Hopefully not crying wolf....but RSAT on 25H2 is crashing my PCs

I had this issue a couple weeks ago when 25H2 was "released", but was released as its build number rather than through the pretty finalized version.

With it going live today, I figured I'd download the media again and try again.

Whenever I open something installed by RSAT (AD Users & Computers, for example), my system freezes, clock stops, fans spin up.

I had to wipe 2 computers and start over last time, and right now, it looks like I'll have to either roll back the update, or reinstall and not use RSAT.

So....heads up. Upgrade and fresh install, RSAT seems to not like 25H2.





It was installed with the following noscript Get-WindowsCapability -Name RSAT* -Online | Add-WindowsCapability -Online

I know there's an offline installer, but I don't know if they've made it available yet (or at least where to look for it).

I don't think using the GUI would make things any different...but I'm not sure yet. I rebooted this laptop and now RSAT is working fine after the reboot, which is different from how it acted last week. Last week, I could open the admin tools and I was crashing my system like clockwork.

https://redd.it/1numhtb
@r_systemadmin

Sysadmin being forced in IAC/DevOps

Hi, first of all, English is not my main language, so sorry if it’s not clear.

 

I’m 40 years old, sysadmin for 10 years now, did level 1, 2, 3 tech before that. Total of 22 years in tech.

I’m the main admin for our Azure, I’ve been deploying, securing and managing all our resources through the portal for years now.

Now I’m getting pushed by management to switch to IAC in DevOps and I feel so underwhelmed and honestly afraid.

I’m no developer and I feel like this is such a big change for me.

Any other sysadmin in the same situation as me ?

Any good place to start learning this ?

 

Thanks

https://redd.it/1nugkyk
@r_systemadmin

The dumb(easy) way to migrate Hyper-V to Proxmox (Qemu)

Hey

For those of you, brave self hosters, who want to scape from hyper-v to proxmox (You will thank me later), here is an easy way to migrate your VMs without headackes.

# Steps

1. Export from Hyper-V (pre-step)
Shut down the virtual machine in Hyper-V.
Export the VM using the Hyper-V Manager to a shared directory: /mnt/agv-nas-exthdd/test-hyperv-proxmox/AGV-LINVSRV06-PWDMANAGER.
2. Copy the VM files to the Proxmox server --> cp -R /mnt/agv-nas-exthdd/test-hyperv-proxmox/AGV-LINVSRV06-PWDMANAGER /root/AGV-LINVSRV06-PWDMANAGER
3. Check Proxmox storage statuspvesm status
4. Locate and confirm the VHDX file location --> Result: /root/AGV-LINVSRV06-PWDMANAGER/Virtual Hard Disks/AGV-LINVSRV06-PWDMANAGER.vhdx--> find /root -type f -name "*.vhdx"
5. Inspect the VHDX disk information --> qemu-img info "/root/AGV-LINVSRV06-PWDMANAGER/Virtual Hard Disks/AGV-LINVSRV06-PWDMANAGER.vhdx"
6. Convert the VHDX disk to QCOW2 format --> qemu-img convert -p -O qcow2 "/root/AGV-LINVSRV06-PWDMANAGER/Virtual Hard Disks/AGV-LINVSRV06-PWDMANAGER.vhdx" "/root/AGV-LINVSRV06-PWDMANAGER/AGV-LINVSRV06-PWDMANAGER.qcow2"
7. Create the virtual machine in Proxmox (VMID 102) --> qm create 102 --name AGV-LINVSRV06-PWDMANAGER --memory 4096 --cores 2 --net0 virtio,bridge=vmbr0
8. Import the QCOW2 disk into Proxmox storage --> qm importdisk 102 /root/AGV-LINVSRV06-PWDMANAGER/AGV-LINVSRV06-PWDMANAGER.qcow2 local-lvm
9. Configure SCSI controller and set the disk as boot device --> qm set 102 --scsihw virtio-scsi-pci --scsi0 local-lvm:vm-102-disk-0 qm set 102 --boot order=scsi0
10. Start the virtual machine --> qm start 102

Ask me anything you need!

https://redd.it/1nun54a
@r_systemadmin

What's the craziest ticket you've ever received as a support staff?

Not exactly most complicated, but the one that makes you want to pull your hair out the most.

Mine is: "It just doesn't work"

lol

https://redd.it/1nuvcxh
@r_systemadmin

Can ZTNA really replace VPNs for good?

We’ve been debating whether to retire our VPNs in favor of ZTNA. On paper it offers stronger access controls, but I’m not sure how well it scales for contractors, dev teams, and staff who sometimes need wider access.

