I've deleted the ccmcache folder on a couple of servers. How screwed am I?
So I've deleted the content of the folder C:\\Windows\\ccmcache (not the folder itself) on at least 10 windows servers (2012 to 2002).
The thing is some of them had updated recently and It was pending a reboot.
Is there any chance of them to be affected at next boot?
Thanks!!
https://redd.it/1oxcnto
@r_systemadmin
So I've deleted the content of the folder C:\\Windows\\ccmcache (not the folder itself) on at least 10 windows servers (2012 to 2002).
The thing is some of them had updated recently and It was pending a reboot.
Is there any chance of them to be affected at next boot?
Thanks!!
https://redd.it/1oxcnto
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
Driver Management
Hi all, just looking for some tips on driver management for an array of devices. We have a mixture of HP, Lenovo and Surface devices. Currently we are co managed using Autopatch for deployment of drivers. We are quite strict with our deployment rings so the drivers adhere to the Windows update policy that is 2 days deferred. Which the drivers inherit. We do automatically approve each driver which yes is a bit of nightmare having to keep on top of this. We have had some complaints as you can control when the drivers install without setting maintenance windows which would be missed by the workforce shutting machines down. I'm looking to try find a way where the user can be warned that there are pending driver installs which will then prompt them to postpone but also enforce if not done within a certain amount of time. I know there are solutions per manufacturer but wondered if anyone has had the same problem or managed to get some decent to manage this. Thanks
https://redd.it/1oxmk62
@r_systemadmin
Hi all, just looking for some tips on driver management for an array of devices. We have a mixture of HP, Lenovo and Surface devices. Currently we are co managed using Autopatch for deployment of drivers. We are quite strict with our deployment rings so the drivers adhere to the Windows update policy that is 2 days deferred. Which the drivers inherit. We do automatically approve each driver which yes is a bit of nightmare having to keep on top of this. We have had some complaints as you can control when the drivers install without setting maintenance windows which would be missed by the workforce shutting machines down. I'm looking to try find a way where the user can be warned that there are pending driver installs which will then prompt them to postpone but also enforce if not done within a certain amount of time. I know there are solutions per manufacturer but wondered if anyone has had the same problem or managed to get some decent to manage this. Thanks
https://redd.it/1oxmk62
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
Patch manager for the 3 OS's
Hello, Currently trying to find a good patch manager for system and third-party applications on Windows, Mac, AND Linux (Ubuntu). That last one seems to be the kicker in all of this. We've tried ManageEngine, but their support is utterly horrid and I don't want to go with them for that reason even though the price is right. We demoed NinjaOne and it looks great, but it's pretty expensive and we only need a patch manager.
What are people using that cover the 3 OS's?
https://redd.it/1oxsvrc
@r_systemadmin
Hello, Currently trying to find a good patch manager for system and third-party applications on Windows, Mac, AND Linux (Ubuntu). That last one seems to be the kicker in all of this. We've tried ManageEngine, but their support is utterly horrid and I don't want to go with them for that reason even though the price is right. We demoed NinjaOne and it looks great, but it's pretty expensive and we only need a patch manager.
What are people using that cover the 3 OS's?
https://redd.it/1oxsvrc
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
What is the rationale behind blocking mobile device native mail apps on MDM?
Title says it.
I’m trying to understand the philosophy my company adopted where if a mobile device joins our tenant (BYOD or company mobile), that device cannot add any company email profile to its native mail app tools like iOS Mail or Samsung Mail. Every user must use the Oulook Mobile App from Microsoft.
I’m not really for nor against it, I just don’t know the benefits to this decision.
https://redd.it/1oxurrz
@r_systemadmin
Title says it.
I’m trying to understand the philosophy my company adopted where if a mobile device joins our tenant (BYOD or company mobile), that device cannot add any company email profile to its native mail app tools like iOS Mail or Samsung Mail. Every user must use the Oulook Mobile App from Microsoft.
