new to all this
hi folks
so i am new to this space (being called a sys admin when i only have 6mths of soc experience under my belt) or ill say the noscript and well the work too. I’ve been tasked to create a firewall through microsoft 365s suite of tools and i’m
not sure where to start. Yes i am new to any type of computer or admin work like this. i was inspired when i had a SOC internship opportunity and saw how that company worked with endpoint and SIR. so
Objective: create a filtering system where this wall can monitor the entire domain network from phishing attacks and other iocs like that so that as this business is growing it will have some form of security infrastructure.
what i think id have to do: create a baseline so that there’s a basis for what regular traffic looks like. i can have access to the ceo’s credentials (at least my thought process would be if he’s the one probably getting the most traffic he would have a more wide range of incoming and outbound emails)
i know that they are using azure for mdm and i want to be able to spread that security around to the devices as well since they are all being monitored through apple business management and azures MDM.
im not gonna lie i am kinda stuck i have multiple tabs open trying to understand submitting things, about copilot and just where to go from here to be honest. i would appreciate no malicious feedback back telling me find another job or something because i believe i can do this im just stuck and could really use some help cause the “zero to hero” videos on youtube for azure aren’t really helping. i hope i don’t sound to pessimistic just overwhelmed with the task but working my way through and utilizing any resource i can except chatgpt (unless that would help just haven’t tried that either)
thanks
https://redd.it/1nh3a1d
@r_systemadmin
hi folks
so i am new to this space (being called a sys admin when i only have 6mths of soc experience under my belt) or ill say the noscript and well the work too. I’ve been tasked to create a firewall through microsoft 365s suite of tools and i’m
not sure where to start. Yes i am new to any type of computer or admin work like this. i was inspired when i had a SOC internship opportunity and saw how that company worked with endpoint and SIR. so
Objective: create a filtering system where this wall can monitor the entire domain network from phishing attacks and other iocs like that so that as this business is growing it will have some form of security infrastructure.
what i think id have to do: create a baseline so that there’s a basis for what regular traffic looks like. i can have access to the ceo’s credentials (at least my thought process would be if he’s the one probably getting the most traffic he would have a more wide range of incoming and outbound emails)
i know that they are using azure for mdm and i want to be able to spread that security around to the devices as well since they are all being monitored through apple business management and azures MDM.
im not gonna lie i am kinda stuck i have multiple tabs open trying to understand submitting things, about copilot and just where to go from here to be honest. i would appreciate no malicious feedback back telling me find another job or something because i believe i can do this im just stuck and could really use some help cause the “zero to hero” videos on youtube for azure aren’t really helping. i hope i don’t sound to pessimistic just overwhelmed with the task but working my way through and utilizing any resource i can except chatgpt (unless that would help just haven’t tried that either)
thanks
https://redd.it/1nh3a1d
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
Greybeards - What is the plan for when you can't/wont retire and you are inevitably pushed out of SysAdmin?
40 years under the yoke. Linux and storage admin. Still current, still learning the new stuff. I will get RIF'd eventually and dread the job search. Hiring Managers gonna take one look at the grey hair, the stress lines and nope right out. Did the Management track for 20 years and hated it. Much happier as an individual contributor. Thought about going into teaching, but I hate people (Linux guy! Duh). What's the next phase for us to earn a paycheck until they find us dead at the wheel?
https://redd.it/1nh4i80
@r_systemadmin
40 years under the yoke. Linux and storage admin. Still current, still learning the new stuff. I will get RIF'd eventually and dread the job search. Hiring Managers gonna take one look at the grey hair, the stress lines and nope right out. Did the Management track for 20 years and hated it. Much happier as an individual contributor. Thought about going into teaching, but I hate people (Linux guy! Duh). What's the next phase for us to earn a paycheck until they find us dead at the wheel?
https://redd.it/1nh4i80
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
Starwind Vsan questions regarding SRV-IO
Hey fellow sysadmins,
Im currently setuping a two node starwind vsan (CVM based) system, that uses Windows clustering to provide high availability file servers. Everything is running under Hyper-V. I'm having trouble getting SRV-IO to work. When I use a VF interface within the CVM, I get not connection between nodes or the hosts. I am using Intel x540 10gb network cards for my replication and ISCSI networks. Two questions:
1. Will i really notice much of a perfomance gain with SRV-IO vs the normal virtual interface and virtual switch in this use case?
