Office remodel - IT department being moved to center of office
They are remodeling our office, and we are losing our individual cubes ... the new layout will be open concept and all groups of 4 desks with low dividers. To make matters worse, they have moved the IT department right in the middle of the office. We will have one 14 foot table "shared space" to work on units shared between 3 of us.Also we are going from a 20 foot by 10 foot storage room to a closet to lock all stock up. We can't work in the server room they say because it has an inert gas fire suppression system installed.
I'm really dreading being out in the open, trying to build and repair PCs while every one walks by my desk. I don't understand why we can't be in a locking room.
So how do I make the open concept work? At this point I would prefer to be in the factory part of our building and just wear steel toes everyday.
https://redd.it/1npta1z
@r_systemadmin
They are remodeling our office, and we are losing our individual cubes ... the new layout will be open concept and all groups of 4 desks with low dividers. To make matters worse, they have moved the IT department right in the middle of the office. We will have one 14 foot table "shared space" to work on units shared between 3 of us.Also we are going from a 20 foot by 10 foot storage room to a closet to lock all stock up. We can't work in the server room they say because it has an inert gas fire suppression system installed.
I'm really dreading being out in the open, trying to build and repair PCs while every one walks by my desk. I don't understand why we can't be in a locking room.
So how do I make the open concept work? At this point I would prefer to be in the factory part of our building and just wear steel toes everyday.
https://redd.it/1npta1z
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
AI-driven policy management in SASE?
We’re re-evaluating our SASE stack and considering AI-driven policy management to reduce firewall rule sprawl and alert noise.
On paper, AI that suggests rule cleanups or group alerts sounds helpful. In practice, I worry about trust, unintended blocking, and how change control works at scale.
We’re mid-sized with cloud workloads and hybrid staff. Our pain points:
* Too many overlapping firewall rules
* SOC buried in low-signal alerts
* Slow change approvals
Has anyone deployed an AI policy in a SASE platform? Did it actually reduce noise and speed up response times?
https://redd.it/1npvq8j
@r_systemadmin
We’re re-evaluating our SASE stack and considering AI-driven policy management to reduce firewall rule sprawl and alert noise.
On paper, AI that suggests rule cleanups or group alerts sounds helpful. In practice, I worry about trust, unintended blocking, and how change control works at scale.
We’re mid-sized with cloud workloads and hybrid staff. Our pain points:
* Too many overlapping firewall rules
* SOC buried in low-signal alerts
* Slow change approvals
Has anyone deployed an AI policy in a SASE platform? Did it actually reduce noise and speed up response times?
https://redd.it/1npvq8j
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
Microsoft EOL issues. Some servers behave bad
We moved our mailservers to a new IP range about 36 hours ago, and added new IPs to a connector, But we forgot SPF. Added 24 hours ago. All involved DNS records do have a TTL of 300 (seconds, 5 minutes).
Some mail servers like
AMS0EPF000001B1.mail.protection.outlook.com (10.167.16.165) DB5PEPF00014B8D.mail.protection.outlook.com (10.167.8.201) AM3PEPF0000A796.mail.protection.outlook.com (10.167.16.101)
are still misbehaving, but I feel more mails are getting through. I do get SPF failures, meaning it uses 24h+ old DNS records with a Time-To-Live TTL of 5 minutes.
When can I expect Microsoft to do correct DNS lookups, in accordance with RFCs, respect TTL, and thus not fail mails with DKIM errors ?
This looks like really really bad programming at Microsoft. Possible developers with no knowledge at all about DNS trying to cache DNS. (For that there is only one real solution - Run a local caching DNS, like we all did on Linux before Exchange knew about SMTP. Easy, no secondary codebase to maintain, tested and stable)
I can't find the big "clear-cache across all Microsoft EOL servers" button anywhere.
Received-SPF: Fail (protection.outlook.com: domain of ourdomain.com does
not designate 1.2.3.4 as permitted sender)
https://redd.it/1npy0eb
@r_systemadmin
We moved our mailservers to a new IP range about 36 hours ago, and added new IPs to a connector, But we forgot SPF. Added 24 hours ago. All involved DNS records do have a TTL of 300 (seconds, 5 minutes).
