Required MFA for O365
Hello,
I'm getting mixed reports on if this is a requirement going forward on 9/30 or not. I work at a small construction company, and all of the office workers are setup for MFA for email, but the out in the field guys that never touch computers and just have email on there phone are not setup. I have about 30 guys that never come into the office that just use email and have no computers to really use. Never thought it was a big deal since they only use email to communicate with each other. If this is going to be a requirement, what would be the easiest way to authenticate for MFA then?
https://redd.it/1nnvkt2
@r_systemadmin
Hello,
I'm getting mixed reports on if this is a requirement going forward on 9/30 or not. I work at a small construction company, and all of the office workers are setup for MFA for email, but the out in the field guys that never touch computers and just have email on there phone are not setup. I have about 30 guys that never come into the office that just use email and have no computers to really use. Never thought it was a big deal since they only use email to communicate with each other. If this is going to be a requirement, what would be the easiest way to authenticate for MFA then?
https://redd.it/1nnvkt2
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
File share sync between NetApp and file share
Currently lab machines interacting with batch and some config data is accessing a NetApp CIFS share between the lab network (no AD, has Internet) and our share on the production network.
We were going to Robocopy, but the needs assessment from the lab rats came back as needing bidirectional.. so a "sync" rather than just a replica.
I currently have a VM terminated into that network running Windows Server as workgroup.. but am not counting out a Samba share etc for the lab machines to connect with.
We are solving the issue where the firewalls between environments have holes like swiss cheese.. every machine has a drive mapping into the production environment. We want to consolidate that to "one" file share and just sync the data between environments.
Cloud options are an option.. but we can get direct connectivity between environments.
I've used SyncThing in another life before the pandemic.. but was lone wolf and not subject to a SOC probably outlawing a p2p option directly.
There is apparently also a need to have the intervals (if defined) be less than five minutes.
Feels like rsync may fit the bill best here.. where the "lab share" machine hosting the file share within the lab can maintain the sync with the CIFS share on the Netapp, using Debian/RHEL/whatever. Permissions propagation isn't something at the forefront.
Any good ideas here? The folder within the share is maybe 4GB.. not a huge sync payload tbh. Lab batch runs and batch results would be the data deltas.. and again I can't imagine these are huge.
https://redd.it/1nnz144
@r_systemadmin
Currently lab machines interacting with batch and some config data is accessing a NetApp CIFS share between the lab network (no AD, has Internet) and our share on the production network.
We were going to Robocopy, but the needs assessment from the lab rats came back as needing bidirectional.. so a "sync" rather than just a replica.
I currently have a VM terminated into that network running Windows Server as workgroup.. but am not counting out a Samba share etc for the lab machines to connect with.
We are solving the issue where the firewalls between environments have holes like swiss cheese.. every machine has a drive mapping into the production environment. We want to consolidate that to "one" file share and just sync the data between environments.
Cloud options are an option.. but we can get direct connectivity between environments.
I've used SyncThing in another life before the pandemic.. but was lone wolf and not subject to a SOC probably outlawing a p2p option directly.
There is apparently also a need to have the intervals (if defined) be less than five minutes.
Feels like rsync may fit the bill best here.. where the "lab share" machine hosting the file share within the lab can maintain the sync with the CIFS share on the Netapp, using Debian/RHEL/whatever. Permissions propagation isn't something at the forefront.
Any good ideas here? The folder within the share is maybe 4GB.. not a huge sync payload tbh. Lab batch runs and batch results would be the data deltas.. and again I can't imagine these are huge.
https://redd.it/1nnz144
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
How can iLO alerts be simulated?
I have a fleet of HP Proliant servers with licensed iLO. All servers have email alerting configured exactly the same, and are scheduled to stagger their monthly reboots during maintenance windows, during which they email various alerts like NICs going offline. But four of them only email out when testing the email alerting but not during the reboots. I've gone back to verify the configuration and it all checks out.