I’m not really for nor against it, I just don’t know the benefits to this decision.
https://redd.it/1oxurrz
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
The Stage 4 Sysadmin
We've all seen it. An Engineer whose influence/meddling spreads like Cancer throughout an organisations IT systems. Chronically misconfigured systems and shockingly poor process because it made sense to 'them'. Employed as a friend of the CEO, or a self taught fiddler given power beyond their capabilities.
Bring forth your tales of woe and the amount of cleanup required to heal the org. Or was it a Terminal case the org never recovered from?
Edit: Who's to whose
https://redd.it/1oxvo2c
@r_systemadmin
We've all seen it. An Engineer whose influence/meddling spreads like Cancer throughout an organisations IT systems. Chronically misconfigured systems and shockingly poor process because it made sense to 'them'. Employed as a friend of the CEO, or a self taught fiddler given power beyond their capabilities.
Bring forth your tales of woe and the amount of cleanup required to heal the org. Or was it a Terminal case the org never recovered from?
Edit: Who's to whose
https://redd.it/1oxvo2c
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
IT Experts....What’s the One Thing You ALWAYS Triple Check During Office Moves?
Every office relocation I’ve been involved in ends with the same IT headaches
Wi-Fi dead zones, racks not working when turn on, ISP delays, cabling mistakes, mislabeled ports, missing equipments... bad infrastructure…
What’s the one thing you ALWAYS check before a company moves into a new office?
The one detail that saves you every time?
https://redd.it/1oxwj05
@r_systemadmin
Every office relocation I’ve been involved in ends with the same IT headaches
Wi-Fi dead zones, racks not working when turn on, ISP delays, cabling mistakes, mislabeled ports, missing equipments... bad infrastructure…
What’s the one thing you ALWAYS check before a company moves into a new office?
The one detail that saves you every time?
https://redd.it/1oxwj05
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
Chasing problems in the infrastructure
I’m at a loss as to where I should be looking next, so figure I’d toss it out here and see what I might have missed.
To try and keep a long story short; we decided to pull the trigger on implementing a replacement ERP. Previous one was on prem so the board decided to keep this new one on prem instead of paying for the costs associated with cloud. Got the specs and requirements from the ERP vendor before implementation. Worked with our MSP to make the storage upgrades to the SAN as needed, otherwise they said our server meets and exceeds the requirements. However, since working in this ERP, many users have complained about performance issues. The ERP vendor and consultants have also indicated that the performance we are seeing is worse than they’d expect. They offered an AWS instance which was provisioned with half the specs of our on prem server, and it performs 60% better than what we are seeing on local workstations (though directly on the on prem server, performance is similar to AWS).
We’ve done iperf tests to see if its network, and latency is minimal, no packet loss or jitter between the local workstations and server. Monitoring the resources on the host show and it’s barely blinking when under a load. We’ve plugged a workstation as direct to the server as possible and it actually performed worse than before. All workstations are hardwired with a 1gbps connection. The only bottleneck neck that jump out are from our main aggregate to an Aruba that the host plugs into is also only 1Gbps. Our ISP is 600Mbps down/300Mbps up, so with the AWS instance working faster than our on prem doing the same processes now has me thinking it’s the host server. Though the host works as fast as AWS, has me thinking it is within the network instead somehow.
Got a call scheduled with HPE next week to see if there’s anything the MSP and I missed as far as server and Aruba configurations go, but I’m at a loss right now as there’s no smoking gun in the network so far. Literally just throwing everything I can at the wall to see what sticks. Any thoughts on what direction I should be throwing next?
https://redd.it/1oy2r53
@r_systemadmin
I’m at a loss as to where I should be looking next, so figure I’d toss it out here and see what I might have missed.