Some mail servers like
AMS0EPF000001B1.mail.protection.outlook.com (10.167.16.165) DB5PEPF00014B8D.mail.protection.outlook.com (10.167.8.201) AM3PEPF0000A796.mail.protection.outlook.com (10.167.16.101)
are still misbehaving, but I feel more mails are getting through. I do get SPF failures, meaning it uses 24h+ old DNS records with a Time-To-Live TTL of 5 minutes.
When can I expect Microsoft to do correct DNS lookups, in accordance with RFCs, respect TTL, and thus not fail mails with DKIM errors ?
This looks like really really bad programming at Microsoft. Possible developers with no knowledge at all about DNS trying to cache DNS. (For that there is only one real solution - Run a local caching DNS, like we all did on Linux before Exchange knew about SMTP. Easy, no secondary codebase to maintain, tested and stable)
I can't find the big "clear-cache across all Microsoft EOL servers" button anywhere.
Received-SPF: Fail (protection.outlook.com: domain of ourdomain.com does
not designate 1.2.3.4 as permitted sender)
https://redd.it/1npy0eb
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
Internal PKI vs Cloud PKI
Hoping to get some hivemind ideas on a good approach to managing certificates in the modern day. Our current scenario is that we have about 1k endpoints, all fully intune managed. Clearpass NAC using EAP-TLS certificate auth to provide network access, and NDES to enroll SCEP certificates for our devices.
The PKI servers (1x issuer, 1x NDES) are domain joined - but the AD domain is now largely only performing user sync to AAD and providing a management layer for the server infrastructure (\~60ish servers).
To put it lightly, we have never been particularly good at managing ADCS. The templates are a complete mess, permissions are applied directly to a bunch of templates - heaps of custom templates for reasons I can't understand. Every pentest has gotten elevated access via cert exploitation, and we patch the hole they used each time but my god there are so many.
Our root cert is a self-signed certificate, and we used it to sign the Issueing CA certificate. The root cert expires in 2028 and I'd like to get ahead of it.
My questions on it are:
1. Should we buy a root cert signed by a trusted authority? This might mean more renewals but would eliminate the need to install a copy of the cert on all endpoints
2. Is it worth just ditching ADCS completely? We want to keep the AD domain, so I'm unsure if ADCS is easy to unwind. which leads to:
3. Since our primary use case for certificates is endpoint authentication for EAP-TLS - is Cloud PKI worth it? Monetarily its a tough sell, the 2 servers cost us $150 per month in azure but licensing cloud PKI will cost \~$2.5k per month.
4. Am I missing anything in the "modern" tech landscape that might solve my use cases? e.g. minimizing infra surface area, ensuring secure network authentication & keeping costs down?
Keen to hear how other people are managing endpoint certs in 2025 :)
https://redd.it/1npxife
@r_systemadmin
Hoping to get some hivemind ideas on a good approach to managing certificates in the modern day. Our current scenario is that we have about 1k endpoints, all fully intune managed. Clearpass NAC using EAP-TLS certificate auth to provide network access, and NDES to enroll SCEP certificates for our devices.
The PKI servers (1x issuer, 1x NDES) are domain joined - but the AD domain is now largely only performing user sync to AAD and providing a management layer for the server infrastructure (\~60ish servers).
To put it lightly, we have never been particularly good at managing ADCS. The templates are a complete mess, permissions are applied directly to a bunch of templates - heaps of custom templates for reasons I can't understand. Every pentest has gotten elevated access via cert exploitation, and we patch the hole they used each time but my god there are so many.
Our root cert is a self-signed certificate, and we used it to sign the Issueing CA certificate. The root cert expires in 2028 and I'd like to get ahead of it.
My questions on it are:
1. Should we buy a root cert signed by a trusted authority? This might mean more renewals but would eliminate the need to install a copy of the cert on all endpoints
2. Is it worth just ditching ADCS completely? We want to keep the AD domain, so I'm unsure if ADCS is easy to unwind. which leads to:
3. Since our primary use case for certificates is endpoint authentication for EAP-TLS - is Cloud PKI worth it? Monetarily its a tough sell, the 2 servers cost us $150 per month in azure but licensing cloud PKI will cost \~$2.5k per month.
