microsoft issues 1:15pm CST?

Just checking in with the community if we're alone on this issue. midwest. outlook, teams, entra, admin, azure, all seem to be having issues.

anyone else?

https://redd.it/1o2djfi
@r_systemadmin

Microsoft Issue/Outage – Teams?

Getting really slow responses and timeouts for M365 – anyone else seeing this?

https://redd.it/1o2dx4p
@r_systemadmin

Azure Down

Is azure down for anyone else.

https://redd.it/1o2gws8
@r_systemadmin

More M365 woes. The admin panels this times it seems.

Getting authentication errors across multiple browser and tenants.

https://redd.it/1o2g63g
@r_systemadmin

Office 362

Really guys?

https://redd.it/1o2dw2t
@r_systemadmin

Microsoft down - Outlook.com and Office.com not working

Users are unable to open outlook.com or office.com.

Anyone else getting these issues?

https://redd.it/1o2dz83
@r_systemadmin

Signs of a doomed IT department?

So there Is this company that most of its senior developer have resigned. Now the entire IT department are run by juniors out of college. Tech lead has been in the company for 7-8 years but still came straight from college. Now a single engineer is doing a ML + CV and image processing project which has been delayed many times (initial pilot testing was supposed to be summer but as of now there is still no solid dates set. There are no documentation and people are loosing access to repositories because tech lead doesn't want them even if they are competent. The entire department is basically a boy band of people loyal to the tech lead.
Now I'm confused why upper management or the board is not doing anything about it. Everyone is complaining. There is a huge backlog of tasks. They don't respond to anyone and if they do it usually ends up in a screaming match. Why would they let this continue? Am I missing something?

Edit: tl;dr, IT department is run by juniors, with big ambitions with AI, ML but constant delays and upper management is not doing anything.

Edit: this is besides my own situation in the company or whether I should leave or stay. I'm just wondering why people would burn their money?

https://redd.it/1o2hw2k
@r_systemadmin

Why do users shutdown brain when dealing with IT matters?

I have many users especially the older and higher level manager that is completely IT illiterate. It's as they live their life avoiding anything IT.

For example, a simple error when they try to login to something that says invalid password (worded along a longer lines), they would call IT. it's like they would just not read when the message is 10 words long. Total shutdown reading and then call for help.

Another example, teaching them about the difference between Onedrive and SharePoint. Plain simple English with analogy to own cabinet and compare shared cabinets. Still don't get it. Or rather purpose shutdown.

Do you deal with such users and how do you handle them?

https://redd.it/1o2q35w
@r_systemadmin

Weekly 'I made a useful thing' Thread - October 10, 2025

There is a great deal of user-generated content out there, from noscripts and software to tutorials and videos, but we've generally tried to keep that off of the front page due to the volume and as a result of community feedback. There's also a great deal of content out there that violates our advertising/promotion rule, from noscripts and software to tutorials and videos.

We have received a number of requests for exemptions to the rule, and rather than allowing the front page to get consumed, we thought we'd try a weekly thread that allows for that kind of content. We don't have a catchy name for it yet, so please let us know if you have any ideas!

In this thread, feel free to show us your pet project, YouTube videos, blog posts, or whatever else you may have and share it with the community. Commercial advertisements, affiliate links, or links that appear to be monetization-grabs will still be removed.

https://redd.it/1o2wr1x
@r_systemadmin

Second largest school district recommends weak password practices in policy document

My school district (LAUSD, 600K users) claims NIST 800-63B compliance but:

- Caps passwords at 24 chars (NIST: should allow 64+)
- Requires upper+lower+number+special (NIST: SHALL NOT impose composition rules)
- Blocks spaces (NIST: SHOULD accept spaces for passphrases)
- Forces privileged account rotation every 6 months (NIST: SHALL NOT require periodic changes)

What's even crazier is that the policy document says (direct quote)
" A passphrase is recommended when selecting a strong password. Passphrases can be created by picking a phrase and replacing some of the characters with other characters and capitalizations. For example, the phrase “Are you talking to me?!” can become “RuTALk1ng2me!!”

That's an insane recommendation.

There are some positive implemented policy: 15-char minimum, blocklists, no arbitrary rotation for general accounts

But as a whole, given we got hacked due to compromised credentials, it feels like we learned nothing. Am I just overreacting??

