2 months in a new job - company lied to me, what would you do?

I’ve been employed as an IT manager in September. Got contacted by an external recruiter and he said that this XYZ company is really interested in my CV. So I went through the 2 interviews and I mentioned that I live far away (to get to the office it takes me around 2 hours each way) and that I also care for my father and need to be home a lot and that therefore it is absolutely crucial for me that they agree to a hybrid working model. I had other offers on the table at the time and the only reason I chose this company is because it was the next step in my career (Senior IT engineer —> IT manager) and I could really develop professionally and also because of the hybrid model. The recruiter said he confirmed this with them and they they are fine with me working in the office 3 days a week more initially (during the first couple of weeks) and then moving to 2 days in office / 3 days wfh. I happily accepted those terms even though it wasn’t stated in the contract but I had an email trail.

Another important thing to mention is that my role here is IT manager. And they clearly said during the interviews that they absolutely do not want me to pick up any 1st/2nd line support stuff as an external MSP company handles that. I am to take care of the it budget, it strategy, implement new systems, improve cybersecurity and in the future manage the team of in-house it support staff they plan on hiring (when they get rid of the MSP in a year or something like that).

First couple of weeks were absolutely fine, no issues whatsoever, though I had a lot of people coming to me with desktop support issues. I helped with some of them but ultimately my manager said to refuse those and focus on more important - IT manager - stuff. So I did that.

Fast forward to 2 months in and I get called into a meeting. Apparently my manager (CFO) is super unhappy that I’m now working only 2 days in the office. I’m like wtf you agreed to it?? And he keeps going on that they aren’t an established company they are more of a startup and he is really sorry but things change rapidly in startups (they never mentioned anything about a startup during interviews, the company was actually founded a couple of years ago, and went through major restructuring a couple of months ago). He then says he wants me in 5 days a week because apparently the CEO is really fussy about his laptop and he needs IT support on-site (even though MSP guy comes over once a week and we have a dedicated remote helpdesk which people send emails to every single day). He also said that unfortunately he didn’t realize how much he values having some IT support every single day and that he would like me to do that from now on as well as the sysadmin and IT manager stuff. I said absolutely not, this is not what we agreed on and you are being really unfair now. I said I can come in 3 days max but that’s it because the commute (4 hours a day) is going to make me hate this job. He apologised again and said that he can’t agree to anything less than 4 days in. He wouldn’t accept any other outcome.

So I didn’t want to lose my job and I said ok let’s try 4 days for a couple of weeks, if it turns out I really can’t stand it I’ll tell you about it.

What would you do in my position now? Would you quit immediately because the company treated me unfairly? Would you start looking for a new job quietly and then hand in my 2 weeks notice when I find something? Or would you just push through despite horrible commute times.

4 days a week is one thing but me essentially doing a job of an IT manager, a sysadmin and helpdesk is really pissing me off.

https://redd.it/1ov1vrm
@r_systemadmin

What's the best e-signature software as of the latest?

I'm new to managing software for my team and trying to figure out what's the easiest way to handle digital signatures. We're a small business that deals with contracts and client approvals pretty often, so I need something simple, secure, and not too pricey ofc.

I don't have much experience setting up admin tools like this, so ease of use is a big deal. Though I've seen names like docusign and hello sign, but I want to make sure I've already checked all my choices before we choose one so just want to know, what e-signature software would you recommend for a small team just starting out?

https://redd.it/1ov2go3
@r_systemadmin

New sysadmin from 17 feburary of this year, here is what I have done (keep in mind that I work only 40%)

Hi everyone !

As the noscript said, I have started a new position as a sysadmin in a company of ~30 peoples, it is a part time job as I continue to study for a bachelor in computer science networks and systems engineering besides.

We have nearly everything on the cloud, we use principaly the Microsoft suite (for Teams, exchange, OneDrive and etc....)

