The pain of dealing with Dell Financial Services and they messed-up returns process

Hi fellow sysadmins,

maybe this is more a post for people in Germany/The EU, but I really wanted to find out if we are the only ones that this happens to.

We lease our devices for 3 years and without fault every single time after we've packed everything nicely and made sure all computers are clean (physically) and wiped/reinstalled, sent everything back on time, we are being told that devices were missing in our shipments. One time all of our docking stations were apparently gone (sent in the same box as the laptops....) this time we are apparently missing 74 of 89 devices. They were packed on two palettes, picked up by their own partner and arrival at the warehouse was confirmed to me.

I'm so over it, all the effort on our end to ensure that it doesn't happen again, and then it does still.

I have started taking several pictures of each shipment, from all angles so that we can prove we have packed the required amount of devices on the palette.

Either we are terribly unlucky or something is fishy either with their contractor Expeditors or whoever picked up the palettes from us. Is there someone here located in Germany or the EU who had experience with returning Dell leasing equipment?

I have a feeling that Expeditors doesn't employ the most trustworthy people, but DFS has so far also not proven themselves to be any better. They often didn't even inform us that devices were apparently missing and just continued the leases. I had to kick up a giant fuss at the start of the year because they confirmed they had closed the contracts but then didn't and kept on billing us for another year after (because it took them another 6 months for resolution after I contacted them about it).

We had switched to Lenovo in the meantime but for the last contract Dell's offer was unbeatable and now we are back with the devil.

I am exhausted.



https://redd.it/1okw5m5
@r_systemadmin

Did you know DattoAV uses the Avira AV engine?

Long story shortened, using Pihole(s) for DNS at a small business, I see a huge (20k+ in 24 hours) influx of new queries to an "v2.web-rep.auc.avira.com" domain. Thinking it's junk, I block as a scream test until I can research more.

Go to logs, just started within the last day, maybe that's good I found early enough on. Flush logs, review. Loads more coming in (blocked at this point).

I remote into a server that basically runs nothing, but reports this DNS record. I look at TCP connections in Resource Monitor, find "endpointprotection.exe" calling to a particular IP that matched the domain DNS is going to. Not familiar with that exe maybe it's bogus. Task Manager > find exe > right click open file location > C:\\\\\DattoAV folder.

Hopped on Copilot to find Datto does in fact utilize Avira engine. My guess is because of all the AWS and Azure issues, maybe redirected/pointed to this new Google-hosted site to keep AV up and running? Hopefully.

TL;DR found out Datto uses Avira through brief moments of panic that we're infected/hacked, blocked it all only to find is legit.

Not much else online about this so hopefully could help someone else? Certainly ate up my morning thinking I was about to have a long day/weekend!

https://redd.it/1okzphf
@r_systemadmin

got furloughed today

financially. i’ll be ok but i feel betrayed, but should have seen the writing on the walls.

im grateful that i have this cushion to start taking care of myself. no more missing doctor appointments. no more giving up my morning workouts. no more dropping everything to work on some bullshit last minute request all fucking night for the same people who fucked me.

and time to look for a new job.

https://redd.it/1ol3tin
@r_systemadmin

CDW wtf?

I made the mistake of buying hardware from CDW. I needed a replacement video card for my server and due to timing and availability had to go with the Nvidia RTX 4000 Ada. I bought it, received the card, and realized they had sent me the Nvidia RTX 4000 SFF Ada instead. They then refused to change it for the proper card, and instead updated their webpage to have it list the SFF's part number -- but the denoscription still shows it as the Nvidia RTX 4000 Ada.


My fault for buying from them again. Just posting here incase anyway plans to buy from them, double-check the exact part number beforehand and do not trust their listings. I have now checked several other products on their website and they consistently list similar products as being the same. The silly thing is that they often are products at or near the same price, which implies this is just sloppiness on their part more than malice.

https://redd.it/1ol6yoz
@r_systemadmin

security scanner flagged our staging database as critical vulnerability. its literally not accessible from internet

Got our quarterly security scan back. One of the critical findings was our inventory management API using basic auth flagged as publicly accessible.

Spent half a day proving it's behind our ALB and only accepts traffic from our order processing service. Traffic flow is: ALB → order service → inventory API. No ingress rules allow external traffic. Showed security the VPC config and security groups. They said it still needs fixing because the scanner marked it critical.

Now we're spending sprint time migrating to OAuth just to clear a false positive on a service that's never been reachable from outside our network.