4. Am I missing anything in the "modern" tech landscape that might solve my use cases? e.g. minimizing infra surface area, ensuring secure network authentication & keeping costs down?
Keen to hear how other people are managing endpoint certs in 2025 :)
https://redd.it/1npxife
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
A question about VPN and it being secure.
I was listening to a radio phone in this morning - it was one of those where tech experts advise the general public.
One of the questions asked was, "Will a VPN make my e-banking more secure". Straight off the bat, the expert said, "Yes it would because it creates a secure private network between you and the bank". I do concede that the expert then said however you do need to be sure you use a reputable VPN provider.
I'm asking this because I want you to tell me if I'm wrong when I think the answer should be, "No, it doesn't necessarily make you more secure and as long as you're not on public WiFi or unknown WiFi the encryption between you and your bank should suffice.".
https://redd.it/1nq16rr
@r_systemadmin
I was listening to a radio phone in this morning - it was one of those where tech experts advise the general public.
One of the questions asked was, "Will a VPN make my e-banking more secure". Straight off the bat, the expert said, "Yes it would because it creates a secure private network between you and the bank". I do concede that the expert then said however you do need to be sure you use a reputable VPN provider.
I'm asking this because I want you to tell me if I'm wrong when I think the answer should be, "No, it doesn't necessarily make you more secure and as long as you're not on public WiFi or unknown WiFi the encryption between you and your bank should suffice.".
https://redd.it/1nq16rr
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
What to do when your job has zero mobility?
I’m in a bit of a rut at work and could use some advice.
• I’m one of 2 junior support analysts covering ~5k users. We work a 5-on/5-off shift pattern, handling up to 120 tickets a day when it gets busy (solo on shift).
• A senior analyst joined to share the load, but after 6 months they admitted they couldn’t keep up and pulled out of the rota so now it’s just me + the other junior stuck with all the tickets again.
• I’ve had to completely put my professional development and training on hold because there’s no time outside the ticket grind. I’ve lost out on a really interesting project I was working on.
• I raised it with my boss, but they openly admitted there’s no progression or promotion route here. He also refused to commit to any training courses
For context: I have 2 years HPC experience as a helpdesk technician and a PhD in computer science, but right now I feel like I’m wasting my time in an L1 helpdesk role.
Would you stick it out for stability, or cut losses and start looking elsewhere?
https://redd.it/1nq1o7u
@r_systemadmin
I’m in a bit of a rut at work and could use some advice.
• I’m one of 2 junior support analysts covering ~5k users. We work a 5-on/5-off shift pattern, handling up to 120 tickets a day when it gets busy (solo on shift).
• A senior analyst joined to share the load, but after 6 months they admitted they couldn’t keep up and pulled out of the rota so now it’s just me + the other junior stuck with all the tickets again.
• I’ve had to completely put my professional development and training on hold because there’s no time outside the ticket grind. I’ve lost out on a really interesting project I was working on.
• I raised it with my boss, but they openly admitted there’s no progression or promotion route here. He also refused to commit to any training courses
For context: I have 2 years HPC experience as a helpdesk technician and a PhD in computer science, but right now I feel like I’m wasting my time in an L1 helpdesk role.
Would you stick it out for stability, or cut losses and start looking elsewhere?
https://redd.it/1nq1o7u
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
Thickheaded Thursday - September 25, 2025
Howdy, /r/sysadmin!
It's that time of the week, Thickheaded Thursday! This is a safe (mostly) judgement-free environment for all of your questions and stories, no matter how silly you think they are. Anybody can answer questions! My name is AutoModerator and I've taken over responsibility for posting these weekly threads so you don't have to worry about anything except your comments!
https://redd.it/1nq2okf
@r_systemadmin
Howdy, /r/sysadmin!