Since I arrived, I have done the following:

- Improved the onboarding and offboarding of new user with Powerhsell noscripts

- Improved and streamlined Windows PC enrollment into Intune by optimizing Autopilot deployment profiles and configuration policies

- Integrated the Apples devices (MacOs and iOS) on intune, needed to do the enrollment on Apple Business and setting up everything on intune, as well as creating the configurations policies

- Adding SSO to every platform that the company was using if it was feasible

- Installed and configured a ticketing systems (osTicket) to improve the handling of users requests

- Installed and configured a monitoring systems (Zabbix) for our internal services

- Installed and configured a radius server (freeRadius) to be sure that only allowed devices are on the network, mainly used for wifi auth

- Installed and configured a system management assets (Snipe IT) and creating noscripts to sync users and devices with intune, as well as a noscript to sync the differents servers on it

- Installed and configured a documentation system (Bookstack), migrating the documentation from .docx to Bookstack and keeping up the documentation as the infrastructure and network evolved

- Creation of the CA of the company and configuring ssl certificates for every internal websites, I wrote multiple noscript for it

- Improved the security of the end devices with new ASR rules on intune

- Improved the phishing detection with new rules on Exchange Online

- Added a lot of applictions on intune as before they were installed manually at the initial installation of the computer

- Set up LAPS for Windows 11

- Resolved calendars problems that the previous sysadmin couldn't resolve

- Migrating services sending emails that were authentificating with SMTP to OAuth authentification

- Forcing MFA where I could and Conditional access for users and admins

- Configured SPF/DKIM/DMARC for our different domains

- Migrated the Unifi controller from a raspberry PI to a Unifi cloud gateway

- Putting a admin account on every services and personnal admins accounts

What I will do next:

- Writing noscripts to backup automatically the internals services of the company

- Installing and configuring a VPN server (OpenVPN) to allow users to reach internal services when they are not on site

- Improving the network security by doing a management IT vlan and user vlan

- Improving security of devices by adding more ASR rules and restriction

- Setting up LAPS for MacOs

- Setting up a phishing campaign with IA (goPhish and see what IA I could use for that)

- Create a glassdoor admin account on Microsoft

- Create an admin account for all the differents admins so they are not using their user account as admin acccount

I am really happy to have found a place where I can improve practically anything and learn new things, and they don't contact me out of work (they did it once, but it was because a company phone was stolen). I am the sole IT guys in the company, there is some other engineers but they are on the dev team, I share the same office as the dev team.

Do you have any idea what else I could do next?

https://redd.it/1ov3xh3
@r_systemadmin

Feeling completely overwhelmed and depressed learning cloud computing

Hey everyone,

I’ve been learning cloud computing for a while now, mainly AWS, and I’ve managed to get a decent understanding of the basics of Linux and the CLI, core AWS services like compute and storage, and some Terraform for infrastructure as code.

But honestly, I feel completely overwhelmed, like literally crying every day. There’s just so much more to learn, networking, security, monitoring, automation, CI/CD, and advanced AWS services, and I haven’t even started building real projects yet.

Sometimes it feels like no matter how much I study, I’m not really getting anywhere, and it’s starting to get me down. I keep questioning if I’ll ever actually be ready to work as a cloud engineer.

Has anyone else felt like this? How did you deal with the overwhelm and start actually applying what you’ve learned? Any advice or guidance would really mean a lot.

https://redd.it/1ov69xh
@r_systemadmin

What type of wall IP clocks are you using ?

We have multiple wall clocks that are not displaying the correct hour/date and the reason for that is they all are just manual to update hour/date, day savings or just to change the batteries when depleted, e.t.c. basically no maintenance.

One of the reason is that most of them also require a ladder to climb to access the clock.

I am interested to change them with wall IP clocks (one side or two side display) with NTP support (set up our own time-servers for automatic time/date) + PoE (no more batteries to change) + a standard web interface for remote setup + lighted displays to see no matter it is day or night.

What brands/models of IP clocks are you using ?

Thanks.

https://redd.it/1ov28iq
@r_systemadmin

What do you do when you’re bored at work?

