As a systems admin, how do you deal with third party vendors always screwing up and then claiming you are in the wrong?

I can count so many occasions over the first 2 years as a network admin where we have third party vendors come in and do work and have no idea how their own products/software work and I have to with limited knowledge try to guide them through how to do their own jobs. It’s infuriating. Listen, I don’t expect end users to know everything about technical stuff, we’re here to help them with that. But I am sick of people who should definitely know about their own specific technologies, the technology/software/product of the company they are employed by to do work with not knowing what the hell is going on like 80 to 90 percent of the time. Is this normal? Am I dreaming? Someone tell me I’m not going crazy and this is something regularly experienced? At least then I wouldn’t feel so alone in experiencing this.

https://redd.it/1ogas2q
@r_systemadmin

As a parent and experienced system administrator, how would you teach your son to master this field from zero?

Just imagine a situation — you have a son who unfortunately didn’t study anything seriously during his education. He somehow holds an engineering degree, but he doesn’t have communication skills, interpersonal skills, or any real technical knowledge.

He’s now 33 years old, has no job experience, no bank balance, and feels like he has already wasted 75% of his life.

But there’s one thing special about him — he has a fresh brain that can still learn anything if someone explains it clearly. He has the ability to find perfect solutions for complex problems if he gets proper answers to his questions. He’s curious and ready to learn, but he struggles to understand theory or book-based concepts unless he knows their real purpose and need.

Now, he comes to you and says:

> “Dad, please teach me the system administrator job. I really want to enter this field, learn everything step by step, and build a good career. I’m ready to learn, but I want to go in an easier, more practical way — not by reading confusing books or putting too much pressure on myself.”



As a parent who’s an experienced system administrator and has mastered the field through years of work, what would you say to him?
How would you guide him from zero — from turning on a computer to handling servers, networks, backups, and troubleshooting?

What would be your full plan to teach him:

(Step-by-step skills and tools to start with)

Please share your thoughts.
This could be a real-life situation for many people who started late but still want to learn and build a stable career in IT — especially those who have the mind to learn but never got the right guidance.

https://redd.it/1ogb44b
@r_systemadmin

Ever noticed how the Microsoft support is shit ?

Hey all !

When ever I ask a MS 365 question with them they are clueless or give me mis information.

I would say i got more experience about MS 365 than them ( which is bad)

Back in 2011 - 2014 they used to be good!

But has gone down hill.

Most of the time their Infosys or some IT company that work for Microsoft.

Also the Microsoft tech professionals aren't any better either that work for Microsoft themselves.

Anyone noticed ?

https://redd.it/1ogc7a4
@r_systemadmin

Onboarding is killing IT desks. How do you cut the tickets?

Hey everyone

We're auditing a client's onboarding process and found that IT spends almost 60% of their time answering repeat setup questions like "where's the police doc", "how do I access the CRM", etc.

I am curious, have you automated or "visualised' the onboarding so employees can self-serve without constantly overwhelming IT?

https://redd.it/1ogevgr
@r_systemadmin

Techies — how are you storing and managing all your cables, adapters, and peripherals at home?

Hey all,

Looking for some inspiration for cable and tech accessory storage at home — not the usual under-desk cable trays or conduit stuff, but more about how you store all the spare cables, adapters, chargers, and random tech bits that seem to multiply over time.

I’ve got everything from USB-C, HDMI, and power cables to hubs, adapters, and peripherals — basically a tech drawer that’s turned into chaos. I’m thinking of making a small storage area in a spare room or bedroom, but I want something clean, organised, and modern-looking — not just plastic tubs stacked everywhere.

So I’m curious:

What are you using — drawer systems, clear boxes, pegboards, label setups?

Are you going for something like an IKEA or tool-chest style drawer system (like for garage tools but for cables)?

Do you label each cable type or just bundle and group them?

Any cool or clever DIY ideas you’ve tried?


I’d love to see photos or links to setups that work for you — especially if you’ve made it look neat enough for a home office or bedroom rather than a workshop.


https://redd.it/1oggtny
@r_systemadmin

W11 license to install on Parallels

Anyone can give me some pointers on this? Have someone with Mac and they need Windows 11 for their job. They have M365 Business Premium license as well. Any recommendations on sourcing W11 license besides Microsoft Store?


thanks!

https://redd.it/1ogj4o7
@r_systemadmin

Critical BIND9 DNS Cache Poisoning Vulnerability CVE-2025-40778 - 706K+ Instances Affected, PoC Public

Heads up sysadmins - critical BIND9 vulnerability disclosed.

Summary:
- CVE-2025-40778 (CVSS 8.6)
- 706,000+ exposed BIND9 resolver instances vulnerable
- Cache poisoning attack - allows traffic redirection to malicious sites
- PoC exploit publicly available on GitHub
- Disclosed: October 22, 2025

Affected Versions:
- BIND 9.11.0 through 9.16.50
- BIND 9.18.0 to 9.18.39
- BIND 9.20.0 to 9.20.13
- BIND 9.21.0 to 9.21.12

Patched Versions:
- 9.18.41
- 9.20.15
- 9.21.14 or later

Technical Details:
The vulnerability allows off-path attackers to inject forged DNS records into resolver caches without direct network access. BIND9 accepts unsolicited resource records that weren't part of the original query, violating bailiwick principles.