2. If so, any suggestions to get this working? Good places to start for troubleshooting?
Thanks yall!
https://redd.it/1nh7xjf
@r_systemadmin
Hey fellow sysadmins,
Im currently setuping a two node starwind vsan (CVM based) system, that uses Windows clustering to provide high availability file servers. Everything is running under Hyper-V. I'm having trouble getting SRV-IO to work. When I use a VF interface within the CVM, I get not connection between nodes or the hosts. I am using Intel x540 10gb network cards for my replication and ISCSI networks. Two questions:
1. Will i really notice much of a perfomance gain with SRV-IO vs the normal virtual interface and virtual switch in this use case?
2. If so, any suggestions to get this working? Good places to start for troubleshooting?
Thanks yall!
https://redd.it/1nh7xjf
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
Dell Smart Docks and Dell Device Management Console
I am tearing my hair out with this one.
I cannot get my laptop or any smart dock to register with the Dell Device Management Console. The DDMA Console is blank, like shown here in the Dell guide https://www.dell.com/support/kbdoc/en-au/000348677/host-does-not-appear-in-dell-device-management-console-after-installing-dell-device-management-agent
I've removed the agent several times and re-ran the CLI with the group ID but still the PC wont register.
The smart docks also will not check in either. I've set option 180 and 190 as described here: https://www.dell.com/support/manuals/en-au/device-management-console/peripheral_mgmt_1.x_rn/configuring-dell-pro-smart-docks?guid=guid-17712791-e4c2-4dfe-a19b-c5d27f766686&lang=en-us and have used wireshark to verify both options are appearing. I've confirmed the key several times and tried also making custom groups as well.
Where am I going wrong here??
https://redd.it/1nh9dty
@r_systemadmin
I am tearing my hair out with this one.
I cannot get my laptop or any smart dock to register with the Dell Device Management Console. The DDMA Console is blank, like shown here in the Dell guide https://www.dell.com/support/kbdoc/en-au/000348677/host-does-not-appear-in-dell-device-management-console-after-installing-dell-device-management-agent
I've removed the agent several times and re-ran the CLI with the group ID but still the PC wont register.
The smart docks also will not check in either. I've set option 180 and 190 as described here: https://www.dell.com/support/manuals/en-au/device-management-console/peripheral_mgmt_1.x_rn/configuring-dell-pro-smart-docks?guid=guid-17712791-e4c2-4dfe-a19b-c5d27f766686&lang=en-us and have used wireshark to verify both options are appearing. I've confirmed the key several times and tried also making custom groups as well.
Where am I going wrong here??
https://redd.it/1nh9dty
@r_systemadmin
Windows 10 Extended Support Subnoscription - Updates - How?
If you buy the $61 USD Subnoscription to extend support for Windows 10 for 12 months, will the updates turn up when you do a windows update from the computer (or via the API in an RMM situation), or, is it a case of it having to be enrolled into the cloud management console and managing updates via that? I am trying to make sure that our RMM will be able to update Windows 10 who have a subnoscription or will it need to be done via Azure Arc?
TIA
https://redd.it/1nh9t00
@r_systemadmin
If you buy the $61 USD Subnoscription to extend support for Windows 10 for 12 months, will the updates turn up when you do a windows update from the computer (or via the API in an RMM situation), or, is it a case of it having to be enrolled into the cloud management console and managing updates via that? I am trying to make sure that our RMM will be able to update Windows 10 who have a subnoscription or will it need to be done via Azure Arc?
TIA
https://redd.it/1nh9t00
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
Oracle Exadata
Hello. So my one of my company's client recently got their hand on some Oracle Exadata X10M, and my managers decided that it's up to me to get them up and running. Config the server, storage tuning, tshoot etc. I haven't even seen the server up close, yet I'm supposed to know how it work. I've worked with Sparc series and know my way around them, but from what I've heard Exadata is a whole different beast.
So my question is have you worked with it? If so, Can you give me some pointers on what should i do or where should I begin? Any help would be appreciated. Thanks in advance
https://redd.it/1nheztv
@r_systemadmin
Hello. So my one of my company's client recently got their hand on some Oracle Exadata X10M, and my managers decided that it's up to me to get them up and running. Config the server, storage tuning, tshoot etc. I haven't even seen the server up close, yet I'm supposed to know how it work. I've worked with Sparc series and know my way around them, but from what I've heard Exadata is a whole different beast.
