RDS - is there a future or no?
Trying this again; looking for opinions on the viability of remote access systems like RDS / Citrix for the future. I'm a big fan of the technology and I believe that it's the future but due to lack of support from microsoft and the push towards technologies like 365.
To add more detail I mean as a primary access system rather than a one off used to grant access to 32 bit systems.
Just looking for opinions - do you see RDS as a viable technology going forward?
https://redd.it/1nzqkgq
@r_systemadmin
Trying this again; looking for opinions on the viability of remote access systems like RDS / Citrix for the future. I'm a big fan of the technology and I believe that it's the future but due to lack of support from microsoft and the push towards technologies like 365.
To add more detail I mean as a primary access system rather than a one off used to grant access to 32 bit systems.
Just looking for opinions - do you see RDS as a viable technology going forward?
https://redd.it/1nzqkgq
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
Do you guys have Credential Guard turned on?
I haven't had any problems with Intune, so it does interest me. Can someone persuade me why I need an extra container to save my passwords and secrets? The configuration doesn't seem worth it, but I'm not really seeing the value in virtualization-based security, or VBS as they call it.
https://redd.it/1nzue3q
@r_systemadmin
I haven't had any problems with Intune, so it does interest me. Can someone persuade me why I need an extra container to save my passwords and secrets? The configuration doesn't seem worth it, but I'm not really seeing the value in virtualization-based security, or VBS as they call it.
https://redd.it/1nzue3q
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
Dumbest "Portable Monitor" for meetings
Hey folks. I'm stumped on trying to find a clean solution to this problem.
I have a general manager who is itching for a dumbed down solution to duplicate a monitor on a portable screen. He is insistent on standing in the furthest corner away from our 85" TV in the boardroom and frustrated that he cannot read the financials.
Without looking at purchasing a permanent second monitor/TV or to run an app-enabled screen - what are any ideas to give this GM the ability to have a personalized monitor to watch through a presentation?
My only idea is to run a portable monitor with a wireless HDMI dongle, but that's still cables galore that needs to be managed. Hoping maybe someone has done something as stupid as this.
https://redd.it/1nzx4f8
@r_systemadmin
Hey folks. I'm stumped on trying to find a clean solution to this problem.
I have a general manager who is itching for a dumbed down solution to duplicate a monitor on a portable screen. He is insistent on standing in the furthest corner away from our 85" TV in the boardroom and frustrated that he cannot read the financials.
Without looking at purchasing a permanent second monitor/TV or to run an app-enabled screen - what are any ideas to give this GM the ability to have a personalized monitor to watch through a presentation?
My only idea is to run a portable monitor with a wireless HDMI dongle, but that's still cables galore that needs to be managed. Hoping maybe someone has done something as stupid as this.
https://redd.it/1nzx4f8
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
Microsoft killing more methods that allow local account creation during W11 oobe
https://www.windowscentral.com/microsoft/windows-11/microsoft-triples-down-and-blocks-even-more-microsoft-account-bypasses-on-windows-11-an-online-account-is-non-negotiable
>"We are removing known mechanisms for creating a local account in the Windows Setup experience (OOBE). While these mechanisms were often used to bypass Microsoft account setup, they also inadvertently skip critical setup screens, potentially causing users to exit OOBE with a device that is not fully configured for use. Users will need to complete OOBE with internet and a Microsoft account, to ensure device is setup correctly."
Gotta trap people in the MS OneDrive ecosystem
https://redd.it/1o01y1m
@r_systemadmin
https://www.windowscentral.com/microsoft/windows-11/microsoft-triples-down-and-blocks-even-more-microsoft-account-bypasses-on-windows-11-an-online-account-is-non-negotiable
>"We are removing known mechanisms for creating a local account in the Windows Setup experience (OOBE). While these mechanisms were often used to bypass Microsoft account setup, they also inadvertently skip critical setup screens, potentially causing users to exit OOBE with a device that is not fully configured for use. Users will need to complete OOBE with internet and a Microsoft account, to ensure device is setup correctly."
Gotta trap people in the MS OneDrive ecosystem
https://redd.it/1o01y1m
@r_systemadmin
Windows Central
From loopholes to lockdown: Microsoft’s latest move makes online accounts mandatory in Windows 11
The latest update makes online accounts mandatory, raising questions about privacy, convenience, and control.
It is 2025. Is there a viable alternative for Microsoft Visio yet?
Last time I asked this question I got lots of responses like "draw.io" and "libre draw" and other things, but they all seemed to be crippled in some way.
I'm trying to get off of Windows, but Visio is the "killer app" I can't get away from.
The key features that I need:
- stencils. The program must import and use stencils without butchering them. This means line sizes and segments need to render correctly, clip points and other things must work correctly. It simply needs to import and treat stencils the same way Visio does.
