User was compromised and sent out 2000 emails with a bad link, 24 hours later the User still can't receive or send users after mitigation steps
As the noscript says, I have a user who has sent out 2000 emails with a malicious link. I was able to mitigate the issue by removing said OneNote page and we reset the password and information for the user in question. It's been 24 hours, and the (real) user still can't receive or send emails. I have sent emails to the user to test this and see on the trace that these emails are delivered, but they are not getting to the end user. I know Microsoft will stop emails sent from an individual user at some point, but what is the protocol to allowing the user to get and receive emails again?
*Note: This is a volunteer gig and I'm definitely not SYS Admin but have novice knowledge around Azure admin center.
https://redd.it/1nkjckp
@r_systemadmin
As the noscript says, I have a user who has sent out 2000 emails with a malicious link. I was able to mitigate the issue by removing said OneNote page and we reset the password and information for the user in question. It's been 24 hours, and the (real) user still can't receive or send emails. I have sent emails to the user to test this and see on the trace that these emails are delivered, but they are not getting to the end user. I know Microsoft will stop emails sent from an individual user at some point, but what is the protocol to allowing the user to get and receive emails again?
*Note: This is a volunteer gig and I'm definitely not SYS Admin but have novice knowledge around Azure admin center.
https://redd.it/1nkjckp
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
How do you balance ‘get it done’ vs. ‘there must be a better way’ as a sysadmin?
Something I keep struggling with is actually getting things done vs constantly thinking there must be a better tool, noscript, or process out there. With the amount of really useful tools, noscripts, online resources, etc. out there I'm always worried that the task I'm about to set out on could be done faster, bestter, be more automated, all that good stuff.
Whenever I'm about to start a task I’ll often catch myself thinking:
“Is this even the best way to do this? There’s probably some open source tool, online resource, or hidden feature that would save me time.”
The problem is that thought pattern sometimes leads to over researching instead of executing. I end up stuck between "just do it with the process or tools I know" and "wait a sec, let me try do this in the best practice, most efficient modern way. Maybe I should spend hours hunting for a more elegant solution".
Do other sysadmins struggle with this? How do you personally strike the balance between “just get it done even if it's not the most perfect, efficient solution” and “investing time to find a smarter way”?
https://redd.it/1nkoplb
@r_systemadmin
Something I keep struggling with is actually getting things done vs constantly thinking there must be a better tool, noscript, or process out there. With the amount of really useful tools, noscripts, online resources, etc. out there I'm always worried that the task I'm about to set out on could be done faster, bestter, be more automated, all that good stuff.
Whenever I'm about to start a task I’ll often catch myself thinking:
“Is this even the best way to do this? There’s probably some open source tool, online resource, or hidden feature that would save me time.”
The problem is that thought pattern sometimes leads to over researching instead of executing. I end up stuck between "just do it with the process or tools I know" and "wait a sec, let me try do this in the best practice, most efficient modern way. Maybe I should spend hours hunting for a more elegant solution".
Do other sysadmins struggle with this? How do you personally strike the balance between “just get it done even if it's not the most perfect, efficient solution” and “investing time to find a smarter way”?
https://redd.it/1nkoplb
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
Public NTP servers
The noscript summarizes it all. We have much of the infrastructure on public cloud & time gets synced from Hypervisor.
Part of the infrastructure is on Edge network, mostly network devices like firewalls, F5 load balancers & observability devices.
Does this make sense to run a private NTP server to provide time sync services just for edge n/w? What are the caveats of using public NTP services like
I somehow feel it's an overkill to offer NTP services for a small handful of clients.
Have your say!!
https://redd.it/1nkk9ij
@r_systemadmin
The noscript summarizes it all. We have much of the infrastructure on public cloud & time gets synced from Hypervisor.
Part of the infrastructure is on Edge network, mostly network devices like firewalls, F5 load balancers & observability devices.
Does this make sense to run a private NTP server to provide time sync services just for edge n/w? What are the caveats of using public NTP services like
time.windows.com or NTP pool?I somehow feel it's an overkill to offer NTP services for a small handful of clients.