For the first time in a very long time, I actually find myself looking for something to do at work. I’ve been a badass and finished all my projects for the year early. I can’t really help out with any of the projects my coworkers are working on. I have ONE ticket in my queue (which by itself is a “holy shit!” accomplishment). We’re entering the holiday season and a lot of key people are out of the office, so there isn’t much grunt work to be done.

To pass the time, I cleaned out the IT storage room and surplussed a bunch of old equipment. I closed a bunch of tickets for the help desk that were probably going to get escalated anyway. I’ve been clearing a lot of alerts that nobody really cares about. Budgets for next year haven’t been approved yet, it’s too late in the year to start any new projects, and I’m kinda running out of “busy work.”

What’s something else I can do so management doesn’t catch me with a bunch of idle time on my hands? Preferably something easy that will score me brownie points outside my own department.

https://redd.it/1ovb65p
@r_systemadmin

User Was Phished

Hey guys, this is my first time dealing with this and I am solo. A user was phished, Huntress caught it and revoked sessions and disabled the account. I have reset credentials and MFA. I checked message trace and it looks like he didn't send anything in the few minutes between authentication and being revoked/disabled. I checked my user's mailbox and didn't see any new rules/filters. Is there anything else I need to do before enabling his account and sending him on his way? Should I assume everything in his mailbox was compromised?

Edit: Anything else I should do besides training. The user *almost* handled the attempt like a pro. He got a suspicious email from somebody he works with frequently. Instead of calling to confirm if the user did in fact send the email, he replied to the email to confirm...

Thanks for all your help, everyone.

https://redd.it/1ovcdx4
@r_systemadmin

Anyone else just realize Windows 11 23H2 is about to go end-of-support?

I somehow missed that Microsoft announced the end-of-support for Windows 11 version 23H2 (Home & Pro) back in August 2025 — it completely flew under my radar.

After checking our environment, it turns out this affects a noticeable part of our fleet.
I really hope I’m not the only one who missed this stealth announcement.

To all of you who caught it early and already have everything patched and polished:
You absolute legends. Please, feel free to bask in the misery of the rest of us scrambling to catch up.

And to everyone else who’s just finding out now — you’re not alone. Grab a coffee, open Intune or PDQ, and let’s suffer together in good company.

https://redd.it/1ovfvq0
@r_systemadmin

What things do you have at your desk to make you look more official?

I see a lot of unique items working at different users desks and that made me realize that my desk is kind of boring. What cool 'tech' things can I have to make it look like I'm THE tech guy when someone stops by?

https://redd.it/1ovfdc3
@r_systemadmin

Weird call today that felt off. Anyone else getting voice impersonation attempts like this?

I had something odd happen today and I’m still not sure what to make of it.


One of our helpdesk guys pinged me saying someone called in asking for an urgent password reset because they were “locked out during a client meeting” and needed a quick MFA bypass.

The part that threw everyone off was the voice. He sounded exactly like this employee I know. I even had lunch with him. Same way of speaking, same tone, even the weird breathing he always has when talking fast.

The helpdesk guy stuck to the noscript and said he needed a ticket and manager approval.
The caller immediately got angry and said, “I literally cannot get into my account to file a ticket. Just reset it.” Then he hung up.

It was hella weird... so we checked. Turns out that the real employee was on vacation, and had not called anyone.

We have no idea whether this was just a random scammer or someone who actually spoofed the voice. Either way it freaked me out a bit because our verification process is honestly not built for this.


If this had been one of our newer support folks, they might have gone ahead and reset it.

So I’m curious, have any of you actually dealt with voice based impersonation yet?


Is this happening more often or was this just a one off for us?