- Data import from some kind of data source tied to stencils. I need to be able to import a CSV or some other kind of columnar data set and instantiate 20 instances of a shape and have that shape fill in variable text fields. I say 20 here, but I regularly need to import 10-500 items from a spreadsheet and populate shapes with text field variables.
- Page sizes and drawing scales. I don't know why this is even difficult, but I need to be able to create scaled drawings that match typical architectural layouts for accurate measurements of room layouts, etc... I need to be able to make a "1:120" drawing on 36x44" plotter paper and when I measure "1 inch" on the paper it should accurately represent "120 inches" (10 feet) in the real world.
I would have thought this set of features would be table stakes for a drawing/drafting program, but it seems to not be.
Anyway, I'm looking to find a drawing program that is a tool for professional network admin / sysadmin types that produces professional feeling documents/PDFs and runs well on Linux.
Alternatively, a way to run Visio well and with hardware acceleration on Linux. Last time I tried to setup Ubuntu with WINE it just wasn't ready, or I couldn't figure out how to make it work without either running slower than molasses or completely butchering the UI.
Edit: I'm going to post a running review log of my experience with each thing I've been suggested here. These are not exhaustive reviews; If I find a showstopper with a program I'm going to post why it sucks and then move on to the next one:
1) LucidChart. This one failed quickly, upon trying to import stencils. The import process seems to convert the vector data of the stencil into a rendered image and instantly looses image fidelity.
Example: https://i.imgur.com/PlDCHNp.png
2) app.diagrams.net. There does not appear to be any method of setting a document scale. I am able to make a custom page size (for example 44x34 inches), but I am not able to indicate "portrait" or "landscape" print layout; this means I would have to literally ... i guess... draw the entire diagram sideways? or export to PDF then rotate the PDF 90 degrees for printing? anyway, this one failed as well.
3) Omnigraffle... fails for the same reason as the original post. I am trying to get off of Windows... I also don't want to be on OSX. I want to be on native linux.
4) Mirmaid Diagram : not yet tested.
5) Ice Panel: not yet tested
6) Miro: not yet tested
7) Visio as a web application: barf.
https://redd.it/1o02ts5
@r_systemadmin
Last time I asked this question I got lots of responses like "draw.io" and "libre draw" and other things, but they all seemed to be crippled in some way.
I'm trying to get off of Windows, but Visio is the "killer app" I can't get away from.
The key features that I need:
- stencils. The program must import and use stencils without butchering them. This means line sizes and segments need to render correctly, clip points and other things must work correctly. It simply needs to import and treat stencils the same way Visio does.
- Data import from some kind of data source tied to stencils. I need to be able to import a CSV or some other kind of columnar data set and instantiate 20 instances of a shape and have that shape fill in variable text fields. I say 20 here, but I regularly need to import 10-500 items from a spreadsheet and populate shapes with text field variables.
- Page sizes and drawing scales. I don't know why this is even difficult, but I need to be able to create scaled drawings that match typical architectural layouts for accurate measurements of room layouts, etc... I need to be able to make a "1:120" drawing on 36x44" plotter paper and when I measure "1 inch" on the paper it should accurately represent "120 inches" (10 feet) in the real world.
I would have thought this set of features would be table stakes for a drawing/drafting program, but it seems to not be.
Anyway, I'm looking to find a drawing program that is a tool for professional network admin / sysadmin types that produces professional feeling documents/PDFs and runs well on Linux.
Alternatively, a way to run Visio well and with hardware acceleration on Linux. Last time I tried to setup Ubuntu with WINE it just wasn't ready, or I couldn't figure out how to make it work without either running slower than molasses or completely butchering the UI.
Edit: I'm going to post a running review log of my experience with each thing I've been suggested here. These are not exhaustive reviews; If I find a showstopper with a program I'm going to post why it sucks and then move on to the next one:
1) LucidChart. This one failed quickly, upon trying to import stencils. The import process seems to convert the vector data of the stencil into a rendered image and instantly looses image fidelity.
Example: https://i.imgur.com/PlDCHNp.png
2) app.diagrams.net. There does not appear to be any method of setting a document scale. I am able to make a custom page size (for example 44x34 inches), but I am not able to indicate "portrait" or "landscape" print layout; this means I would have to literally ... i guess... draw the entire diagram sideways? or export to PDF then rotate the PDF 90 degrees for printing? anyway, this one failed as well.
3) Omnigraffle... fails for the same reason as the original post. I am trying to get off of Windows... I also don't want to be on OSX. I want to be on native linux.
4) Mirmaid Diagram : not yet tested.
5) Ice Panel: not yet tested
6) Miro: not yet tested
7) Visio as a web application: barf.
https://redd.it/1o02ts5
@r_systemadmin
Why does every IT firm seem to push O365 instead of Google Workspace + MDM?
I work at a small company that has recently grown past my ability to administer basic IT on the side. I’ve been shopping around for a firm (in the US) to help administer G Workspace and setup a third party MDM, and it seems impossible to find a firm that will even support such a stack.