Context: I'm a teacher, not IT. Noticed this teaching a cybersecurity unit when a student brought up the LAUSD hack few years back and if we learned anything. We were all just horrified to see this is the post -hack suggestion. Tried raising concern with CISO but got ignored so I'm trying to raise awareness.

https://redd.it/1o2thka
@r_systemadmin

Microsoft intune network change December 2025

Hello, in case of some of you miss the info, microsoft will change networking connection to azure front door

more info here

https://techcommunity.microsoft.com/blog/intunecustomersuccess/support-tip-upcoming-microsoft-intune-network-changes/4452738

https://redd.it/1o2vhwv
@r_systemadmin

Password Policy Lockout Not Working - Hybrid joined users with Entra only devices

Our PCs and Users are hybrid-joined to our domain. We want to transition new devices to Entra ID only join and are working on our Autopilot/Device Configuration policies now.

A snag we have run into is how Entra-Only joined PCs handle Account Lockouts for Hybrid-Joined User accounts. Obviously, Entra-only joined devices cannot speak to the on proem domain controller without a VPN, so we need to be able to lockout the User account on the PC at the Windows Sign-In screen using Entra policies. We tried using the Password Protection policy in Entra; however, this policy appears to only apply to cloud-based sign in attempts. The Account Lockout Policy in Intune creates a local user account lockout policy that does not actually lock the Entra ID or tell the user their account is locked out. Forcing them to wait the entire lockout duration and the service team has no way of remote unlocking the local account. 

I can't imagine we are the only company that has Hybrid-Users and Entra-Only devices so I'm curious how others have tackled this problem to manage security and support for account lockout policies.




https://redd.it/1o32t1i
@r_systemadmin

Am I Getting Fucked Friday, October 10th 2025

Brought to you by r/sysadmin 'Trusted VAR': u/SquizzOC with Trusted Telecom Broker u/Each1Teach1x27 for Telecom and u/Necessary_Time in Canada

PMs are welcome to answer your questions any time, not just on Fridays.

This weekly thread is here for you to discuss vendor and carrier expectations, software questions, pricing, and quotes for network services, licensing, support, deployment, and hardware.  

Required Info for accurate answers:

* Part Number
* Manufacturer/vendor
* Service Type and Service Location
* Quantity (as applicable)

All questions are welcome regarding:

* Cloud Services - Security, configurations, deployment, management, consulting services, and migrations
* Server configs and quote answers
* Storage Vendor options, alternatives, details, and selection
* Software Licensing - This includes Microsoft CSPs
* Network infrastructure - overlay software, segmentation, routers, switches, load balancing, APs…
* Security - Access Management, firewalls, MFA, cloud DNS, layer 7 services, antivirus, email, DLP….
* User gear - Usually, you should buy the quote you have unless the quantity is +50 units
* POTS line replacements
* Single site and multi-location connectivity – Dedicated internet access, Broadband, 5G LTE, Satellite, dark fiber, Ethernet services
* Voice services- SIP, UCaaS,

https://redd.it/1o33jzi
@r_systemadmin

I Triggered a State Investigation into Microsoft (Update)

https://www.trevornestor.com/post/update-on-my-case-against-microsoft

A while back I posted my article regarding the internal problems at Microsoft, and my complaint about the company, and received a lot of support across platforms from those both still inside the company and outside of the company who have been impacted by Microsoft's recent culture and morale crisis amid widespread corruption, wrongful terminations, and layoffs at the company.

However, the Redmond and Sysadmin subreddits seemed... different. I'm not sure if there are bots astroturfing or what, but after my initial post due to the number of Microsoft supporters in these subreddits I decided to take it down. Well, I regret that and decided to post an update to double down instead.

For all of you sysadmins out there frustrated by Microsoft's nonfunctional support, I'm there with you.

https://redd.it/1o36jre
@r_systemadmin

Law firm asking for access to user's mailbox

One of our users is suing someone for personal stuff not related to our company, and they unfortunately used their work email for communications about the deal. It sounds like the law firm representing our user has requested access into their work mailbox via a tool called "Forensic Email Collector" by Metaspike.

Doing some research, it looks like it's a legit tool and all, but I've yet to have a situation where the firm wants active access to a mailbox in order to run searches. User sent over a screenshot of them being blocked from authorizing the enterprise app, so at least our security settings are doing their job.

Has anyone encountered this before? How was it handled? I'm currently thinking about saying no and running the searches/export myself with the tools already in 365.