Short of disconnecting network cables or unplugging storage drives, how can ILO alerts be simulated so I can troubleshoot this issue during the workday?
https://redd.it/1no260q
@r_systemadmin
I have a fleet of HP Proliant servers with licensed iLO. All servers have email alerting configured exactly the same, and are scheduled to stagger their monthly reboots during maintenance windows, during which they email various alerts like NICs going offline. But four of them only email out when testing the email alerting but not during the reboots. I've gone back to verify the configuration and it all checks out.
Short of disconnecting network cables or unplugging storage drives, how can ILO alerts be simulated so I can troubleshoot this issue during the workday?
https://redd.it/1no260q
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
Built a tool that generates autounattend.xml + ISO files dynamically—no image mods, no XML edits
Hey folks,
I’ve been building a deployment tool that i would like to call DeploySmart. It’s designed to generate Windows
You can manage multiple companies or deployment profiles without ever touching the XML
App installation list are loaded dynamically—no need to bake applications into the image
No cloud dependencies, no Intune, no SmartDeploy licensing
Just a clean web interface, some PHP, and a bit of ISO wizardry
It’s multi-tenant, supports per-user company access, and lets you generate deployment-ready configuration ISOs for vm deployment/test in seconds. Mostly built for the laughs and the challenge, but it’s surprisingly useful.
Currently i only have about \~20 useful applications that can be selected to the applications list, but im looking to add more (silent installations trough PowerShell). The users/admins are also able to setup their own custom noscripts that is only visible for them selves.
If anyone’s interested in testing it or wants to peek under the hood, I’m happy to share more.
Edit:
Didn't expect this much interest, so first of all thank you!
Im going to publish my creation here: https://github.com/mattish91/DeploySmart
As im not really friends with github just yet, ill probably take me some time \^\^
Also, you can see the live version here: https://deploysmart.dev.mspot.se
https://redd.it/1no4zk7
@r_systemadmin
Hey folks,
I’ve been building a deployment tool that i would like to call DeploySmart. It’s designed to generate Windows
autounattend.xml files and autounattend ISOs on the fly, but with a twist:You can manage multiple companies or deployment profiles without ever touching the XML
App installation list are loaded dynamically—no need to bake applications into the image
No cloud dependencies, no Intune, no SmartDeploy licensing
Just a clean web interface, some PHP, and a bit of ISO wizardry
It’s multi-tenant, supports per-user company access, and lets you generate deployment-ready configuration ISOs for vm deployment/test in seconds. Mostly built for the laughs and the challenge, but it’s surprisingly useful.
Currently i only have about \~20 useful applications that can be selected to the applications list, but im looking to add more (silent installations trough PowerShell). The users/admins are also able to setup their own custom noscripts that is only visible for them selves.
If anyone’s interested in testing it or wants to peek under the hood, I’m happy to share more.
Edit:
Didn't expect this much interest, so first of all thank you!
Im going to publish my creation here: https://github.com/mattish91/DeploySmart
As im not really friends with github just yet, ill probably take me some time \^\^
Also, you can see the live version here: https://deploysmart.dev.mspot.se
https://redd.it/1no4zk7
@r_systemadmin
GitHub
GitHub - mattish91/DeploySmart: DeploySmart is an application to ease sys admin setup of new/reinstall computers by utilizing …
DeploySmart is an application to ease sys admin setup of new/reinstall computers by utilizing autounattend.xml and powershell to install applications from a list easier. - mattish91/DeploySmart
Heads up Dell Display & Peripheral Manager 2.1.1.12 breaking dual-monitor setups
If you’re running Dell Display and Peripheral Manager (DDPM) 2.1.1.12, watch out. We’ve confirmed across multiple sites that it causes both external monitors to drop out every \~15 mins (integrated laptop screen unaffected).