Is this legacy habit at play or does something about O365 make it easier to administer multiple companies as an IT services firm?
Is there another cause?
https://redd.it/1o04h2k
@r_systemadmin
I work at a small company that has recently grown past my ability to administer basic IT on the side. I’ve been shopping around for a firm (in the US) to help administer G Workspace and setup a third party MDM, and it seems impossible to find a firm that will even support such a stack.
Is this legacy habit at play or does something about O365 make it easier to administer multiple companies as an IT services firm?
Is there another cause?
https://redd.it/1o04h2k
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
Has your company adopted ”AI” in a way that has provided either cost savings or profit yet?
AI here AI there.
This is something I keep hearing about that companies are obsessing over, but I have yet to see my company adopt it in any shape besides copilot when opening up o365 on the web. They do have a group tasked with this and it is work in progress.
Have your company brought anything of value in terms of AI yet?
https://redd.it/1o060sh
@r_systemadmin
AI here AI there.
This is something I keep hearing about that companies are obsessing over, but I have yet to see my company adopt it in any shape besides copilot when opening up o365 on the web. They do have a group tasked with this and it is work in progress.
Have your company brought anything of value in terms of AI yet?
https://redd.it/1o060sh
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
Cyber security as a lone admin
I think I'm doing everything right but as I'm self taught (aka make it up as I go along) can anyone recommend any sites, books, videos, checklists etc for a fully Microsoft environment?
I'm on a shoe string budget so free / cheap resources would be appreciated.
https://redd.it/1o09zz6
@r_systemadmin
I think I'm doing everything right but as I'm self taught (aka make it up as I go along) can anyone recommend any sites, books, videos, checklists etc for a fully Microsoft environment?
I'm on a shoe string budget so free / cheap resources would be appreciated.
https://redd.it/1o09zz6
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
Rant about our predecessors
The Sysadmin before I took over the job earlier this year was always super paranoid about cybersecurity. While we should always be aware, he was paranoid to the point of making the entire company change their passwords and running a full AV scan on the entire network every time one little thing went wrong with his PC, even if he was to blame.
Program crashed? Change passwords, run a scan.
PC automatically rebooted because of updates? reset passwords company wide, run a scan.
A website glitched and "doesn't look right"? reset passwords, run a scan.
He rebooted the PC and it took one minute longer to come back up? reset passwords, run a scan.
(I'm not kidding on any of these)
He went so far as to convince the owner to hire someone to do a full cybersecurity/vulnerability scan and pentest on the network and then spent weeks combing through the results and tweaking GPO's PC and Firewall settings to lock everything down.
So, imagine my surprise when yesterday, I was hunting down a firewall issue with our FortiGate, trying to get a VLAN access to a specific site and service and I was looking for DHCP logs and stumbled into the System Events page for the last 24 hours.
|Top Event|Level|Count|
|:-|:-|:-|
|Admin Login failed|Alert|25,244|
|Admin login disabled|Alert|2,643|
<insert "that's a lot of damage" meme>
Turns out, the HTTP and HTTPS access has been enabled on our external WAN interfaces this entire time. I looked at my first config backups back in March and the setting was there, so way before my time.
Luckily, no successful logins from the outside, but still......sigh.
https://redd.it/1o0c32q
@r_systemadmin
The Sysadmin before I took over the job earlier this year was always super paranoid about cybersecurity. While we should always be aware, he was paranoid to the point of making the entire company change their passwords and running a full AV scan on the entire network every time one little thing went wrong with his PC, even if he was to blame.
Program crashed? Change passwords, run a scan.
PC automatically rebooted because of updates? reset passwords company wide, run a scan.
A website glitched and "doesn't look right"? reset passwords, run a scan.
He rebooted the PC and it took one minute longer to come back up? reset passwords, run a scan.
(I'm not kidding on any of these)
He went so far as to convince the owner to hire someone to do a full cybersecurity/vulnerability scan and pentest on the network and then spent weeks combing through the results and tweaking GPO's PC and Firewall settings to lock everything down.
So, imagine my surprise when yesterday, I was hunting down a firewall issue with our FortiGate, trying to get a VLAN access to a specific site and service and I was looking for DHCP logs and stumbled into the System Events page for the last 24 hours.
|Top Event|Level|Count|
|:-|:-|:-|
|Admin Login failed|Alert|25,244|
|Admin login disabled|Alert|2,643|
<insert "that's a lot of damage" meme>
Turns out, the HTTP and HTTPS access has been enabled on our external WAN interfaces this entire time. I looked at my first config backups back in March and the setting was there, so way before my time.
