For this first time in my career I’m working at a company with a dedicated Security team and I fully understand now why having SysAdmin experience should be absolutely necessary to be on a CyberSecurity team…

I’ve seen people here complain about kids fresh out of college joining their company’s Sec team and making ignorant requests, but only now do I understand.

Younger kid on our security team submitted a ticket, assigned it straight to me and not our team’s queue (ugh), saying “Hey I found this noscript online, could you run it on these three prod machines for me? Feel free to run whenever. Thanks!”

Links to some random blog post, noscript requires some package dependencies to be installed, noscript ends with a reboot command, bunch of cURLs & chmod’s in it.



https://redd.it/1nw6sks
@r_systemadmin

CrownCastle NYC area internet issues

Anyone able to get a ticket open for Crown Castle internet issue that seemed to start around 11:15am EST today? I'm in southwest CT, circuit is flapping and feels like routing issue when it's up. OR could just be flapping.

https://redd.it/1nw7al5
@r_systemadmin

As a SysAdmin, i should not have to....

I'll start:

...teach my IT Manager how to navigate folders in PowerShell.


Add:

They were promoted to their role as IT Manager from....


SysAdmin.



I now see my post was a little light on some details.

https://redd.it/1nw87ue
@r_systemadmin

Computer names - by user

My boss is asking the question, what do you think of naming the computers with the user's login or part of it? Example:  jobsite-username

Any thoughts if this is a good or bad idea? At first glance, I'm not a fan of it, being staff comes and goes.

https://redd.it/1nw917k
@r_systemadmin

Management wants to roll out a time tracker. What technical issues am I bound to run into?

The higher-ups have tasked me with deploying a time tracking tool for our remote fleet. HR already did the vendor selection and they've handed me Monitask.

My job isn't to debate the policy, it's to make sure the rollout doesn't become a technical dumpster fire. I'm already thinking about the obvious stuff like GPO deployment, potential conflicts with our EDR, and making sure it doesn't hog resources on older laptops.

For the sysadmins here who have had to deploy this kind of agent-based software, what were the unexpected headaches? Anything I should be testing for specifically that isn't in the standard documentation?

https://redd.it/1nwaygd
@r_systemadmin

Pour one out for the Crown Castle Network Admins and their customers

Outages all over the Northeast and Florida.

https://downdetector.com/status/lightower/map/

Happy Thursday!

https://redd.it/1nwadif
@r_systemadmin

Sysadmins… Microsoft is keeping your job safe..

I know nothing about what you people actually do, but I assure you that your job is safe… and Microsoft is making sure it stays that way.

As a small business owner, dealing with Microsoft is a COMPLETE nightmare for us common folk’. They move everything all over the place in their admin centers, they re-name things, and they don’t even bother to update their help articles…and even Co-Pilot just feeds you out-dated info.

I’ve literally spent 1 week on & off just trying to get my email to apply a retention policy and tag to move email messages from my mailbox into the auto-expanding archive. A WEEK! Finally, I resorted to powershell, which is 100x easier then snooping around 4 admin centers + Purview (wtf is purview?)

It still hasn’t moved anything whatsoever, but at least I confirmed everything is set up correctly.

In summary, you’re safe, and I salute you 🫡.

Thanks.

https://redd.it/1nwggqp
@r_systemadmin

CISA.DHS.GOV - Suspicious E-mail - Anyone else?

Anyone else in .gov just get a suspcious e-mail from an address on "@cisa.dhs.gov" with a .txt file attachment?


Subject: Hello

Body: Dear hello

Partial Attachment: (The Access Key and Secret Access Key I edited, because it was complete)

url https://hgsm1yxlxd.execute-api.us-gov-west-1.amazonaws.com/



IP 10.5.4.24, 10.5.2.193, 10.5.16.109

Creating IAM resources for email sender...

Created role: arn:aws-us-gov:iam::048250888335:role/lambda-email-sender-role

Created policy: arn:aws-us-gov:iam::048250888335:policy/lambda-email-sender-policy

Created user: email-sender-deployer

Access Key ID: XXXXXXXXXXXXXXXXX

Secret Access Key: XXXXXXXXXXXXXXXXXXXXXXXXXXXXX

Save these credentials securely!