Have your say!!
https://redd.it/1nkk9ij
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
How do you get past the question from management of "why couldn't others on the team figure this out?"
In any team, there will be people of various specialties, and not everyone is perfectly interchangeable with everyone else. But management (especially non-technical management members) often times don't comprehend this. They think that with enough training anyone should be able to do anyone else's job. Which may be the case when it comes to procedures for any defined job aspect, but there is no training that can give someone the deep insight in a given area.
Examples include a good DBA that can look at performance, glance at queries, and come up with some non-obvious set of indexes that magically make everything better (or sometimes removing indexes so a better one in a given situation gets actually used). Or you have someone who happens to be good at understanding systems-level programming, and diagnoses why a vendor license manager is segfaulting by running strace against it and seeing that a file it opened / read just prior to the segault happens to be a zero-byte XML file, and fixing that resolves the issue instantly.
You can write up incident reports that shows what the solution was for any given issue, but I really don't know how to train people on the thought process that quickly gets to a solution, when that though process was honed over 35 years of intense self-torture in front of a computer screen.
The closest I've seen in print form is after reading The Phoenix Project, which was at the beginning of the devops culture. In there they had a character named Brent that new where all the bodies were buried, and just took care of things. Not that he was a genius, but just had that deep domain and company knowledge.
Has anyone else had real-life experience with these situations, and how did you end up improving it? Did you do like was done in that book, and have your Brent explain the steps for the solution but have someone else drive the keyboard? Or, instead of solutioning it, point another team member to the appropriate documentation and have them go through it with you? What else can we implement?
https://redd.it/1nkt3nu
@r_systemadmin
In any team, there will be people of various specialties, and not everyone is perfectly interchangeable with everyone else. But management (especially non-technical management members) often times don't comprehend this. They think that with enough training anyone should be able to do anyone else's job. Which may be the case when it comes to procedures for any defined job aspect, but there is no training that can give someone the deep insight in a given area.
Examples include a good DBA that can look at performance, glance at queries, and come up with some non-obvious set of indexes that magically make everything better (or sometimes removing indexes so a better one in a given situation gets actually used). Or you have someone who happens to be good at understanding systems-level programming, and diagnoses why a vendor license manager is segfaulting by running strace against it and seeing that a file it opened / read just prior to the segault happens to be a zero-byte XML file, and fixing that resolves the issue instantly.
You can write up incident reports that shows what the solution was for any given issue, but I really don't know how to train people on the thought process that quickly gets to a solution, when that though process was honed over 35 years of intense self-torture in front of a computer screen.
The closest I've seen in print form is after reading The Phoenix Project, which was at the beginning of the devops culture. In there they had a character named Brent that new where all the bodies were buried, and just took care of things. Not that he was a genius, but just had that deep domain and company knowledge.
Has anyone else had real-life experience with these situations, and how did you end up improving it? Did you do like was done in that book, and have your Brent explain the steps for the solution but have someone else drive the keyboard? Or, instead of solutioning it, point another team member to the appropriate documentation and have them go through it with you? What else can we implement?
https://redd.it/1nkt3nu
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
Weekly 'I made a useful thing' Thread - September 19, 2025
There is a great deal of user-generated content out there, from noscripts and software to tutorials and videos, but we've generally tried to keep that off of the front page due to the volume and as a result of community feedback. There's also a great deal of content out there that violates our advertising/promotion rule, from noscripts and software to tutorials and videos.
We have received a number of requests for exemptions to the rule, and rather than allowing the front page to get consumed, we thought we'd try a weekly thread that allows for that kind of content. We don't have a catchy name for it yet, so please let us know if you have any ideas!
In this thread, feel free to show us your pet project, YouTube videos, blog posts, or whatever else you may have and share it with the community. Commercial advertisements, affiliate links, or links that appear to be monetization-grabs will still be removed.
https://redd.it/1nkzfz0
@r_systemadmin
There is a great deal of user-generated content out there, from noscripts and software to tutorials and videos, but we've generally tried to keep that off of the front page due to the volume and as a result of community feedback. There's also a great deal of content out there that violates our advertising/promotion rule, from noscripts and software to tutorials and videos.