# Impacted setups:
Dual Dell P2723DE in daisy-chain
Laptops:
Dell Latitude 5320 / 5330 / 5350
HP models (confirmed)
Lenovo models (confirmed)
# Symptoms:
Monitors black out briefly, then recover.
Only started after upgrading to DDPM 2.1.1.12.
Rolling back / uninstalling fixes it immediately.
# Notes:
Logged with Dell, but support is not acknowledging yet.
Looks like a regression in DDPM, not hardware.
👉 Workaround for now = uninstall DDPM or roll back.
https://redd.it/1no5she
@r_systemadmin
If you’re running Dell Display and Peripheral Manager (DDPM) 2.1.1.12, watch out. We’ve confirmed across multiple sites that it causes both external monitors to drop out every \~15 mins (integrated laptop screen unaffected).
# Impacted setups:
Dual Dell P2723DE in daisy-chain
Laptops:
Dell Latitude 5320 / 5330 / 5350
HP models (confirmed)
Lenovo models (confirmed)
# Symptoms:
Monitors black out briefly, then recover.
Only started after upgrading to DDPM 2.1.1.12.
Rolling back / uninstalling fixes it immediately.
# Notes:
Logged with Dell, but support is not acknowledging yet.
Looks like a regression in DDPM, not hardware.
👉 Workaround for now = uninstall DDPM or roll back.
https://redd.it/1no5she
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
Do you have any browser Zero Trust solution? need advice
600 employees, not very tech like company.. wondering if we should go for zero trust policy or should we find some other solutions in the middle. I would love to hear from those who have either fully embraced zero trust or found alternative approaches that actually work. including products to stay away from…
https://redd.it/1noa52n
@r_systemadmin
600 employees, not very tech like company.. wondering if we should go for zero trust policy or should we find some other solutions in the middle. I would love to hear from those who have either fully embraced zero trust or found alternative approaches that actually work. including products to stay away from…
https://redd.it/1noa52n
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
Google indexed my website under a different domain (boot-phone.com) — why does this happen?
Hi everyone,
I’m facing a strange issue and I’d really appreciate your advice.
My actual website is (running in a Docker container with Apache, behind an Nginx reverse proxy + Let’s Encrypt).
But recently I discovered that some random domains like `boot-phone.com` and `mail.kulturplaner.org` were showing my website content — even though I never configured these domains.
When I checked Google Search Console, I found that Google did not index my real domain . Instead, it indexed the duplicate domain (
I have since fixed my Nginx config:
Added strict `server_name`
Added a
Now my questions are:
1. Why would someone point their domain to my server IP?
2. What benefit do they get from this? (SEO spam, phishing, something else?)
3. Could this have damaged my SEO since Google indexed the wrong domain instead of mine?
4. Now that I’ve forced 301 redirects, am I safe?
5. Is there a way to monitor if new domains start pointing to my IP in the future?
Thanks a lot for your help!
https://redd.it/1nob3xq
@r_systemadmin
Hi everyone,
I’m facing a strange issue and I’d really appreciate your advice.
My actual website is (running in a Docker container with Apache, behind an Nginx reverse proxy + Let’s Encrypt).
But recently I discovered that some random domains like `boot-phone.com` and `mail.kulturplaner.org` were showing my website content — even though I never configured these domains.
When I checked Google Search Console, I found that Google did not index my real domain . Instead, it indexed the duplicate domain (
boot-phone.com) as the canonical version of my content.I have since fixed my Nginx config:
Added strict `server_name`
Added a
default_server block that forces 301 redirects for all other domains → my DomainNow my questions are:
1. Why would someone point their domain to my server IP?
2. What benefit do they get from this? (SEO spam, phishing, something else?)
3. Could this have damaged my SEO since Google indexed the wrong domain instead of mine?
4. Now that I’ve forced 301 redirects, am I safe?
5. Is there a way to monitor if new domains start pointing to my IP in the future?
Thanks a lot for your help!
https://redd.it/1nob3xq
@r_systemadmin
caesar-de.de
CaesarDE | Startseite
CaesarDE entwickelt individuelle Webseiten, KI-Systeme und Smart-Home-Lösungen – zuverlässig, innovativ und maßgeschneidert.