So my question is have you worked with it? If so, Can you give me some pointers on what should i do or where should I begin? Any help would be appreciated. Thanks in advance
https://redd.it/1nheztv
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
How do small companies without a SOC team handle cybersecurity?
I’ve noticed that most small and mid-sized businesses don’t have the budget or people to run a full-fledged security operations center.
For those of you managing IT/security in small teams:
What are your biggest security pain points (phishing, ransomware, insider misuse, cloud misconfigurations)?
Do you currently use any tools (SIEM, endpoint detection, log monitoring)?
If not, what’s stopping you — cost, complexity, or lack of time/people?
Curious to hear real-world experiences. This will help me understand how smaller companies actually tackle security day-to-day.
https://redd.it/1nhfmj4
@r_systemadmin
I’ve noticed that most small and mid-sized businesses don’t have the budget or people to run a full-fledged security operations center.
For those of you managing IT/security in small teams:
What are your biggest security pain points (phishing, ransomware, insider misuse, cloud misconfigurations)?
Do you currently use any tools (SIEM, endpoint detection, log monitoring)?
If not, what’s stopping you — cost, complexity, or lack of time/people?
Curious to hear real-world experiences. This will help me understand how smaller companies actually tackle security day-to-day.
https://redd.it/1nhfmj4
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
Moronic Monday - September 15, 2025
Howdy, /r/sysadmin!
It's that time of the week, Moronic Monday! This is a safe (mostly) judgement-free environment for all of your questions and stories, no matter how silly you think they are. Anybody can answer questions! My name is AutoModerator and I've taken over responsibility for posting these weekly threads so you don't have to worry about anything except your comments!
https://redd.it/1nhhoyc
@r_systemadmin
Howdy, /r/sysadmin!
It's that time of the week, Moronic Monday! This is a safe (mostly) judgement-free environment for all of your questions and stories, no matter how silly you think they are. Anybody can answer questions! My name is AutoModerator and I've taken over responsibility for posting these weekly threads so you don't have to worry about anything except your comments!
https://redd.it/1nhhoyc
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
local AD Password Complexity Error
Hi fellow Microsoft people,
I have a local AD running on Functional Level 2016, main DC Server 2016, secondary DC 2019.
Last week, my users started getting errors when changing their passwords - the classic "password does not meet complexity standards".
I just have the default complexity standards applied with a GPO, unchanged for years now - used to work pretty well.
Even when testing myself, I get hit with this error message, despite the new, randomly generated passwords, which definitely meet the complexity requirements.
Has anyone seen this problem before and has any tips for me?
https://redd.it/1nhh5q4
@r_systemadmin
Hi fellow Microsoft people,
I have a local AD running on Functional Level 2016, main DC Server 2016, secondary DC 2019.
Last week, my users started getting errors when changing their passwords - the classic "password does not meet complexity standards".
I just have the default complexity standards applied with a GPO, unchanged for years now - used to work pretty well.
Even when testing myself, I get hit with this error message, despite the new, randomly generated passwords, which definitely meet the complexity requirements.
Has anyone seen this problem before and has any tips for me?
https://redd.it/1nhh5q4
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
O365 to O365 Migration
Hey, I've done these in the past for smaller companies (20-30 users, max, they work less than 5 days a week so the migration was even easier). However, now I'm up against a 200 user beast, well established on O365, however, we need to move over to a new tenant due to some billing issues. Is BitTitan still the best option for these migrations? Anything new I should know? (havent done one since 2020)
https://redd.it/1nhiwd8
@r_systemadmin
Hey, I've done these in the past for smaller companies (20-30 users, max, they work less than 5 days a week so the migration was even easier). However, now I'm up against a 200 user beast, well established on O365, however, we need to move over to a new tenant due to some billing issues. Is BitTitan still the best option for these migrations? Anything new I should know? (havent done one since 2020)
https://redd.it/1nhiwd8
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
Do you let employees DM IT, or force a structured intake?
1. One of the biggest debates we see:
Allow DMs (easy for users, chaos for IT)
2. Force tickets/requests in a structured way (less chaos, more complaints from users)
Which side are you on?
https://redd.it/1nhlc2d
@r_systemadmin
1. One of the biggest debates we see:
Allow DMs (easy for users, chaos for IT)
2. Force tickets/requests in a structured way (less chaos, more complaints from users)
Which side are you on?
https://redd.it/1nhlc2d
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
Looking for Cheap (free) Ticketing system
I'm a one man shop, internal IT for about 200 people and growing. I'm at the point where email/text/phone calls is getting cumbersome to manage. I don't think I'm busy enough to justify spending thousands of dollars either yet.