We have received a number of requests for exemptions to the rule, and rather than allowing the front page to get consumed, we thought we'd try a weekly thread that allows for that kind of content. We don't have a catchy name for it yet, so please let us know if you have any ideas!
In this thread, feel free to show us your pet project, YouTube videos, blog posts, or whatever else you may have and share it with the community. Commercial advertisements, affiliate links, or links that appear to be monetization-grabs will still be removed.
https://redd.it/1nkzfz0
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
Likely failed the interview for my dream job
Mostly because my experience in the sysadmin world has been siloed, so I did not touch firewalls or routers muchless Cisco switches, routers but just old ass Dell poweredge servers.
Nevermind in a jov environment did I touch Linux. At least not towards the end of my time with centOS a tad. Like baby proof my access level.
I felt i did ok on the windows stuff aside from idrac (never had access before at previous job).
Anyway felt like my mental health reset just by getting this interview. 2nd interview in 2 months for any IT job that can pay my bills.
https://redd.it/1nkscbv
@r_systemadmin
Mostly because my experience in the sysadmin world has been siloed, so I did not touch firewalls or routers muchless Cisco switches, routers but just old ass Dell poweredge servers.
Nevermind in a jov environment did I touch Linux. At least not towards the end of my time with centOS a tad. Like baby proof my access level.
I felt i did ok on the windows stuff aside from idrac (never had access before at previous job).
Anyway felt like my mental health reset just by getting this interview. 2nd interview in 2 months for any IT job that can pay my bills.
https://redd.it/1nkscbv
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
How is InTune these days, for an SME?
When last I looked at InTune for MDM it was awful. Everything was noscripts in Azure and PowerShell controls. To be fair it was very new. Not even fully launched.
Right now we (business of about 70 endpoints) use Miradore for MDM but it would be nice to integrate better with 365 etc. How is InTune now?
https://redd.it/1nkyh45
@r_systemadmin
When last I looked at InTune for MDM it was awful. Everything was noscripts in Azure and PowerShell controls. To be fair it was very new. Not even fully launched.
Right now we (business of about 70 endpoints) use Miradore for MDM but it would be nice to integrate better with 365 etc. How is InTune now?
https://redd.it/1nkyh45
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
Built a free SOC2 scanner because consultants wanted $50k to run basic AWS checks
Wasn't sure which flair to post this under, let me know if it needs to go somewhere else....
With that said, a friend of mine was having issues with finding reliable help/support during a SOC2 audit. I built a simple scanner that checks the technical parts of SOC2 (the \~30% that's actually infrastructure). It's not a complete compliance solution - won't write your policies or track vendor assessments. But it will tell you which S3 buckets are public, which IAM users lack MFA, and which access keys haven't been rotated in 90+ days.
github.com/guardian-nexus/auditkit
Takes 2 minutes to run, gives you actual AWS CLI commands to fix issues.
Fair warning tho: This only covers technical controls. You still need the policies, procedures, and evidence collection for a real audit. But at least you won't pay someone $500/hour to tell you to enable MFA on root.
AWS only for now. PR's welcome if you want to add Azure/GCP.
https://redd.it/1nl3bds
@r_systemadmin
Wasn't sure which flair to post this under, let me know if it needs to go somewhere else....
With that said, a friend of mine was having issues with finding reliable help/support during a SOC2 audit. I built a simple scanner that checks the technical parts of SOC2 (the \~30% that's actually infrastructure). It's not a complete compliance solution - won't write your policies or track vendor assessments. But it will tell you which S3 buckets are public, which IAM users lack MFA, and which access keys haven't been rotated in 90+ days.
github.com/guardian-nexus/auditkit
Takes 2 minutes to run, gives you actual AWS CLI commands to fix issues.
Fair warning tho: This only covers technical controls. You still need the policies, procedures, and evidence collection for a real audit. But at least you won't pay someone $500/hour to tell you to enable MFA on root.