To try and keep a long story short; we decided to pull the trigger on implementing a replacement ERP. Previous one was on prem so the board decided to keep this new one on prem instead of paying for the costs associated with cloud. Got the specs and requirements from the ERP vendor before implementation. Worked with our MSP to make the storage upgrades to the SAN as needed, otherwise they said our server meets and exceeds the requirements. However, since working in this ERP, many users have complained about performance issues. The ERP vendor and consultants have also indicated that the performance we are seeing is worse than they’d expect. They offered an AWS instance which was provisioned with half the specs of our on prem server, and it performs 60% better than what we are seeing on local workstations (though directly on the on prem server, performance is similar to AWS).
We’ve done iperf tests to see if its network, and latency is minimal, no packet loss or jitter between the local workstations and server. Monitoring the resources on the host show and it’s barely blinking when under a load. We’ve plugged a workstation as direct to the server as possible and it actually performed worse than before. All workstations are hardwired with a 1gbps connection. The only bottleneck neck that jump out are from our main aggregate to an Aruba that the host plugs into is also only 1Gbps. Our ISP is 600Mbps down/300Mbps up, so with the AWS instance working faster than our on prem doing the same processes now has me thinking it’s the host server. Though the host works as fast as AWS, has me thinking it is within the network instead somehow.
Got a call scheduled with HPE next week to see if there’s anything the MSP and I missed as far as server and Aruba configurations go, but I’m at a loss right now as there’s no smoking gun in the network so far. Literally just throwing everything I can at the wall to see what sticks. Any thoughts on what direction I should be throwing next?
https://redd.it/1oy2r53
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
Need a cloud user directory management system
I have a very specific challenge. I need a web-based system/tool where I can create a user directory with permission assignment - group assignment. Administrators should be able to manage the user directory. It needs to have support for csv/Excel import, alternatively api integration. I want api integration to read out information from the directory. The directory should be able to have attributes such as name, username, email, social security number, and more fields for other things. Imagine an Active Directory but simpler.
The users in the directory do not need to be able to log in to the system.
The purpose is that I need a temporary solution (max 1 year) for a vocational college to administer its classes in a user-friendly way. Assign students to classes and courses. I want to integrate this data with our AD.
I do not want to let the school administrators into our AD. They need something simpler. In 1 year, our usual platform will be ready for them.
This ok if the solution will have a somewhat high cost. Although I think JumpCloud is a bit too expensive. But It will save us a lot of manually work during this year. It can be cloud or self-hosted.
https://redd.it/1oxuon1
@r_systemadmin
I have a very specific challenge. I need a web-based system/tool where I can create a user directory with permission assignment - group assignment. Administrators should be able to manage the user directory. It needs to have support for csv/Excel import, alternatively api integration. I want api integration to read out information from the directory. The directory should be able to have attributes such as name, username, email, social security number, and more fields for other things. Imagine an Active Directory but simpler.
The users in the directory do not need to be able to log in to the system.
The purpose is that I need a temporary solution (max 1 year) for a vocational college to administer its classes in a user-friendly way. Assign students to classes and courses. I want to integrate this data with our AD.
I do not want to let the school administrators into our AD. They need something simpler. In 1 year, our usual platform will be ready for them.
This ok if the solution will have a somewhat high cost. Although I think JumpCloud is a bit too expensive. But It will save us a lot of manually work during this year. It can be cloud or self-hosted.
https://redd.it/1oxuon1
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
Input about production machines
Hey everyone.
I work for a manufacture, past few years I been bringing the company to the 21st century. They have over 20 production machines that require a pc to run. Without the pc the machine will not make parts and so on.
I been thinking about this topic for awhile. Not sure what is the “right” way of doing it. So I’m asking everyone.
The company want to get the machines on a network to collect data and allow the manufacture of the machines remote access to allow them to troubleshoot issues. They are not connected to the internet so I really didn’t care much about them. Now they are going to, I’m concern. Since there over 20 machines I was thinking about adding them to the domain to allow GPO to configure/ lock them down. Create a GPO dedicated to just those pc. Install an AV/EDR, RMM, and backups.