Immediate Actions:
1. Patch BIND9 to latest version
2. Restrict recursion to trusted clients via ACLs
3. Enable DNSSEC validation
4. Monitor cache contents for anomalies
5. Scan your network for vulnerable instances

Source: https://cyberupdates365.com/bind9-resolver-cache-poisoning-vulnerability/

Anyone already patched their infrastructure? Would appreciate hearing about deployment experiences.

https://redd.it/1ogjvq9
@r_systemadmin

Just inherited a network. No documentation. The admin password is "Password123".

Started a new gig as the "sole IT guy" for a 150-employee company.

The previous admin left 3 weeks ago with zero notice. Today was my first day.

There is no documentation. No network diagrams. No asset list. No password manager.

I spent my morning in the "server room" (a hot closet with a single, dusty rack) trying to trace cables.

The good news: I finally got into the domain controller. The bad news: I got in by guessing. The domain admin password was, I kid you not, "Password123".

It hasn't been changed since the server (a physical 2012 R2 box) was set up.

There are no backups, just an external USB drive plugged into the back of the server with a "Last Modified" date of 2019.

On the bright side, I guess I have job security.

What's the worst thing you've ever inherited on Day 1? I need to feel better about this.

https://redd.it/1ogo9eg
@r_systemadmin

What are your thoughts on Encrypted DNS (DoH, DoT, DoQ) ?

Hello community,

Long time lurking network engineer/network security engineer here looking for some thoughts from sysadmins.

Standard DNS runs unencrypted over port 53, which means that an eavesdropper can pick up those DNS requests and see which sites your users are visiting, and may potentially use this information to orchestrate cyberattacks against your organisation.

I see there are various attempts at the IETF level to implement encryption for DNS by using either DoH (DNS over HTTPS), DoT (DNS over TLS) or DoQ (DNS over quick).

https://www.internetsociety.org/resources/doc/2023/fact-sheet-encrypted-dns/
https://blog.apnic.net/2018/10/12/doh-dns-over-https-explained/

What are your thoughts on these solutions ? Have you seen these implemented in practice or has your organisation considered deploying them ? If yes, how did it work out, and do you consider the effort worthwhile to improve your organisation's security posture ?

https://redd.it/1ogmvah
@r_systemadmin

What's the "rookie mistake" you've made dispite your experience?

Let's be honest, we've all made beginner level mistakes that somehow slipped through, even with years of experience.

How did it impact production?

Just a reminder for people who are starting in IT (even for the veterans out there too), that you're going to make mistakes even with years of experience and it's ok.


https://redd.it/1ogsnnx
@r_systemadmin

Best way to share service account passwords securely (on-prem only, no cloud tools allowed)

I’ve been looking into ways to securely share service account passwords between admins in an on-prem environment.
Found a few paid solutions (like Password Safe, ManageEngine, etc.), but wondering — are they really worth buying?
Or is this issue not even worth spending money on?

What are you guys using in regulated environments with no cloud access?

Would love to hear some ideas about this.
Thanks,

https://redd.it/1ogudmk
@r_systemadmin

Level 1 sd specialist seeking advice

Hey everyone,

I landed a job recently as a level 1 sd specialist. I dont have an IT background.

Let's just say I got served this opportunity on a silver platter. I really don't wanna mess this up.

I was hoping if I could get some general advice from you brainiacs that would help me bring more value and perform better.

Thank you for your time.

https://redd.it/1ogvdvl
@r_systemadmin

Another M365 Outage?

Located in AUS, currently having the following issues.
\-Slow access to office.com
\-No access to portal.office.com
\-Access to admin.microsoft.com is ok.

Down detector starting to spike
https://downdetector.com.au/status/microsoft-365/

No outages listed in health status
https://status.cloud.microsoft/

https://redd.it/1oh0rmo
@r_systemadmin

How to secure endpoint network traffic without a full tunnel VPN

My company has a lot of remote users who WFH and dont have the best ISP speeds. We want to make sure none of our remote users are susceptible to a MITM attack from some rogue AP when they are traveling. Is there any solution that ensures all network traffic is protected without a full VPN tunnel running on the endpoints?

https://redd.it/1oh198i
@r_systemadmin

Looking for a solid web filtering setup for ~300 users and better AI threat detection

we’ve got around 300ish users spread across a few locations. used to run fortigate with ad based web filtering which worked fine until we started moving systems to azure ad. once a device was azure ad joined it stopped logging into the dc properly, so group based filtering stopped working.

we switched to meraki mx for SD-WAN and tried the Ad integration for content filtering. It started spamming our domain controllers with WMI calls and slowed everything down, so that plan died fast.

