My thoughts on my first few months as a new SysAd

I just completed my 4th month as a Linux SysAd. I previously was a Security Engineer but really wanted to move over to something more technical. I work on a small program where I’m the only SysAd. I had a fair amount of Linux Admin experience before beginning, but when I first started, it was a bit overwhelming, but being thrown into the deep-end is usually where I’ve done best.

When I first started, the previous SysAd had implemented almost no automation and my non-technical team members were constantly dealing with small issues that the previous SysAd just spot fixed with “band-aid fixes” and not fixing underlying issues. My first month I worked my butt off trying to get everything automated that were part of daily/weekly processes along with working to eliminate all the “papercuts” team members had. I had a massive list of things I had to do, but they all got completed pretty quickly! I’m kinda happy I walked into this situation because I learned EVERYTHING about the systems super quickly. It was also very enjoyable walking in after about a month and a half and I didn’t have anything pressing I needed to attend to, and no new issues.

After 4 months, the most suprising things is how much the OS can actually do. We use RHEL, and I’ve been continually suprised about what it can do out of the box. Looking back when I was a security engineer, I just feel like the OS was massively underutilized and basically just acted as a wrapper around security tool applications. There’s so many security tools natively available! SELinux is, while annoying sometimes, is legitimately amazing and I can’t believe it’s free.

Along with just the Linux knowledge, I feel like my general IT understanding has massively increased. Due to my program being small, we don’t have a lot of money to throw around, so to get things like SoL, we may not have the money to buy iLO or iDRAC, but we can utilize IPMI which those platforms are built on to still reap massive benefits! Understanding what products are actually built on and being able to use those underlying technologies has been massively beneficial!

Overall I’m extremely happy being a SysAd. The work I’ve done has been extremely intellectually stimulating. I just wish I knew what I know now when I was a Security Engineer. I really feel like a lot of Security Engineers don’t understand what their server OSs are capable of, because I certainly didn’t!

Is there anything you guys found was legitimately interesting when first becoming a SysAd?



https://redd.it/1otys08
@r_systemadmin

Microsoft 365 Admin Center "hacked" / No More Admin Access

Hi,

I am in BC, Canada, time zone -8 PST. Long story short:

1/ Thurs, Oct-30-2025: I discovered my client's Microsoft 365 Tenant was hacked. All 3 accounts that have Global Admin assigned had their rights removed, and new admin accounts were created. Therefore, it rendered Microsoft 365 Admin Center inaccessible.

2/ Oct-30-2025: Called Microsoft to create a case #

3/ Nightmare begins. When case # was created last Thursday, I was promised Microsoft 365 Data Protection team would call or email me in the next couple (2) days. I replied to all their emails indicating my time zone, best time to call (8AM to 5PM PST), and my cell#.

4/ Oct-31-2025: Nothing

5/ Monday, Nov-03-2025 until Today (Nov-07): I was calling Microsoft since 7:30AM this morning again, again and again. All I keep getting are "Microsoft Technical Advisors" who keep promising that their data protection team engineer would call me in the next couple of hours, at the latest 11AM Today, and Microsoft failed to call me back, so I called again, and after 3 or 4 weird disconnections while talking (and no call back from the so called "advisor"), I was promised call back in 15 minutes by another rep. Nothing of course.

6/ Called Microsoft again at 2:39PM.... after repeating the same incident over again, this time I asked to be escalated to supervisor --> After 1.5h on hold, a person took the phone call, of course I have to repeat ALL from beginning, and also give them AGAIN the case#, believe or not in middle of conversation, I was disconnect again, and of course no call back.

7/ Now it is 5PM PST.... where do I go or what do I do now? ALL I want is help with re-gaining admin access to M365 admin center, but so far all I got since last Thursday...various advisors, each promising me different story.