For those who’ve already made the switch, did you keep VPNs as a backup, or go all-in? How did your users adapt?

https://redd.it/1nuu15h
@r_systemadmin

1browser antidetect browser for sysadmin use any experience

Has anyone evaluated 1browser or other antidetect browsers for phishing simulations red team exercises or privacy research and found them safe to use in a corporate environment I noticed 1browser offers free profiles and free proxies which speed testing but also increase risk if left running in production what practical safeguards do you use to isolate these tools verify what data they send home enforce logging and network segmentation and involve legal and compliance before any deployment

https://redd.it/1nv0ugs
@r_systemadmin

I've lost even the last shred of hope

I've been working at my current company for about 5 years. At my previous job, I also worked as a sysadmin for around 4 years — a place where I learned everything I know today. When I got hired, I knew absolutely nothing, and my former boss handed me a brand-new laptop in its box and told me to install it and manually join it to the domain. It was a tough but incredibly rewarding time because I was the only sysadmin at a location with 70 employees.

At one point, the entire company's internet went down because my boss asked me to do cable management in the server room — I accidentally connected two ports from the same switch and created a network loop. There were also times when I had to install the BitLocker package on all company laptops (people weren’t installing the pushed package, so I had to remote in and install it myself).

The point is, I had full admin rights. I learned how to use Active Directory, Exchange Server, and laid the foundation for my knowledge in networking and server administration. It was a very stressful but beautiful period.

I left that company because I needed a significant salary increase. When I joined my current company, I was shocked — all the control I was used to was gone. First of all, access to Active Directory was done through a custom tool developed by the company, and I only had access to options like changing names, email addresses, and resetting passwords. I no longer had access to Exchange Center, servers, networks — absolutely nothing.

Four years have passed, and over time, the current company has cut our access to almost everything. All sysadmin-level permissions have been migrated to platforms under the idea of "self-service." Any employee can now make their own changes related to their user account, mailbox, software, and so on.

Now, most of what I do is laptop installations, replacing faulty peripherals, and solving minor issues because colleagues reach out to me on Teams. Over time, I’ve tried to take courses to develop myself in DevOps and Linux. But sometimes I sit and think about how, a few years ago, I was creating policies to optimize company processes, and now I’ve reached the point where I’m just replacing a broken mouse. It deeply saddens me and makes me feel like I’m losing all hope in my professional life.

I want to change something, but I can't find the motivation or the path to take.

https://redd.it/1nv277v
@r_systemadmin

Staff are pasting sensitive data into ChatGPT

We keep catching employees pasting client data and internal docs into ChatGPT, even after repeated training sessions and warnings. It feels like a losing battle. The productivity gains are obvious, but the risk of data leakage is massive.

Has anyone actually found a way to stop this without going full “ban everything” mode? Do you rely on policy, tooling, or both? Right now it feels like education alone just isn’t cutting it.

https://redd.it/1nv3bfg
@r_systemadmin

Oct 2025 Microsoft 365 Changes: What’s New and What’s Gone?

30+ big updates are landing in Microsoft 365 this Oct! From new features to retirements and functionality changes, here’s everything you need to know. 

# In the Spotlight: 

* **Microsoft Entra ID Free Subnoscription**: Microsoft will roll out a new Entra ID free, a no-cost subnoscription to help organizations track tenant ownership through billing accounts. 
* **Limiting MOERA Domain Usage:** Exchange Online will throttle outbound mail from default [*onmicrosoft.com*](http://onmicrosoft.com) domains to 100 messages per day. 
* **Retirement of Legacy MFA and SSPR Policy** – Microsoft will stop supporting management of authentication methods in the legacy MFA and SSPR policies starting October 1, 2025. Move to the Authentication Methods policy in Entra ID. 

**Here’s a quick overview of what's coming:**       

* **Retirements:** 6  
* **New Features:** 8 
* **Enhancements:** 5  
* **Changes in Functionality:** 5 
* **Action Needed:** 4 

# Retirements 

1. Microsoft Defender is retiring the rarely used “*Add to existing remediation*” option for phishing jobs. 
2. Outlook will retire the standalone “*Share to Teams”* experience for users who don’t have the Teams desktop app installed. 
3. *Outlook Lite app* will be retired starting Oct 6, 2025, and new installs will be blocked after this date. 
4. Microsoft 365 subnoscriptions linked to a personal, work, or school account will no longer support the *legacy version of Microsoft Outlook for Mac*. 
5. *OneNote for Windows 10 app* will be retired on Oct 14, 2025. 
6. SharePoint Online will retire the *SP.Utilities.Utility.SendEmail* API on Oct 31, 2025. 