Anyone know of a cheap, preferably free IT Ticketing system to help manage IT issues? I've never really used any in the past so I don't even know where to start looking.
https://redd.it/1nhk8wm
@r_systemadmin
I'm a one man shop, internal IT for about 200 people and growing. I'm at the point where email/text/phone calls is getting cumbersome to manage. I don't think I'm busy enough to justify spending thousands of dollars either yet.
Anyone know of a cheap, preferably free IT Ticketing system to help manage IT issues? I've never really used any in the past so I don't even know where to start looking.
https://redd.it/1nhk8wm
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
Controlling Chrome extensions in schools?
i m ed tech coordinator. Teachers love installing free grading helpers but most ask for sensitive permissions and access. Is there a tool to whitelist only safe extensions?
https://redd.it/1nhj9pz
@r_systemadmin
i m ed tech coordinator. Teachers love installing free grading helpers but most ask for sensitive permissions and access. Is there a tool to whitelist only safe extensions?
https://redd.it/1nhj9pz
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
I'm shocked at how bad GoDaddy is
GoDaddy are our domain registrar and they host a managed WordPress site for us
About a month ago, we moved name servers and updated them in GoDaddy - everything was working fine after the TTLs expired (nothing has changed in DNS either - this was just some shuffling around for better DNS management)
Today we find that the WordPress site is dead with an SSL error
This is entirely managed by them, and when I log into our account, I don't see any errors or issues - nor can I get to the WordPress admin page as it's behind the dead site
So I call their support - first red flag - they asked me for my MFA code
No not the support PIN on my account, my MFA code from my authenticator app
You know, the thing we train users to NEVER GIVE TO ANYONE
And what do they tell me? The name server change somehow caused them to change the IP of the WordPress site, so we're pointing at the wrong place
Did they inform us of this change? Nope - no emails or anything
They give me the new IP and I update our DNS and try it again on my machine using Cloudflare DNS since CF don't seem to care about TTL
Nope, same error - so this new IP has the same problem
Next thing they tell me is domain verification is failing because our name servers are 3rd party and not hosted with them (as is best practice)
They then recommend transferring our name servers back to them
Just what the fuck? Our name server change was just a recreation of the zone in another RG in Azure using IaC to configure it - and it's a direct match to what it was before
I genuinely don't understand how they've shit the bed so hard here
https://redd.it/1nhojjb
@r_systemadmin
GoDaddy are our domain registrar and they host a managed WordPress site for us
About a month ago, we moved name servers and updated them in GoDaddy - everything was working fine after the TTLs expired (nothing has changed in DNS either - this was just some shuffling around for better DNS management)
Today we find that the WordPress site is dead with an SSL error
This is entirely managed by them, and when I log into our account, I don't see any errors or issues - nor can I get to the WordPress admin page as it's behind the dead site
So I call their support - first red flag - they asked me for my MFA code
No not the support PIN on my account, my MFA code from my authenticator app
You know, the thing we train users to NEVER GIVE TO ANYONE
And what do they tell me? The name server change somehow caused them to change the IP of the WordPress site, so we're pointing at the wrong place
Did they inform us of this change? Nope - no emails or anything
They give me the new IP and I update our DNS and try it again on my machine using Cloudflare DNS since CF don't seem to care about TTL
Nope, same error - so this new IP has the same problem
Next thing they tell me is domain verification is failing because our name servers are 3rd party and not hosted with them (as is best practice)
They then recommend transferring our name servers back to them
Just what the fuck? Our name server change was just a recreation of the zone in another RG in Azure using IaC to configure it - and it's a direct match to what it was before
I genuinely don't understand how they've shit the bed so hard here
https://redd.it/1nhojjb
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
Does Barracuda Email Firewall Suck?