Luckily, no successful logins from the outside, but still......sigh.
https://redd.it/1o0c32q
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
7 days into my new job and i want to quit
Just a rant to this dear community. As you can see from the noscript, here’s the deal: I started at a new software development company as a Senior IT Ops / DevOps Engineer, supposed to take care of the infrastructure with a team of about 10 people. The company has around 10 products, focusing on healthcare institutions and providers.But on my first day, nobody sent me any onboarding sessions or even contacted me. They just gave me a notebook with login credentials, and in there I could find a welcome mail and a default onboarding slot from the COO with all the newcomers.I proceeded to ping what was supposed to be my team lead, and he talked to me for 20 minutes, explaining the setup very poorly and just giving me the link to Confluence where I should read the documentation (less than 10% iss actually documented).I tried to organize myself by contacting the Product Owners for every product to give me a short intro into each, and they annoyingly just sent me invites for three weeks from now, apparently because they are “busy. I then proceeded to bother every name i could associated with the apps and finally got to hte IT support stuff who gave me at least some insight. In the country where I am, I’m the only one from the team here, and nobody in the office even knows what I’m supposed to do and where i should sit ( all the places are full and i am sitting at some confference room table. Apparently, the team is also split into smaller teams, where everyone takes one of the apps and maintains it. I’m supposed to take care of the two apps that nobody wants to deal with. What a chaos.
https://redd.it/1o0dsoq
@r_systemadmin
Just a rant to this dear community. As you can see from the noscript, here’s the deal: I started at a new software development company as a Senior IT Ops / DevOps Engineer, supposed to take care of the infrastructure with a team of about 10 people. The company has around 10 products, focusing on healthcare institutions and providers.But on my first day, nobody sent me any onboarding sessions or even contacted me. They just gave me a notebook with login credentials, and in there I could find a welcome mail and a default onboarding slot from the COO with all the newcomers.I proceeded to ping what was supposed to be my team lead, and he talked to me for 20 minutes, explaining the setup very poorly and just giving me the link to Confluence where I should read the documentation (less than 10% iss actually documented).I tried to organize myself by contacting the Product Owners for every product to give me a short intro into each, and they annoyingly just sent me invites for three weeks from now, apparently because they are “busy. I then proceeded to bother every name i could associated with the apps and finally got to hte IT support stuff who gave me at least some insight. In the country where I am, I’m the only one from the team here, and nobody in the office even knows what I’m supposed to do and where i should sit ( all the places are full and i am sitting at some confference room table. Apparently, the team is also split into smaller teams, where everyone takes one of the apps and maintains it. I’m supposed to take care of the two apps that nobody wants to deal with. What a chaos.
https://redd.it/1o0dsoq
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
Is it normal to feel lonely?
Basically the noscript. I feel lonely. I want to talk to people that are interested in the things I'm interested in and progress my skills with the support of a community, but I'm not sure how to do that. Every time I try to interact with people, I feel like a vampire that isn't providing enough value to justify my presence. How do I put myself into a position to where I can interact with people that are interested in the same things as me while still providing value? I haven't had a job(other than freelance web development) in any of the fields I'm interested in, so I feel like that makes it even harder to relate to folks. Am I overthinking this?
I want to provide some context about myself. I thought for about a year that I was going to be a software engineer. It could still happen, but I've started to realize I'm more interested in the technology behind everything, rather than programming as a whole. I don't mind programming and wouldn't be upset if that's where I ended up. I've had a few interviews that didn't pan out, which is to be expected. I think I would really like to be a sysadmin, because my main goal from the beginning was to work in cybersecurity as a penetration tester and it would be cool to see things from the other side. I'm working towards my OSCP right now, but maybe I'm chasing a pipe dream that wouldn't be ideal for me?
Sorry for the word vomit and sorry if this post doesn't make a lot of sense. I'm just a bit lost and needed to write.
edit: Wording
https://redd.it/1o0f3lb
@r_systemadmin
Basically the noscript. I feel lonely. I want to talk to people that are interested in the things I'm interested in and progress my skills with the support of a community, but I'm not sure how to do that. Every time I try to interact with people, I feel like a vampire that isn't providing enough value to justify my presence. How do I put myself into a position to where I can interact with people that are interested in the same things as me while still providing value? I haven't had a job(other than freelance web development) in any of the fields I'm interested in, so I feel like that makes it even harder to relate to folks. Am I overthinking this?
I want to provide some context about myself. I thought for about a year that I was going to be a software engineer. It could still happen, but I've started to realize I'm more interested in the technology behind everything, rather than programming as a whole. I don't mind programming and wouldn't be upset if that's where I ended up. I've had a few interviews that didn't pan out, which is to be expected. I think I would really like to be a sysadmin, because my main goal from the beginning was to work in cybersecurity as a penetration tester and it would be cool to see things from the other side. I'm working towards my OSCP right now, but maybe I'm chasing a pipe dream that wouldn't be ideal for me?
Sorry for the word vomit and sorry if this post doesn't make a lot of sense. I'm just a bit lost and needed to write.
edit: Wording
https://redd.it/1o0f3lb
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
Whats the point of terraform?