# New Features 

1. Admins can decide *who can create org-wide sharing links* for agents built in the Copilot Studio Agent builders, tightening governance. 
2. Microsoft Purview introduces *Data Security Investigations (DSI)*, an AI-driven tool for analyzing content, visualizing correlations, and refining data protection policies. 
3. SharePoint Advanced Management adds *Content Management Assessment (CMA)*, giving admins visibility into site health, permissions, and lifecycle readiness in one console. 
4. Information Barriers V2 supports *larger and multi-segments with flexible discoverability*; tenants enabling IB for the first time will get V2 by default. 
5. Microsoft Purview DLP brings *Just-in-Time protection for SharePoint,* applying restrictions only when unclassified files are accessed or shared externally. 
6. Microsoft Authenticator enhancements: *removes number matching for same-device sign-ins* and simplifies setup with a new consolidated First Run Experience that *prioritizes Entra accounts.* 
7. Microsoft Entra introduces *cross-cloud synchronization* in public preview, automating user lifecycle management across commercial, US Gov, and China clouds. 
8. Microsoft Teams expands external collaboration by letting admins define *which users/groups can interact with specific external domains.* 

# Enhancements 

1. Microsoft Teams will change the default sender address for guest invites from [*noreply@microsoft.com*](mailto:noreply@microsoft.com) to [*no-reply@teams.mail.microsoft*](mailto:no-reply@teams.mail.microsoft) to improve deliverability. 
2. Microsoft Purview DLP adds *OCR support on Windows endpoints*, enabling detection of sensitive data within images. 
3. Exchange Online GCC High and DoD tenants will gain inbound support for *SMTP DANE with DNSSEC.* 
4. Microsoft is rolling out a *refreshed licensing view* in the Microsoft 365 admin center, providing unified view of user/group assignments, licensing errors tab with resolutions, and a “users without licenses” page. 
5. Microsoft Purview Compliance Portal improves DLP alerts page with a *unified event view, new detail columns, faster load times*, and reduced triage effort. 

# Existing Functionality Changes 

1. Microsoft Purview DLP *decouples email notifications and policy tips*, allowing admins to manage them independently. 
2. Microsoft is modifying the *output format of certain database

properties* in Exchange Online cmdlets. For example, the Database property in the output of Get-Mailbox will change to a fully qualified path format. 
3. Excel for the web Office Script settings are moving from the Microsoft 365 admin center to *Cloud Policy service* for streamlined control. 
4. Microsoft Teams will *shorten meeting URLs* to only include the meeting ID, omitting tenant and organizer details. 
5. Microsoft Graph Beta API will remove the *sendDeviceOwnershipChangePushNotification* property in Oct 2025, as ownership change notifications are now automated. 

# Action Required 

1. Microsoft 365 will deprecate *legacy TLS cipher suites* without forward secrecy on Oct 20, 2025; only approved TLS 1.2/1.3 suites will be supported. Admins must update clients and OS. 
2. Microsoft Entra will enforce *MFA prompts for all credential management actions* on the “My sign-ins” page. Prepare your users to re-authenticate more frequently when performing actions like password changes. 
3. Office 2016/2019, Visio 2016/2019, and Project 2016/2019 will reach end of support on Oct 14, 2025. *Upgrade to Microsoft 365 Apps* or Office LTSC 2024. 
4. Microsoft Defender XDR will *retire the Deception feature* on Oct 30, 2025; customers should shift to automatic attack disruption and exposure management. 

Act now to stay ahead and ensure these updates don't impact you! 

https://redd.it/1nv5bct
@r_systemadmin

Organization Structure

Is anyone else tired of IT reporting to finance in small organizations? We should report to the executive team/owner.

The finance team has no idea what we are doing or talking about and I feel like this diminishes our chances of promotion while finance gets promotions yearly. Also not to mention, the some finance people then claim to be a part of the IT department lmao.


https://redd.it/1nv5c03
@r_systemadmin

Best RMM

I work at an IT company as a student intern. They gave me a task so find the best RMM tool for servers. So meaning i can monitor multiple servers(and the users on them) and execute commands on them remotely like start/stop services, update, restart stuff like that. I want a all in one tool. I've checked out some like grafana but it's mainly for monitoring. What do you guys use and would recommend for windows servers? I've also tried PRTG and looked at grafana but it's mainly for monitoring.


EDIT: Thank you to everyone for the help. I got alot of feedback and tools which i will test. I wish you all the best!

https://redd.it/1nv4ofj
@r_systemadmin

Anyone else drowning in alert fatigue despite ‘consolidation’ tools?

We’ve been tightening up monitoring and security across clients, but every “single pane of glass” ends up just being another dashboard. RMM alerts, SOC tickets, backups, firewall logs, identity events… the noise piles up and my team starts tuning things out until one of the “ignored” alerts bites us in the arse.

We’re experimenting with normalizing alerts into one place, but I’d love to hear how others handle it:

Do you lean on automation/tuning, or more on training/discipline?

Also has anyone actually succeeded in consolidating alerts without just building another dashboard nobody watches?