8/ I am pleading for help! So far from Microsoft side, I have not even received any attempts to help me resolve admin center issue, instead Microsoft gives me very good run around for nothing, because I am still speaking to the "advisors" that assign case or ticket#.

9/ Anyone out there with a more direct phone # to contact Microsoft 365 Data protection team? All I need is to re-gain access to Microsoft 365 Admin Center.




https://redd.it/1otjwgp
@r_systemadmin

Got let go today, writing down a few lessons

Nothing dramatic. A director put a quick touch base on my calendar, read a tidy noscript, HR joined for the formalities, and that was that. The company that bought my old shop after a decade plus let me go in under a year. Official line was downsizing. Roughly two dozen people out of about three hundred twenty. Not fishing for sympathy. Just leaving notes for whoever needs them next.

Never feel bad about taking time off, asking for more money, or walking away. If you do not look out for yourself, no one will.

Keep a healthy level of skepticism, even with people you like. When pressure hits, most will protect their own lane first. Be grateful if someone goes to bat for you, but do not expect it.

Do not email questions you can answer in five minutes by yourself.

In interviews, ask how likely it is the company or a business unit gets sold. I ask this now and it has already helped.

If you are well paid, know that finance may circle your name first when cuts come. Perform and prepare anyway.

Save money. Pay yourself first. Also parking myself in a live Men’s Mental Health Day conversation called Inside the Male Identity Crisis, mostly to listen, because getting laid off messes with who you think you are. If you want a quiet room to sit in and maybe chime in, this one looked solid https://statesofmind.com/?utm_source=reddit&utm_medium=social&utm_campaign=male_event&utm_content=sysadmin.

It is usually DNS.

Keep your mouth shut unless speaking clearly benefits you. Do what is right for the client, but do not gamble your job on heroics. You are there to pay rent and put food on your table.

Unsolicited notes from a temporarily wobbly solutions architect. Peace.

https://redd.it/1ou675v
@r_systemadmin

Where patch tuesday megathread?

Awaiting eagerly in anticipation?

https://redd.it/1ou81v7
@r_systemadmin

Burnout in IT

Hello Reddit,

https://www.reddit.com/r/sysadmin/comments/1ooz097/burnout\_signals\_i\_ignored/ just popped up in my feed and I identify with a lot of problems people mentioned in the other post. This gave me the courage to write this post, provide some encouragement for others and ask for advice. To be clear, I am not looking for sympathy, I just saw how kind people were in the other post and I felt the need to post here.


I was in a job where I was leading a relatively big team that was under constant pressure to deliver. The requirements kept piling up, work kept piling up and to make things worse, there were also last minute requests that came in or priorities kept changing. I was basically keeping the things going, unblocking people, jumping on calls with them to get them on the right track, as well in some cases being involved in hands on work, for a couple of high profile projects. Suggestions to improve things or simply stating what the problem is up the chain were either dismissed or ignored, sometimes even making them seem like the problem was on my end, despite my team agreeing with me. 2-3 years ago I started getting panic attacks while walking on the street and it would get so bad I felt like I'm going to faint. For the better part of the year and a half, I started sleeping pretty bad. I started having brain fog, as well as massive headaches in some of the meetings. I was constantly fired up. This is when I think depression kicked in for me, as I was constantly unhappy with work. In the meantime, I started getting more work and stress got so bad I had to get signed off from work. I was applying for jobs in the meantime and when I found something, I quit thinking that's going to be the end of it. This lead to a number of issues that I'm not going to get into, but essentially I was diagnosed with severe anxiety and severe depression.

Here when I want to give everyone going through this an advice:

If you don't look after yourself, no one will. If you don't set boundaries, the company is just going to overwork you. The reward for work is almost always more work. If you can't do something on time, explain why and let the manager deal with it - that's why they're in that job, to prioritize and ensure they have all the resources needed. If you get severely burnt out and land in depression, it's going to be hell to go through that, and hell again to get out of it. Spend time with your family and enjoy the nature, spend less of your free time on computers.


