Company running VMware 5.5 in 2025

Found an enterprise running VMware vSphere 5.5 (from 2013!) with 500+ Windows Server 2008/2012 boxes. They're planning to upgrade to... VMware 6.x, which is.. yeah.

Someone should tell them about Broadcom pricing before they get destroyed. Yikes.

I keep finding companies like this, maybe 20-30 per week with seriously outdated infrastructure.

How do you even approach companies that are this far behind?

https://redd.it/1nmwbn3
@r_systemadmin

Hyper-V Issue – Weird but seems to be true

TL;DR: Could removing a DVD drive (not just ISO removal, actual drive removal) from a running Gen 2 VM cause a cluster host to briefly lose all its connections to everything?

So, I was doing some routine maintenance on our Hyper-V cluster (6 hosts, Nimble SAN) last week, live migrating some VMs, updating others and suddenly one of the hosts lost all connections to the iSCSI storage and the cluster. Some of the VMs on that host failed and rebooted, some did not. After a minute everything was fine.

I couldn’t figure out what happened, but 2 minutes earlier, I had, on a different host, removed a DVD Drive from a running Gen 2 VM because I couldn’t seem to migrate it from 2019 -> 2022 with the DVD drive attached. (Currently we still have some 2019 hosts)

I didn’t think much of the DVD drive removal as I was doing other maintenance and I couldn’t imagine it caused the problem and was running on a different host, but I did read later that you shouldn’t remove DVD drives while VMs are running, even Gen 2.

Two days go by, everything has been stable, I was doing more work and again removed a DVD drive from a running VM and again 2 minutes later one of the hosts lost its connections, some VMs rebooting, some not and again it recovered quickly.

So another day goes by and now I’m curious, I still don’t believe it was the DVD drive removal and assume it was something else I must have done, so I remove a DVD drive yet again from a different running VM and this time just waited and watched and sure enough, 2 minutes later, one of the hosts lost it’s connections to the storage and the network and then came back.

Again, I know now that you are not supposed to remove DVD drives from running VMs, but has anyone ever seen this and does anyone have any idea how or why removing a DVD drive from one VM could cause a host in a cluster to basically lose its mind for a minute?  I’m still not sure I believe it, but it’s hard to deny the pattern. This cluster has been running for years without ever glitching before.

https://redd.it/1nmtxud
@r_systemadmin

Have you ever, as a system administrator, come across any organization’s business secret like I did? If yes, what is that??

As a system administrator you may have come across with any organization's business secret

like one I had,

Our organisation is a textile manufacturing one. What I came to know is, they are selling organic cotton & through which getting huge margin of profit compared to the investment for raw materials and production cost. Actually, they got certificates by giving bribes, but in reality, they use synthetic yarn... yet sell this as organic into the UK.
........... likewise any business secrets??

https://redd.it/1nn0et2
@r_systemadmin

First time sys admin

Hey everyone. Long story short, been in the army for 3 years ,transitioning out currently. Landed a job as the sole system administrator for a company, pretty much the site lead. and its my FIRST IT JOB, any tips on how I can get up to speed, and be an actual good sys admin? Im a quick learner just to add on.

https://redd.it/1nmzq3t
@r_systemadmin

Why did APC jack up their prices so much before tariffs were even a thing?

As seen in this price history graph this basic ass 700VA (\~420W) UPS used to be under $120 in 2022, after 2023 it shot up and hasn't come back down. It peaked around $170 in the last few months. Is APC showing how greedy it is?

https://i.imgur.com/wfFoQ4o.png

https://redd.it/1nn2ffe
@r_systemadmin

How are you automating compliance reporting at your company?

Hi everyone, maintaining SOX and PCI compliance across our partner network has been resource-intensive. We're spending too much time on manual audits, log collection, and meeting documentation - time we could've spent spent on billable consulting hours.

How have you centralized audit data and reduced the compliance burden at your company?

https://redd.it/1nn2vtu
@r_systemadmin

Glad to have left

I left my former employer just under a year ago. I was the IT Manager and senior sysadmin. Today I couldn’t be happier to have left. I was just told by a former coworker who sent me screenshots of users complaining, that the IT Director instructed my replacement to lower the maximum email attachment limit size from the 100mb I had set, to 8mb. That’s right. EIGHT megabytes. After an avalanche of complaints they raised it to 15mb, which is a joke by today’s standards. The complaints have been so bad the President got involved.

The reason? A handful of mailboxes (maybe 10) have reached their max 100gb size (E3 licensing). Rather than addressing the workflow of these individual users, implementing an archiving solution, or adjusting their retention policy, they came up with this asinine solution as the answer. This company does not have budget issues, just a misguided effort by a stubborn director who shouldn’t be in any place to make these decisions.