The scanner has zero context about our actual setup. Can't see that inventory API only responds to requests from order service IP range. Just sees Authorization: Basic header and flags it as internet-exposed critical vulnerability.

We have about 30 findings like this. Payment webhook receiver flagged as public even though it only accepts Stripe IPs. Redis admin endpoint marked critical even though it's VPC-only. Dev RDS instances treated the same as production customer database.

Meanwhile actual issues like overly permissive S3 bucket policies are sitting at medium priority buried under all this noise.

Feels like we're optimizing for scanner compliance instead of actual security posture. Curious if there's a better approach to this that others have found.



https://redd.it/1ol70uk
@r_systemadmin

What's your favorite post work activity to unwind/disconnect?

After a particularly long week of end users having an extra serving of anti critical thinking juice, I am exhausted. I don't want to hear the word Azure, I don't want to look at a computer.

However, I have started a project of building a rack mounted tube amp for my guitar. I have no idea if this will work the way I think it will. After feeling exhausted at the end of the work day I feel energized just trying to map it out, learning about how they work and finding parts. It's so refreshing working on a hobby/project with 0 worry and 100 curiousity.

What are ya'll doing this weekend to recharge/do that is not based in Microsoft or AWS?

https://redd.it/1ol7xw1
@r_systemadmin

If you are my coworker in IT, any Non-Critical troubleshooting calls stop at 4:30 on Fridays.

If you ask to have a troubleshooting call with me 4:30 on a Friday the Answer is No. You had all week or at minimum all day. Its one thing if its for a VP or if we were already on a call since 3:30 or 4. I'm not gonna cut you off at 4:30. But if its not a P1 or P2 and you just want to solve your curiosity about something, it can wait til Monday. Especially on Halloween night.

Had our security guy ask to have a call with me at 4:30 today, on Halloween night of all nights. I have a 2 year old who can't stay up past 8 and its dark by 7 anyways. That gave us like 1.5-2 hours at most to do any trick or treating with her.

So no I am not going to have a troubleshooting call with you when you had literally all week to have a call with me or at minimum anytime today before 4:30p.

/Rant

https://redd.it/1olbiye
@r_systemadmin

OE: 2 IT Jobs

Been in IT for over 10 years now.
Just started my over-employed journey 2 months ago. Only IT person at both startups without MSPs.

Job 1: Hybrid / Senior IT Engineer
220 Users / 5 Countries

Job 2 / Hybrid / IT Manager
125 Users / 2 Countries

Similar stack in both:
Okta
Kandji
Google
Etc…

It’s been pretty great so far. I was able to revamp IT departments in both locations. Automation high and tickets low. Not for everyone but decided to share if you’re thinking about OE. Worth it.




https://redd.it/1olhlqx
@r_systemadmin

Is the Australian IT market good for Systems Administrators?

Hey All !

I am from New Zealand and have roughly 15 years of experience in IT Systems Administration mainly within the Wintel space ( windows server, VMware, entra ID, AD ) you know the jazz.

The job market here is horrible and I was wondering how the Australian IT job market is ? Especially for Senior Systems Administrators ?

I have been unemployed for 6 months now !

https://redd.it/1ol9rsg
@r_systemadmin

Azure Entra SOA Experiences

Hey all,

We’re looking at piloting Azure Entra’s new Source of Authority (SOA) conversion feature and wanted to hear from anyone who’s already tried it.
For those unfamiliar: it’s the feature that lets you transfer user/group management from on-prem AD to Entra ID without deleting and recreating objects.

It uses the isCloudManaged attribute to tell sync tools to stop syncing specific objects while maintaining identities and relationships.

Specifically curious about:
• How smooth was the actual conversion process? Any gotchas?
• Did you run into issues with on-prem app access after conversion?
• How are you handling Kerberos-based applications? (Application Proxy, Cloud Kerberos Trust, or something else?)
• Any problems with group provisioning back to AD after conversion?
• What’s your device situation? (Entra joined, hybrid joined, etc.)
• Would you recommend it, or are there hidden pain points Microsoft’s docs don’t cover?

Our situation:
We’ve got a hybrid environment with mix of cloud and on-prem apps. Considering starting with a specific OU that has fewer legacy dependencies, but want to understand what we’re getting into before committing.
Appreciate any insights - both positive experiences and horror stories welcome!

Also interested in hearing if anyone’s hit the universal group limitation or had issues with nested groups during conversion, or issues with legacy on-premises APPs.

https://redd.it/1oljgsg
@r_systemadmin

How do we hide wifi password - is there a GPO or registry entry or tenant setting or MDM setting (not intune) ?