It's that time of the week, Thickheaded Thursday! This is a safe (mostly) judgement-free environment for all of your questions and stories, no matter how silly you think they are. Anybody can answer questions! My name is AutoModerator and I've taken over responsibility for posting these weekly threads so you don't have to worry about anything except your comments!
https://redd.it/1nq2okf
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
I tired of LinkedIn recruiters..
They always make me feel not good enough,
I am sysadmin of 8 years and Cloud Consultant for 4 years.. I have good on-prem knowledge and decent cloud skills and a bunch of certifications..
It is like always playing games with them..a typical guess the key word...
"and the word we were looking for was...": MFA
So your IAM skills does not fit..
Or the typical know nothing about IT recruiters fishing wide and just book up interviews to fill their hours..
Rant over.
So how do you handle these subhumans, leeching on your time.
When are you truly enough as an IT Consultant.
https://redd.it/1nq3sfd
@r_systemadmin
They always make me feel not good enough,
I am sysadmin of 8 years and Cloud Consultant for 4 years.. I have good on-prem knowledge and decent cloud skills and a bunch of certifications..
It is like always playing games with them..a typical guess the key word...
"and the word we were looking for was...": MFA
So your IAM skills does not fit..
Or the typical know nothing about IT recruiters fishing wide and just book up interviews to fill their hours..
Rant over.
So how do you handle these subhumans, leeching on your time.
When are you truly enough as an IT Consultant.
https://redd.it/1nq3sfd
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
Caught someone pasting an entire client contract into ChatGPT
We are in that awkward stage where leadership wants AI productivity, but compliance wants zero risk. And employees… they just want fast answers.
Do we have a system that literally blocks sensitive data from ever hitting AI tools (without blocking the tools themselves) and which stops the risky copy pastes at the browser level. How are u handling GenAI at work? ban, free for all or guardrails?
https://redd.it/1nq58o2
@r_systemadmin
We are in that awkward stage where leadership wants AI productivity, but compliance wants zero risk. And employees… they just want fast answers.
Do we have a system that literally blocks sensitive data from ever hitting AI tools (without blocking the tools themselves) and which stops the risky copy pastes at the browser level. How are u handling GenAI at work? ban, free for all or guardrails?
https://redd.it/1nq58o2
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
physical tools you can't live without
Hey gang!
i was friggin around re-terminating some jacks at some cubicles the maintenence dept snipped off without asking the other day.... fun
and it got me to thinking about all the tools that have followed me along my career and that i can't live without but then i see other admins and IT people from newer schools that have never touched the things.
so just for some thursday morning jibber jabber, what are some of the tools you got in your tickle trunk that you can't live without or you have taken with you along your career from job to job just because you like to have them? fun to talk about but my current company likes to invest in capabilities so i can add some gems to my war chest based on recommendation :)
I'll start, my 110 punch tool, my tone genny and my netscout - (previously a fluke DTX when i was RUNNING more cable than troubleshooting cable but i was too cheap to re-certify it/ it got old)
https://redd.it/1nq4toh
@r_systemadmin
Hey gang!
i was friggin around re-terminating some jacks at some cubicles the maintenence dept snipped off without asking the other day.... fun
and it got me to thinking about all the tools that have followed me along my career and that i can't live without but then i see other admins and IT people from newer schools that have never touched the things.
so just for some thursday morning jibber jabber, what are some of the tools you got in your tickle trunk that you can't live without or you have taken with you along your career from job to job just because you like to have them? fun to talk about but my current company likes to invest in capabilities so i can add some gems to my war chest based on recommendation :)
I'll start, my 110 punch tool, my tone genny and my netscout - (previously a fluke DTX when i was RUNNING more cable than troubleshooting cable but i was too cheap to re-certify it/ it got old)
https://redd.it/1nq4toh
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
Do y'all ever roll in late to the office?
Been in IT for a minute now and I've never had any issues with IT comings and goings at any "reasonable" time. I've always had leaders that said, "as long as your work is done, I don't mind when you leave or come in."
Started new gig and boy......they have a hard start time of 8am and end time of 5pm. I was doing some work around the office at one point and still had my backpack and drink in hand and it was around 8:45am when I walked by a C level. I got an email a few hours later stating "if you need accommodations for coming later let us know otherwise start time is..."