I use Barracuda for my email firewall for all of my clients and I'm pretty much constantly having issues with it. Important emails getting blocked, lots of stuff (that's clearly spam) getting through, support that doesn't seem to have any solutions. Needless to say, I'm starting to get fed up with it and so are my clients. I've only ever used Barracuda, is this a problem you guys see with your firewalls as well? Should I think of switching? If so, what are some good alternatives?
https://redd.it/1nhpb32
@r_systemadmin
I use Barracuda for my email firewall for all of my clients and I'm pretty much constantly having issues with it. Important emails getting blocked, lots of stuff (that's clearly spam) getting through, support that doesn't seem to have any solutions. Needless to say, I'm starting to get fed up with it and so are my clients. I've only ever used Barracuda, is this a problem you guys see with your firewalls as well? Should I think of switching? If so, what are some good alternatives?
https://redd.it/1nhpb32
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
Blocking Tor IP Ranges through Conditional Access
Howdy,
I wanted to see if I could block TOR (specifically the exit nodes) by using conditional access in Entra. I have a few security layers for our corporate devices (Defender XDR, Applocker, managed through Intune) but that doesn't extend to personal devices accessing 365. The native functionality comes from Cloud App Security and requires an E5 Security license and a AAD P2 license. MAM could be an option too, but it requires an AAD P2 license in addition to an Intune license. The bulk of our user base doesn't have any of these licenses assigned, so I figured I'd try and do it on a budget.
I found the TOR exit nodes were publicly available (v6 was not available from the Tor Project) so I just grabbed those and noscripted out the updates through Azure Automation.
The noscript itself will download the IPv4 and IPv6 lists, format the response and then either create a new IP Location range if one doesn't exist or update an existing one.
As I mentioned above, the IPv4 exit node list is provided publicly from the TOR Project but the IPv6 (also includes IPv4) exit node list is from www.dan.me.uk \- Thanks Dan!
The IPv4 exit node list is official and provided by the Tor project so I opted to use that for IP4 and the other for IPv6.
Tor Exit Nodes
IPV4 - https://check.torproject.org/torbulkexitlist
IPV4/IPV6 - https://www.dan.me.uk/torlist/?exit (You can only hit this every 30 minutes or else it can block you)
Script
https://github.com/clocktowerletter/hellclock/blob/main/Tor%20Exit%20Node%20CA%20Policy%20Update.ps1
NOTE: Whenever the noscript updates the IPv4 and IPv6 Tor ranges, it wipes out the existing CIDRs within the policy, so it will always be current with the public lists. If no response is returned when pulling the IPv4 or IPv6 list, the noscript will stop. More error checking could and should be added.
The noscript is using a managed identity to sign into Microsoft Graph and I'm leveraging Azure Automation on a twice-daily schedule to run it. The permission assigned to the managed identity is "Policy.ReadWrite.ConditionalAccess.
It will create/update two named location IP range policies. You will still need to link this to a blocking policy in Conditional Access but I omitted that part as it can be done through the portal. If you want to run it locally, you could utilize interactive based sign-in for Microsoft Graph. Just to remove the "-Identity" switch from the second line and for best practice replace with "-Scopes 'Policy.ReadWrite.ConditionalAccess'". Azure Automation was being quirky with the newer Graph modules but YMMV.
https://redd.it/1nhp33m
@r_systemadmin
Howdy,
I wanted to see if I could block TOR (specifically the exit nodes) by using conditional access in Entra. I have a few security layers for our corporate devices (Defender XDR, Applocker, managed through Intune) but that doesn't extend to personal devices accessing 365. The native functionality comes from Cloud App Security and requires an E5 Security license and a AAD P2 license. MAM could be an option too, but it requires an AAD P2 license in addition to an Intune license. The bulk of our user base doesn't have any of these licenses assigned, so I figured I'd try and do it on a budget.
I found the TOR exit nodes were publicly available (v6 was not available from the Tor Project) so I just grabbed those and noscripted out the updates through Azure Automation.
The noscript itself will download the IPv4 and IPv6 lists, format the response and then either create a new IP Location range if one doesn't exist or update an existing one.
As I mentioned above, the IPv4 exit node list is provided publicly from the TOR Project but the IPv6 (also includes IPv4) exit node list is from www.dan.me.uk \- Thanks Dan!
The IPv4 exit node list is official and provided by the Tor project so I opted to use that for IP4 and the other for IPv6.
Tor Exit Nodes
IPV4 - https://check.torproject.org/torbulkexitlist
IPV4/IPV6 - https://www.dan.me.uk/torlist/?exit (You can only hit this every 30 minutes or else it can block you)
Script
https://github.com/clocktowerletter/hellclock/blob/main/Tor%20Exit%20Node%20CA%20Policy%20Update.ps1
NOTE: Whenever the noscript updates the IPv4 and IPv6 Tor ranges, it wipes out the existing CIDRs within the policy, so it will always be current with the public lists. If no response is returned when pulling the IPv4 or IPv6 list, the noscript will stop. More error checking could and should be added.