Hey, I made an article about LVM
Hello folks,
I'm a junior Network Engineer and I have a few things running at home : about 25 vms & 25 containers, some storage & network equipements. I've recently started a blog of my own, documenting things, trying things and playing with my homelab.
I just posted my first article about LVM and migrating to it / using it and I would like to know what I could do better. Please be kind and keep in mind that this is my first one, thanks.
https://blog.interlope.xyz
If this is not allowed by the TOS (advertising is not allowed but i'm not here to sell anything, there's no ads or whatsoever, simply IT), please remove it.
Thanks for reading me
https://redd.it/1noc1x0
@r_systemadmin
Hello folks,
I'm a junior Network Engineer and I have a few things running at home : about 25 vms & 25 containers, some storage & network equipements. I've recently started a blog of my own, documenting things, trying things and playing with my homelab.
I just posted my first article about LVM and migrating to it / using it and I would like to know what I could do better. Please be kind and keep in mind that this is my first one, thanks.
https://blog.interlope.xyz
If this is not allowed by the TOS (advertising is not allowed but i'm not here to sell anything, there's no ads or whatsoever, simply IT), please remove it.
Thanks for reading me
https://redd.it/1noc1x0
@r_systemadmin
Is it just me or a "sys admin" now needs to be licensed in literally everything in existence and beyond nowadays JUST to be employed with an inhumane workload?
I can't even get a job that doesn't require 5 different certifications with 10 years of experience. What the fuck is this? I was an intern for 2 weeks once and they asked me to do literally everything related to the IT department, including programming. I had to speedrun python while managing the entire server alone. I didn't get a position, obviously. Couldn't keep it.
Honestly I'm a labyrinth right now, continuing studies and trying to get more licenses like the Oracle Databases one which is apparently important for most jobs I've seeked.
https://redd.it/1nocs17
@r_systemadmin
I can't even get a job that doesn't require 5 different certifications with 10 years of experience. What the fuck is this? I was an intern for 2 weeks once and they asked me to do literally everything related to the IT department, including programming. I had to speedrun python while managing the entire server alone. I didn't get a position, obviously. Couldn't keep it.
Honestly I'm a labyrinth right now, continuing studies and trying to get more licenses like the Oracle Databases one which is apparently important for most jobs I've seeked.
https://redd.it/1nocs17
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
Why is Unifi gear not suitable for enterprise?
Hi everyone,
I’m new here and still learning, hoping to break into the sysadmin field soon. Up to now, I’ve mostly been the “friends & family IT person,” but I really enjoy this work and want to understand the industry better.
I’ve noticed in many threads that UniFi gear often gets a bad rap for enterprise use. People seem fine with using their access points, but rarely recommend their gateways or switches for serious deployments.
Could someone help me understand why? On paper, UniFi advertises a full “enterprise” lineup with high-availability options and centralized management, so I’m curious why it’s often dismissed in professional environments. Are there reliability issues, missing features, or something else that makes admins stay away?
I’m not trying to start a vendor war - just looking to learn from real-world experience. Thanks!
https://redd.it/1nodkip
@r_systemadmin
Hi everyone,
I’m new here and still learning, hoping to break into the sysadmin field soon. Up to now, I’ve mostly been the “friends & family IT person,” but I really enjoy this work and want to understand the industry better.
I’ve noticed in many threads that UniFi gear often gets a bad rap for enterprise use. People seem fine with using their access points, but rarely recommend their gateways or switches for serious deployments.
Could someone help me understand why? On paper, UniFi advertises a full “enterprise” lineup with high-availability options and centralized management, so I’m curious why it’s often dismissed in professional environments. Are there reliability issues, missing features, or something else that makes admins stay away?