IAM resources created successfully!

Lambda Role ARN: arn:aws-us-gov:iam::048250888335:role/lambda-email-sender-role

Use the deployment credentials to run the deployment noscripts.

https://redd.it/1nwginy
@r_systemadmin

CISA emails during gov't shutdown.

Curious, assuming it can't just be me...but did anyone else get an email from a specific person at CISA with an attachment that lists their credentials for what appears to be their Amazon Simple Email Service? Since the gov't is shutdown, I'm assuming CISA is as well, so I'd have been surprised to get any email from them...much less something that obviously shouldn't have been sent out.

https://redd.it/1nwhdoa
@r_systemadmin

CFO wants to know why our IT costs doubled when we went remote

Pre-remote: 100 employees, $180k annual IT costs, everything made sense.

Post-remote: 100 employees, $340k annual IT costs, CFO breathing down my neck.

The cost breakdown is painful:

- International shipping that costs 40% of equipment value
- Timezone support coverage (we now need 16 hour IT support)
- Equipment recovery when people quit (apparently $500 per laptop minimum)
- Compliance consulting for different countries
- Multiple vendor relationships instead of one local supplier

CFO keeps asking "why can't you just do the same thing but remote" and I'm running out of ways to explain that distributed IT is fundamentally different from office IT.

Anyone else getting roasted by finance for remote IT costs? This feels unsustainable but going back to office-only would lose us 60% of our talent.

https://redd.it/1nwlpo4
@r_systemadmin

Greybeards - has it always been like this?

I know it's a bit of a cliche at this point, but everything in the IT industry feels super uncertain right now.

Steady but uneven rise of cloud, automation, remote work, AI etc. But none of that is settled.

For context, I'm about 6 years into my IT career. It used to be when helpdesk would ask me "what should I specialise in" I would have an answer. But in the last couple of years I'm at a loss.

For those who have spent longer in IT - have you seen this happen before? Is this just tech churn that happens ever X number of years? Or is the future of IT particularly uncertain right now?

https://redd.it/1nwu143
@r_systemadmin

Weekly 'I made a useful thing' Thread - October 03, 2025

There is a great deal of user-generated content out there, from noscripts and software to tutorials and videos, but we've generally tried to keep that off of the front page due to the volume and as a result of community feedback. There's also a great deal of content out there that violates our advertising/promotion rule, from noscripts and software to tutorials and videos.

We have received a number of requests for exemptions to the rule, and rather than allowing the front page to get consumed, we thought we'd try a weekly thread that allows for that kind of content. We don't have a catchy name for it yet, so please let us know if you have any ideas!

In this thread, feel free to show us your pet project, YouTube videos, blog posts, or whatever else you may have and share it with the community. Commercial advertisements, affiliate links, or links that appear to be monetization-grabs will still be removed.

https://redd.it/1nwuxpg
@r_systemadmin

Anyone else drowning in "Shadow AI"?

I thought shadow IT was bad enough; now I'm seeing staff pasting trannoscripts, notes, even snippets of internal docs into random AI tools. No approvals and logs, nothing to track after the fact. At least with SaaS sprawl, you could follow the money trail - this just disappears into the void.

How are you dealing with it? Blocking access only works for so long, and just telling people "don't paste sensitive data" isn't cutting it either.

PS: Not looking for silver bullets, just curious what's actually working (or falling) for others before I push this uphill with leadership.

https://redd.it/1nwvl8a
@r_systemadmin

Hassle getting bloatware-free computers.

Why is it such an incredible hassle to get computers with no bloatware for our business?

We paid CDW to send us clean images and to upload the hardware hashes. Instead, they sent us the hardware hashes in an email and the computers still had all of the bloatware. Now it has been well over a month since we returned them to fix it and they still haven't even gotten one computer back out to us.

Is this a challenge everywhere?

EDIT - I find it interesting how many of you are saying "just image it". Can we please stop normalizing and defending shitty business practices? We paid for them to remove the bloatware.