WARNING... 'manage known' now has a very prominent "show" password button :( with a QR code even.

Cue the abuse from personal phones and tablets. At least it was hidden away before. Would like for the MDM delivered wifi profiles to not allow seeing the password so easily.

https://redd.it/1olhvs5
@r_systemadmin

Windows Update simplified noscripts are going to cause so much confusion. Why was this approved?

1. Monthly or out-of-band security updates: Security Update (KB5034123) (26100.4747)

2. Monthly preview non-security updates: Preview Update (KB5062660) (26100.4770)

3. .NET Framework security updates: .NET Framework Security Update (KB5056579)

4. .NET Framework non-security updates: .NET Framework Preview Update (KB5056579)

5. Driver updates: Logitech Driver Update (123.331.1.0)

6. AI component updates: Phi Silica AI Component Update (KB5064650) (1.2507.793.0)

Source: https://techcommunity.microsoft.com/blog/windows-itpro-blog/simplified-windows-update-noscripts/4465287

How and why were these noscripts approved? Do they really know what admins expect?

https://www.windowslatest.com/2025/11/01/windows-11-update-names-got-simpler-drops-yyyy-mm-now-it-admins-are-going-mad/

Oct 25 optional patch (https://www.windowslatest.com/wp-content/uploads/2025/11/New-Windows-Update-noscript.jpg) looks like an Insider Preview release.

I can't believe they went ahead with this move, and they're promising improvements after people called Microsoft's move dumb in the comments

https://redd.it/1olpccl
@r_systemadmin

IBM / Lenovo Storwize V3700 / SAS down

Hi zusammen,



wir stehen gerade etwas auf dem Schlauch und unser IT-Dienstleister auch, vielleicht hat jemand diesen Fehler schon mal gesehen.



Umgebung:



2x HPE ProLiant DL380 Gen9



VMware ESXi/vCenter (vCenter lief als VM)



Storage: IBM / Lenovo Storwize V3700 (altes Storwize, heute ja Lenovo)



Anbindung der ESXi-Hosts an die V3700: direkt per SAS (kein FC, kein iSCSI)



Keine lokalen Platten in den DL380, ESXi bootet also vom Storage.



Fehlerbild (plötzlich mitten im Betrieb):



vCenter nicht mehr erreichbar



Wenn man direkt an die DL380 geht: „VMware Hypervisor Recovery – No hypervisor found.“

→ also Host findet sein ESXi nicht.



In der V3700-GUI: Alert „SAS-Host-Ports nicht aktiv“ auf beiden Nodes

→ bei den Hosts steht: Typ SAS, Status: Offline, angemeldete Hosts: 0

→ Management-GUI vom Storage geht aber ganz normal!



iLO auf beiden Servern erreichbar.



Was wir schon wissen:



Die Server haben keine lokalen Disks/SD, die haben wirklich vom Storage gebootet.



Wenn beide Server „No hypervisor found“ sagen und die V3700 gleichzeitig „SAS-Host-Ports nicht aktiv“ meldet, dann sieht das Storage schlicht keinen der beiden Hosts mehr.



Das spricht eher für: SAS-Strecke/Host-Ports am V3700 als für „ESXi kaputt“.



Kabel neu gesteckt → keine Besserung.





Fragen an euch:



Kennt jemand das Verhalten beim Storwize V3700, dass alle SAS-Host-Ports plötzlich „offline“ sind, Management aber geht?



Reicht da oft ein Node-/Canister-Reboot oder ist das eher „SAS-Teil vom Canister defekt → FRU tauschen“? Reboot hab ich schon gemacht ohne Erfolg.



Macht es Sinn, temporär per iSCSI an die V3700 zu gehen (ESXi lokal booten → iSCSI-Target → Datastore wieder da), oder übersehe ich da was?



Ist Lenovo aktuell der richtige Kontakt für dieses alte Storwize? (Gerät stammt noch aus „IBM“-Zeiten.)



Ziel:

Ich will eigentlich nur vCenter + Shares so schnell wie möglich wieder online haben – egal ob über SAS oder notfalls „langsam“ über LAN.



Danke 🙏

https://redd.it/1oloulq
@r_systemadmin

HP/Papercut Device Licenses

Greetings all,

We have Papercut and like 30 Xerox copiers. We are looking to add some HP printers we have that are capable of running Papercut, using a device license for it, to our Papercut setup.