If you were in my shoes what would u do? Add them to the domain or no? Create a different domain just for them? Would u install the softwares im installing? I just need feedback and things to consider. Oh, we are also regulated by the FDA.
Thanks!
https://redd.it/1oy82dv
@r_systemadmin
Hey everyone.
I work for a manufacture, past few years I been bringing the company to the 21st century. They have over 20 production machines that require a pc to run. Without the pc the machine will not make parts and so on.
I been thinking about this topic for awhile. Not sure what is the “right” way of doing it. So I’m asking everyone.
The company want to get the machines on a network to collect data and allow the manufacture of the machines remote access to allow them to troubleshoot issues. They are not connected to the internet so I really didn’t care much about them. Now they are going to, I’m concern. Since there over 20 machines I was thinking about adding them to the domain to allow GPO to configure/ lock them down. Create a GPO dedicated to just those pc. Install an AV/EDR, RMM, and backups.
If you were in my shoes what would u do? Add them to the domain or no? Create a different domain just for them? Would u install the softwares im installing? I just need feedback and things to consider. Oh, we are also regulated by the FDA.
Thanks!
https://redd.it/1oy82dv
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
Looking for Alternatives to Citrix NetScaler Load Balancers
Our organisation is looking to replace our Citrix NetScaler load balancers (Virtual) due to rising renewal costs, and I’ve been tasked with evaluating alternatives.
Has anyone here moved away from NetScaler, and if so:
* What did you move to?
* How has it worked out in practice?
Our primary use cases are:
* Load balancing and reverse proxy for applications
* Global Server Load Balancing (GSLB)
* SSL/TLS termination/offload
Any real-world recommendations, lessons learned, or gotchas would be greatly appreciated.
https://redd.it/1oyehkg
@r_systemadmin
Our organisation is looking to replace our Citrix NetScaler load balancers (Virtual) due to rising renewal costs, and I’ve been tasked with evaluating alternatives.
Has anyone here moved away from NetScaler, and if so:
* What did you move to?
* How has it worked out in practice?
Our primary use cases are:
* Load balancing and reverse proxy for applications
* Global Server Load Balancing (GSLB)
* SSL/TLS termination/offload
Any real-world recommendations, lessons learned, or gotchas would be greatly appreciated.
https://redd.it/1oyehkg
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
Trying out a new server monitoring idea — would love feedback
Hi all, I’ve been experimenting with a very simple server monitoring tool (servers only for now).
The goal is to make it fast, shareable, and free for basic use. Some features I’ve added:
Instant server tests (no signup, 10/hour)
Public share links (
Server mood indicators (Happy / Stressed / Danger)
Response metrics and basic stats
Optional 3-second benchmark for registered users
I’m mostly trying to figure out:
Does this feel useful?
Would you actually use public share links for servers?
Any confusing parts or missing info?
If you have a few minutes, you can try it here: **https://mapnitor.com/**
Really appreciate any thoughts — even just “this is confusing” helps.
https://redd.it/1oyibi0
@r_systemadmin
Hi all, I’ve been experimenting with a very simple server monitoring tool (servers only for now).
The goal is to make it fast, shareable, and free for basic use. Some features I’ve added:
Instant server tests (no signup, 10/hour)
Public share links (
/s/<shareId>)Server mood indicators (Happy / Stressed / Danger)
Response metrics and basic stats
Optional 3-second benchmark for registered users
I’m mostly trying to figure out:
Does this feel useful?
Would you actually use public share links for servers?
Any confusing parts or missing info?