All of my systems are autopilot. I expect to be able to hand a sealed box to my users and say "have a good day." I do not expect to waste days of effort cleaning individual machines before I can send them out.

https://redd.it/1nwyljs
@r_systemadmin

I finally fucking crawled out of the deep, deep hole of helldesk

I accepted an offer at an MSSP this week to become a sysadmin which I’m super pumped about. Been at an MSP for 2 years in support and I fucking hate it. Solid $30k pay bump, better hours, PTO, full remote etc. Plus just a better msp(MSSP) even though I didn’t want to go to another MSP. Solid dudes over there and I said hey what the hell. But I’m finally fucking done with support. I was so burnt out.

https://redd.it/1nx0cn5
@r_systemadmin

Gaming as an IT person

Totally random and off the wall question but for all the gamers in this group, I'm wondering how working in IT impacts your gaming habits? I've heard plenty of stories from IT people who don't ever touch PC gaming because, "I work on a PC all day. Last thing I want to do when I get home is touch a PC." That's never been me. I'm a diehard PC gamer and while I do have slumps, I'm happy to work on IT stuff all day (often on my home PC), then once 3pm hits I'll close out chat and all my work stuff and launch some video game.

Where it impacts me is in the type of characters I play in RPGs. I'm a big fan of RPGs (mostly tabletop; I'm playing in a Daggerheart campaign and running a 1st Edition AD&D campaign), but 99.99% of the time, I'll play a DPS fighter. No magic users, no clerics, no technicians, hackers, or anything that involves a lot of thinking. My brain is usually pretty drained by the time the weekend hits and the last thing I want to do is think. All I want is to play, "pointy end goes into the other man."

I'm wondering what everyone else is like in that regard?

https://redd.it/1nx0k02
@r_systemadmin

I’m doing a work-study programme to become a sysadmin (in France). I am "surprised" by how my company’s IT department operates; it seems strange. Any thoughts ?

I should start by saying I have not much experience in this field, as I only recently started working as a sysadmin « to be », with a colleague who has been the sysadmin of the company for ≈5 years.

Though I always had a deep interest in IT and computers.

My company is based in France and operates in the e-commerce sector.

So here’s some things that make me wonder about the soundness of IT operations in my company :

-the « CTO » wants us to put a whole database on the server used for Active Directory
-there’s already two databases on that server
-every user knows the local admin password of its computer
-most of our hardware is 15+ years old and still on Windows 10?
-we have no stock of equipment and we are constantly operating on a just-in-time basis, to the point where our new arrivals can sometimes find themselves without equipment or computers to work on
-my colleague used the same password for each and every local admin? isn’t it weird?
-each machine has free roaming access to our servers, even production ones
-customer databases are accessible too
-most of our servers run on Windows Server 2008 and it’s a nightmare (reboots, etc)
-the global admin passwords are all more of the same
-there’s only one backup ?
-we use Jira as a ticketing system and I just hate it (+no users really uses it and prefer to come directly at our desk or send a teams)

So yeah, that’s all for now that I could think of. And it seems strange. I know I have almost no experience in this field but I feel that this is not a normal situation. And it puts me in a lot of stress and I am so so tired already.

Also, I may have made english mistakes, sorry if that’s the case.

What’s your opinions ? should I just run and find somewhere else to learn the job ? Thanks a lot !!

https://redd.it/1nwyjss
@r_systemadmin

User Desktops are a Minefield of Shortcuts

Its always been a request, but I guess as someone sees new desktop shortcuts for......stuff, they get the idea that they can force these too, and its just picking up speed.

Most of our users have a few dozen desktop shortcuts. The majority are to various websites. Some are EMR links, test versions of the EMR, links to videos on network shares for how-to on things like using their desk phones, direct links to network drives, random specific folders, often not even for "all employees" -- all sorts of stuff from various departments. The newest trend are Sharepoint pages (not even sites, but specific pages within and sometimes multiple pages for the same site) for things that people want the entire company to have and use.

Yes, we have an intranet site, yes they can use browser bookmarks -- but this is how the company wants to handle these things because... "its what we do." Cool, thanks management for that great justification.

For those of you that have avoided this, was this simply by saying no to these kinds of requests and directing them to something more sane? For those that stopped the bleeding, what was your experience to direct the other departments to change this?

https://redd.it/1nwyap7
@r_systemadmin

Do you prevent users from signing into their personal computer with their 365 accounts?