What's really irritating me the most is that my days are easily within the realm of 9-12hrs of work at and they say nothing when I have early start times or late days. Even less for weekend in office work. Skipping lunches is a frequent thing here with the current work load I have. I told my direct boss about this but they said that's just the way it is here. Man, that sucked to hear.
Just feels hypocritical to me. Sucks, cuz I get paid pretty decently for the area I think, but this along with a few very strange things I've seen (cameras everywhere, active snooping/watching of said cameras at all times) that have been putting me off this job/office. CEOs got their offices locked up and they've blocked the walk ways a certain way so that they don't see people walk by their office...despite having a whole ass wall where they can't even see out. Some mistreatment of operators...etc etc. Just weird vibes...
Maybe I'm just being a little bitch boy about it but hot damn....I've just never had any leadership give a shit in the past.
https://redd.it/1nq63z2
@r_systemadmin
Been in IT for a minute now and I've never had any issues with IT comings and goings at any "reasonable" time. I've always had leaders that said, "as long as your work is done, I don't mind when you leave or come in."
Started new gig and boy......they have a hard start time of 8am and end time of 5pm. I was doing some work around the office at one point and still had my backpack and drink in hand and it was around 8:45am when I walked by a C level. I got an email a few hours later stating "if you need accommodations for coming later let us know otherwise start time is..."
What's really irritating me the most is that my days are easily within the realm of 9-12hrs of work at and they say nothing when I have early start times or late days. Even less for weekend in office work. Skipping lunches is a frequent thing here with the current work load I have. I told my direct boss about this but they said that's just the way it is here. Man, that sucked to hear.
Just feels hypocritical to me. Sucks, cuz I get paid pretty decently for the area I think, but this along with a few very strange things I've seen (cameras everywhere, active snooping/watching of said cameras at all times) that have been putting me off this job/office. CEOs got their offices locked up and they've blocked the walk ways a certain way so that they don't see people walk by their office...despite having a whole ass wall where they can't even see out. Some mistreatment of operators...etc etc. Just weird vibes...
Maybe I'm just being a little bitch boy about it but hot damn....I've just never had any leadership give a shit in the past.
https://redd.it/1nq63z2
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
How do you prove nothing happened?
Does your c-suite freak out every time there is a phishing email or attempted malicious phone call? How do you prove it wasn't a breach on our end?
Someone in our org got a phone call from "the bank" stating they stopped a fraudulent check cashing attempt. The bad actor apparently had valid account and/or user info for our company. Now the C-suite thinks we've been breached, wants a "full analysis", along with a whole slew of other precautions. Initial indications are the bank has the "leak", but how do I prove to them that we are not compromised?
https://redd.it/1nqbgm7
@r_systemadmin
Does your c-suite freak out every time there is a phishing email or attempted malicious phone call? How do you prove it wasn't a breach on our end?
Someone in our org got a phone call from "the bank" stating they stopped a fraudulent check cashing attempt. The bad actor apparently had valid account and/or user info for our company. Now the C-suite thinks we've been breached, wants a "full analysis", along with a whole slew of other precautions. Initial indications are the bank has the "leak", but how do I prove to them that we are not compromised?
https://redd.it/1nqbgm7
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
Broadcom only wants to give us 3-year pricing
In the "At least things couldn't get any worse, right?" Department, after significantly scaling back our VM footprint in light of the Broadcom fiasco, we went to renew and the resellers only gave us 3-year pricing even though we didn't ask for it. I asked one of them for 1-year pricing and a reseller is telling us it needs to be escalated up the chain at Broadcom with a "business justification", and warning there will be a 60 - 80% increase next year.
https://redd.it/1nqb9au
@r_systemadmin
In the "At least things couldn't get any worse, right?" Department, after significantly scaling back our VM footprint in light of the Broadcom fiasco, we went to renew and the resellers only gave us 3-year pricing even though we didn't ask for it. I asked one of them for 1-year pricing and a reseller is telling us it needs to be escalated up the chain at Broadcom with a "business justification", and warning there will be a 60 - 80% increase next year.
https://redd.it/1nqb9au
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
AI Acceptable use policy.