At first I thought Terraform sounded great. But now I honestly don’t get why it’s supposed to be so good for smaller organizations. Yeah, you can create VMs more consistently, but you still have to make those VMs manually first to use them as templates. It’s not like Terraform is easy to set up either. You need to create a template, set up SSH keys, configure cloud-init, then clean it up, and maybe even use modules, which just makes everything more complex and adds more maintenance work.
It is not like it makes manual work go away completely. Feels like it just better to invest time in packer tool and use ansible for config management.
I will spend some more time in my free time to learn more about terraform. Maybe I am wrong.
https://redd.it/1o0atyw
@r_systemadmin
At first I thought Terraform sounded great. But now I honestly don’t get why it’s supposed to be so good for smaller organizations. Yeah, you can create VMs more consistently, but you still have to make those VMs manually first to use them as templates. It’s not like Terraform is easy to set up either. You need to create a template, set up SSH keys, configure cloud-init, then clean it up, and maybe even use modules, which just makes everything more complex and adds more maintenance work.
It is not like it makes manual work go away completely. Feels like it just better to invest time in packer tool and use ansible for config management.
I will spend some more time in my free time to learn more about terraform. Maybe I am wrong.
https://redd.it/1o0atyw
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
Should I send the client a mini-pc so I can work on their network (since they have basically no IT dept?)
Short backstory: I have a client company which has virtually no IT department at all-- just a guy listed as the "help desk specialist". Anyway, I may need to have them run nightly jobs on prem where they do some basic queries to a database which can only be accessed from their network, and then upload CSVs of data to a SaaS which my company manages via SFTP or SCP.
Normally I wouldn't need to do this-- my clients are usually large companies with their own IT that can handle something relatively simple like this. But sometimes I get a client who is very small and outsources all of their IT, so they only keep like one person on-site to fix printers and such.
Anyway-- here's my question:
I see there are mini-PCs on Amazon for as low as $130 - $200. Low on specs, but I wouldn't need much at all for my situation. So, I've been thinking-- I could get one, install linux and configure it however I need, set up appropriate keys, noscripts, cron jobs, etc. Then, I just mail it to them and tell the IT guy to plug it into their network and turn it on (headless, no keyboard, etc). I would connect and work on it through SSH whenever I need to. And I can get the IT guy to physically turn it off or on if I ever need to.
So-- is this a really dumb idea? Are there security concerns I haven't considered?
Thanks for any advice.
https://redd.it/1o0duk4
@r_systemadmin
Short backstory: I have a client company which has virtually no IT department at all-- just a guy listed as the "help desk specialist". Anyway, I may need to have them run nightly jobs on prem where they do some basic queries to a database which can only be accessed from their network, and then upload CSVs of data to a SaaS which my company manages via SFTP or SCP.
Normally I wouldn't need to do this-- my clients are usually large companies with their own IT that can handle something relatively simple like this. But sometimes I get a client who is very small and outsources all of their IT, so they only keep like one person on-site to fix printers and such.
Anyway-- here's my question:
I see there are mini-PCs on Amazon for as low as $130 - $200. Low on specs, but I wouldn't need much at all for my situation. So, I've been thinking-- I could get one, install linux and configure it however I need, set up appropriate keys, noscripts, cron jobs, etc. Then, I just mail it to them and tell the IT guy to plug it into their network and turn it on (headless, no keyboard, etc). I would connect and work on it through SSH whenever I need to. And I can get the IT guy to physically turn it off or on if I ever need to.
So-- is this a really dumb idea? Are there security concerns I haven't considered?
Thanks for any advice.
https://redd.it/1o0duk4
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
How do security guys get their jobs with their lack of knowledge
I Just dont understand how some security engineers get their jobs. I do not specialize in security at all but I know that I know far more than most if not all of our security team at my fairly large enterprise. Basically they know how to run a report and give the report to someone else to fix without knowing anything about it or why it doesnt make sense to remediate potentially? Like I look at the open security engineer positions on linkedin and they require to know every tool and practice. I just cant figure out how these senior level people get hired but know so little but looking at the job denoscriptions you need to know a gigantic amount.
For example, you need to disable ntlmv2. should be easy.
End rant
https://redd.it/1o0m82o
@r_systemadmin
I Just dont understand how some security engineers get their jobs. I do not specialize in security at all but I know that I know far more than most if not all of our security team at my fairly large enterprise. Basically they know how to run a report and give the report to someone else to fix without knowing anything about it or why it doesnt make sense to remediate potentially? Like I look at the open security engineer positions on linkedin and they require to know every tool and practice. I just cant figure out how these senior level people get hired but know so little but looking at the job denoscriptions you need to know a gigantic amount.
For example, you need to disable ntlmv2. should be easy.