I’m not trying to start a vendor war - just looking to learn from real-world experience. Thanks!
https://redd.it/1nodkip
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
Trying to pick a SASE vendor, what’s your experience?
Hey everyone,
We're currently evaluating different Secure Access Service Edge (SASE) providers and are finding the marketing materials a bit... generic. Has anyone here had practical experience with a few of the major players? I'm curious about the actual day to day usability, especially concerning things like integration complexities, management console intuitiveness, and the overall performance in a real world environment.
Specifically, what are some of the hidden costs or unexpected challenges you've encountered? Were there any features advertised that didn't quite live up to expectations? Any insights you could share on different vendor strengths and weaknesses would be invaluable.
https://redd.it/1nogvjr
@r_systemadmin
Hey everyone,
We're currently evaluating different Secure Access Service Edge (SASE) providers and are finding the marketing materials a bit... generic. Has anyone here had practical experience with a few of the major players? I'm curious about the actual day to day usability, especially concerning things like integration complexities, management console intuitiveness, and the overall performance in a real world environment.
Specifically, what are some of the hidden costs or unexpected challenges you've encountered? Were there any features advertised that didn't quite live up to expectations? Any insights you could share on different vendor strengths and weaknesses would be invaluable.
https://redd.it/1nogvjr
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
Laptops won't take image from server
I hope this is the right group and I'll try to keep this short. The company I work for recently bought new laptops to replace the old ones. We use PXE Boot to pull an image from our server using Windows Deployment Toolkit. The old ones worked fine, running Win 10, the new ones, running Win 11, connect to the server but always end in the same error: "A connection to the deployment share (local\server) could not be made. The following networking device did not have a driver installed. PCI\VEN8086&DEV550A&SUBSYS0CB91028&REV20". I don't believe the OS has anything to do with it but I felt it was important to mention it.
I may be wrong but I suspect a driver issue (probably obvious). The only thing is I cant find any driver other than the exe or msi files and those don't work.
The laptops are Dell Latitude 5550. Any help or advice would be greatly appreciated.
https://redd.it/1nogm7x
@r_systemadmin
I hope this is the right group and I'll try to keep this short. The company I work for recently bought new laptops to replace the old ones. We use PXE Boot to pull an image from our server using Windows Deployment Toolkit. The old ones worked fine, running Win 10, the new ones, running Win 11, connect to the server but always end in the same error: "A connection to the deployment share (local\server) could not be made. The following networking device did not have a driver installed. PCI\VEN8086&DEV550A&SUBSYS0CB91028&REV20". I don't believe the OS has anything to do with it but I felt it was important to mention it.
I may be wrong but I suspect a driver issue (probably obvious). The only thing is I cant find any driver other than the exe or msi files and those don't work.
The laptops are Dell Latitude 5550. Any help or advice would be greatly appreciated.
https://redd.it/1nogm7x
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
US Government: "The reboot button is a vulnerability because when you are rebooting you wont be able to access the system" (Brainrot, DoD edition)
The company I work for is going through an ATO, and the 'government security experts' are telling us we need to get rid of the reboot button on our login screens. This has resulted in us holding down the power or even pulling out the power cable when a desktop locks up.
I feel like im living in the episode of NICS where we track their IP with a gui made from visual basic.
STIG in question: Who the fuck writes these things?
https://stigviewer.com/stigs/red\_hat\_enterprise\_linux\_9/2023-09-13/finding/V-258029
EDIT - To clarify these are *Workstations* running redhat, not servers. If you read the stig you will see this does not apply when redhat does not have gnome enabled (which our deployed servers do not)
https://redd.it/1nomec1
@r_systemadmin
The company I work for is going through an ATO, and the 'government security experts' are telling us we need to get rid of the reboot button on our login screens. This has resulted in us holding down the power or even pulling out the power cable when a desktop locks up.
