Hobbies/things you've done that aren't things people would expect in IT?
Just kind of wanted to have a bit of a meta discussion. Not a lot of people. For instance, would be guessing that an IT professional would do things like Auto work or home improvement.
As an example, I just did the majority of my front suspension on my Ford ranger. New hub/rotor, upper control arms, inner and outer tie rods, lower ball joints, and sway bar links. It was very cumbersome to do but I never thought I'd see myself doing car work. How about you?
https://redd.it/1nx9q20
@r_systemadmin
Just kind of wanted to have a bit of a meta discussion. Not a lot of people. For instance, would be guessing that an IT professional would do things like Auto work or home improvement.
As an example, I just did the majority of my front suspension on my Ford ranger. New hub/rotor, upper control arms, inner and outer tie rods, lower ball joints, and sway bar links. It was very cumbersome to do but I never thought I'd see myself doing car work. How about you?
https://redd.it/1nx9q20
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
Don't know everything, quiet quit, be mediocre. It'll save your sanity in the long run.
# The Clock that should not be
"Why is this clock 10 minutes off? It syncs to this NTP server."
The Firewall indicates that the NTP server is responding properly, and I can confirm it is giving me the correct time.
"Okay but it's still off"
And that's my fucking problem how? I don't manage it. I didn't purchase it. I was blissfully unaware of its existence until you brought this misfortune upon me. Go fucking reboot it or get a new one.
# Our firewalls suck ass, we spent millions on these, fix pls
"Our IPSec tunnels are dropping between these two sites, and when it does, our firewall stops forwarding your routes to our switches"
Okay? My device is doing its job, and yours isn't, and I'm expected to jump through hoops and go sailing through waves of low-level vendor support for an issue that isn't occurring on my device? I'm giving you the routes again once it re-establishes.
You're getting our routes, they exist in your routing table. YOU are not sending them forward when these drops occur. (because drops on the internet are normal, shit happens, sometimes an entire ISP in India, China, Russia, etc, lays claim to the entire internet, just another Tuesday.)
Maybe if you updated your gear more than never, it might not have so many issues.
Maybe if you selected a better solution back during the PoC when you and only you got to trial both solutions to unilaterally decide on a direction for the company and spending millions upon millions of dollars, we wouldn't be having this conversation.
Additionally, you don't even do firewall rules with the NGFWs, so what does it fucking matter? You might as well have not deployed them in the first place if you didn't plan on doing anything with them, but sure, now I have to migrate my working solution, without a shitty cloud managed platform that has had multiple outages since we had the misfortune to be forced to use it, to yours and replicate my work so we can have a unified infrastructure.
Which, I'm not opposed to, but maybe listen to the guy who made the working unified infrastructure for our side of the business or at least involve him in the PoC. Multi-billion dollar shitshow of a company.
# Solarwinds. That's it. That's the noscript.
"Why didn't we get an alert in Solarwinds for this?"
Because you decided to fucking spend money on Solarwinds in the year 2025.
# Switch Failure = Panic Brain
"We had a switch fail here yesterday, but I don't know what ports were configured where"
Okay, well maybe if you used the Solarwinds NCM to download the old config, you would know. Here you go. If I have to explain this to you again, I'm going to explode. Literally. My walls will be a Christmas tree of gore and disappointment in you.
(Also, we could still replace all of Solarwinds with Zabbix and Gitlab for backups, like I suggested, but I don't get any say in how the circus is run, nor which monkeys we employ)
# Let's cut staff and accelerate ALL OF THE THINGS!
We've lost an entire teams worth of people to cuts and them leaving for better things (go get that bag and leave this shitshow), but can you make your project be done in 3 quarters instead of a year?
Two quarters later and over 70% done
Yeah, we're going to need to wrap this up by the end of this quarter, insert VP name isn't happy with it.
Well, firstly, through staffing us properly, all things are possible, so jot that down. Next, can you just take a big step back and literally fuck your own face?
Now that that's settled, why have a deadline (which was already accelerated in the first place) to just move it up again in the future? Why have dates at all? Why have work hours at all? We should just work until its done like the overtime exempt slaves we are, right?
"We're not going to have the capacity to do all of these in the next quarter, as we barely had capacity for insert other project not related to above this quarter."
Proceeds to try and do it anyways
"Guys,
# The Clock that should not be
"Why is this clock 10 minutes off? It syncs to this NTP server."
The Firewall indicates that the NTP server is responding properly, and I can confirm it is giving me the correct time.
"Okay but it's still off"
And that's my fucking problem how? I don't manage it. I didn't purchase it. I was blissfully unaware of its existence until you brought this misfortune upon me. Go fucking reboot it or get a new one.
# Our firewalls suck ass, we spent millions on these, fix pls
"Our IPSec tunnels are dropping between these two sites, and when it does, our firewall stops forwarding your routes to our switches"
Okay? My device is doing its job, and yours isn't, and I'm expected to jump through hoops and go sailing through waves of low-level vendor support for an issue that isn't occurring on my device? I'm giving you the routes again once it re-establishes.
You're getting our routes, they exist in your routing table. YOU are not sending them forward when these drops occur. (because drops on the internet are normal, shit happens, sometimes an entire ISP in India, China, Russia, etc, lays claim to the entire internet, just another Tuesday.)
Maybe if you updated your gear more than never, it might not have so many issues.
Maybe if you selected a better solution back during the PoC when you and only you got to trial both solutions to unilaterally decide on a direction for the company and spending millions upon millions of dollars, we wouldn't be having this conversation.