And if you have seen it, how are you handling verification over phone now?

https://redd.it/1ovksk6
@r_systemadmin

Best way to get PCI compliant

We process payments through Stripe and we got told we need to complete PCI compliance. I opened the self assessment questionnaire and it's has 200+ questions about security that the majority of our team doesn’t really know how to tackle


I know the options are to basically either hire a consultant, use some compliance software or do it ourselves. Has anyone gone through this recently? What's the best approach? I just need to check the box so Stripe is happy and doesn’t start causing issues. Thanks




https://redd.it/1ovn5p5
@r_systemadmin

isp failover

so i deployed a firewall and had a second isp (att) do a fiber drop so i could implement a failover solution. our primary is currently spectrum over coax. before att did the drop, i plotted on a temporary solution in case att was gonna do a dia drop instead of best effort fiber (was told by the broker it would be around 3 months). the temporary solution i would’ve had in place was a peplink cellular router with verizon sim.

i ended up having att do best effort and it happened quick so i never got to use the peplink. the environment in question is a small call center using soft phones. so, i’m thinking of getting rid of spectrum altogether and making the peplink wan2 but im aware the soft phones will have to deal with cgnat. how bad can it be? is it better to just keep spectrum instead?

https://redd.it/1ovsj5y
@r_systemadmin

Teamviewer vs. Bomgar: Advice Needed

Hi everyone,
We’re looking for a remote support platform for our tech support team. Initially, we’ll have 4 technicians and 100 endpoints, with plans to scale soon. we’re considering BeyondTrust (Bomgar) and TeamViewer, but none of our teammates have experience with these tools on larger projects.

What have you liked or disliked about using these platforms? Your insights would be greatly appreciated.

Thanks in advance!

https://redd.it/1ovujqm
@r_systemadmin

Are there any trustworthy AI meeting recorders/notetakers?

We use Teams Premium which works for most of our users, but we occasionally have requests for an AI meeting recorder/notetaker that can join Zoom, Google Meet, and Teams meetings that are hosted by other orgs who have recording disabled.

One of our users wants to use Read AI but is open to alternatives. I looked at Read's privacy policy and online reputation and it's one of the worst I've seen. I know a lot of these AI companies are fly-by-night pop-up shops that invest very little in security and data privacy. Are there any trustworthy AI meeting recorders/notetakers that are more highly regarded and respectful of user data?

I'm planning on evaluating Fellow next, but I wanted to ping the community and see if anyone is using one they trust. Thank you!

https://redd.it/1ovpadl
@r_systemadmin

Thickheaded Thursday - November 13, 2025

Howdy, /r/sysadmin!

It's that time of the week, Thickheaded Thursday! This is a safe (mostly) judgement-free environment for all of your questions and stories, no matter how silly you think they are. Anybody can answer questions! My name is AutoModerator and I've taken over responsibility for posting these weekly threads so you don't have to worry about anything except your comments!

https://redd.it/1ovx7s0
@r_systemadmin

A screw-up that’s very easy to make with APC UPS

Honestly, this was the first time in my life something like this happened. I didn’t even think it was possible — but it is. Hope it will help somebody to avoid this.
I was moving devices from an old Ethernet switch to a new one that I had installed in a server rack, while the old switch was still sitting on a shelf in another spot.

The first thing I decided to reconnect was the APC UPS located in the same rack. I grabbed a new, fairly short patch cable, unplugged the old one from the UPS’s Ethernet port, plugged in the new one, ran it through the rack, and connected it to the new Cisco switch.

And suddenly… the whole rack went silent.

I didn’t understand what was happening at first. I thought that since I had the rack open for a while, the temperature had dropped a bit, so the switches and other devices cooled down and the fans got quieter.

Then I noticed that a nearby PC had no network connection. I rushed to the rack and realized the switches were off. The UPS was off too.
I pressed the power button, it turned on, but it refused to enable output power no matter what I tried from the front panel.

I tried plugging the Ethernet cable into another switch — and then the UPS powered up normally. I breathed a sigh of relief, turned the equipment back on, checked that everything was working, and went to look at the UPS status on the monitoring site.
The UPS was offline. And then it hit me.