I feel like im living in the episode of NICS where we track their IP with a gui made from visual basic.
STIG in question: Who the fuck writes these things?
https://stigviewer.com/stigs/red\_hat\_enterprise\_linux\_9/2023-09-13/finding/V-258029
EDIT - To clarify these are *Workstations* running redhat, not servers. If you read the stig you will see this does not apply when redhat does not have gnome enabled (which our deployed servers do not)
https://redd.it/1nomec1
@r_systemadmin
STIG VIEWER
RHEL 9 must disable the ability of a user to restart the system from the login screen.
A user who is at the console can reboot the system at the login screen. If restart or shutdown buttons are pressed at the login screen, this can create the risk of short-term loss of availability of systems due to reboot.
Drivers, drivers, drivers
Can someone explain to me why so many people are against pushing out firmware updates to enterprise equipment?
I’ve spent the last month updating PC / Laptop drivers that were years behind. Magically, our ticket volume has dropped by 19%.
Updated our network gear and magically everything is fine now.
What am I missing?
https://redd.it/1noq94o
@r_systemadmin
Can someone explain to me why so many people are against pushing out firmware updates to enterprise equipment?
I’ve spent the last month updating PC / Laptop drivers that were years behind. Magically, our ticket volume has dropped by 19%.
Updated our network gear and magically everything is fine now.
What am I missing?
https://redd.it/1noq94o
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
Someone just learned how to use ChatGPT
We have a massive addition being done to the service shop at one of our locations. Construction has been underway for months and is (hopefully) going to be done by the end of the year. I've been in the majority of meetings with the contractor to make sure IT needs are covered.
Cut to today. I get the following email from a random service manager at that location:
>Good afternoon, nlbush20.
>
>I just wanted to touch base and see if there were already some plans/approvals for WAPs in the new building. I want to make sure that the heatmaps for the WAPs provide enough coverage to include factors such as interference from infrastructure yet at the same time not oversaturate, as this could create its own problems. Also, wanted to make sure that they will mesh in with the current WAPs in the existing structure, so we do not lose a connection going from one side of the wall to the other. With us relying heavily on remote troubleshooting connection session I need to make sure that we have adequate throughput speeds and that our firewall and network switch can accommodate the additional porting.
>
>Your thoughts when you have time. Please and thank you! Much appreciated!
Gonna go out on a limb and say someone just showed him what ChatGPT is, and he believes that he has just crafted an extremely intelligent question/statement.
Thanks, buddy. We've got it covered.
https://redd.it/1not4s2
@r_systemadmin
We have a massive addition being done to the service shop at one of our locations. Construction has been underway for months and is (hopefully) going to be done by the end of the year. I've been in the majority of meetings with the contractor to make sure IT needs are covered.
Cut to today. I get the following email from a random service manager at that location:
>Good afternoon, nlbush20.
>
>I just wanted to touch base and see if there were already some plans/approvals for WAPs in the new building. I want to make sure that the heatmaps for the WAPs provide enough coverage to include factors such as interference from infrastructure yet at the same time not oversaturate, as this could create its own problems. Also, wanted to make sure that they will mesh in with the current WAPs in the existing structure, so we do not lose a connection going from one side of the wall to the other. With us relying heavily on remote troubleshooting connection session I need to make sure that we have adequate throughput speeds and that our firewall and network switch can accommodate the additional porting.
>
>Your thoughts when you have time. Please and thank you! Much appreciated!
Gonna go out on a limb and say someone just showed him what ChatGPT is, and he believes that he has just crafted an extremely intelligent question/statement.
Thanks, buddy. We've got it covered.
https://redd.it/1not4s2
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
Password policy for 2025?
Out of the blue I get sent a password policy for review. We have already had a password policy in place for many years. Don't understand why someone thinks we need a new one.
The "new" policy is like walking backwards 10 years. There is no mention of biometrics, SSO and very brief mention of MFA.