Additionally, you don't even do firewall rules with the NGFWs, so what does it fucking matter? You might as well have not deployed them in the first place if you didn't plan on doing anything with them, but sure, now I have to migrate my working solution, without a shitty cloud managed platform that has had multiple outages since we had the misfortune to be forced to use it, to yours and replicate my work so we can have a unified infrastructure.
Which, I'm not opposed to, but maybe listen to the guy who made the working unified infrastructure for our side of the business or at least involve him in the PoC. Multi-billion dollar shitshow of a company.
# Solarwinds. That's it. That's the noscript.
"Why didn't we get an alert in Solarwinds for this?"
Because you decided to fucking spend money on Solarwinds in the year 2025.
# Switch Failure = Panic Brain
"We had a switch fail here yesterday, but I don't know what ports were configured where"
Okay, well maybe if you used the Solarwinds NCM to download the old config, you would know. Here you go. If I have to explain this to you again, I'm going to explode. Literally. My walls will be a Christmas tree of gore and disappointment in you.
(Also, we could still replace all of Solarwinds with Zabbix and Gitlab for backups, like I suggested, but I don't get any say in how the circus is run, nor which monkeys we employ)
# Let's cut staff and accelerate ALL OF THE THINGS!
We've lost an entire teams worth of people to cuts and them leaving for better things (go get that bag and leave this shitshow), but can you make your project be done in 3 quarters instead of a year?
Two quarters later and over 70% done
Yeah, we're going to need to wrap this up by the end of this quarter, insert VP name isn't happy with it.
Well, firstly, through staffing us properly, all things are possible, so jot that down. Next, can you just take a big step back and literally fuck your own face?
Now that that's settled, why have a deadline (which was already accelerated in the first place) to just move it up again in the future? Why have dates at all? Why have work hours at all? We should just work until its done like the overtime exempt slaves we are, right?
"We're not going to have the capacity to do all of these in the next quarter, as we barely had capacity for insert other project not related to above this quarter."
Proceeds to try and do it anyways
"Guys,
we're really falling behind here, why isn't it going to schedule?" ("Who do I scapegoat for this?")
# ISE ISE Baby
This client is failing authorization, it should be authorized as they have a business use-case for it, and it needs to be added to the whitelist, so I ask our resident ISE expert to get this added.
crickets
crickets
crickets
I swear he never responds because he is the only person who is allowed to touch ISE and purposefully does his job slowly and never teaches others for job security, which honestly is what I should do, but I'm too well established as the person that knows all at this point.
# The DB Admin who cannot be a wizard (For he cannot spell)
"I'm having issues connecting our SQL monitor into your database, can you check if this is a firewall issue?"
Well, having already created that rule when this project kickoff happened, I doubt it, but I'll take a look.
Shows traffic flowing just fine
Here you go, it's reaching it, can you show me the error?
Something along the lines of failed to connect
"Can we hop on a call to discuss?"
I fucking wish I could say no, but sure. Show me what you're doing with it.
notices that he is completely misspelling the DB name and user account, advises to fix
No, not like that, two r's. No, r then another r. No, it's not Windows authentication, you asked for this to be setup as a local DB user. Yes, I'm sure. You didn't spell the username right. Yes, still two r's.
"Wow, it's working now, thanks for your help!"
Glad I get paid six figures to be a fucking spell checker for a guy who makes more than me.
# Open Source is Scary!
"We'd like to see about supporting the open-source products you use, can you get quotes and setup meetings for these so we can get them supported?"
Sure, I'm all for that. You are actually going to spend the money, right?
Right?
"This really isn't in the budget for this year, so we can't proceed"
Okay, but we don't have a replacement for what I'm doing with these, so I am going to continue using them and encourage my team to keep using them. The code is all in a private GitLab which is also backed up nightly, and so are all the servers for this. We also collectively wasted probably $3,000 in man hours going through these PoCs and meetings with the vendor. Did you at least put it in the budget for next year?
"We really don't have the budget and we're looking to cut costs at this time"
Yeah, when aren't you? Fucking MBAs focusing on quarterly share prices because capitalism is in its inevitable march towards the enshittification of everything.
How's that VMware support renewal working out for you?
Also, we paid $1000 per site for shitty internet managed through our 3rd party, and I've shown you a better and cheaper way to do this, but no, let's cut costs on the things making us more efficient and providing solutions for problems YOU don't have answers to.
Also, I've proven how its cheaper to send our guys out there than to constantly hire contractors, or we could deploy this solution to access our gear remotely since we have locations all over the globe, but yeah, we need to cut costs alright.
Even if you are the one who solves everything, it doesn't mean you get more say, more direction, or more pay. You just get everyone hitting you up at every hour of the day to do things that they could probably figured out if they bothered to learn how to use google.
And if I have one more phone call with my new boss (The same new boss as the number of years I've been working at this shitshow) where I have to listen to him breathe and slowly come to the realization that I'm correct, but still not work to correct the issue, I am going to have my own joker moment (and look forward to receiving my reddit cares notification from this post).
No, I don't want to work through this on a call with you, I can't think and listen to your drivel at the same time.
The only thing I'll miss about this place are the people who have already left, and the one guy who constantly misspells
# ISE ISE Baby
This client is failing authorization, it should be authorized as they have a business use-case for it, and it needs to be added to the whitelist, so I ask our resident ISE expert to get this added.
crickets
crickets
crickets
I swear he never responds because he is the only person who is allowed to touch ISE and purposefully does his job slowly and never teaches others for job security, which honestly is what I should do, but I'm too well established as the person that knows all at this point.