Edit: I should have mentioned, I'm the IT director for this company but also handle some sysadmin tasks when I have free time. Mostly just curious if this is how people are handling litigation holds these days. I will be looping in legal, though.

https://redd.it/1o37e00
@r_systemadmin

Next level phishing

So first one I've heard about tangentially. Wife works in finance. One of the firms they work with got the usual text bit hey I'm tied up I need you to wire some money. Yeah, we need to talk to you. And now they're on a video call. It's the appropriate person's face, their voice, perfectly convincing. Said person was home sleeping at the time. They sent the wiring instructions to the bank and it was only caught because it trigged institution guardrails. If not for that, the money would be gone. So this has resulted in another round of training reminding people to follow procedures, no debate. And the procedures have been beefed up because what was perfectly reasonable a few years back is inadequate now.

Anyone looking at the AI space could see it coming but it's wild when you see it happen. About the only good to see of this is conventional blackmail is out the window. "Oh, you have pictures of me cheating on my wife and you'll send her copies. Do you have any of me with bigfoot and kidnapping the Lindberg baby, too?"

https://redd.it/1o36q6n
@r_systemadmin

Apple Business Manager Finally Allows Restrictions on what Apple IDs can sign to devices

In Apple Business Manager, there is now an option under Access Management > Apple Services > "Apple Account on Organization Devices." If you choose "Managed Apple Accounts Only," it will only allow people to sign into a Apple device with an iCloud account that managed by that ABM. I have confirmed it works! And the option exists in multiple ABMs. Personal account no longer allowed!

https://imgur.com/a/xay9sRx

I can't find any documentation on this anywhere. The only mention of this I can find of this on the internet is on the "Learn More" page for that setting.

This has always been a battle. Is it finally solved? Looks like it. But maybe it has always been there? I don't care! I'm happy to find it! (But if it always has been, feel free to mock :) )

(Note: I'm aware of the pros and cons of this. Just never was an option before that I found)



https://redd.it/1o37sg0
@r_systemadmin

Do you monitor/alert on Windows OS free disk space? What are your thresholds?

As Windows Updates grow in size, I'm trying to figure out what is the minimum free space (in GB) a Windows device should have (either Server or Client). I want to say I've seen issues with updates when having less than 10GB free. Was thinking of monitoring for 15GB or less, but that seems excessive. Thoughts?

https://redd.it/1o31fbz
@r_systemadmin

Gloating a bit bc I got promoted out of helpdesk!!!

Don’t have too many people to celebrate with and I figured you guys would appreciate this. I FINALLY GOT OUT OF HELL DESK!!! 7 years I was in helpdesk and FINALLY I got promoted after being at this place for 6 months! I’ll finally get my hands on tech deeper than just end user support! I’m a freaking engineer now man!!!

If you’re stuck in helpdesk listen to this: take the time to think through the problem, recreate it and if you can’t figure it out when you escalate it show ALL of your documentation, screenshots, and what you’ve tried. AND MAKE SURE TO ASK QUESTIONS AND OFFER TO GET IN DEEPER ON THE TECH WHEN YOU CAN!! Look for the opportunities to get more technical, and if you don’t feel valued where you are, start looking for another place. This isn’t the 50s anymore and respect is a 2 way street! Know your worth!! IM A FREAKING ENGINEER HAHAHA!!!

https://redd.it/1o3enpp
@r_systemadmin

ARM laptops with SCCM?

We recently got one of the Qualcomm Snapdragon X Elite laptops, specifically the Dell XPS 13 9345 and we're evaluating feasibility in our existing environment.

When imaging with SCCM, drivers seem to install and update just fine, but when using Dell Command Update alongside embedding the Qualcomm Chipset drivers into the WinPE image, there are two drivers, specifically a Qualcomm camera driver and a Qualcomm USB driver that will not install no matter what we try. They show as unknown drivers in Device Manager. Dell's image doesn't have this issue and ripping the drivers from their image doesn't seem to fix the problem either. Dell Command Update finds no missing drivers, but everything on the laptop seems to work fine? Anyone else have driver issues with these laptops?

Also, for those that have it, how do you handle print drivers? Do you use the Microsoft type 4 drivers? We're thinking we might use IPP for situations in which users are using the ARM laptops. The problem with the print drivers is none of the vendors seem to even support ARM64 as an architecture at all and Microsoft doesn't have any sort of conversion layer like they do for applications unless I'm misunderstanding it.

https://redd.it/1o3bwbb
@r_systemadmin

Passkeys vs passwords how's the rollout going for you

We've been testing passkeys internally and while logins are smooth integration’s a mess Some apps support it perfectly others fail when syncing across browsers or devices Legacy systems are the biggest blocker Users like the idea but get lost switching devices Curious how others are handling rollout and adoption in 2025 fully moved or still stuck in hybrid mode

https://redd.it/1o3gpf2
@r_systemadmin