So glad I’m not there anymore because I probably would have died on that hill.

Edit: company was very behind in tech. So much of what they were doing was paper. They didn’t even have a way to pay for the service other than sending a check until 2020.

https://redd.it/1nn7pz5
@r_systemadmin

Found ghost machines that looked healthy

During an audit I saw devices marked active that had not reported in months. Some had been rebuilt, some were in storage, and a few were unaccounted for. That made me rethink how we age devices out. Have you cleaned up ghosts like this before?

https://redd.it/1nn0g0m
@r_systemadmin

AWS Cloud Associate (Solutions Architect Associate, Developer Associate, SysOps, Data Engineer Associate, Machine Learning Associate) Vouchers Available

Hi all,

I have AWS Associate vouchers available with me. If any one requires, dm me

AWS Certified Solutions Architect - Associate
AWS Certified Developer - Associate
AWS Certified SysOps Administrator - Associate
AWS Certified Data Engineer - Associate
AWS Certified Machine Learning Engineer - Associate

https://redd.it/1nnd2qn
@r_systemadmin

How does your IT department handle vendor risk assessments?

The compliance team is asking us to help vet new SaaS tools for security risks. Right now it's a mess of PDF questionnaires and email chains. Is anyone else involved in this? Any tools that make this process less painful for the IT side of things?

https://redd.it/1nngtqo
@r_systemadmin

NTLM V1 Found on servers during AUDIT

Hi everyone,

I’ve been auditing authentication logs on a set of Windows Servers (2015 and above). Most of the time, authentication is happening via Kerberos as expected, but I’m occasionally seeing NTLMv1 entries in the Security logs.

Here’s what I’ve found so far:


Event ID: 4624 (Logon Success)
Logon Type: 3 (Network Logon)
Account: ANONYMOUS LOGON (NT AUTHORITY)
Authentication Package: NTLM
Package Name: NTLM V1
Source Info: Shows a server name + source IP address

So basically:

These are Anonymous Logon attempts.
They’re falling back to NTLMv1 instead of Kerberos/NTLMv2.
The problem is, I can’t tell which specific app/service on that source machine is making these NTLMv1 calls

Please guide me how I can move from NTLMV1 to Kerberos or NTLMv2

Thank you so much.

https://redd.it/1nnh5dp
@r_systemadmin

Moronic Monday - September 22, 2025

Howdy, /r/sysadmin!

It's that time of the week, Moronic Monday! This is a safe (mostly) judgement-free environment for all of your questions and stories, no matter how silly you think they are. Anybody can answer questions! My name is AutoModerator and I've taken over responsibility for posting these weekly threads so you don't have to worry about anything except your comments!

https://redd.it/1nnicdy
@r_systemadmin

September '25 Security Updates on DCs - secure certificate mapping enforcement - effect when DC is 2016 still

regarding "KB5014754: Certificate-based authentication changes on Windows domain controllers" -

Can anyone tell me please what the effect is on endpoints that have had a renewed certificate (with tag in san) that try to authenticate to a 2016 Domain Controller that has been patched to September 2025 level where strict checking is enforced?

I *think* it's that the DC will ignore and allow auth still, but I'm not sure I'm reading the resources right.


cheers

https://redd.it/1nnj8ij
@r_systemadmin

Mailbox Creation in the UAE - Microsoft 365

Anybody else having issues creating mailboxes in MS 365? Created a user hours ago and came back to see that his account gives me this: We are preparing a mailbox for the user.


Can see the account in Azure which tells me the account was created, but can't see it in Exchange. Licence used was MS Business Standard.

https://redd.it/1nngfld
@r_systemadmin

Is noscripting a mandatory skill for sys admins?

I graduated college with a degree in Computer Science and instead of going into programming, i veered off into IT and being a sys admin, so I have a pretty good understanding of noscripting and being able to follow code and logic in a noscript and assumed that was a fairly standard skillset for sys admins. Talking to other sys admins, aspiring sys admins and other general IT pros it seems like being able to write noscript is a fairly niche skillset and most do not want to touch any kind of noscript at all. Am I wrong in thinking that being able to read/write a noscript should be a standard practice for anyone involved in systems administration?

https://redd.it/1nnlhe1
@r_systemadmin

Audit didn't like "customer" access touching internal network while sharing AP's - does it matter?

We are using Ubiquiti access points with a Cisco 9x00 at the top of the stack in each office doing the inter VLAN routing. Access points broadcast a SSID for customers/vendors, a SSID for internal users, and a SSID for a handful of wireless printers and approved IoT devices (cameras, wireless displays, etc). Each is assigned a different VLAN, each VLAN has it's own subnet.