# The DB Admin who cannot be a wizard (For he cannot spell)
"I'm having issues connecting our SQL monitor into your database, can you check if this is a firewall issue?"
Well, having already created that rule when this project kickoff happened, I doubt it, but I'll take a look.
Shows traffic flowing just fine
Here you go, it's reaching it, can you show me the error?
Something along the lines of failed to connect
"Can we hop on a call to discuss?"
I fucking wish I could say no, but sure. Show me what you're doing with it.
notices that he is completely misspelling the DB name and user account, advises to fix
No, not like that, two r's. No, r then another r. No, it's not Windows authentication, you asked for this to be setup as a local DB user. Yes, I'm sure. You didn't spell the username right. Yes, still two r's.
"Wow, it's working now, thanks for your help!"
Glad I get paid six figures to be a fucking spell checker for a guy who makes more than me.
# Open Source is Scary!
"We'd like to see about supporting the open-source products you use, can you get quotes and setup meetings for these so we can get them supported?"
Sure, I'm all for that. You are actually going to spend the money, right?
Right?
"This really isn't in the budget for this year, so we can't proceed"
Okay, but we don't have a replacement for what I'm doing with these, so I am going to continue using them and encourage my team to keep using them. The code is all in a private GitLab which is also backed up nightly, and so are all the servers for this. We also collectively wasted probably $3,000 in man hours going through these PoCs and meetings with the vendor. Did you at least put it in the budget for next year?
"We really don't have the budget and we're looking to cut costs at this time"
Yeah, when aren't you? Fucking MBAs focusing on quarterly share prices because capitalism is in its inevitable march towards the enshittification of everything.
How's that VMware support renewal working out for you?
Also, we paid $1000 per site for shitty internet managed through our 3rd party, and I've shown you a better and cheaper way to do this, but no, let's cut costs on the things making us more efficient and providing solutions for problems YOU don't have answers to.
Also, I've proven how its cheaper to send our guys out there than to constantly hire contractors, or we could deploy this solution to access our gear remotely since we have locations all over the globe, but yeah, we need to cut costs alright.
Even if you are the one who solves everything, it doesn't mean you get more say, more direction, or more pay. You just get everyone hitting you up at every hour of the day to do things that they could probably figured out if they bothered to learn how to use google.
And if I have one more phone call with my new boss (The same new boss as the number of years I've been working at this shitshow) where I have to listen to him breathe and slowly come to the realization that I'm correct, but still not work to correct the issue, I am going to have my own joker moment (and look forward to receiving my reddit cares notification from this post).
No, I don't want to work through this on a call with you, I can't think and listen to your drivel at the same time.
The only thing I'll miss about this place are the people who have already left, and the one guy who constantly misspells
"you're welcome" because he is consistently good with the quality of his work, following directions, and the way he spells that sentence. Maybe it is my welcome after all.
https://redd.it/1nx9z1k
@r_systemadmin
https://redd.it/1nx9z1k
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
Borked one of our test machines in an interesting that seems to require a format
TL;DR - as a final hope I'm wondering if anyone here has a working Snapdragon X Elite device on 24H2 and can zip up and send the
# Full denoscription
So I'm curious to see if there's a way to resolve this one that I haven't thought of.
Windows on ARM device; Galaxy Book 4 Edge. Had one around as a test device to see when they'll be ready to deploy and support.
Forced the 25H2 update on it by mounting the ISO and upgrading. Did this to get the ADMX files to prepare for. Installed and rebooted.
After rebooting, it threw me into the Bitlocker recovery screen. I have the recovery code on AD. Press Windows key to continue, Windows key doesn't work - odd. Rebooted. Nope, Windows key still doesn't work. Weirdly Ctrl Alt Delete reboots as expected though and F8 or F10 flash the screen briefly, but the Windows key? No response.
External keyboard, exact same behavior, including with Ctrl Alt Del and F8 / F10.
Read about
Thought I'd pull the SSD from the laptop and decrypt it on another machine. Turns out the SSD is soldered on so that's not an option.
Thought I'd load up the ISO on Rufus, and set up a Windows to Go image, loading that gets to the Windows loading screen, but then leads to a crash screen saying
That's when it all started to make sense.
The USB drives are all USB 4.0. The keyboard is evidently going through the USB 4.0 bus and not a separate 2.0 one like most others (WTF Samsung).
The keyboard isn't working because the USB 4.0 drivers are simply not being loaded during these recovery screens (WTF Microsoft).
I tried copying the SYSTEM hive on the USB to my computer to try and set that registry key, but I'm not seeing it "HardwareConfig" so I don't think it's an option.
Linux on these Snapdragon laptops and specifically the Galaxy Book 4 Edge is currently unbootable.
I know I can just format, but there have been definitely instances over the years on other PC's at our org where the TPM misbehaves, needing the recovery key during boot, and it seems like with these laptops this means going through a convoluted complete format process involving 2 USBs as well as complete loss of data, which is enough for me to write off the idea of putting these into production for the foreseeable future and is a massive shame.
I don't suppose anyone here has ideas that I haven't thought of to at the very least access the drive to retrieve data (and maybe decrypt it?). The laptop doesn't seem to have any kind of "external hard drive mode" like the Macs do unfortunately. I also don't understand why I'm able to boot into WinPE but not Windows to Go. Like can I import that WinPE USB configuration into Windows to Go somehow?
https://redd.it/1nx8a2u
@r_systemadmin
TL;DR - as a final hope I'm wondering if anyone here has a working Snapdragon X Elite device on 24H2 and can zip up and send the
C:\Windows\System32\manage-bde.exe file and the C:\Windows\System32\en-US folder for me? Can you also actually run it and see if it works (try decrypting or encrypting a drive. If you get "CLASS OBJECT NOT RECOGNISED" then please let me know). # Full denoscription
So I'm curious to see if there's a way to resolve this one that I haven't thought of.