I went back, looked at the UPS rear panel … and of course I found that I had plugged the Ethernet cable into the serial port — the RJ45 one that looks exactly the same as Ethernet and sits right next to it on these APC units. And since the new switch had PoE, it probably pushed voltage into that serial port, making the UPS instantly shut down.

So yeah, guys — double-check what port you’re plugging into on your UPS, especially when it’s mounted low, in a dark spot, or otherwise hard to see.

https://redd.it/1ovxqhf
@r_systemadmin

BT Net

Anyone else having BTnet issues? BT voice seems to be still working


Edit: forget that - its back (had a few sites go down for 30mins)

https://redd.it/1ovzj5f
@r_systemadmin

WAN subnet routing

I need to receive a /28 v4 and /64 v6 subnet from my ISP. And I'm being asked how I want to receive it. Via a transit IP (p2p) or onlink.

Now, what I need is to have at least 1 or 2 IPs that will live on the WAN because I want to run WireGuard on my Unifi EFG.

But the rest I want to assign to a VLAN and then distribute that to my servers/VMs.

What is the best solution and can I achieve this with a onlink/WAN subnet?

https://redd.it/1ovvi9j
@r_systemadmin

SysAdmin Quote of the Day: "It's not the work; it's the worry of it."

I ran across this quote in a thread recently, and thought... that's exactly how I feel some weeks, working in this field. Doing the actual, technical, nitty-gritty parts is generally enjoyable, and occasionally awesome. But the incessant, nagging feeling that something, somewhere, is about to pop/have a critical CVE/a user or junior IT Admin will fug something up steals all the sunshine — and places a dark, angry little storm cloud perpetually over my shoulder, just waiting to strike.

I'm sure waking up and reading The Hacker News/Cyber Security News feeds on Telegram don't help the situation... but then again... neither is Microsoft.

Anyone else find it fitting? Have you come across other quotes that stand out and speak to the Sisyphean roles we fill?

https://www.reddit.com/r/Life/s/S0y2wzSF8D

https://redd.it/1ow1wnh
@r_systemadmin

IT perspective: How many employees in your org have accidentally leaked sensitive data during screen shares?

Curious to hear from other IT folks about this. We've had three incidents this quarter alone:



1. Sales rep showed customer list in browser tabs during prospect call

2. HR person had salary spreadsheet visible in recent files

3. Engineer's password manager popped up during client demo



None were catastrophic, but each could have been avoided. We've done the standard security training, but screen sharing feels like this massive blind spot that nobody talks about until something embarrassing happens.



Are you seeing similar issues? What policies or tools have actually worked to prevent this without being too restrictive?



I'm trying to build a case for better solutions beyond just "be careful" training that clearly isn't working.



https://redd.it/1ow1j3e
@r_systemadmin

IT Admin turns into all IT

Hey everyone,


So for context, I've started at this position a few months back, fresh out of college, as a full time IT Admin. They've never had in house IT before, which I attribute to most of these issues. Between having over 500 employees and over that computers, etc. there's been a few things I'd like to share.


Firstly, there is no naming scheme in AD. Sometimes it firstname - last inital, sometimes it's full name, last name, you name it.


Second, we're still on a 192. addressing scheme with now 192.168.0 - 192.168.4. Servers and switches are all just floating somewhere in those subnets, no way of telling why they have that static or if it's always been like that. I'd LOVE moving to 10.10.


Speaking of IP Addresses, we ran out a few weeks ago.. so we need to expand DHCP again to be able to catch up. When I first got hired, all 6 UPS's we had were failed, so power outages completely shut down everything.


All users passwords are set by IT, they don't make it themselves.. and the best part? They're all local admin on their machines. What could go wrong?


So I've been trying to clean up while dealing with day to day stuff, whilst now doing Sysadmin, Networking, and so on. Maybe that's what IT Admin is. I'm younger, but have been in IT since 15, so I have some ground to stand on. Is 75,000 worth this? I don't know enough since I've not been around, but i had to work my way to 75 from 60.


Thoughts?

https://redd.it/1ow4b9f
@r_systemadmin