The noscript is using a managed identity to sign into Microsoft Graph and I'm leveraging Azure Automation on a twice-daily schedule to run it. The permission assigned to the managed identity is "Policy.ReadWrite.ConditionalAccess.
It will create/update two named location IP range policies. You will still need to link this to a blocking policy in Conditional Access but I omitted that part as it can be done through the portal. If you want to run it locally, you could utilize interactive based sign-in for Microsoft Graph. Just to remove the "-Identity" switch from the second line and for best practice replace with "-Scopes 'Policy.ReadWrite.ConditionalAccess'". Azure Automation was being quirky with the newer Graph modules but YMMV.
https://redd.it/1nhp33m
@r_systemadmin
Proxmox ceph failures
So it happens on a friday, typical.
we have a 4 node proxmox cluster which has two ceph pools, one stritcly hdd and one ssd. we had a failure on one of our hdd's so i pulled it from production and allowed ceph to rebuild. it turned out the layout of drives and ceph settings were not done right and a bunch of PGs became degraded during this time. unable to recover the vm disks now and have to rebuild 6 servers from scratch including our main webserver.
the only lucky thing about this is that most of these servers are very minimal in setup time invlusing the webserver. I relied on a system too much to protect the data (when it was incorectly configured)..
should have at least half of the servers back online by the end of my shift. but damn this is not fun.
what are your horror stories?
https://redd.it/1nhtj2l
@r_systemadmin
So it happens on a friday, typical.
we have a 4 node proxmox cluster which has two ceph pools, one stritcly hdd and one ssd. we had a failure on one of our hdd's so i pulled it from production and allowed ceph to rebuild. it turned out the layout of drives and ceph settings were not done right and a bunch of PGs became degraded during this time. unable to recover the vm disks now and have to rebuild 6 servers from scratch including our main webserver.
the only lucky thing about this is that most of these servers are very minimal in setup time invlusing the webserver. I relied on a system too much to protect the data (when it was incorectly configured)..
should have at least half of the servers back online by the end of my shift. but damn this is not fun.
what are your horror stories?
https://redd.it/1nhtj2l
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
Solarwinds, I'm out.
I have defended this company's on prem solutions for years, and today is the day I am done. I have already put the replacement in place, that's how easy it was to get rid of them.
They took $119/year product and started charging $999/year. The DPA product was pretty good for quicky troubleshooting, but not a $500/year product to $2500/year. Now you are getting $0.
Good job, private equity firm. You have killed another one.
https://redd.it/1nhxgg0
@r_systemadmin
I have defended this company's on prem solutions for years, and today is the day I am done. I have already put the replacement in place, that's how easy it was to get rid of them.
They took $119/year product and started charging $999/year. The DPA product was pretty good for quicky troubleshooting, but not a $500/year product to $2500/year. Now you are getting $0.
Good job, private equity firm. You have killed another one.
https://redd.it/1nhxgg0
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
Server 2025 DC - Clients randomly unable to log in until they restart
We've been struggling to get all the issues ironed out of a Server 2025 DC deployment. There is a 2nd DC in place still running 2022, so we can demote the 2025 if we absolutely have to.
At first, everything seemed okay, but recently we've been having issues where a client PC will boot up in the morning, they enter their credentials, and are told the username or password is incorrect. Even if we confirm that the credentials ARE correct, they cannot log in. They do not get a domain trust error, just that the password is incorrect.
If they reboot their workstation, they are then able to log in on the subsequent reboot.
I'm not sure if this is a 2025 DC issue, or a W11 24H2 issue. I've found other references to the same problem, but nobody has posted about a fix.
There have been so many issues with 2025 DCs that it can be somewhat difficult to find information on the specific one you're dealing with. Searching for this issue tends to bring up posts about the earlier problem where rebooting a DC would cause its network profile to change and then computers couldn't authenticate, but this is not the same issue.
I'm currently in the process of installing the September cumulative update on the DC, but I don't think that's going to change anything.
If anyone has any suggestions, I'd love to hear them!
https://redd.it/1nhtlx7
@r_systemadmin
We've been struggling to get all the issues ironed out of a Server 2025 DC deployment. There is a 2nd DC in place still running 2022, so we can demote the 2025 if we absolutely have to.