I've recently taken initiative to draft a AI AUP for our org after an incident of some proprietary info being uploaded into ChatGPT to do... something, I'm not sure what, this person is gone now.
I haven't determined next steps yet as far as blocking AI services / getting copilot for business / localized generative models...etc.
Just curious how many of you have AI policies in place?
https://redd.it/1nqfx8o
@r_systemadmin
I've recently taken initiative to draft a AI AUP for our org after an incident of some proprietary info being uploaded into ChatGPT to do... something, I'm not sure what, this person is gone now.
I haven't determined next steps yet as far as blocking AI services / getting copilot for business / localized generative models...etc.
Just curious how many of you have AI policies in place?
https://redd.it/1nqfx8o
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
3 requests to help find a file in the past week - WTF
3 different users, 3 different companies altogether. Prior to last week, I had maybe 3 requests in the past 10 years. I'm not even sure what to say anymore.
https://redd.it/1nqi7gk
@r_systemadmin
3 different users, 3 different companies altogether. Prior to last week, I had maybe 3 requests in the past 10 years. I'm not even sure what to say anymore.
https://redd.it/1nqi7gk
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
Employee monitoring software that only monitors when employee clicks "Start Monitoring"?
I'm going down my first rabbit hole with employee monitoring software. A small business customer of mine made the request, but here's the catch: it's only for 1 contractor, and it's for the contractor's own personal computer. I informed my customer about how invasive these things can be, especially on a computer he doesn't own, but what I couldn't answer was if there's an "opt in" kind of way for the contractor to manually turn on the monitoring when they start their billing clock, so to speak. When they are done their billing, then can turn off any monitoring. Do we know if any of the players in this space offer that specific feature (ActivTrack, Time Champ, Hubstaff, Monitask, CurrentWare, Time Doctor, Cattr, Teramind, et al)?
The other important consideration for this ask is that it's a basic, simple-to-use software with low/no contract commitments and reasonable monthly fees. Preferably the data is cloud-hosted, I don't want to set up any kind of on-prem server for this. Thanks in advance!
https://redd.it/1nqfllp
@r_systemadmin
I'm going down my first rabbit hole with employee monitoring software. A small business customer of mine made the request, but here's the catch: it's only for 1 contractor, and it's for the contractor's own personal computer. I informed my customer about how invasive these things can be, especially on a computer he doesn't own, but what I couldn't answer was if there's an "opt in" kind of way for the contractor to manually turn on the monitoring when they start their billing clock, so to speak. When they are done their billing, then can turn off any monitoring. Do we know if any of the players in this space offer that specific feature (ActivTrack, Time Champ, Hubstaff, Monitask, CurrentWare, Time Doctor, Cattr, Teramind, et al)?
The other important consideration for this ask is that it's a basic, simple-to-use software with low/no contract commitments and reasonable monthly fees. Preferably the data is cloud-hosted, I don't want to set up any kind of on-prem server for this. Thanks in advance!
https://redd.it/1nqfllp
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
What the hell do you do when non-competent IT staff starts using ChatGPT/Copilot?
Our tier 3 help desk staff began using Copilot/ChatGPT. Some use it exactly like it is meant to be used, they apply their own knowledge, experience, and the context of what they are working on to get a very good result. Better search engine, research buddy, troubleshooter, whatever you want to call it, it works great for them.
However, there are some that are just not meant to have that power. The copy paste warriors. The “I am not an expert but Copilot says you must fix this issue”. The ones that follow steps or execute code provided by AI blindly. Worse of them, have no general understanding of how some systems work, but insist that AI is telling them the right steps that don’t work. Or maybe the worse of them are the ones that do get proper help from AI but can’t follow basic steps because they lack knowledge or skill to find out what tier 1 should be able to do.
Idk. Last week one device wasn’t connecting to WiFi via device certificate. AI instructed to check for certificate on device. Tech sent screenshot of random certificate expiring in 50 years and said your Radius server is down because certificate is valid.
Or, this week there were multiple chases on issues that lead nowhere and into unrelated areas only because AI said so. In reality the service on device was set to start with delayed start and no one was trying to wait or change that.