Now, I'm in this new role and still dealing with the burnout and depression and anxiety. I realized I do not like this role as it has the HUGE potential to burn me out quite rapidly. In addition to this, my motivation is at an all time low. This is a hands-on role which I thought I would enjoy, but in reality, I don't like it at all. I've started applying for other jobs already but I know the job market is TERRIBLE right now.

This is where I'm looking for some advice: have any of you gone through the same route (manager -> engineer -> manager again? How hard was it going back to it? When did you realize you do not enjoy being hands on anymore?


Sorry if this post does not belong here, but I've been a long time lurker and this community is amazing.


Please, look after yourselves.


I feel like I've made a mistake, going from the position of a manager to the position of an engineer and I am now worried

https://redd.it/1ou9p3k
@r_systemadmin

Block personal account on ChatGPT

Hi everyone,

We manage all company devices through Microsoft Intune, and our users primarily access ChatGPT either via the browser (Chrome Enterprise managed) or the desktop app.

We’d like to restrict ChatGPT access so that only accounts from our company domain (e.g., u/contonso.com) can log in, and block any other accounts.

Has anyone implemented such a restriction successfully — maybe through Intune policies, Chrome Enterprise settings, or network rules?

Any guidance or examples would be greatly appreciated!

Thanks in advance.

https://redd.it/1ou98ur
@r_systemadmin

Has anyone killed Imposter Syndrome through certs or exp?

I know this is discussed a thousand times a day, but have any of you successfully beaten it? I’ll study a new topic or get a cert for a month, realize I still dont know shit, then not learn anything for a month or two from the burnout. Im starting to think I just might not be up to it.

For context, I’m 22, have a BS in Cybersec, a couple certs, an actual homelab people use (Game servers, SIEM, Discord bots, etc), but still feel a pit in my stomach anytime someone needs unplanned help at my job. I use ChatGPT to help with 75% of my tasks at home, mostly bc I cant remember exact syntax but at work kinda freeze up. Im now grinding networking hoping that helps, but I doubt it will.

https://redd.it/1ouc6g5
@r_systemadmin

Patch Tuesday Megathread (2025-11-11)

Hello r/sysadmin, I'm u/AutoModerator, and welcome to this month's Patch Megathread!

This is the (mostly) safe location to talk about the latest patches, updates, and releases. We put this thread into place to help gather all the information about this month's updates: What is fixed, what broke, what got released and should have been caught in QA, etc. We do this both to keep clutter out of the subreddit, and provide you, the dear reader, a singular resource to read.

For those of you who wish to review prior Megathreads, you can do so here.

While this thread is timed to coincide with Microsoft's Patch Tuesday, feel free to discuss any patches, updates, and releases, regardless of the company or product. NOTE: This thread is usually posted before the release of Microsoft's updates, which are scheduled to come out at 5:00PM UTC.

Remember the rules of safe patching:

Deploy to a test/dev environment before prod.
Deploy to a pilot/test group before the whole org.
Have a plan to roll back if something doesn't work.
Test, test, and test!

https://redd.it/1oueueh
@r_systemadmin

Grrr - hate the new logo - Teams coworkers are now joined at the hip

Does anybody else hate how Microsoft is constantly changing logos and icons? And the new Teams logo makes it look like coworkers are physically joined at the hip. LOL

https://redd.it/1oufyqb
@r_systemadmin

Excahnge 2019 to SE upgrade - licensing without azure

Hello everyone. Company I support as system admin has exchange 2019 on premise CU15. I am unable to figure out can we update to latest SE because we are not using Microsoft azure for our tenant.

As far as understand new licensing concept is user based and needs to be mapped to azure account which we do not use.

 

Does anyone have any experience with updating to latest exchange SE for users/companies that are not using MS Azure ?