AWS only for now. PR's welcome if you want to add Azure/GCP.
https://redd.it/1nl3bds
@r_systemadmin
GitHub
GitHub - guardian-nexus/auditkit: AuditKit - Multi-Cloud Compliance Scanner & Evidence Collection
AuditKit - Multi-Cloud Compliance Scanner & Evidence Collection - guardian-nexus/auditkit
Onsite equipment availability?
I am in a position where we have 3-4 sites (depending on how much cross over you consider) where IT is not centrally located. This means that things like replacement mice, or keypads may take half a day to get to the recipient. We're in the manufacturing sector, so sometimes its a sudden emergency, and we need to drop everything just to bring them a $10 keyboard.
My thoughts are to have a metal cabinet, hooked up to the same system as our door access. This way we can control the users that should have access to it, and record the times that its been accessed.
For those in similiar situations, what are your solutions?
https://redd.it/1nl45r5
@r_systemadmin
I am in a position where we have 3-4 sites (depending on how much cross over you consider) where IT is not centrally located. This means that things like replacement mice, or keypads may take half a day to get to the recipient. We're in the manufacturing sector, so sometimes its a sudden emergency, and we need to drop everything just to bring them a $10 keyboard.
My thoughts are to have a metal cabinet, hooked up to the same system as our door access. This way we can control the users that should have access to it, and record the times that its been accessed.
For those in similiar situations, what are your solutions?
https://redd.it/1nl45r5
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
Does Server 2025 Still Have Issues?
We are getting ready to set up another AD domain. Very basic: AD, DHCP, DNS, and a fileserver. I've read 2025 has had some issues though that was several months ago since I researched it last.
I know we can get 2025 volume licensing and have downgrade rights to 2022. But, I'd rather just go to 2025 from the start if possible.
Is 2025 still a problem child?
https://redd.it/1nl5s1p
@r_systemadmin
We are getting ready to set up another AD domain. Very basic: AD, DHCP, DNS, and a fileserver. I've read 2025 has had some issues though that was several months ago since I researched it last.
I know we can get 2025 volume licensing and have downgrade rights to 2022. But, I'd rather just go to 2025 from the start if possible.
Is 2025 still a problem child?
https://redd.it/1nl5s1p
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
Am I Getting Fucked Friday, September 19th 2025
Brought to you by r/sysadmin 'Trusted VAR': u/SquizzOC with Trusted Telecom Broker u/Each1Teach1x27 for Telecom and u/Necessary_Time in Canada
PMs are welcome to answer your questions any time, not just on Fridays.
This weekly thread is here for you to discuss vendor and carrier expectations, software questions, pricing, and quotes for network services, licensing, support, deployment, and hardware.
Required Info for accurate answers:
* Part Number
* Manufacturer/vendor
* Service Type and Service Location
* Quantity (as applicable)
All questions are welcome regarding:
* Cloud Services - Security, configurations, deployment, management, consulting services, and migrations
* Server configs and quote answers
* Storage Vendor options, alternatives, details, and selection
* Software Licensing - This includes Microsoft CSPs
* Network infrastructure - overlay software, segmentation, routers, switches, load balancing, APs…
* Security - Access Management, firewalls, MFA, cloud DNS, layer 7 services, antivirus, email, DLP….
* User gear - Usually, you should buy the quote you have unless the quantity is +50 units
* POTS line replacements
* Single site and multi-location connectivity – Dedicated internet access, Broadband, 5G LTE, Satellite, dark fiber, Ethernet services
* Voice services- SIP, UCaaS,
https://redd.it/1nl50og
@r_systemadmin
Brought to you by r/sysadmin 'Trusted VAR': u/SquizzOC with Trusted Telecom Broker u/Each1Teach1x27 for Telecom and u/Necessary_Time in Canada
PMs are welcome to answer your questions any time, not just on Fridays.
This weekly thread is here for you to discuss vendor and carrier expectations, software questions, pricing, and quotes for network services, licensing, support, deployment, and hardware.