If you have a few minutes, you can try it here: **https://mapnitor.com/**
Really appreciate any thoughts — even just “this is confusing” helps.
https://redd.it/1oyibi0
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
VM recommendations
Looking for VM recommendations for small company trying to manage short term contingent workers with less than 1 year duration.
https://redd.it/1oyirgn
@r_systemadmin
Looking for VM recommendations for small company trying to manage short term contingent workers with less than 1 year duration.
https://redd.it/1oyirgn
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
Need network 2 racks.110-Cross Connect still used?
We have a server rack where all of the network keystones are terminated. We have to bring a lot of these cables in to another rack. In the old days I would have seen 110 cross connect punch down used with a single cable.
Would it be so wrong just to use patch cables with a passthrough patch panel. Can't use fiber as it's two disconnected networks. It's not the best solution so looking for ideas. Running new lines is also not an option.
https://redd.it/1oyog4e
@r_systemadmin
We have a server rack where all of the network keystones are terminated. We have to bring a lot of these cables in to another rack. In the old days I would have seen 110 cross connect punch down used with a single cable.
Would it be so wrong just to use patch cables with a passthrough patch panel. Can't use fiber as it's two disconnected networks. It's not the best solution so looking for ideas. Running new lines is also not an option.
https://redd.it/1oyog4e
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
Is anyone else's browser security strategy just... hope?
Honest question: how are you all actually managing browser security across your org? We've got endpoint protection, we've got firewalls, we've got email filters but the browser feels like this massive blind spot that everyone just kind of ignores.
Users are logged into everything, constantly switching between personal and work accounts, and I have zero visibility into what's happening at that layer. It feels like we're just hoping nothing bad happens.
Am I overthinking this, or is browser security something that actually deserves its own strategy?
https://redd.it/1oyosy7
@r_systemadmin
Honest question: how are you all actually managing browser security across your org? We've got endpoint protection, we've got firewalls, we've got email filters but the browser feels like this massive blind spot that everyone just kind of ignores.
Users are logged into everything, constantly switching between personal and work accounts, and I have zero visibility into what's happening at that layer. It feels like we're just hoping nothing bad happens.
Am I overthinking this, or is browser security something that actually deserves its own strategy?
https://redd.it/1oyosy7
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
Single Hyper-V host patching strategy
We are rolling out a single Hyper-V host to replace an aging VMware servers.
In its final state it will be running a handful of VMs, including our DC and radius server.
How do you manage patching of the host and the outage of the key infrastructure servers?
edit: …and how to handle the host if it’s patching goes wrong.
https://redd.it/1oyoqx1
@r_systemadmin
We are rolling out a single Hyper-V host to replace an aging VMware servers.
In its final state it will be running a handful of VMs, including our DC and radius server.
How do you manage patching of the host and the outage of the key infrastructure servers?
edit: …and how to handle the host if it’s patching goes wrong.
https://redd.it/1oyoqx1
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
RDGateway/rdweb/HTML5 to physical, in-office PC?
Just some background: throughout COVID we used Citrix (gateway, etc in cloud, but most sessions running/hosted on-prem). As mostly everyone is now back in-office, we've just got \~12 users still utilizing it from home periodically to connect directly to their physical in-office PC. These are users that, even in the past, couldn't use a shared terminal server. I.e. "power users" with abnormal software/hardware that couldn't be baked into a shared desktop situation.
I'm sure everyone is aware, Citrix is raising rates and not allowing license reductions, so we're planning on dropping them.
I looked into RDGateway with HTML5 and it seems like exactly what we're doing now with Citrix - open a browser, hit the cloud portal, sign in, launch your desktop and work out of the browser with no "fat client" installation necessary. What I don't see (after trying to piece together a decade of scattered MS docs and forum posts) is a definitive mention of connecting to a physical (non hyperv/virtual) in-office PC, but I did see mentions of a "Connect to a Remote PC tab", "Personal (non-Pooled) Desktops", etc, and I figure there has to be some way to do it, even if it's a roundabout way.