This is worse when you receive escalations with ticket full of AI notes, no context or details from end user, and no clear notes from the tier 3 tech.
To be frank, none of our tier 3 help desk techs have any certs, not even intro level.
https://redd.it/1nqmrnu
@r_systemadmin
Our tier 3 help desk staff began using Copilot/ChatGPT. Some use it exactly like it is meant to be used, they apply their own knowledge, experience, and the context of what they are working on to get a very good result. Better search engine, research buddy, troubleshooter, whatever you want to call it, it works great for them.
However, there are some that are just not meant to have that power. The copy paste warriors. The “I am not an expert but Copilot says you must fix this issue”. The ones that follow steps or execute code provided by AI blindly. Worse of them, have no general understanding of how some systems work, but insist that AI is telling them the right steps that don’t work. Or maybe the worse of them are the ones that do get proper help from AI but can’t follow basic steps because they lack knowledge or skill to find out what tier 1 should be able to do.
Idk. Last week one device wasn’t connecting to WiFi via device certificate. AI instructed to check for certificate on device. Tech sent screenshot of random certificate expiring in 50 years and said your Radius server is down because certificate is valid.
Or, this week there were multiple chases on issues that lead nowhere and into unrelated areas only because AI said so. In reality the service on device was set to start with delayed start and no one was trying to wait or change that.
This is worse when you receive escalations with ticket full of AI notes, no context or details from end user, and no clear notes from the tier 3 tech.
To be frank, none of our tier 3 help desk techs have any certs, not even intro level.
https://redd.it/1nqmrnu
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
One for all you ASA users
https://www.cisa.gov/news-events/directives/ed-25-03-identify-and-mitigate-potential-compromise-cisco-devices
Not sure how many folks saw this one today.
https://redd.it/1nqmaue
@r_systemadmin
https://www.cisa.gov/news-events/directives/ed-25-03-identify-and-mitigate-potential-compromise-cisco-devices
Not sure how many folks saw this one today.
https://redd.it/1nqmaue
@r_systemadmin
Cybersecurity and Infrastructure Security Agency CISA
ED 25-03: Identify and Mitigate Potential Compromise of Cisco Devices | CISA
This page contains a web-friendly version of the Cybersecurity and Infrastructure Security Agency’s Emergency Directive 25-03: Identify and Mitigate Potential
Cisco ASA Under Fire: Urgent Zero-Day Duo Actively Exploited, CISA Issues Emergency Directive
Another nasty exploit which can cause headaches to fellow admins if it is not mitigated on time.
Cisco identified two zero-day issues:
CVE-2025-20333 (CVSS score: 9.9): An improper validation of user-supplied input in HTTP(S) requests that could allow an authenticated remote attacker (with valid VPN credentials) to execute arbitrary code as root via crafted HTTP requests.
CVE-2025-20362 (CVSS score: 6.5): Also stemming from improper input validation, this flaw lets an unauthenticated remote attacker access restricted URL endpoints without authentication, again via crafted HTTP requests.
"According to the agency, the campaign is “widespread” and involves unauthenticated remote code execution and even manipulation of a device’s read-only memory (ROM) to maintain persistence across reboots or firmware upgrades."
Sources:
https://www.cisa.gov/news-events/alerts/2025/09/25/cisa-directs-federal-agencies-identify-and-mitigate-potential-compromise-cisco-devices
https://hoodguy.net/cisco-asa-under-fire-urgent-zero-day-duo-actively-exploited-cisa-issues-emergency-directive/
https://www.reddit.com/r/cybersecurity/comments/1nqf3bw/cisco\_asaftd\_zerodays\_under\_active\_exploitation/
Happy updating everyone!
https://redd.it/1nqu8wa
@r_systemadmin
Another nasty exploit which can cause headaches to fellow admins if it is not mitigated on time.
Cisco identified two zero-day issues:
CVE-2025-20333 (CVSS score: 9.9): An improper validation of user-supplied input in HTTP(S) requests that could allow an authenticated remote attacker (with valid VPN credentials) to execute arbitrary code as root via crafted HTTP requests.