Windows on ARM device; Galaxy Book 4 Edge. Had one around as a test device to see when they'll be ready to deploy and support.
Forced the 25H2 update on it by mounting the ISO and upgrading. Did this to get the ADMX files to prepare for. Installed and rebooted.
After rebooting, it threw me into the Bitlocker recovery screen. I have the recovery code on AD. Press Windows key to continue, Windows key doesn't work - odd. Rebooted. Nope, Windows key still doesn't work. Weirdly Ctrl Alt Delete reboots as expected though and F8 or F10 flash the screen briefly, but the Windows key? No response.
External keyboard, exact same behavior, including with Ctrl Alt Del and F8 / F10.
Read about
manage-bde so I figured make a WinPE image, grab the WIM from Windows on ARM, pull out the manage-bde file and en-US folder and slap in on the WinPE USB, then decrypt the drive. It seems like manage-bde isn't compiled for ARM? I get "CLASS OBJECT NOT RECOGNISED" which looks to be a C++ error relating to not finding the necessary dependencies for the architecture (not a developer so I'm probably talking shit here). Weirdly though I can query the manage-bde with /? and have it say the syntax is incorrect so it's not completely unreadable but... Yeah.Thought I'd pull the SSD from the laptop and decrypt it on another machine. Turns out the SSD is soldered on so that's not an option.
Thought I'd load up the ISO on Rufus, and set up a Windows to Go image, loading that gets to the Windows loading screen, but then leads to a crash screen saying
INACCESSIBLE_BOOT_DEVICE. Further reading lead me to thisThat's when it all started to make sense.
The USB drives are all USB 4.0. The keyboard is evidently going through the USB 4.0 bus and not a separate 2.0 one like most others (WTF Samsung).
The keyboard isn't working because the USB 4.0 drivers are simply not being loaded during these recovery screens (WTF Microsoft).
I tried copying the SYSTEM hive on the USB to my computer to try and set that registry key, but I'm not seeing it "HardwareConfig" so I don't think it's an option.
Linux on these Snapdragon laptops and specifically the Galaxy Book 4 Edge is currently unbootable.
I know I can just format, but there have been definitely instances over the years on other PC's at our org where the TPM misbehaves, needing the recovery key during boot, and it seems like with these laptops this means going through a convoluted complete format process involving 2 USBs as well as complete loss of data, which is enough for me to write off the idea of putting these into production for the foreseeable future and is a massive shame.
I don't suppose anyone here has ideas that I haven't thought of to at the very least access the drive to retrieve data (and maybe decrypt it?). The laptop doesn't seem to have any kind of "external hard drive mode" like the Macs do unfortunately. I also don't understand why I'm able to boot into WinPE but not Windows to Go. Like can I import that WinPE USB configuration into Windows to Go somehow?
https://redd.it/1nx8a2u
@r_systemadmin
Super User
INACCESSIBLE_BOOT_DEVICE in Windows when booting from USB
I have installed Windows on a removable USB drive, but whenever I try to boot from it, it bluescreens with an error code of INACCESSIBLE_BOOT_DEVICE. Why does this happen, and how can I make it boot
Extra income for a network/system administrator?
I'm curious about what the possibilities are in this regard and where is the best place to look for job opportunities and extra income for people involved in network and system administration? Where have you found the best opportunities?
Also im interested what is average salary/hour range today for this kind of job? What are your experiences?
https://redd.it/1nxasiu
@r_systemadmin
I'm curious about what the possibilities are in this regard and where is the best place to look for job opportunities and extra income for people involved in network and system administration? Where have you found the best opportunities?
Also im interested what is average salary/hour range today for this kind of job? What are your experiences?
https://redd.it/1nxasiu
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
How do you organize your personal How-To’s, bookmarks, and notes?
I’m curious how you guys keep your own technical notes, how-to’s, and small reminders organized. I don’t mean client documentation or project docs — I mean the stuff that’s only useful for you: those little commands, tips, and references you don’t want to forget.
Right now, my setup is kind of a mess. I’ve got a mix of OneDrive, iCloud, Firefox bookmarks, open tabs, Apple Notes, screenshots, and random files saved “just for later.” There’s a ton of valuable info in there, but it’s all over the place and I can’t find anything when I actually need it.
How do you handle that? Do you use tools like Obsidian, OneNote, Bookstack, or just plain folders and naming conventions? Did you build a system for yourself, or did it just evolve naturally over time?
I’d really like to bring some structure into all of this and make my personal knowledge base something I can actually use.
https://redd.it/1nxpwzg
@r_systemadmin
I’m curious how you guys keep your own technical notes, how-to’s, and small reminders organized. I don’t mean client documentation or project docs — I mean the stuff that’s only useful for you: those little commands, tips, and references you don’t want to forget.
Right now, my setup is kind of a mess. I’ve got a mix of OneDrive, iCloud, Firefox bookmarks, open tabs, Apple Notes, screenshots, and random files saved “just for later.” There’s a ton of valuable info in there, but it’s all over the place and I can’t find anything when I actually need it.
How do you handle that? Do you use tools like Obsidian, OneNote, Bookstack, or just plain folders and naming conventions? Did you build a system for yourself, or did it just evolve naturally over time?