What are others using for password policies these days, does anyone have a template to share?
https://redd.it/1norwci
@r_systemadmin
Out of the blue I get sent a password policy for review. We have already had a password policy in place for many years. Don't understand why someone thinks we need a new one.
The "new" policy is like walking backwards 10 years. There is no mention of biometrics, SSO and very brief mention of MFA.
What are others using for password policies these days, does anyone have a template to share?
https://redd.it/1norwci
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
Hired into company with near-zero IT infrastructure, tasked with bringing them up to speed
Edit: Wow! Didn't expect the support I've received so far! Thank you all!! Happy to be "joining" this community and can't wait to pay it forward.
Hi! Up front - I know I am probably in over my head, but hoping to focus less on that and more on what I CAN do! Try not to roast me too hard haha.
That said, I am a BIM Manager by trade that was hired into a 30-40 person AEC company to fulfill both that role and some/all of their IT requirements. They currently don't have an IT staff besides me now, but they do have some BIM folks, so my focus is more on the IT side at the moment. I do have fairly extensive experience using KACE for endpoint management, handling software deployments, GPOs, noscripting, and I'm pretty well versed in hardware, networking, etc., since these are all things I had to do in my past role. I interfaced with our IT team frequently and like to think I speak the language.
However, I'm moving on from that and into a company with no endpoint management and where every computer has the same password (*dies*) for ease of access haha. Quite different. Their networking was handled by an outside consultant, so it's fairly robust, and they have what I would consider the essentials in place in that regard (hardware firewalls, VPN, etc.). Hardware-wise we're doing OK. The most tech savvy person here has been in charge of getting folks computers and such by running to Microcenter. No other setup is done really. He has been doing a great job of maintaining an Excel log of everything as well, but definitely not the best format for this sort of thing and certainly not "live".
I feel like my first step towards being able to get us compliant with some basic cybersecurity requirements, as well as being able to effectively distribute software, fixes, noscripts, policies, etc., is to get us on Microsoft 365 Business Premium and rolling out Microsoft Intune. It seems like Intune is pretty well regarded and will help me check a ton of boxes in terms of bringing us up to speed, and it integrates well with the Microsoft 365 suite we already have. But I know that I don't know what I don't know.
Any other essentials I should be working towards immediately for a company starting from zero? Anything Intune doesn't handle well that would be better done by something else? Eventually I will be tasked with moving us towards CMMC Level 2 (NIST 800-171) compliance, but I know I need to walk before I can run and that is a wayyyyys off.
Thanks for all of your help!
https://redd.it/1norpd1
@r_systemadmin
Edit: Wow! Didn't expect the support I've received so far! Thank you all!! Happy to be "joining" this community and can't wait to pay it forward.
Hi! Up front - I know I am probably in over my head, but hoping to focus less on that and more on what I CAN do! Try not to roast me too hard haha.
That said, I am a BIM Manager by trade that was hired into a 30-40 person AEC company to fulfill both that role and some/all of their IT requirements. They currently don't have an IT staff besides me now, but they do have some BIM folks, so my focus is more on the IT side at the moment. I do have fairly extensive experience using KACE for endpoint management, handling software deployments, GPOs, noscripting, and I'm pretty well versed in hardware, networking, etc., since these are all things I had to do in my past role. I interfaced with our IT team frequently and like to think I speak the language.
However, I'm moving on from that and into a company with no endpoint management and where every computer has the same password (*dies*) for ease of access haha. Quite different. Their networking was handled by an outside consultant, so it's fairly robust, and they have what I would consider the essentials in place in that regard (hardware firewalls, VPN, etc.). Hardware-wise we're doing OK. The most tech savvy person here has been in charge of getting folks computers and such by running to Microcenter. No other setup is done really. He has been doing a great job of maintaining an Excel log of everything as well, but definitely not the best format for this sort of thing and certainly not "live".