So I spin it all up, everything works great to shared "terminal server" sessions, but currently the only way I can see to accomplish what I want is to publish mstsc as a RemoteApp on a terminal server (or "session host"), and point it to the desktop in question, adding an extra hop between them and their desktop. Is this really the only way, or am I missing something? Is it better to just go with a paid remote PC access solution for these 12 users, or perhaps go with something like Apache Guacamole?
It would be possible to move these people to laptop/VPN, but due to the low frequency of working from home and their "super user" status I mentioned above, it would be a headache. I figured with RDS it would provide a free/quick/easy solution, and even still it seems within reach, I just hate to abandon it yet...
https://redd.it/1oyrp5b
@r_systemadmin
Just some background: throughout COVID we used Citrix (gateway, etc in cloud, but most sessions running/hosted on-prem). As mostly everyone is now back in-office, we've just got \~12 users still utilizing it from home periodically to connect directly to their physical in-office PC. These are users that, even in the past, couldn't use a shared terminal server. I.e. "power users" with abnormal software/hardware that couldn't be baked into a shared desktop situation.
I'm sure everyone is aware, Citrix is raising rates and not allowing license reductions, so we're planning on dropping them.
I looked into RDGateway with HTML5 and it seems like exactly what we're doing now with Citrix - open a browser, hit the cloud portal, sign in, launch your desktop and work out of the browser with no "fat client" installation necessary. What I don't see (after trying to piece together a decade of scattered MS docs and forum posts) is a definitive mention of connecting to a physical (non hyperv/virtual) in-office PC, but I did see mentions of a "Connect to a Remote PC tab", "Personal (non-Pooled) Desktops", etc, and I figure there has to be some way to do it, even if it's a roundabout way.
So I spin it all up, everything works great to shared "terminal server" sessions, but currently the only way I can see to accomplish what I want is to publish mstsc as a RemoteApp on a terminal server (or "session host"), and point it to the desktop in question, adding an extra hop between them and their desktop. Is this really the only way, or am I missing something? Is it better to just go with a paid remote PC access solution for these 12 users, or perhaps go with something like Apache Guacamole?
It would be possible to move these people to laptop/VPN, but due to the low frequency of working from home and their "super user" status I mentioned above, it would be a headache. I figured with RDS it would provide a free/quick/easy solution, and even still it seems within reach, I just hate to abandon it yet...
https://redd.it/1oyrp5b
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
Drive Letter and Device Instance Path in Windows 11
I have six USB connected SATA HDDs attached to my laptop and would like to permanently assign drive letters to each. I'm using USBDLM and need to know the unique "Device instance path" for a given HDD. My problem is that when I follow Disk Management > select the drive the in upper panel >context menu properties > Hardware, I can't associate the drive with its path. All disk drives are named "ASMT 2115 SCSI Disk Device" and all drives have a "Bus Number 0, Target id 0, LUN 0". Any ideas?
https://redd.it/1oytfax
@r_systemadmin
I have six USB connected SATA HDDs attached to my laptop and would like to permanently assign drive letters to each. I'm using USBDLM and need to know the unique "Device instance path" for a given HDD. My problem is that when I follow Disk Management > select the drive the in upper panel >context menu properties > Hardware, I can't associate the drive with its path. All disk drives are named "ASMT 2115 SCSI Disk Device" and all drives have a "Bus Number 0, Target id 0, LUN 0". Any ideas?
https://redd.it/1oytfax
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
Windows SMB: Cannot rename folder at root of share though I have full control
I can change at subfolders, but when it comes to folders at the root of the share, I am unable to change the folder names. It tells me to notify the owner of the folder. Do i need to be owner of the folder before I can rename it? why does that not hold for subfolders...
Share permissions is full control, while the ntfs permissions are "full control" for "this folder, subfolders and files". Am i missing something?
https://redd.it/1oyvm8a
@r_systemadmin
I can change at subfolders, but when it comes to folders at the root of the share, I am unable to change the folder names. It tells me to notify the owner of the folder. Do i need to be owner of the folder before I can rename it? why does that not hold for subfolders...