I’d really like to bring some structure into all of this and make my personal knowledge base something I can actually use.
https://redd.it/1nxpwzg
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
I am looking for arguments to get good ITSM, CMDB, RMM at my new job because my colleagues has no knowledge about.
I got a new job. The sysadmin managed computers alone for 3 years. He did everything to do
He doesn't give a damn about computer security. He prefers to take an obsolete computer without spare parts and turn it into a critical application server. He doesn't use Ldap or Active Directory. Users are just entered in an Excel file. The only thing he's interested in is making Python noscripts.He managed the computer system alone for 3 years. He did everything and set everything up to do as little as possible. And he manages the Windows computer system as if they were Linux computers using SSH access and raising the execution level to launch PowerShell noscripts. There is DHCP but he assigns fixed IP addresses without registering them in the DHCP.
He tinkers and tells nonsense so that the boss and users believe that he masters the IT infrastructure. He has never done any technology monitoring. He did not know GLPI and did not know how to use it. He is convinced that domain controllers are made to deploy software over the network.
I don't know how to argue for something better.
Honestly I lost all of my motivation. That guy has a really weird to do the job.
https://redd.it/1nxso2s
@r_systemadmin
I got a new job. The sysadmin managed computers alone for 3 years. He did everything to do
He doesn't give a damn about computer security. He prefers to take an obsolete computer without spare parts and turn it into a critical application server. He doesn't use Ldap or Active Directory. Users are just entered in an Excel file. The only thing he's interested in is making Python noscripts.He managed the computer system alone for 3 years. He did everything and set everything up to do as little as possible. And he manages the Windows computer system as if they were Linux computers using SSH access and raising the execution level to launch PowerShell noscripts. There is DHCP but he assigns fixed IP addresses without registering them in the DHCP.
He tinkers and tells nonsense so that the boss and users believe that he masters the IT infrastructure. He has never done any technology monitoring. He did not know GLPI and did not know how to use it. He is convinced that domain controllers are made to deploy software over the network.
I don't know how to argue for something better.
Honestly I lost all of my motivation. That guy has a really weird to do the job.
https://redd.it/1nxso2s
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
Pushing Windows Feature Updates
With the EOL for 23H2 around the corner, what are you doing to push out 24H2? I know this isn't a technical support forum, but I have to believe some of you have a good system for applying feature updates. Maybe Intune alone works for you, maybe you're using a deployment mechanism - whatever works, I want to hear about it because I do not want to manually update. TIA
Some background:
I can't seem to find a way that works. Intune, Powershell, GPO...
I've read that the main problem with feature updates is getting the 'commit' action to occur after installing them via noscript. This is what happens when I try to install it via powershell. Everything looks like it happens correctly, but then it hangs in an 'in progress' state. If I manually update the workstation using the windows updates control panel, it quickly progresses from download to installing to reboot in 30 seconds or less, so it's clear something happened with my noscript- but the final step is just not happening for some reason when I use a simple line like:
Get-WindowsUpdate -Install -AcceptAll -AutoReboot
I'm using group policy and Intune to define the target version. I've tried various PS commands including using PS-WindowsUpdate, the windows11installer, installing just the specific kb, doing all of these as system or as an elevated user...no dice.
https://redd.it/1nxuc3h
@r_systemadmin
With the EOL for 23H2 around the corner, what are you doing to push out 24H2? I know this isn't a technical support forum, but I have to believe some of you have a good system for applying feature updates. Maybe Intune alone works for you, maybe you're using a deployment mechanism - whatever works, I want to hear about it because I do not want to manually update. TIA
Some background:
I can't seem to find a way that works. Intune, Powershell, GPO...
I've read that the main problem with feature updates is getting the 'commit' action to occur after installing them via noscript. This is what happens when I try to install it via powershell. Everything looks like it happens correctly, but then it hangs in an 'in progress' state. If I manually update the workstation using the windows updates control panel, it quickly progresses from download to installing to reboot in 30 seconds or less, so it's clear something happened with my noscript- but the final step is just not happening for some reason when I use a simple line like:
Get-WindowsUpdate -Install -AcceptAll -AutoReboot
I'm using group policy and Intune to define the target version. I've tried various PS commands including using PS-WindowsUpdate, the windows11installer, installing just the specific kb, doing all of these as system or as an elevated user...no dice.
https://redd.it/1nxuc3h
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
Affordable DNS Filtering providers compared to OpenDNS
We are currently using OpenDNS (which was purchased by Cisco a while ago). Our account was the original Free tier Open DNS account which only allows for like 40 exceptions. Lately Open DNS has been flaky for one of the domains in the exceptions list and I have occasionally seen the domain resolve to an opendns block server as opposed to its actual destination and then a few minutes later flip again. I do feel Opendns has provided a reasonable amount of protection over the years however there is almost no flexibility in regard to troubleshooting advanced issues like this. Right now OpenDNS costs us nothing and i'm wondering if anyone here has made the switch to the cisco paid solution and what the cost is or another provider that provides reasonable protection. All of our Computers are pointed to our onsite DNS Servers which are pointed at OpenDNS if that matters.
https://redd.it/1nxuun1
@r_systemadmin
We are currently using OpenDNS (which was purchased by Cisco a while ago). Our account was the original Free tier Open DNS account which only allows for like 40 exceptions. Lately Open DNS has been flaky for one of the domains in the exceptions list and I have occasionally seen the domain resolve to an opendns block server as opposed to its actual destination and then a few minutes later flip again. I do feel Opendns has provided a reasonable amount of protection over the years however there is almost no flexibility in regard to troubleshooting advanced issues like this. Right now OpenDNS costs us nothing and i'm wondering if anyone here has made the switch to the cisco paid solution and what the cost is or another provider that provides reasonable protection. All of our Computers are pointed to our onsite DNS Servers which are pointed at OpenDNS if that matters.
https://redd.it/1nxuun1
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
I feel finally feel like a real sysadmin
I don't really have anyone to share this with but I just finished a migration of all our infrastructure from Hyper V to Proxmox with 0 issues everything is working and tested. Feels pretty surreal I genuinely shit myself when I was tasked with the migration I also done it on my own, I need to credit my boss for just leaving me to it, as previous bosses didn't show as much faith in my abilities.