Required Info for accurate answers:
* Part Number
* Manufacturer/vendor
* Service Type and Service Location
* Quantity (as applicable)
All questions are welcome regarding:
* Cloud Services - Security, configurations, deployment, management, consulting services, and migrations
* Server configs and quote answers
* Storage Vendor options, alternatives, details, and selection
* Software Licensing - This includes Microsoft CSPs
* Network infrastructure - overlay software, segmentation, routers, switches, load balancing, APs…
* Security - Access Management, firewalls, MFA, cloud DNS, layer 7 services, antivirus, email, DLP….
* User gear - Usually, you should buy the quote you have unless the quantity is +50 units
* POTS line replacements
* Single site and multi-location connectivity – Dedicated internet access, Broadband, 5G LTE, Satellite, dark fiber, Ethernet services
* Voice services- SIP, UCaaS,
https://redd.it/1nl50og
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
KB5065426 issues Win11 24H2
Anyone else lost Microsoft Print to PDF after installing KB5065426?
I've uninstalled the update, repaired DISM. Tried re-installing through windows features, PS and DISM but always get the same error code - Error: 0x800f0922
It's driving me nuts....
https://redd.it/1nl4uyg
@r_systemadmin
Anyone else lost Microsoft Print to PDF after installing KB5065426?
I've uninstalled the update, repaired DISM. Tried re-installing through windows features, PS and DISM but always get the same error code - Error: 0x800f0922
It's driving me nuts....
https://redd.it/1nl4uyg
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
Google Chrome * Gemini Integration: Heads up to responsible admins in healthcare
For any of you that admin hospitals or clinics, be aware that Google has been rolling out Gemini App and Generative AI integrations into Chrome for a short while now. Be sure to update your chrome ADMX files and review the Chrome 'Generative AI' options in group policy. If you arent under a BAA with google workspace or other confidentiality agreements with Google, you might want to disable some of the generative AI features. The new Gemini App explicitly states to the user that page URLs and *Contents* will be sent to google/gemini for processing.
This could be a big compliance issue for healthcare orgs that dont have eyes on this.
https://redd.it/1nl9anm
@r_systemadmin
For any of you that admin hospitals or clinics, be aware that Google has been rolling out Gemini App and Generative AI integrations into Chrome for a short while now. Be sure to update your chrome ADMX files and review the Chrome 'Generative AI' options in group policy. If you arent under a BAA with google workspace or other confidentiality agreements with Google, you might want to disable some of the generative AI features. The new Gemini App explicitly states to the user that page URLs and *Contents* will be sent to google/gemini for processing.
This could be a big compliance issue for healthcare orgs that dont have eyes on this.
https://redd.it/1nl9anm
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
This Microsoft Entra ID Vulnerability Could Have Been Catastrophic
Security researcher Dirk-jan Mollema discovered two vulnerabilities in Microsoft's Entra ID identity platform that could have granted attackers administrative access to virtually all Azure customer accounts worldwide. The flaws involved legacy authentication systems -- Actor Tokens issued by Azure's Access Control Service and a validation failure in the retiring Azure Active Directory Graph API.
Mollema reported the vulnerabilities to Microsoft on July 14. Microsoft released a global fix three days later and found no evidence of exploitation. The vulnerabilities would have allowed attackers to impersonate any user across any Azure tenant and access all Microsoft services using Entra ID authentication. Microsoft confirmed the fixes were fully implemented by July 23 and added additional security measures in August as part of its Secure Future Initiative. The company issued a CVE on September 4.
https://redd.it/1nlbl8r
@r_systemadmin
Security researcher Dirk-jan Mollema discovered two vulnerabilities in Microsoft's Entra ID identity platform that could have granted attackers administrative access to virtually all Azure customer accounts worldwide. The flaws involved legacy authentication systems -- Actor Tokens issued by Azure's Access Control Service and a validation failure in the retiring Azure Active Directory Graph API.