Share permissions is full control, while the ntfs permissions are "full control" for "this folder, subfolders and files". Am i missing something?
https://redd.it/1oyvm8a
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
IT Specialist Simulator
Well then, looks like we have now entered the era of full blown sys admin simulation. New PC game on being a sys admin.
https://youtu.be/sfy78FiUYNA?si=6QH2TC_7K2ne0E0p
https://redd.it/1oyxf1f
@r_systemadmin
Well then, looks like we have now entered the era of full blown sys admin simulation. New PC game on being a sys admin.
https://youtu.be/sfy78FiUYNA?si=6QH2TC_7K2ne0E0p
https://redd.it/1oyxf1f
@r_systemadmin
YouTube
IT Specialist Simulator - Official Launch Trailer
Don't miss the Launch Trailer for IT Specialist Simulator, an immersive information technology simulation game developed by Pixel Team RED. Players will diagnose a suite of issues, from network problems, server issues, and more, to solve problems and rise…
Windows Server 2022 not reporting proper update status to WSUS
I have a on prem windows server 2022 WSUS. Which services windows 11 and windows server 2022 machines. For some reason half of the windows server 2022 machines are displaying they are at 100% for installed updates. They have no needed updates even though they are missing the accumulative updates for the past 3 months. I tried removing the device from WSUS, recreating the software folder on the client, deleting the registry key for the wsus uid on the client but still no luck. Any advice would be appreciated.
https://redd.it/1oywvbz
@r_systemadmin
I have a on prem windows server 2022 WSUS. Which services windows 11 and windows server 2022 machines. For some reason half of the windows server 2022 machines are displaying they are at 100% for installed updates. They have no needed updates even though they are missing the accumulative updates for the past 3 months. I tried removing the device from WSUS, recreating the software folder on the client, deleting the registry key for the wsus uid on the client but still no luck. Any advice would be appreciated.
https://redd.it/1oywvbz
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
Which DNS approach is considered "best practice"?
We have 4 DNS servers in our environment:
2 Active Directory DNS Servers Which act as our authoritative DNS and 2 PowerDNS Recursor DNS servers which act as our Recursive servers.
Now, which of the following approaches do you think is better and more secure?
1. Clients > AD , *[If external query, forward to]* > PDNS > Internet
This approach requires to enable recursion on AD DNS and set PDNS as forwarders in the AD DNS.
2. Clients > PDNS *[if internal query, forward to]* > AD, *[if external query forward to]* > Internet
This approach requires to disable recursion on AD DNS and set the PDNS to forward internal domains (*.domain.local) to AD DNS and everything else to the Internet
3. Put all 4 servers on clients. Windows will query them simultaneously and first server with answer will respond. [In case of internal domains that would be AD and external domain that would be PDNS]
In this case we also disable recursion on AD DNS.
Which approach is preferable?
https://redd.it/1oyvyny
@r_systemadmin
We have 4 DNS servers in our environment:
2 Active Directory DNS Servers Which act as our authoritative DNS and 2 PowerDNS Recursor DNS servers which act as our Recursive servers.
Now, which of the following approaches do you think is better and more secure?
1. Clients > AD , *[If external query, forward to]* > PDNS > Internet
This approach requires to enable recursion on AD DNS and set PDNS as forwarders in the AD DNS.
2. Clients > PDNS *[if internal query, forward to]* > AD, *[if external query forward to]* > Internet
This approach requires to disable recursion on AD DNS and set the PDNS to forward internal domains (*.domain.local) to AD DNS and everything else to the Internet
3. Put all 4 servers on clients. Windows will query them simultaneously and first server with answer will respond. [In case of internal domains that would be AD and external domain that would be PDNS]
In this case we also disable recursion on AD DNS.
Which approach is preferable?
https://redd.it/1oyvyny
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community