I've been in IT for a decade and the last 5 years is when I started really coming away from the churn of tickets and making a forward path in my career, I get it though it's hard and company dynamics can really fuck up your career path especially the bullshit politics. I have had to make the leap to a new job a few times and urge anyone that isn't getting what they want if that's pay or equally the type work you are tasked with isn't giving you fulfilment PLEASE don't do a disservice to yourself go get what you DESERVE!
#DON'T GIVE UP ON YOURSELF
For anyone out there if you don't feel nervous you simply aren't going out of your comfort zone, remember to grow you 100% will feel out of place and yes it is normal to doubt yourself and feel like a total imposter I still regularly do!
If I could only go back and speak to myself when I was doing my first ever IT ticket ( was an AD Unlock haha! was absolutely terrified haha) and show myself what I would be tasked with and achieved I wouldn't have believed it.
Also please share your biggest wins/ achievements below I want to read them while I am enjoying a cigar and whisky tonight!
One Love!
https://redd.it/1nxx3ep
@r_systemadmin
I don't really have anyone to share this with but I just finished a migration of all our infrastructure from Hyper V to Proxmox with 0 issues everything is working and tested. Feels pretty surreal I genuinely shit myself when I was tasked with the migration I also done it on my own, I need to credit my boss for just leaving me to it, as previous bosses didn't show as much faith in my abilities.
I've been in IT for a decade and the last 5 years is when I started really coming away from the churn of tickets and making a forward path in my career, I get it though it's hard and company dynamics can really fuck up your career path especially the bullshit politics. I have had to make the leap to a new job a few times and urge anyone that isn't getting what they want if that's pay or equally the type work you are tasked with isn't giving you fulfilment PLEASE don't do a disservice to yourself go get what you DESERVE!
#DON'T GIVE UP ON YOURSELF
For anyone out there if you don't feel nervous you simply aren't going out of your comfort zone, remember to grow you 100% will feel out of place and yes it is normal to doubt yourself and feel like a total imposter I still regularly do!
If I could only go back and speak to myself when I was doing my first ever IT ticket ( was an AD Unlock haha! was absolutely terrified haha) and show myself what I would be tasked with and achieved I wouldn't have believed it.
Also please share your biggest wins/ achievements below I want to read them while I am enjoying a cigar and whisky tonight!
One Love!
https://redd.it/1nxx3ep
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
Directive to move away from Microsoft
Hey everyone,
I’m currently planning to move away from Microsoft’s ecosystem and I’m looking for advice on the best way to replace Microsoft Entra (Azure AD).
Here’s my setup:
On-prem Active Directory (hybrid setup)
Entra ID is currently used for user provisioning, SSO, and app integrations (around 300+ apps).
Microsoft 365 (email, Teams, SharePoint, etc.) is being replaced with Lark/Feishu — that transition has already started.
Now I’m trying to figure out what’s the best way to replace Entra ID and other related Microsoft services — ideally something that can:
Integrate with my existing on-prem AD
Handle SSO and provisioning for SaaS apps
Provide conditional access or similar access control features
Offer an overall smooth migration path
Reason for the change:
The company is moving away from US-based products and prefers using China-owned or non-US solutions where possible.
Would really appreciate recommendations from anyone who’s done something similar — what solutions are you using for identity, security, and endpoint management after moving away from Microsoft?
Thanks in advance!
https://redd.it/1nxz3zv
@r_systemadmin
Hey everyone,
I’m currently planning to move away from Microsoft’s ecosystem and I’m looking for advice on the best way to replace Microsoft Entra (Azure AD).
Here’s my setup:
On-prem Active Directory (hybrid setup)
Entra ID is currently used for user provisioning, SSO, and app integrations (around 300+ apps).
Microsoft 365 (email, Teams, SharePoint, etc.) is being replaced with Lark/Feishu — that transition has already started.
Now I’m trying to figure out what’s the best way to replace Entra ID and other related Microsoft services — ideally something that can:
Integrate with my existing on-prem AD
Handle SSO and provisioning for SaaS apps
Provide conditional access or similar access control features
Offer an overall smooth migration path
Reason for the change:
The company is moving away from US-based products and prefers using China-owned or non-US solutions where possible.
Would really appreciate recommendations from anyone who’s done something similar — what solutions are you using for identity, security, and endpoint management after moving away from Microsoft?
Thanks in advance!
https://redd.it/1nxz3zv
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
Full time offshore consultants
Hello,
My small (500 ppl) company is hiring a handfull of full time offshore consultants. Their agency will be providing the PCs. The company’s goal is for them to look like any other employee and they will need access to our network (probably just VPN client) and want them to be easily able to use teams chat, legacy file shares and other office collaboration with us. They mostly sit in the same office at their offshore company’s location, remote work may be occasional as well. I am not sure if the IT support from the consulting company is local or remote.