CVE-2025-20362 (CVSS score: 6.5): Also stemming from improper input validation, this flaw lets an unauthenticated remote attacker access restricted URL endpoints without authentication, again via crafted HTTP requests.
"According to the agency, the campaign is “widespread” and involves unauthenticated remote code execution and even manipulation of a device’s read-only memory (ROM) to maintain persistence across reboots or firmware upgrades."
Sources:
https://www.cisa.gov/news-events/alerts/2025/09/25/cisa-directs-federal-agencies-identify-and-mitigate-potential-compromise-cisco-devices
https://hoodguy.net/cisco-asa-under-fire-urgent-zero-day-duo-actively-exploited-cisa-issues-emergency-directive/
https://www.reddit.com/r/cybersecurity/comments/1nqf3bw/cisco\_asaftd\_zerodays\_under\_active\_exploitation/
Happy updating everyone!
https://redd.it/1nqu8wa
@r_systemadmin
CyberHood Sentinel
Cisco ASA Under Fire: Urgent Zero-Day Duo Actively Exploited, CISA Issues Emergency Directive ⋆ CyberHood Sentinel
Cisco ASA/FTD appliances suffer two zero-day flaws under active attack. CISA issues emergency directive—patch now or face root-level compromise.
W10 longer support in EU - any info on enterprise environments?
https://www.bleepingcomputer.com/news/microsoft/microsoft-will-offer-free-windows-10-security-updates-in-europe/
Good news for consumers in Europe.
I'm wondering now what this means for enterprise environments. Will this be extended to Wsus / MECM / WuFB updating? Would the pc need to be hybrid or Entra joined for that?
This won't change our upgrade path and timeline to W11 but it might offer a solution for those problem cases where a bit of extra time would come in handy.
https://redd.it/1nquxtw
@r_systemadmin
https://www.bleepingcomputer.com/news/microsoft/microsoft-will-offer-free-windows-10-security-updates-in-europe/
Good news for consumers in Europe.
I'm wondering now what this means for enterprise environments. Will this be extended to Wsus / MECM / WuFB updating? Would the pc need to be hybrid or Entra joined for that?
This won't change our upgrade path and timeline to W11 but it might offer a solution for those problem cases where a bit of extra time would come in handy.
https://redd.it/1nquxtw
@r_systemadmin
BleepingComputer
Microsoft will offer free Windows 10 extended security updates in Europe
Microsoft will offer free extended security updates for Windows 10 users in the European Economic Area (EEA), which includes Iceland, Liechtenstein, Norway, and all 27 European Union member states.
Weekly 'I made a useful thing' Thread - September 26, 2025
There is a great deal of user-generated content out there, from noscripts and software to tutorials and videos, but we've generally tried to keep that off of the front page due to the volume and as a result of community feedback. There's also a great deal of content out there that violates our advertising/promotion rule, from noscripts and software to tutorials and videos.
We have received a number of requests for exemptions to the rule, and rather than allowing the front page to get consumed, we thought we'd try a weekly thread that allows for that kind of content. We don't have a catchy name for it yet, so please let us know if you have any ideas!
In this thread, feel free to show us your pet project, YouTube videos, blog posts, or whatever else you may have and share it with the community. Commercial advertisements, affiliate links, or links that appear to be monetization-grabs will still be removed.
https://redd.it/1nqxbli
@r_systemadmin
There is a great deal of user-generated content out there, from noscripts and software to tutorials and videos, but we've generally tried to keep that off of the front page due to the volume and as a result of community feedback. There's also a great deal of content out there that violates our advertising/promotion rule, from noscripts and software to tutorials and videos.
We have received a number of requests for exemptions to the rule, and rather than allowing the front page to get consumed, we thought we'd try a weekly thread that allows for that kind of content. We don't have a catchy name for it yet, so please let us know if you have any ideas!
In this thread, feel free to show us your pet project, YouTube videos, blog posts, or whatever else you may have and share it with the community. Commercial advertisements, affiliate links, or links that appear to be monetization-grabs will still be removed.
https://redd.it/1nqxbli
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community