End rant
https://redd.it/1o0m82o
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
Teams meeting AI note taker virus
We use teams to meet with external parties often. Occasionally someone will click on a link in a meeting that says it's an AI not taker. The user just clicks the link out of curiosity. Suddenly that AI is adding itself to every meeting that user is in and then it spreads to the rest of Teams. The one I'm dealing with right now is fireflies.ai. Seems like the only way to get it to stop is go to their site and delete the account. How is it possible that Microsoft would allow a vulnerability like this? Is there not a way to prevent this kind of thing? I have blocked the app as stated here https://learn.microsoft.com/en-us/answers/questions/4429002/removing-fireflies-ai-note-taker-bot-from-microsof
but that doesn't seem to fix the problem of the note taker messaging everyone after every meeting. Any advice?
https://redd.it/1o0njwy
@r_systemadmin
We use teams to meet with external parties often. Occasionally someone will click on a link in a meeting that says it's an AI not taker. The user just clicks the link out of curiosity. Suddenly that AI is adding itself to every meeting that user is in and then it spreads to the rest of Teams. The one I'm dealing with right now is fireflies.ai. Seems like the only way to get it to stop is go to their site and delete the account. How is it possible that Microsoft would allow a vulnerability like this? Is there not a way to prevent this kind of thing? I have blocked the app as stated here https://learn.microsoft.com/en-us/answers/questions/4429002/removing-fireflies-ai-note-taker-bot-from-microsof
but that doesn't seem to fix the problem of the note taker messaging everyone after every meeting. Any advice?
https://redd.it/1o0njwy
@r_systemadmin
Microsoft
Removing Fireflies AI Note-Taker Bot from Microsoft Teams - Microsoft Q&A
Dear Microsoft Teams Support,
I hope this email finds you well. I am writing to seek assistance regarding an issue with the Fireflies AI note-taker bot in my Microsoft Teams environment. Despite removing the bot from the app, it continues to…
I hope this email finds you well. I am writing to seek assistance regarding an issue with the Fireflies AI note-taker bot in my Microsoft Teams environment. Despite removing the bot from the app, it continues to…
Anyone else getting Entra Connect Alerts today (10/7/25)?
Earlier I got "Password Hash Synchronization heartbeat was skipped in last 120 minutes". I restarted our Entra Connect server even though everything seemed to be running fine. I checked M365 admin center and the password and directory sync are working without errors. Now I get another warning "Health service data is not up to date". Is anyone else getting Microsoft Security emails about this or see it on the Azure portal? Running various powershell cmds and everything seems healthy on my server.
https://redd.it/1o0p1d2
@r_systemadmin
Earlier I got "Password Hash Synchronization heartbeat was skipped in last 120 minutes". I restarted our Entra Connect server even though everything seemed to be running fine. I checked M365 admin center and the password and directory sync are working without errors. Now I get another warning "Health service data is not up to date". Is anyone else getting Microsoft Security emails about this or see it on the Azure portal? Running various powershell cmds and everything seems healthy on my server.
https://redd.it/1o0p1d2
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
A PowerShell module to help recover from "oops, we deleted C:\Windows\Installer to save space"
So… you (or someone before you) tried to free up disk space by “cleaning” `C:\Windows\Installer` — maybe even ran one of those noscripts floating around that only checks the *Patches* registry keys (`HKLM\...\Installer\UserData\S-1-5-18\Patches`) and deletes everything else.
Congratulations, you just broke updates and uninstalls for half the apps on the server.
SQL Server? Exchange? Azure Arc Agent? Yeah, they’re all crying now.
The [FixMissingMSI](https://github.com/suyouquan/SQLSetupTools) tool can find and repair those missing cache files, but it’s GUI-only and not really practical when you have hundreds of systems.
I built [FixMissingMSI.PowerShell](https://github.com/ITJoeSchmo/FixMissingMSI.PowerShell) to automate that process.
* Runs FixMissingMSI *non-interactively* through .NET reflection (no GUI)
* Collects per-host CSV reports of missing MSI/MSP files
* Builds a **shared cache** that’s *demand-driven* \-- only uploads files that a server has reported actually missing
* Lets you re-run repair jobs after the cache fills so other hosts self-heal
* Includes `Get-InstallerRegistration` / `Remove-InstallerRegistration` for dealing with broken product registrations. Remove-InstallerRegistration is built off of the PowerShell within [Microsoft's Program Install and Uninstall Troubleshooter](https://support.microsoft.com/en-us/topic/fix-problems-that-block-programs-from-being-installed-or-removed-cca7d1b6-65a9-3d98-426b-e9f927e1eb4d) for scrubbing broken MSI registrations (when repair/uninstall is hopeless, this enables a clean install).