At first, everything seemed okay, but recently we've been having issues where a client PC will boot up in the morning, they enter their credentials, and are told the username or password is incorrect. Even if we confirm that the credentials ARE correct, they cannot log in. They do not get a domain trust error, just that the password is incorrect.
If they reboot their workstation, they are then able to log in on the subsequent reboot.
I'm not sure if this is a 2025 DC issue, or a W11 24H2 issue. I've found other references to the same problem, but nobody has posted about a fix.
There have been so many issues with 2025 DCs that it can be somewhat difficult to find information on the specific one you're dealing with. Searching for this issue tends to bring up posts about the earlier problem where rebooting a DC would cause its network profile to change and then computers couldn't authenticate, but this is not the same issue.
I'm currently in the process of installing the September cumulative update on the DC, but I don't think that's going to change anything.
If anyone has any suggestions, I'd love to hear them!
https://redd.it/1nhtlx7
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
ScreenConnect/Control new policies
I LOVE the fact they are making a paywall to stop these idiots from using a free service to hack the less techie folks. I would like to see all the other products follow suit. I also noticed that Control implemented a real warning that says "You are letting someone control your computer. DO YOU REALLY CONCEDE?"
https://redd.it/1ni2jvp
@r_systemadmin
I LOVE the fact they are making a paywall to stop these idiots from using a free service to hack the less techie folks. I would like to see all the other products follow suit. I also noticed that Control implemented a real warning that says "You are letting someone control your computer. DO YOU REALLY CONCEDE?"
https://redd.it/1ni2jvp
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
Am I Overreacting About Our MSP Deploying a VM Without Telling Me?
I’m the sole IT/ERP Manager for a small business with around 60-70 employees spread across four locations. We work with an MSP under a co-management agreement to help support our environment.
Last Thursday, I had a meeting with their Director of Customer Service because I was frustrated — they were making changes without properly informing me and weren’t holding up parts of their support agreement.
Later that day, I met with their lead technician, who walked me through some new software tools they’re planning to roll out for us. One of the tools mentioned was Nodeware. During that 15-minute conversation, multiple tools came up, and they made it sound like Nodeware was a cloud-based solution. Regardless, all of these tools were supposed to be in a test enviorment. Nothing should be on our production hyper v host.
Fast forward to tonight — I was doing some off-hours work on one of our Hyper-V hosts and noticed a VM that I didn’t recognize. After digging in, I found it’s a Linux server running Nodeware.
To say I’m frustrated would be an understatement. This is the first time they’ve deployed a VM directly on my production host — without notifying me. Every other tool we've deployed through them has been cloud-based. If they had just told me ahead of time, I probably wouldn’t have had an issue. But dropping a VM into my production environment without a heads-up? That feels like crossing a line.
I plan to bring this up with our COO tomorrow. But before I do, I’d like to check in with you all — am I overreacting here?
(And just in case I do show this to him — hey Mike 👋)
https://redd.it/1ni32db
@r_systemadmin
I’m the sole IT/ERP Manager for a small business with around 60-70 employees spread across four locations. We work with an MSP under a co-management agreement to help support our environment.
Last Thursday, I had a meeting with their Director of Customer Service because I was frustrated — they were making changes without properly informing me and weren’t holding up parts of their support agreement.
Later that day, I met with their lead technician, who walked me through some new software tools they’re planning to roll out for us. One of the tools mentioned was Nodeware. During that 15-minute conversation, multiple tools came up, and they made it sound like Nodeware was a cloud-based solution. Regardless, all of these tools were supposed to be in a test enviorment. Nothing should be on our production hyper v host.
Fast forward to tonight — I was doing some off-hours work on one of our Hyper-V hosts and noticed a VM that I didn’t recognize. After digging in, I found it’s a Linux server running Nodeware.
To say I’m frustrated would be an understatement. This is the first time they’ve deployed a VM directly on my production host — without notifying me. Every other tool we've deployed through them has been cloud-based. If they had just told me ahead of time, I probably wouldn’t have had an issue. But dropping a VM into my production environment without a heads-up? That feels like crossing a line.
I plan to bring this up with our COO tomorrow. But before I do, I’d like to check in with you all — am I overreacting here?
(And just in case I do show this to him — hey Mike 👋)
https://redd.it/1ni32db
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community