Mollema reported the vulnerabilities to Microsoft on July 14. Microsoft released a global fix three days later and found no evidence of exploitation. The vulnerabilities would have allowed attackers to impersonate any user across any Azure tenant and access all Microsoft services using Entra ID authentication. Microsoft confirmed the fixes were fully implemented by July 23 and added additional security measures in August as part of its Secure Future Initiative. The company issued a CVE on September 4.
https://redd.it/1nlbl8r
@r_systemadmin
WIRED
This Microsoft Entra ID Vulnerability Could Have Been Catastrophic
A pair of flaws in Microsoft's Entra ID identity and access management system could have allowed an attacker to gain access to virtually all Azure customer accounts.
Went from 3 people to 2 in IT, asked for a lighter workload cause the burnout is creeping in. Got told I should be asking for overtime if stuff's not getting done. Clearly this is a sign to abandon ship, right?
Like the noscript describes, the position I find myself in has turned out to be more permanent than I was led to believe initially. When I started here, I was the 3rd guy. Shortly after I was hired, my manager transitioned away from IT, and I knew immediately this place wasn't on top of their game in terms of IT.
Fast forward to today, about 1.5 years later, and I'm still in a 2-man team with only more responsibility. I can tell that the workload isn't getting any lighter and the demands aren't decreasing, so I voiced my opinion to management.
What I didn't expect was direct gaslighting about the issue. For them to suggest I should just work more to make the problems go away is really rubbing me the wrong way, both professionally and personally.
Am I a crazy person for not clinging to my job in this current market despite this type of treatment??
https://redd.it/1nld6bf
@r_systemadmin
Like the noscript describes, the position I find myself in has turned out to be more permanent than I was led to believe initially. When I started here, I was the 3rd guy. Shortly after I was hired, my manager transitioned away from IT, and I knew immediately this place wasn't on top of their game in terms of IT.
Fast forward to today, about 1.5 years later, and I'm still in a 2-man team with only more responsibility. I can tell that the workload isn't getting any lighter and the demands aren't decreasing, so I voiced my opinion to management.
What I didn't expect was direct gaslighting about the issue. For them to suggest I should just work more to make the problems go away is really rubbing me the wrong way, both professionally and personally.
Am I a crazy person for not clinging to my job in this current market despite this type of treatment??
https://redd.it/1nld6bf
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
Not encouraging the 4am OMG this is an emergency now call
Got called at 4:30am after my team's on-call person had been aroused and told them to send it to me.
"We might not make a Sunday release because the Pre-Production testing environment is down!"
Strike 1: 4:30am
Strike 2: For non-production system
Strike 3: That according to the logs had been down for over six weeks
Been down a day or two? Sure I'll give the benefit of the doubt when working a tight deadline project you had checked that the needed resources were available and have handed it off to the right team to be woken up. Six weeks? Nah.
Took all of about twenty minutes to figure things out and email them to let them know it wasn't my issue but I had scheduled an email to the appropriate team for 8am asking them to fix it.
Along with the appropriate heads up email to their project manager and my boss.
At least I learned how set "delay delivery" in Outlook.
https://redd.it/1nlenes
@r_systemadmin
Got called at 4:30am after my team's on-call person had been aroused and told them to send it to me.
"We might not make a Sunday release because the Pre-Production testing environment is down!"
Strike 1: 4:30am
Strike 2: For non-production system
Strike 3: That according to the logs had been down for over six weeks
Been down a day or two? Sure I'll give the benefit of the doubt when working a tight deadline project you had checked that the needed resources were available and have handed it off to the right team to be woken up. Six weeks? Nah.
Took all of about twenty minutes to figure things out and email them to let them know it wasn't my issue but I had scheduled an email to the appropriate team for 8am asking them to fix it.
Along with the appropriate heads up email to their project manager and my boss.
At least I learned how set "delay delivery" in Outlook.
https://redd.it/1nlenes
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
VP (Technology) wants password complexity removed for domain
I would like to start by saying I do NOT communicate directly with the VP. I am a couple of levels removed from him. I execute the directives I am given (in writing).
Today, on a Friday afternoon, I'm being asked to remove password complexity for our password requirements. We have a 13 character minimum for passwords. Has anyone dealt with this? I think it's a terrible idea as it leaves us open to passwords like aaaaaaaaaaaaaaaa. MFA is still required for everything offsite, but not for everything onsite.