Repo: [github.com/ITJoeSchmo/FixMissingMSI.PowerShell](http://github.com/ITJoeSchmo/FixMissingMSI.PowerShell)
PSGallery: [powershellgallery.com/packages/FixMissingMSI.PowerShell/1.1.4](http://powershellgallery.com/packages/FixMissingMSI.PowerShell/1.1.4)
MECM deployment example: [FixMissingMSI.PowerShell/examples/MECM.ps1](https://github.com/ITJoeSchmo/FixMissingMSI.PowerShell/blob/main/examples/MECM.ps1)
Feel free to use, fork, and adapt. If you’ve been bitten by a "cleanup noscript" before, this might save you a rebuild.
https://redd.it/1o0ra4c
@r_systemadmin
So… you (or someone before you) tried to free up disk space by “cleaning” `C:\Windows\Installer` — maybe even ran one of those noscripts floating around that only checks the *Patches* registry keys (`HKLM\...\Installer\UserData\S-1-5-18\Patches`) and deletes everything else.
Congratulations, you just broke updates and uninstalls for half the apps on the server.
SQL Server? Exchange? Azure Arc Agent? Yeah, they’re all crying now.
The [FixMissingMSI](https://github.com/suyouquan/SQLSetupTools) tool can find and repair those missing cache files, but it’s GUI-only and not really practical when you have hundreds of systems.
I built [FixMissingMSI.PowerShell](https://github.com/ITJoeSchmo/FixMissingMSI.PowerShell) to automate that process.
* Runs FixMissingMSI *non-interactively* through .NET reflection (no GUI)
* Collects per-host CSV reports of missing MSI/MSP files
* Builds a **shared cache** that’s *demand-driven* \-- only uploads files that a server has reported actually missing
* Lets you re-run repair jobs after the cache fills so other hosts self-heal
* Includes `Get-InstallerRegistration` / `Remove-InstallerRegistration` for dealing with broken product registrations. Remove-InstallerRegistration is built off of the PowerShell within [Microsoft's Program Install and Uninstall Troubleshooter](https://support.microsoft.com/en-us/topic/fix-problems-that-block-programs-from-being-installed-or-removed-cca7d1b6-65a9-3d98-426b-e9f927e1eb4d) for scrubbing broken MSI registrations (when repair/uninstall is hopeless, this enables a clean install).
Repo: [github.com/ITJoeSchmo/FixMissingMSI.PowerShell](http://github.com/ITJoeSchmo/FixMissingMSI.PowerShell)
PSGallery: [powershellgallery.com/packages/FixMissingMSI.PowerShell/1.1.4](http://powershellgallery.com/packages/FixMissingMSI.PowerShell/1.1.4)
MECM deployment example: [FixMissingMSI.PowerShell/examples/MECM.ps1](https://github.com/ITJoeSchmo/FixMissingMSI.PowerShell/blob/main/examples/MECM.ps1)
Feel free to use, fork, and adapt. If you’ve been bitten by a "cleanup noscript" before, this might save you a rebuild.
https://redd.it/1o0ra4c
@r_systemadmin
GitHub
GitHub - suyouquan/SQLSetupTools
Contribute to suyouquan/SQLSetupTools development by creating an account on GitHub.
I think our public facing IP is getting blacklisted
A few weeks ago a dev at our company thought it was a good idea to write a noscript to check the Apple website for the availability of an iPhone he was looking for. It was a python noscript that hit a web page every 180 seconds and looked for certain keywords. He ran it for a little over 24 hours until it appears Apple started blocking it. The requests were failing with a page not found - 541 error.
At this point he told me about the noscript, he shuts it down, and we move on. I think it's probably not a big deal, and just a temporary IP block or something at Apple.
Ever since then other sites have slowly been blocking traffic from our corp network., and Apple is still blocking -- not the main site, just when you try to put an item in your "bag" to purchase.
New sites that appears to be blocking us are:
>\- Try to open the Sign In page on Costco.com \- This site can't be reached Error - ERR_HTTP2_PROTOCOL_ERROR
>\- Today, try to track a package at UPS.com \- Access Denied - You don't have permission to access "http://www.ups.com/track?" on this server.
We can access these sites without issue if we connect to our guest Wi-Fi, which goes out via a different ISP.
Maybe it's not related, but it sure seems like something is going on. Anyone seen anything like this? Any suggestions to try or resolve?
https://redd.it/1o0nbvo
@r_systemadmin
A few weeks ago a dev at our company thought it was a good idea to write a noscript to check the Apple website for the availability of an iPhone he was looking for. It was a python noscript that hit a web page every 180 seconds and looked for certain keywords. He ran it for a little over 24 hours until it appears Apple started blocking it. The requests were failing with a page not found - 541 error.
At this point he told me about the noscript, he shuts it down, and we move on. I think it's probably not a big deal, and just a temporary IP block or something at Apple.
Ever since then other sites have slowly been blocking traffic from our corp network., and Apple is still blocking -- not the main site, just when you try to put an item in your "bag" to purchase.