According to other posts here on this topic SU upgrade itself wont be an issue but next CU might cause licensing issues ?

https://redd.it/1oud9kx
@r_systemadmin

Recommended tools to identify and REDACT PII inside PDFs and scanned docs?

I’m trying to find a solution that can accurately scan and redact PII across a large Windows file share. Most tools I’ve tested seem to mainly scan text-based files, but we have a lot of scanned PDFs, images, and mixed-format documents with IDs, banking info and other client personal data.

We also handle Australian driver’s licenses and passports often, so correct detection is important.

I demo’d PII-tools today and it looked promising, but the air-gapped on-prem version we’d need is around $18k yearly. I understand the security value, but that’s still a major cost commitment.

Has anyone here used anything else that can reliably detect AND redact PII inside non-text PDFs? Ideally with OCR strong enough to handle scanned docs. I’ve seen platforms like Redactable referenced in privacy/legal circles for permanent redaction, but I’d like to hear what people here actually trust at scale before we lock anything in.

https://redd.it/1ouj6sp
@r_systemadmin

Update: I quit

Yesterday I asked this sub whether I should leave a job because I felt like it was an un-winnable situation: https://www.reddit.com/r/sysadmin/s/CsXX3LWo5E

What I quickly realized was that I already knew the right choice, I just needed validation, and today I gave notice. Details to be worked out, but I told leadership that I did not have the support I needed to do the job they hired me to do, and that I would be leaving. I have offered to stay on during a short transition period, but they are panicking.

Some context:
- I have an emergency fund and secondary income streams that will allow me to coast for a while without having to worry.
- My mental health played a big role here — I take my work personally and, at the end of the day, couldn’t just “mail it in” but also didn’t want to spend 40 hours a week fighting and arguing.
- I have long wanted to start my own consulting company for small businesses. I reached out to my inner-most circle of professional contacts and expect to sign a contract for my first consulting job in the next week or so.

Time will tell if this is the right decision, but at the end of the day, my bills are paid for a while and I’m going to be a lot happier with this behind me. I hope my soon-to-be former employer lands on their feet, but it feels good knowing that I did my best and it’s their problem now (or at the end of the month).

✌️

https://redd.it/1oul65j
@r_systemadmin

Missing 11/11 Patch Tuesday Mega thread!

Hopefully, it will get created before 10AM PST!

https://redd.it/1ouemwn
@r_systemadmin

Updating Office icons is fine. Refusing to update Classic Outlook's icon is just petty.

We all know Microsoft hates sophisticated desktop software that gives users a lot of functions, works with local files, isn't hitched to the cloud, and isn't a glorified website in a wrapper.

We know they ultimately want to push users to the half-baked New Outlook so they can finally fire that whole desktop application team, and keep charging businesses the same price for a worse, cheaper product.

But Classic Outlook still has four years of support left, and probably more. It is still software that we pay for with E3 licenses. They are getting a shit ton of money all the time from businesses everywhere to use Classic Outlook. Classic Outlook will be on people's desktops for a long time until they get their shit together with New Outlook (if ever).

We know all this. We don't expect them to care about Classic Outlook now.

But to leave Classic Outlook's icon un-updated, while the rest of the suite gets new fancy icons, just wreaks of pettiness.

It would have taken virtually nothing to design it a new icon for its last 4 years of support. It was a very simple thing you could have done to make your products look a little more polished.

But they didn't.

They usually at least pretend like they give a shit about the products we're paying out the ass for. It's just such a weasel tactic. They can't make their new thing work better , so they're going to make the old thing look worse.

https://redd.it/1ouojwm
@r_systemadmin

"Open Source software is bad because it's free and insecure"

Hi everyone. I just need to get this off my chest because I don't know of it's just me that's wrong or if people are this dense.

It's the third time this year I had a meeting where certain software options we use internaly were discussed with other entities, and yet again I was met with "oh no that's terrible, open source software is insecure / bad, we use X app that's payed and safe". Mind you we are Internal IT for a medium sized company.