I am thinking that if at all possible I should push to have my orgs AV/XDR solution installed onto their machines, although I’m not yet sure if that is on the table (meeting next week). If I can then I am thinking we’ll be ok to join the PCs to our domain. And that I will provide them our office 365 licensing. I also could see us installing our MDM/remote access tool in addition to theirs (assuming they have one) as long as we are both not patching the endpoints.
Anyone with this experience can offer their advice? Has the consulting company ever outright refused your security stack? Technically they could work without joining the domain but it would make things more annoying/complicted. Without our security stack I would really have to lock down their VPN access a lot, yes I know something that should be done anyway, but not where we currently are. They can also technically chat and share between companies in office 365 but it’s far from perfect.
We are a very small IT team and I have the final say on everything IT and security. Thanks.
https://redd.it/1ny28t6
@r_systemadmin
Hello,
My small (500 ppl) company is hiring a handfull of full time offshore consultants. Their agency will be providing the PCs. The company’s goal is for them to look like any other employee and they will need access to our network (probably just VPN client) and want them to be easily able to use teams chat, legacy file shares and other office collaboration with us. They mostly sit in the same office at their offshore company’s location, remote work may be occasional as well. I am not sure if the IT support from the consulting company is local or remote.
I am thinking that if at all possible I should push to have my orgs AV/XDR solution installed onto their machines, although I’m not yet sure if that is on the table (meeting next week). If I can then I am thinking we’ll be ok to join the PCs to our domain. And that I will provide them our office 365 licensing. I also could see us installing our MDM/remote access tool in addition to theirs (assuming they have one) as long as we are both not patching the endpoints.
Anyone with this experience can offer their advice? Has the consulting company ever outright refused your security stack? Technically they could work without joining the domain but it would make things more annoying/complicted. Without our security stack I would really have to lock down their VPN access a lot, yes I know something that should be done anyway, but not where we currently are. They can also technically chat and share between companies in office 365 but it’s far from perfect.
We are a very small IT team and I have the final say on everything IT and security. Thanks.
https://redd.it/1ny28t6
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
Would you ask in a Sysadmin interview on how to create forests Trusts?
Ive seen people ask about what are forests, forests trusts, etc. But is this a common question?
https://redd.it/1ny229f
@r_systemadmin
Ive seen people ask about what are forests, forests trusts, etc. But is this a common question?
https://redd.it/1ny229f
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
Next Steps after Endpoint Engineer
Hey everyone!
I’m looking for some advice from those who are or were Endpoint Engineers — where did you go from here?
A bit about me: I’ve been working as an Endpoint Engineer for about 4 years, with 10 total years in IT (starting at helpdesk and working my way up). I specialize in Microsoft Intune and SCCM, and we recently adopted the NinjaOne platform, which I’ve been exploring. I’m also the final escalation point for help desk and desktop support issues.
In my downtime, I create PowerShell automation noscripts to improve processes and remediate recurring issues. I’ve automated a lot of my day-to-day tasks already. With AI becoming more prominent, I’m trying to figure out the best next step in my career.
Any advice or insight would be greatly appreciated!
Thanks!
https://redd.it/1ny4cgv
@r_systemadmin
Hey everyone!
I’m looking for some advice from those who are or were Endpoint Engineers — where did you go from here?
A bit about me: I’ve been working as an Endpoint Engineer for about 4 years, with 10 total years in IT (starting at helpdesk and working my way up). I specialize in Microsoft Intune and SCCM, and we recently adopted the NinjaOne platform, which I’ve been exploring. I’m also the final escalation point for help desk and desktop support issues.
In my downtime, I create PowerShell automation noscripts to improve processes and remediate recurring issues. I’ve automated a lot of my day-to-day tasks already. With AI becoming more prominent, I’m trying to figure out the best next step in my career.
Any advice or insight would be greatly appreciated!
Thanks!
https://redd.it/1ny4cgv
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
Any servicenow sys admins here?
My company is planning to get SN and I'm curious if it's worth actually learning on my free time or should I just learn as I go?
Do you guys have any SN sys admins and what does your day to day look like?
https://redd.it/1ny7z6c
@r_systemadmin
My company is planning to get SN and I'm curious if it's worth actually learning on my free time or should I just learn as I go?
Do you guys have any SN sys admins and what does your day to day look like?
https://redd.it/1ny7z6c
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
New job
Got a new job, about 3 weeks in right now, Microsoft environment (on prem & SCCM for management). Looking for advice and quick tips for software center (end user troubleshooting) and 24h2 upgrade troubleshooting to get this to function. I come from a heavy Apple background
https://redd.it/1nyariw
@r_systemadmin
Got a new job, about 3 weeks in right now, Microsoft environment (on prem & SCCM for management). Looking for advice and quick tips for software center (end user troubleshooting) and 24h2 upgrade troubleshooting to get this to function. I come from a heavy Apple background
https://redd.it/1nyariw
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
Looking for advice on sourcing affordable or donated networking equipment for students
Hey everyone,
I’m a new networking instructor at a small school, and I’m trying to build up our lab so students can get hands-on experience. Unfortunately, our budget for hardware is pretty limited, and I want to give them more than just virtual labs.
I’m looking for suggestions on where to find used, surplus, or donated networking gear like old switches, routers, cables, or rack equipment that still has some life left in it. I’ve checked eBay and a few government surplus sites, but I figured this community might know of better options or organizations that help schools get equipment.
If anyone here has been in a similar situation or knows of companies or programs that support educational setups, I’d really appreciate any pointers.
Thanks in advance for taking the time to read this. I’m just trying to give my students the best chance to learn the practical side of networking.