I feel like my first step towards being able to get us compliant with some basic cybersecurity requirements, as well as being able to effectively distribute software, fixes, noscripts, policies, etc., is to get us on Microsoft 365 Business Premium and rolling out Microsoft Intune. It seems like Intune is pretty well regarded and will help me check a ton of boxes in terms of bringing us up to speed, and it integrates well with the Microsoft 365 suite we already have. But I know that I don't know what I don't know.
Any other essentials I should be working towards immediately for a company starting from zero? Anything Intune doesn't handle well that would be better done by something else? Eventually I will be tasked with moving us towards CMMC Level 2 (NIST 800-171) compliance, but I know I need to walk before I can run and that is a wayyyyys off.
Thanks for all of your help!
https://redd.it/1norpd1
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
Why is r/ITCareerQuestions so much gloom and doom all the time?
You always see people posting negative shit like applied to 2000 jobs and no interviews. I see lots of good posts about people getting their first help desk job with no experience. We need optimism and hope. Every sub for nursing, lawyers, mechanics, etc has that kind of negativity and I hate it.
https://redd.it/1noxik1
@r_systemadmin
You always see people posting negative shit like applied to 2000 jobs and no interviews. I see lots of good posts about people getting their first help desk job with no experience. We need optimism and hope. Every sub for nursing, lawyers, mechanics, etc has that kind of negativity and I hate it.
https://redd.it/1noxik1
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
Have been at the same company for 17 years. Would you stay at this point?
Been at the same company for 17 years. Would you stay at this point?
I’ve been at the same company for 17 years here in Ohio. I’m 40 years old, started there when I was 23. Salary is $120k, $7k bonus, work remote 4 days a week, plus other good benefits. Have managed to save $600k in a 401k from this job. I’m a senior systems administrator. Hours average 40 hours a week or less, overall great work life balance.
Would you stay at this company for the rest of your career? I feel happy and content but also a bit complacent after this many years. By complacent I mean I know my job very well which isn’t necessarily a bad thing. Some friends and family keep telling me to look elsewhere to keep moving up but why rock the boat I figure. I would like to be done by 55.
Thank you
https://redd.it/1noytee
@r_systemadmin
Been at the same company for 17 years. Would you stay at this point?
I’ve been at the same company for 17 years here in Ohio. I’m 40 years old, started there when I was 23. Salary is $120k, $7k bonus, work remote 4 days a week, plus other good benefits. Have managed to save $600k in a 401k from this job. I’m a senior systems administrator. Hours average 40 hours a week or less, overall great work life balance.
Would you stay at this company for the rest of your career? I feel happy and content but also a bit complacent after this many years. By complacent I mean I know my job very well which isn’t necessarily a bad thing. Some friends and family keep telling me to look elsewhere to keep moving up but why rock the boat I figure. I would like to be done by 55.
Thank you
https://redd.it/1noytee
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
Being proactive is rarely a boon
Proactively helping other departments and taking action on glaring issues without someone first bringing it up often ends in misery and someone upset.
Sorry folks, that's the way it is, and despite learning this lesson over and over I still tend to have to learn it again.
This is the last time though.
It's not worth the headache. Stay in your lane, unless it's really going to make you look good.
https://redd.it/1noy5t2
@r_systemadmin
Proactively helping other departments and taking action on glaring issues without someone first bringing it up often ends in misery and someone upset.
Sorry folks, that's the way it is, and despite learning this lesson over and over I still tend to have to learn it again.
This is the last time though.
It's not worth the headache. Stay in your lane, unless it's really going to make you look good.
https://redd.it/1noy5t2
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
8.8.8.8
What is everyone's thoughts on putting 8.8.8.8 as the second DNS on everything.
https://redd.it/1np2z6v
@r_systemadmin
What is everyone's thoughts on putting 8.8.8.8 as the second DNS on everything.
https://redd.it/1np2z6v
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community