When I initially set everything up I didn't want a separate DHCP server for customers so I used our existing DHCP server. I put in a ACL on the switch relaying port 67 from the customer side directly to the DHCP server on the secure side so customers would get a IP from our standard DHCP server and we could manage everything from one place. I also put in a deny all ACL after that rule for both incoming and outgoing traffic from that subnet. DNS on the customer side is 1.1.1.1/8.8.8.8 and the gateway is directly out our firewall. It's been setup like this for 13+ years now. We did extensive testing initially to make sure the two sides didn't "touch" other then for DHCP.

They would like us to have a separate DHCP just for customers/vendors or even a entire separate system for it. I asked if they found any actual vulnerabilities. They said no but we should have it separate. I feel with proper ACL's on the Cisco switches, and the fact they couldn't actually show me a vulnerability that adding another DHCP is just to check a box without actually making things any better. And currently we have multiple branch offices that get DHCP from our HQ so it would add a lot of complexity for what I feel is no good reason.

Is my thinking wrong? I just want a sanity check before I push back against their recommendation.

https://redd.it/1nnmo6s
@r_systemadmin

Centralized management of retail POS endpoints across multiple regions

Hi everyone, I'm overseeing operations at 30+ retail locations in the US. Endpoint management and compliance are some of our biggest challenges, especially with distributed POS systems and mixed Windows and Linux environments. I'm posting here to find out how sysadmins in retail or similar distributed enterprises are handling secure configuration, automated patching, and remote support at scale. If you can share any hacks that will save us time and resources, it would be greatly appreciated!

https://redd.it/1nnoxle
@r_systemadmin

When Your Brain Goes Foggy at the Worst Moment: How Do You Snap Back?

What do you do when your mind feels foggy just as you need to solve a critical problem? Or when your brain is racing with distracting thoughts, and you can’t focus on the task right in front of you—especially when everyone is watching and expecting you to perform?

I’m sure this has happened to all of us at work at some point. How do you manage your focus and calm your mind in those moments? Please share your best strategies!



https://redd.it/1nnrh6g
@r_systemadmin

So what are you guys ACTUALLY noscripting?

This post from earlier today got me thinking on this question I've often considered but never bothered asking. What is it you guys are actually noscripting? Maybe it's due to my environment/industry but whenever posts like that one get traction I can never actually think of what it is I'd use noscript for that often.

Bit of background/context, I've been a Sysadmin for only like 4 years now (5 years helpdesk before that) and in small-medium orgs, always been internal and in blue collar office type industries, construction company or a fabrication shop for example. My current environment is \~60 or so office workers joined to our local domain, then a few hundred random people on different jobsites that aren't on the domain. Bunch of mobile devices in the MDM, then our servers (File, print, DCs, a few application servers) and that's about it. We don't have an RMM and don't really plan to get one, most remote workers just VPN in and work in RDP sessions if they need to do anything beyond email checking.

So maybe it's a result of a smaller environment without many controlled machines, but I feel like a majority of my workload is one-off things. User needs X license assigned, User needs to be added to X group in domain, X service needs a reboot on the server, etc. Things I don't see immediate value in noscripting, as I rarely am repeating the same action twice, nor is there really a template to apply to our users in AD to automate creation there.

I ran through the Powershell in a Month of Lunches book a few months ago, and got the basics down and at least have a basic grasp on the concepts. Even then, I struggle to find anything to actually noscript. I made one to automatically transfer some custom Adobe stamps into the relevant folder as that needs to be done for most of our users, but beyond that I haven't really found a use and have already started to forget a lot of what I learned.

So am I missing something here? What is it you all are actually noscripting so often? Is this something that's just less applicable because of my environment here? Would love to hear everyone's thoughts, especially advice on how to get over the initial learning of something like Powershell and into actually implementing it in meaningful ways. Seems the consensus on the other post was that noscripting is something most Sysadmins should be capable of so I don't want to get left behind!

https://redd.it/1nntghi
@r_systemadmin

Hey all, reminder that Apple Business Manager terms updated today. Make sure to accept them before trying to add new devices or apps.

Terms need to be accepted before managing new devices.

https://redd.it/1nnvgtk
@r_systemadmin

Required MFA for O365

Hello,

I'm getting mixed reports on if this is a requirement going forward on 9/30 or not. I work at a small construction company, and all of the office workers are setup for MFA for email, but the out in the field guys that never touch computers and just have email on there phone are not setup. I have about 30 guys that never come into the office that just use email and have no computers to really use. Never thought it was a big deal since they only use email to communicate with each other. If this is going to be a requirement, what would be the easiest way to authenticate for MFA then?



https://redd.it/1nnvkt2
@r_systemadmin