Do you prevent users from signing into their personal computer with their 365 accounts? I am just curious your reasonings.

If you allow, why?

If you block, why?

https://redd.it/1nx6iyb
@r_systemadmin

Hobbies/things you've done that aren't things people would expect in IT?

Just kind of wanted to have a bit of a meta discussion. Not a lot of people. For instance, would be guessing that an IT professional would do things like Auto work or home improvement.

As an example, I just did the majority of my front suspension on my Ford ranger. New hub/rotor, upper control arms, inner and outer tie rods, lower ball joints, and sway bar links. It was very cumbersome to do but I never thought I'd see myself doing car work. How about you?

https://redd.it/1nx9q20
@r_systemadmin

Don't know everything, quiet quit, be mediocre. It'll save your sanity in the long run.

# The Clock that should not be

"Why is this clock 10 minutes off? It syncs to this NTP server."


The Firewall indicates that the NTP server is responding properly, and I can confirm it is giving me the correct time.


"Okay but it's still off"


And that's my fucking problem how? I don't manage it. I didn't purchase it. I was blissfully unaware of its existence until you brought this misfortune upon me. Go fucking reboot it or get a new one.

# Our firewalls suck ass, we spent millions on these, fix pls

"Our IPSec tunnels are dropping between these two sites, and when it does, our firewall stops forwarding your routes to our switches"



Okay? My device is doing its job, and yours isn't, and I'm expected to jump through hoops and go sailing through waves of low-level vendor support for an issue that isn't occurring on my device? I'm giving you the routes again once it re-establishes.

You're getting our routes, they exist in your routing table. YOU are not sending them forward when these drops occur. (because drops on the internet are normal, shit happens, sometimes an entire ISP in India, China, Russia, etc, lays claim to the entire internet, just another Tuesday.)



Maybe if you updated your gear more than never, it might not have so many issues.



Maybe if you selected a better solution back during the PoC when you and only you got to trial both solutions to unilaterally decide on a direction for the company and spending millions upon millions of dollars, we wouldn't be having this conversation.



Additionally, you don't even do firewall rules with the NGFWs, so what does it fucking matter? You might as well have not deployed them in the first place if you didn't plan on doing anything with them, but sure, now I have to migrate my working solution, without a shitty cloud managed platform that has had multiple outages since we had the misfortune to be forced to use it, to yours and replicate my work so we can have a unified infrastructure.



Which, I'm not opposed to, but maybe listen to the guy who made the working unified infrastructure for our side of the business or at least involve him in the PoC. Multi-billion dollar shitshow of a company.

# Solarwinds. That's it. That's the noscript.

"Why didn't we get an alert in Solarwinds for this?"


Because you decided to fucking spend money on Solarwinds in the year 2025.

# Switch Failure = Panic Brain

"We had a switch fail here yesterday, but I don't know what ports were configured where"



Okay, well maybe if you used the Solarwinds NCM to download the old config, you would know. Here you go. If I have to explain this to you again, I'm going to explode. Literally. My walls will be a Christmas tree of gore and disappointment in you.



(Also, we could still replace all of Solarwinds with Zabbix and Gitlab for backups, like I suggested, but I don't get any say in how the circus is run, nor which monkeys we employ)

# Let's cut staff and accelerate ALL OF THE THINGS!

We've lost an entire teams worth of people to cuts and them leaving for better things (go get that bag and leave this shitshow), but can you make your project be done in 3 quarters instead of a year?



Two quarters later and over 70% done



Yeah, we're going to need to wrap this up by the end of this quarter, insert VP name isn't happy with it.



Well, firstly, through staffing us properly, all things are possible, so jot that down. Next, can you just take a big step back and literally fuck your own face?



Now that that's settled, why have a deadline (which was already accelerated in the first place) to just move it up again in the future? Why have dates at all? Why have work hours at all? We should just work until its done like the overtime exempt slaves we are, right?



"We're not going to have the capacity to do all of these in the next quarter, as we barely had capacity for insert other project not related to above this quarter."



Proceeds to try and do it anyways



"Guys,