Today's case was RustDesk. We used to use TeamViewer over a year ago and it was seriously getting on our nerves, the interface was slow, mobile device support was terrible, and we had to have a lot of firewall rules to reach hosts in subnets that where cutoff from the internet and rest of the office lan.

We opted for RustDesk Enterprise self hosted, and it's been incredible, and the best part for us was the advantage of it actually working without internet at all, it runs fully on our datacenter and even is accessible on all our isolated networks with a simple firewall rule.

I seriously don't understand why everyone jumps in and says it's incredibly insecure / not good enough and then most of them can't tell me why. Most of them default to saying that it's free so it's bad (even when we have enterprise licenses) or that because since code is public it's insecure (I don't know why they think a closed source application is, somehow, safer).

I've had similar responses this year towards OPNSense (we use mainly to have WAN fail over and VPN on very remote sites, as well as force our internal DNS there and allow access to some of our VMs selectively, and we even have a more "advanced" setup in one place with a layer 2 bridge that we needed and it's been perfect), Ubuntu Server (we have quite a few projects in Linux, but every single time we get told to use Windows Server because it's better, just because), and heck, even people complaining about Proxmox (we use Hyper-V but have a few proxmox hosts for testing) or the pinnacle of ridiculous, Laravel Framework.

What are your opinions on Open Source on the enterprise level? And I don't mean just the "community options", I mean the enterprise supported / licensed ones as well such as Proxmox or RustDesk.

Am I somehow wrong on liking, supporting and using Open Source at the enterprise level?

I assume I might be a bit biazed because of my liking for Linux and having my home lab to my linking. I host a few more other projects at home, such as NextCloud, and I never had a single issue.

I'm genuinely curious what you all think because at this point I'm questioning if I am the one in the wrong here.

PS: these interactions are always with other entities, such as software vendors or other external IT teams from MSPs. Thankfully my boss understands how things actually work and let's us explore, test, compare, and if it fits us, aquire support licenses and implement these awesome projects I just mentioned!

https://redd.it/1oupyru
@r_systemadmin

M365 Admins: How do you handle Admin Consent Requests for Enterprise Apps?

Wondering how other M365 sysadmins handle Admin Consent requests for Enterprise Apps.

Historically, I have taken the approach to just ignore the request because 9 times out of 10 the user finds a different solution that already exists and we never hear from them again. The request ages out after 30 days and disappears. If it's truly important that they have access to the app in question, either they or their manager will submit a help desk ticket asking for it to be approved.

However, my manager has recently told me that we need to take action on them when they come in, and has had me add him and a couple of other people to the alerts as well as the Help Desk email, so now a ticket gets created automatically every time a new ticket comes in, at the halfway 15 day mark, and as they age out. The requests ultimately still get routed to me, but now there is a lot more visibility associated with them.

Obviously I know the basics to search for the name of the app, visit the website for the product, figure out what it does and if we already have a product in our stack that does the same thing, direct them to use that. But there are some (none that I can think of at the moment) that have been curveballs that I haven't known whether to approve or deny, and I just let them age out and expire and ultimately didn't have to make a decision. At my last company and this current company, I have tried to put the responsibility on the Security team to make the decision per whatever criteria they decide but they ultimately end up not doing anything about it either.

https://redd.it/1ouqi7a
@r_systemadmin

What has your exam experience been like? Any crap exams?

What has your experience with certification exams been like? Are there any that you wouldn't try again? Or ones that you felt like were a joke?

So far I've got CCNA, CISSP, A+, Net+ Server+, Security+, VCP 6 and have attempted OSCP and CCNP SCOR.