The VP has been provided with reasoning as to why it's a bad idea to remove the complexity requirements. They want to do it anyway because a few top users complained.
This is a bad idea, right? Or am I overreacting?
Edit: Thank you to those of you that pointed out compliance issues. I believe that caused a pause on things. At the very least, this will open up a discussion next week to do this properly if it's still desired. Better than a knee-jerk reaction on a Friday afternoon.
https://redd.it/1nldpjb
@r_systemadmin
I would like to start by saying I do NOT communicate directly with the VP. I am a couple of levels removed from him. I execute the directives I am given (in writing).
Today, on a Friday afternoon, I'm being asked to remove password complexity for our password requirements. We have a 13 character minimum for passwords. Has anyone dealt with this? I think it's a terrible idea as it leaves us open to passwords like aaaaaaaaaaaaaaaa. MFA is still required for everything offsite, but not for everything onsite.
The VP has been provided with reasoning as to why it's a bad idea to remove the complexity requirements. They want to do it anyway because a few top users complained.
This is a bad idea, right? Or am I overreacting?
Edit: Thank you to those of you that pointed out compliance issues. I believe that caused a pause on things. At the very least, this will open up a discussion next week to do this properly if it's still desired. Better than a knee-jerk reaction on a Friday afternoon.
https://redd.it/1nldpjb
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
Today's one panel cartoon in the Wall Street Journal addresses IT outsourcing
For a quick chuckle: https://www.wsj.com/opinion/pepperand-salt-541ab8d8?mod=pepperandsalt\_article\_pos1
https://redd.it/1nlg0dh
@r_systemadmin
For a quick chuckle: https://www.wsj.com/opinion/pepperand-salt-541ab8d8?mod=pepperandsalt\_article\_pos1
https://redd.it/1nlg0dh
@r_systemadmin
The Wall Street Journal
Opinion | Pepper…and Salt
“We haven’t had our server long”
Says the president of the firm my company acquired a year ago.
—
My company, an environmental engineering holding firm has been acquiring small firms to go the business. I am tasked with helping move the small firms’ data to a cloud service provider. Part of the process is using a tool on the server in the small firm’s environment.
The latest one had checked off enough memory and storage with a newish Windows Server 2022, but no one looked at this particular server closely to notice its about 8 or 9 years old and slow as h—. And their Internet is only 50Mb upload
This will be a disaster…
https://redd.it/1nlkajw
@r_systemadmin
Says the president of the firm my company acquired a year ago.
—
My company, an environmental engineering holding firm has been acquiring small firms to go the business. I am tasked with helping move the small firms’ data to a cloud service provider. Part of the process is using a tool on the server in the small firm’s environment.
The latest one had checked off enough memory and storage with a newish Windows Server 2022, but no one looked at this particular server closely to notice its about 8 or 9 years old and slow as h—. And their Internet is only 50Mb upload
This will be a disaster…
https://redd.it/1nlkajw
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
Calling All Sysadmins! What’s Your Best Advice or Fun Welcome Message for a Fresh Sysadmin?
Hey everyone,
We’ve got a fresh sysadmin diving into this crazy, ever-changing world of systems administration. Whether you’re a seasoned pro, someone who’s still figuring things out, or just have quirky advice to share—this is your moment!
What’s the best advice, tip, or funny “welcome to the team” phrase you’d give to someone just starting their sysadmin journey? Could be a golden rule, a survival tip, or a cheeky phrase like “Welcome to rest in peace!”
No advice is too big or too small. No joke is too silly. Just throw it all in—let’s create a treasure trove of wisdom and humor for the newbies.
So, what’s your story? What should every fresh sysadmin know or laugh about before they jump in?
Can’t wait to hear your thoughts!
https://redd.it/1nlrgzg
@r_systemadmin
Hey everyone,
We’ve got a fresh sysadmin diving into this crazy, ever-changing world of systems administration. Whether you’re a seasoned pro, someone who’s still figuring things out, or just have quirky advice to share—this is your moment!