New sites that appears to be blocking us are:
>\- Try to open the Sign In page on Costco.com \- This site can't be reached Error - ERR_HTTP2_PROTOCOL_ERROR
>\- Today, try to track a package at UPS.com \- Access Denied - You don't have permission to access "http://www.ups.com/track?" on this server.
We can access these sites without issue if we connect to our guest Wi-Fi, which goes out via a different ISP.
Maybe it's not related, but it sure seems like something is going on. Anyone seen anything like this? Any suggestions to try or resolve?
https://redd.it/1o0nbvo
@r_systemadmin
Costco
Welcome to Costco Wholesale
Shop Costco.com for electronics, computers, furniture, outdoor living, appliances, jewelry and more. Enjoy low warehouse prices on name-brands products delivered to your door
Got a ticket from a director… couldn’t find him because his Teams photo looks AI-generated from 2004
Just joined a new company this week, still figuring out who’s who and which coffee machine actually works.
Got a ticket from one of the directors, so I thought I’d be proactive and reach out to him in the office.
Naturally, I check Teams to see what he looks like.
Click his profile.. and I’m greeted by what can only be described as an AI-generated headshot from the Windows XP era.
Perfect skin, mysterious blur, warm studio lighting.
So there I am, wandering around the office like a lost intern, trying to match this perfectly airbrushed corporate relic to an actual human.
Spoiler: the real guy looks nothing like that picture. Easily 20 years older
Anyone else notice this trend? Or is my new office stuck in a parallel timeline where everyone still looks like their 2003 LinkedIn profile? 😅
https://redd.it/1o0wpy1
@r_systemadmin
Just joined a new company this week, still figuring out who’s who and which coffee machine actually works.
Got a ticket from one of the directors, so I thought I’d be proactive and reach out to him in the office.
Naturally, I check Teams to see what he looks like.
Click his profile.. and I’m greeted by what can only be described as an AI-generated headshot from the Windows XP era.
Perfect skin, mysterious blur, warm studio lighting.
So there I am, wandering around the office like a lost intern, trying to match this perfectly airbrushed corporate relic to an actual human.
Spoiler: the real guy looks nothing like that picture. Easily 20 years older
Anyone else notice this trend? Or is my new office stuck in a parallel timeline where everyone still looks like their 2003 LinkedIn profile? 😅
https://redd.it/1o0wpy1
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
To sysadmins solo or in a small team, what sneaky things do you do that you probably shouldn't?
Nothing malicious or illegal of course, I'm talking minor "workarounds" that you probably shouldn't be doing but do anyway, because you can. Similar to jaywalking, yes you probably shouldn't do it, but it doesn't hurt anyone when you do it.
I'll start, we have a standard password reset policy every 90 or so days, and obviously you can't reuse a previous password. I'll change mine, then use AD to simply revert it back to my original. Before people scream this is a security violation, this is a non-elevated account with zero admin privilege (yes I also understand changing passwords helps against the hash being accessible locally on the machine, but unless you change passwords every few days, it won't matter that much). I wouldn't do this on any privilege accounts (we utilize a PAM solution anyway).
Understandably, in larger organizations, it's harder to "get away" with stuff like this.
https://redd.it/1o0vtkq
@r_systemadmin
Nothing malicious or illegal of course, I'm talking minor "workarounds" that you probably shouldn't be doing but do anyway, because you can. Similar to jaywalking, yes you probably shouldn't do it, but it doesn't hurt anyone when you do it.
I'll start, we have a standard password reset policy every 90 or so days, and obviously you can't reuse a previous password. I'll change mine, then use AD to simply revert it back to my original. Before people scream this is a security violation, this is a non-elevated account with zero admin privilege (yes I also understand changing passwords helps against the hash being accessible locally on the machine, but unless you change passwords every few days, it won't matter that much). I wouldn't do this on any privilege accounts (we utilize a PAM solution anyway).
Understandably, in larger organizations, it's harder to "get away" with stuff like this.
https://redd.it/1o0vtkq
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
Microsoft Simplifies File Transfers of Departing Employees
Microsoft is planning to introduce several enhancements to simplify OneDrive file transfers for departing employees.
Key enhancements include:
Automatic OneDrive access delegation, where access is granted to the manager or designated secondary owner when a user account is deleted.
New filters to help managers quickly identify shared and important files.
An enhanced Move and Share feature that enables bulk file transfers while preserving existing permissions.
More prominent account cleanup notifications, making it less likely for them to be missed.
https://redd.it/1o11o43
@r_systemadmin
Microsoft is planning to introduce several enhancements to simplify OneDrive file transfers for departing employees.
Key enhancements include:
Automatic OneDrive access delegation, where access is granted to the manager or designated secondary owner when a user account is deleted.
New filters to help managers quickly identify shared and important files.
An enhanced Move and Share feature that enables bulk file transfers while preserving existing permissions.
More prominent account cleanup notifications, making it less likely for them to be missed.
https://redd.it/1o11o43
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community