, pathological lying, passing the buck around, dysfunctions of critical support, passive aggressiveness, poor communications, psychological projection, and gaslighting.

Apparently Microsoft has also formed agreements with many law firms to just simply not sue them, and an employee was even recently found dead on campus.

So now I have a federal investigation into Microsoft, and I will not be accepting this sort of behavior, and if attorneys and agencies are not doing their jobs, they have to realize the amount of bad PR they are receiving over this. Every day on LinkedIn and blind I've seen more and more folks upset.

https://redd.it/1nd5vdr
@r_systemadmin

Is it a bad idea to block Temu from a data security perspective?

I have recently blocked Temu due to concerns surrounding the excessive amount of information their site stores. Am I being paranoid?

https://redd.it/1nd5l5o
@r_systemadmin

Stopping GenAI data leaks when staff use ChatGPT at work

We’ve had a few close calls where employees pasted sensitive client info into ChatGPT while drafting responses. Leadership doesn’t want to ban AI tools entirely, but compliance is worried. We’re trying to figure out the best way to prevent data leakage without killing productivity. Curious if anyone has found approaches that actually work in practice.

https://redd.it/1nd7ynt
@r_systemadmin

User reported someone remoted into his virtual machine

Hi Everyone,

One of our users reported that while his workstation was in sleep state, it turned itself on and looked like someone was navigating through some excel files. He reported that this happened for like 15-30 seconds. User primarily works on a windows virtual desktop and it is being monitored by Defender for Endpoint.

My colleagues where first to respond and have tried to reach out to the user but he was unreachable. They did check on the security event log and did not see any logins besides service accounts. His office 365 activity was also checked from the Defender activity portal and Entra ID.

I first ran a full scan for his virtual machine from the defender portal and it did not came back with anything. Checked the TerminalServices-LocalSessionManager event logs for both the local and virtual machine but only user's account was seen to login. Can't get the network information from the logins since it was unavailable.

No other remote connection program was installed besides remote desktop and screenconnect both for the local and virtual machine. Have checked on the scheduled task, startup programs and processes but nothing really stood out to be malicious. My seniors checked on the firewall logs and they weren't able to detect suspicious connections either.

Considered someone from IT logged accidentally and tried to review the application logs to see if anyone have logged in with screenconnect within the time user reported but none was observed. Even looked for cleared log events but none have been found. Not sure if this could be caused by faulty hardware since user said that it was shifting through excel tabs.

I know this should have been done in the first place but i have suggested that a malwarebytes/hitmanpro scan should be done on the local and virtual machine to rule out any undetected malware. My boss doesn't really like me reaching out to client or remoting in to their workstation yet since we have someone from the team that does that and I'm the one with the least experience. Can only remote in via the backstage feature in ConnectWise Automate with limited access.

May I please know what else to check or if I'm missing anything? Really appreciate for any help. I've been at this for already for more than a week and can't find anything.

https://redd.it/1nd6eli
@r_systemadmin