What’s the best advice, tip, or funny “welcome to the team” phrase you’d give to someone just starting their sysadmin journey? Could be a golden rule, a survival tip, or a cheeky phrase like “Welcome to rest in peace!”
No advice is too big or too small. No joke is too silly. Just throw it all in—let’s create a treasure trove of wisdom and humor for the newbies.
So, what’s your story? What should every fresh sysadmin know or laugh about before they jump in?
Can’t wait to hear your thoughts!
https://redd.it/1nlrgzg
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
Kerberos update inflicted strange behavior
Asking for (expert) opinion. MSP tasked me with the assignment of updating a customers kerberos password after not changing it for more than 14 years as a security recommendation from their security partner.
After assessing the impact, checking domain controller replication for possible errors I changed the password once. The day after customer started noting problems with their citrix environment, being that application crashes occurrd, chrome.exe not working and log off issues.
The evening of changing the password I checked after changing the password for kerberos authentication errors on several servers, however I couldn’t find any. The problems have led to customer escalation and we however decided to go forward and change the Kerberos password for the second time to get rid of the golden ticket attack possibility.
The problems that are currently still occurring are focused on the customers Citrix environment with described problems above.
Customer is running an older but stable (prior to the change) version of FSLogix, in combination with Ivanti Workspace Manager, on Server 2022 Std edition.
I just want to rule out that changing the Kerberos password has anything to do with chrome.exe or pdf readers crashing. Strangely enough no eventlog registrations point us in any direction where the issue might come from.
After changing the password once and afterwards for the second time (there were 25 hours in between changing and default domain policy was set to 10 hours to expire tickets) we initiated a klist purge and rebooted the domain controllers one by one to see if this would make any difference. Further I have visually confirmed the keynumber version incrementally changed from 2 to 3 and from 3 to 4 on all domaincontrollers. This for me is an indication that the change went successfully.
I can image and understand the change could trigger something, yet crashing applications on a citrix server that have no dependencies with the domain is strange behavior. Also when not using FSLogix profiles no errors occur. When reverting back to FsLogix the issues occur. When using the most recent version of FsLogix the issue persists.
Please share your opinions and possible suggestions on how to investigate this further.
Thanks in advance.
https://redd.it/1nlwl41
@r_systemadmin
Asking for (expert) opinion. MSP tasked me with the assignment of updating a customers kerberos password after not changing it for more than 14 years as a security recommendation from their security partner.
After assessing the impact, checking domain controller replication for possible errors I changed the password once. The day after customer started noting problems with their citrix environment, being that application crashes occurrd, chrome.exe not working and log off issues.
The evening of changing the password I checked after changing the password for kerberos authentication errors on several servers, however I couldn’t find any. The problems have led to customer escalation and we however decided to go forward and change the Kerberos password for the second time to get rid of the golden ticket attack possibility.
The problems that are currently still occurring are focused on the customers Citrix environment with described problems above.
Customer is running an older but stable (prior to the change) version of FSLogix, in combination with Ivanti Workspace Manager, on Server 2022 Std edition.
I just want to rule out that changing the Kerberos password has anything to do with chrome.exe or pdf readers crashing. Strangely enough no eventlog registrations point us in any direction where the issue might come from.
After changing the password once and afterwards for the second time (there were 25 hours in between changing and default domain policy was set to 10 hours to expire tickets) we initiated a klist purge and rebooted the domain controllers one by one to see if this would make any difference. Further I have visually confirmed the keynumber version incrementally changed from 2 to 3 and from 3 to 4 on all domaincontrollers. This for me is an indication that the change went successfully.
I can image and understand the change could trigger something, yet crashing applications on a citrix server that have no dependencies with the domain is strange behavior. Also when not using FSLogix profiles no errors occur. When reverting back to FsLogix the issues occur. When using the most recent version of FsLogix the issue persists.
Please share your opinions and possible suggestions on how to investigate this further.
Thanks in advance.
https://redd.it/1nlwl41
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community