- A hopeful instructor
https://redd.it/1nyarm9
@r_systemadmin
Hey everyone,
I’m a new networking instructor at a small school, and I’m trying to build up our lab so students can get hands-on experience. Unfortunately, our budget for hardware is pretty limited, and I want to give them more than just virtual labs.
I’m looking for suggestions on where to find used, surplus, or donated networking gear like old switches, routers, cables, or rack equipment that still has some life left in it. I’ve checked eBay and a few government surplus sites, but I figured this community might know of better options or organizations that help schools get equipment.
If anyone here has been in a similar situation or knows of companies or programs that support educational setups, I’d really appreciate any pointers.
Thanks in advance for taking the time to read this. I’m just trying to give my students the best chance to learn the practical side of networking.
- A hopeful instructor
https://redd.it/1nyarm9
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
Windows 10 to 11 Upgrade via GPO
TLDR: Is it possible to upgrade from Windows 10 to 11 directly via GPO?
Hey all,
I'm currently working on getting our last few Windows 10 laptops in-place upgraded to 11 for some fully remote users.
Currently, we are asking users to perform the upgrade themselves, and with the exception of a few devices not being compatible, it's worked out alright.
To clarify, while we have a kinda sorta MDM, it doesn't perform OS upgrades. Neither do we have Intune or similar infrastructure/tools to automatically provide the updates. Additionally, we don't have a domain or any sort on on-prem resources that are traditionally found in a typical business environment.
While thinking about this further, especially since the deadline is fast approaching, I tried updating to 11 via GPO on a test machine and it seemed to work fine. Next I'll try remotely pushing the GPO via our ITAM system.
Has anyone else upgraded to 11 this way? Are there any gotchas that could prevent this from working?
https://redd.it/1nyeapk
@r_systemadmin
TLDR: Is it possible to upgrade from Windows 10 to 11 directly via GPO?
Hey all,
I'm currently working on getting our last few Windows 10 laptops in-place upgraded to 11 for some fully remote users.
Currently, we are asking users to perform the upgrade themselves, and with the exception of a few devices not being compatible, it's worked out alright.
To clarify, while we have a kinda sorta MDM, it doesn't perform OS upgrades. Neither do we have Intune or similar infrastructure/tools to automatically provide the updates. Additionally, we don't have a domain or any sort on on-prem resources that are traditionally found in a typical business environment.
While thinking about this further, especially since the deadline is fast approaching, I tried updating to 11 via GPO on a test machine and it seemed to work fine. Next I'll try remotely pushing the GPO via our ITAM system.
Has anyone else upgraded to 11 this way? Are there any gotchas that could prevent this from working?
https://redd.it/1nyeapk
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
a ticketing system that isn’t a pain to use daily
hi everyone, so every help desk tool I’ve tried feels like it was designed in 2005 and i am currently stuck between Jira Service Management and Freshservice, but both feel so bloated for what my team mates actually need. half my team just ends up DM’ing issues on slack anyway, and im over here trying to keep track of random tickets, half-filled forms, and email threads from 3 weeks ago haha💀
we are a mid-size team (around 300 ppl), so something super enterprisey is overkill, but I still need proper automation + integrations with our stack (Slack, Google Workspace, etc).
does anyone here actually likes their ITSM / internal help desk setup? also would love to hear what’s working for everyone who has one or if there’s a more modern tool I should check out thanks in advance peeps
https://redd.it/1nygtqq
@r_systemadmin
hi everyone, so every help desk tool I’ve tried feels like it was designed in 2005 and i am currently stuck between Jira Service Management and Freshservice, but both feel so bloated for what my team mates actually need. half my team just ends up DM’ing issues on slack anyway, and im over here trying to keep track of random tickets, half-filled forms, and email threads from 3 weeks ago haha💀
we are a mid-size team (around 300 ppl), so something super enterprisey is overkill, but I still need proper automation + integrations with our stack (Slack, Google Workspace, etc).
does anyone here actually likes their ITSM / internal help desk setup? also would love to hear what’s working for everyone who has one or if there’s a more modern tool I should check out thanks in advance peeps
https://redd.it/1nygtqq
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
How does IT typically handle a mass layoff?
Few months ago we had a round of mass layoff that pretty much caught everyone by surprise. One random morning all of us got pulled into a pre-recorded “meeting” with the CEO, who announced the layoff. Immediately after the meeting everyone received an email which either says you’re fired or you’re not affected, and by the end of the day those laid off were already removed from all our systems.
According to some of my sources there’s gonna be another round of layoff coming very soon, and it kinda got me curious: From a sysadmin standpoint, how are mass layoffs (and subsequent mass offboarding) typically done and how much time is needed for the planning and coordination? Also are there any places where I can find “clues” about who’s affected (e.g., Active Directory, distribution groups, etc)?
https://redd.it/1nyhu8p
@r_systemadmin
Few months ago we had a round of mass layoff that pretty much caught everyone by surprise. One random morning all of us got pulled into a pre-recorded “meeting” with the CEO, who announced the layoff. Immediately after the meeting everyone received an email which either says you’re fired or you’re not affected, and by the end of the day those laid off were already removed from all our systems.
According to some of my sources there’s gonna be another round of layoff coming very soon, and it kinda got me curious: From a sysadmin standpoint, how are mass layoffs (and subsequent mass offboarding) typically done and how much time is needed for the planning and coordination? Also are there any places where I can find “clues” about who’s affected (e.g., Active Directory, distribution groups, etc)?
https://redd.it/1nyhu8p
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community