CCNA, A+, Net+, Security+, Server+ and VCP all of them with good training you can pass pretty easily and all the exams were pretty good.
CISSP with good training and a lot of luck and tenacity you can pass. This was the most demoralizing test I've taken yet because 90% of the questions were subjective.
OCSP hardest exam I've ever taken. The provided material isn't enough to pass. But its an applied exam so its pretty good from a content/mindset standpoint. Though it has become more of a hack the box challenge than a true certification exam.
CCNP SCOR was by far the worst exam I have ever taken. Several of the questions were written in poor broken English. Several of the questions were too vague to answer. I've worked in Cisco Security for 15+ years and I don't think I'll reattempt this exam. I knew the material well but it was a bad test.

I also took a certification exam to work on Dell hardware 20 years ago. The test was a joke. The question that came up more than any other was how many screws did it take to remove X. They were really proud that they had designed a lot of that system to not require removing screws.

Cheers

https://redd.it/1ouotzn
@r_systemadmin

Remote work/staff VPN still safe?

I’m curious what other people are offering for staff who work remote and need access back to the network? We previously were using a SonicWall firewall with SSL VPN and did two factor authentication with accounts that did not pull from active directory with 20+ character, passwords, etc. but over the summer the security of all of this was questioned by other network admins and paused. Are organizations still offering VPN as a safe option for remote staff?

https://redd.it/1ouuien
@r_systemadmin

Should i quit?

Ive been working as a 1st level helpdesk technician for a few months, this is my first job after university. Recently, my coworker who was a sysadmin and basically taught me everything I know, left the company. After he left, I was alone for a while, and later the company hired another helpdesk guy, but he’s also just helpdesk, nowhere near a sysadmin level

Now I somehow ended up with sysadmin-level responsibilities that I have no real experience with – things like designing network structures, dealing with fiber connections, managing servers, contacting vendors, etc :)

I’m happy about the opportunity to learn and grow, but honestly it’s really overwhelming. Before leaving, my coworker didn’t really teach me any of his actual sysadmin tasks.

What’s even more confusing is that I never got any communication from my manager that this would be my new role, and I didn’t get any new contract or raise either.

I feel kind of lost right now and not sure what i can do.

https://redd.it/1ouyhvd
@r_systemadmin

I feel like I can't move from L2 IT support

The noscript says it.

I have no real idea what can I learn to become better since it feels everything I learn at home is useless in a job, where the atmosphere is, well, professional.

I started learning docker, DNS sinkholes, got myself an MTCNA but I still feel like I learned nothing from the cert and all I know is glorified random facts, like watching a documentary about animals and knowing random facts.

In fact I feel like I am completely incompetent of moving forward or too stupid to do so.

Can anyone help me make a real, foolproof plan on what I need to know to be a very well respected sys admin? How can I learn that so that the knowledge would be usable in corporate and enterprise environments?

https://redd.it/1ouz50m
@r_systemadmin

Server warranty terminated because of a dusty environment?

I smell something fishy, but want to get feedback from people with more experience in this.

About a half year ago my local government announced that their server environment (hosting about 100 servers, 50 network components, and 2 storage systems) had been mysteriously contaminated by a layer of dust. Further investigation revealed that the dust was caused by the paint covering the walls of the server room... that somehow the paint was releasing particulate matter.

The private company that manages these servers has announced that the dust poses an imminent threat to the operations and that ALL pieces of equipment must now be replaced and relocated to a new facility. One of the reasons that they site in their argument is that "the warranty claims have expired due to dust contamination."

To add context... about 6 months before this (roughly a year ago) the local government decided to privatize its IT infrastructure and turned everything over to a privately owned IT company on a no-compete bid. This bid included moving the central IT operations to a new data-center over the course of ten years at cost of $43,000,000. Allegedly this data-center relocation must now happen urgently and immediately.

The core of my question, however, is this...

I've never had a server manufacturer deny an in-warranty maintenance request because the server was hosted in a dusty environment. Do you think their claim is legitimate? Can server warranties actually be terminated or nullified because the environment in which they were operated isn't clean?

https://redd.it/1ov0t33
@r_systemadmin