Does anyone know how to get these device licenses? Is it a HP thing or a Papercut thing? I got quoted $950 for each printer from our vendor, but I’m wondering if I could get them another and hopefully cheaper way….

Thanks

https://redd.it/1olsuos
@r_systemadmin

How you track what would break if main cloud region goes down

We had a chat after the last AWS/Azure outage and honestly realized… none of us really know what would die if our primary region disappeared for a few hours.

We’ve got “multi-AZ everything”, backups, health checks, all the standard playbook stuff. But that’s still all inside one provider. Once you start asking “what if IAM or S3 or DNS in that region stops working?” it gets ugly fast.

Turns out half our “redundant” systems depend on the same control plane or managed service anyway. Even our monitoring stack isn’t as isolated as we thought.

Curious how other teams handle this:
• Do you actually simulate provider/region outages, or just hope it never happens?

• How do you figure out what’s truly single-point vs redundant?

• Anyone built good visibility around this without going full multi-cloud?

• Is your multi cloud really fail proof?


• And when something does go down, what’s the hardest part — detection, failover, or explaining it upstairs?

Not trying to start a multi-cloud debate — just wondering how others think about dependency risk in real life.


https://redd.it/1olu2rc
@r_systemadmin

VDI with VOIP Would you recommend?

Heya ,

Company wants to go in the direction of VDI but we have about 400 users who use Five9 Softphone daily. Also heavy use.


Five9 has been a nightmare - everyday there is a new issue or ticket created in our help desk to help a user with Five9 ( brower refresh errors , or not recognizing the softphone app). Inorder to save money being laptops my company is thinking of introducing VDI in the upcoming year.

I have concerns with reliability and call quality.

Anyone have experience with VDI and VOIP? Would you recommend ?

These will be loaded on thin clients.

https://redd.it/1olst2o
@r_systemadmin

SSH with pubkey accidentally left opened. Any issue?

I normally check the server security carefully, but finally made a mistake.

When I create servers in cloud, the firewall is enabled and only 443 is allowed, which I usually also manually remove. No allow rules, no incoming traffic. This is the default behavior in my provider.

I changed the cloud provider, and didn’t notice that the default behavior is different: if there are no rules in dashboard, it means everything is allowed by default. The UI is different. Somehow I didn’t catch it in my test.

On VM, ufw default is block all incoming except SSH. SSHD is configured correctly with a custom sshd_config to allow only public key authentication and nothing else.

I noticed the issue, and found tens of thousands of failed connection attempts. Logs on the same server show nothing was accepted other than with my public key and IP.

Is there any concern?

Should the server be deleted? It takes a lot of work.

**Update**

I also worry if some non-SSH services could bypass ufw. I know Docker could do it (not in my case). But I wonder if there could be any other services bypassing UFW via IPtables rules in a default installation of Ubuntu server (kept up to date)?

Obviously IPtables and logs could be checked. But if someone got in, they could erase traces left. The server doesn’t have anything super important, and is isolated, but malware could still potentially spread through HTTPS pages accessed (malicious javanoscript pushed to the viewers).

https://redd.it/1olwrty
@r_systemadmin

Why has system admnistrator pay gone down in Canada?

Before about a year ago, i was seeing regularly pay around 90k. Now all I see is 68k-75k and thats with 5 years of experience.

Is the market down or is this the new normal?

Im in the windows sysadmin environment (citrix, vmware, SolarWinds, windows)

https://redd.it/1olzebc
@r_systemadmin

Sandboxie plus error

I used to use sandboxie plus here and there and never used to have an issue with it, it would open up a web browser just fine. Lately though, when I go to open a web browser through it by right Clicking default box, then Run-> Standard applications -> default web browser (which for me is firefox), it gives me the following error:

procedure entry point pk11sdr_encryptwithmechanism could not be located in the DLL c:\\ProgramFiles\\Mozilla firefox\\xul.dll


I don't know why it would give me this error. Firefox opens up just fine outside of the sandbox.

https://redd.it/1om4jwm
@r_systemadmin

hyper-v instead vmware

hi

we have a standalone cluster with 8 hosts.

they don't have shared storage - each host have its owed local storage, of course no migration between the hosts..

today we are running vmware esxi, our license will expire next year

i consider hyper-v as replacement, all our servers-based windows server OS on this cluster

also, i consider proxmox as candidate..

https://redd.it/1olx3hn
@r_systemadmin

8TB spinner have been hovering around $150 for the last 7 years and I need someone to blame

Any researched takes on why I can't reasonably upgrade my array?

https://redd.it/1om9ei8
@r_systemadmin