Feels like this is a universal. What’s worked for you?



https://redd.it/1nva8ir
@r_systemadmin

It was just announced that we where "Invested in" by a private equity group and I am panicking

I have literally never seen anything good come out of private equity, from housing being purchased as assets, to driving companies into the ground like red lobster, pan am ect. I have always heard and believed with decent evidence that private equity groups will 100% fuck you into the ground as a company and extract every dime, bankrupt the company and then fire every one and rinse wash repeat.

I AM ABSOLUTELY PANICKING tbh on the verge of tears, I have never been this upset. We where a company of about 450 or so and family owned, and they are pretty good to us. They are running the "its an investment for expansion" but they are not part of a board and of course hasn't mentioned how much of the company the equity group (a giant one called One Equity Partners) they own.

We are a pretty large iT dept for the company size, however in my dept we are understaffed (not by choice trying to find some one) and It just seems like now we are effed, there going to bring in a outsourced IT like all these places do and well one day be fired.

Does any one have any experience with their company being bought out by Priv equity or work for one, I am absolutely beside myself that the family would sell, but money is a strong drug.

https://redd.it/1nvcird
@r_systemadmin

25H2 Administrative Templates Available

https://www.microsoft.com/en-us/download/details.aspx?id=108394

A couple of observed changes that should be helpful are GPO/Intune configurations for WiFi 7, Removing individual preinstalled Windows Store apps (goodbye, Clipchamp. At least if you're on Educational/Enterprise).

Pretty minor changes this year.

https://redd.it/1nvbjhp
@r_systemadmin

WSUS only sees a handful of PCs for Windows 11 upgrade, rest “Not Eligible”

Hey all,

I’m new to sysadmin and running into weird WSUS behavior with Windows 11 feature upgrades.

* WSUS initially wasn’t listing Windows 11 at all. A user on here saved me by mentioning it because I noticed the GPO **“Prevent the wizard from running”** under **Add features to Windows 10** was disabled. Setting it to **Not Configured** suddenly made all eligible PCs show they needed the upgrade.
* I tried configuring GPOs for automatic downloads so users could just schedule a restart. A few days later, WSUS showed **only 3 PCs needing Windows 11**, with the rest marked **Not Eligible**.
* Checked GPOs again, everything seems correct for feature updates but still inconsistent. Today it shows **9 PCs needing it**.

Has anyone seen WSUS fluctuate like this with feature upgrades? How do you reliably push Windows 11 to a domain without most machines showing as “Not Eligible”?

Thanks, just trying to get a smooth rollout without breaking anything.

https://redd.it/1nvgu48
@r_systemadmin

Tip: Prevent Microsoft from swiss cheesing your firewall

Have you ever spent any time (hours/days/weeks) trying to harden your windows firewall only to have those carefully curated rules turned into swiss cheese with stupid fucking rules for shit like ZuneMusic, Game Bar, Your Account, or the Windows CLOCK? Be molested no more! Your saviour is Group Policy. Make YOUR setting stick.


Run GPEDIT.MSC. Navigate to Computer Configuration/Security Settings/Windows Defender with Advanced Security and select Windows Defender Firewall Properties. For each network profile you use click on the Settings button, then set Apply Local Firewall Rules to No. Viola. Microsoft's baffling attempts to lower your security will henceforth be ignored. ONLY firewall rules defined in this policy will apply (or the domain policy if you're using AD (in which case, go talk to your admin instead)). Probably don't do this if you're remote. I do recommend defining your polices in the GPO first, or defining them in the firewall MMC where you can export them for use in group policy.

https://redd.it/1nvg629
@r_systemadmin

This phrase always hits the feels

When you are solo SysAdmin and see this: Customers may need to consult their IT administrator or IT Department.


Bro, I am the IT department and everything that comes with it, what more do you want?

https://redd.it/1nvj3vj
@r_systemadmin

Microsoft finally gave us what we've been asking for!

Microsoft has apparently been listening to the community very closely, and has announced new icons for the Office suite... again!

Don't worry about making "new" Outlook feature complete with "classic" Outlook, or making the 365/Azure admin centers faster, or streamlining licensing. That's all useless junk. Icons are what we need!

/s

https://redd.it/1nvl2bt
@r_systemadmin

Fallout After Layoffs

Asking as a greenhorn trying to survive. What do you do after a layoff when you weren't picked to go? As in, how do you pick up where others got left off at and try to keep the ship sailing?

I'm just looking for advice and strategies to keep going with the extra overhead that appeared.

https://redd.it/1nvhufv
@r_systemadmin

Do you back up your ticketing system?

We've had several ticketing systems over the years, but have never backed them up. Others in the team don't seem to consider the data valuable. I had to argue for increasing the archiving period for our existing system, and no one else worried about exporting the tickets from our previous systems.

99% of our old tickets are probably worthless, but I'd hate to lose any with valuable historical information.

What does everyone else do?



https://redd.it/1nvnv7s
@r_systemadmin