Management now wants a filtering system that still allows exceptions for certain departments like marketing that need social media and a short open window during lunch for general sites.

if there’s a solution that can handle standard web filtering but also tie into AI threat detection or basic AI guardrails, that would be ideal. something that can work with both on prem and azure ad joined machines without slowing performance.

anyone running something like that successfully?


https://redd.it/1oh6sbn
@r_systemadmin

Qsn about Secure boot Cert in VM

Hi Sysadmins,

I have read all the articles regarding secure boot certificate expiration in physical devices. can you help me with the situation in case of a virtual machines (Vmware or Azure)

My Exact questions are:

1. Are the cert expiration applicable for virtual machines?
2. what are the to-dos in case of that?

https://redd.it/1oh3bwb
@r_systemadmin

Weird 6gx and doculink emails hitting our domain

We’ve started seeing a lot of quarantined phishing emails coming through. The sender addresses are really strange. Some start with “/6gx…” followed by a long string of random-ish characters (242 characters, with slashes, plus signs, etc). Others start with “doculink…” and a different random string. Different domains each time.

Feels like these are supposed to trigger something on our domain but are getting blocked instead.

My guess is one of two things:

1. We tightened up DMARC/DKIM recently. Maybe it’s just DMARC doing its job and these are failed encodings getting blocked.
2. Or it’s some kind of noscript injection landing in our global quarantine.

Anyone seen anything like this? Thoughts on what’s actually happening or how to deal with it?



https://redd.it/1oh86jr
@r_systemadmin

Microsoft heading to Australian Federal Court for misleading 2.7 million Australians.

Microsoft is heading to Australia's Federal Court, with the ACCC alleging the tech giant mislead 2.7 million Australians when they bundled the company's AI assistant, Copilot, into Office 365 and hiked the cost of subnoscriptions.

https://youtube.com/shorts/qZJCuNIZr0w?si=lU-oVgCXTQ_KwVBR


https://redd.it/1oh8yg9
@r_systemadmin

How are teams automapping container configs to compliance standards like NIST or PCI?

my compliance want runtime evidence that container configs and images should align with frameworks like NIST SP 800 190 or CIS benchmarks. Generating these mappings manually across dozens of microservices is painful and time consuming. I want dashboards that show me where each container stands against specific compliance checks. Anyone know how to auto map containers to frameworks and export audit ready data?



https://redd.it/1ohaj84
@r_systemadmin

OSDCloud - Offline Imaging Help

Hi All,

I'm trying to figure out an issue creating an OSDCloud USB deployment with an offline image. For whatever reason once I've created the USB using the steps below, the USB drive does not use the offline image/drivers. In my troubleshooting I've noticed that the OSDCloudUSB partition is not mounted. I've tried various WinPE drivers, including the Intel Rapid Storage driver, different devices, different external drives, but I cannot get the partition mounted. Which I assume will be needed for WinPE to see the offline images.

Diskpart and all related commands don't pick up the external storage either.


There's a chance I'm just missing a step, but for the life of me I cannot work it out. Or completely misunderstanding the documentation.

Below are the steps I was following last week to get the USB created. Hopefully not missed a step from memory.

1. Creating a new workspace from a template with included WinRE wireless support.
1. `Set-OSDCloudTemplate -Name 'Offline\` -WinRE`
2. I'm then creating my new Workspace
1. `Set-OSDCloudWorkspace -WorkspacePath C:\OSDCloudOffline`
3. Adding all the WinPE drivers to the image
1. `Edit-OSDCloudWinPE -CloudDriver *`
4. I've then gone ahead and added some device specific WinPE USB drivers to try and weed out the issue
1. `Edit-OSDCloudWinPE -DriverPath 'C:\Drivers\'`
5. Added the OS of choice
1. `Update-OSDCloudUSB -OS`
6. Added device specific drivers
1. `Update-OSDCloudUSB -DriverPack Dell`
7. Then finally. Create the USB.
1. `New-OSDCloudUSB`
8. I can see all the files, drivers, OS images on the OSDCloudUSB partition of the USB

I am aware there are other solutions for offline image servicing like FFU, but currently testing all the solutions available to me.


Any help/tips/advice would be greatly appreciated.

Thanks!

https://redd.it/1oha0bb
@r_systemadmin

security team handed us 600 vulns to fix. half werent even reachable from internet

Infosec ran their quarterly scan and dropped 600 vulnerabilities on us. 200 marked critical. Leadership wants remediation timeline by Friday.

Spent two days triaging with DevOps. Most criticals were libraries we import but never actually call. Internal APIs behind VPN flagged as publicly exposed. Staging environments with test data treated same as production.

Best one was a critical vuln in a Lambda that runs once a month. Scanner sees vulnerable package but has no idea if the code even executes or if anyone hits that endpoint.

Asked security how to prioritize. They said fix criticals first. Cool, but which ones are actually exploitable versus sitting in unused code? Scanner can't tell the difference.

Devs are ignoring security findings now because we've cried wolf too many times. Then we miss actual issues buried under the noise.

We spent half our sprint on vulnerabilities that didn't matter. Meanwhile an actual exploit attempt last month took 8 hours to detect because buried under 300 false positives.

Security team is mad we're not moving fast enough. We're mad they can't tell us what actually needs fixing versus theoretical risk.

Has anyone solved this or do security and engineering just hate each other everywhere?

https://redd.it/1ohcjl6
@r_systemadmin