Looking for Alternatives to Citrix NetScaler Load Balancers
Our organisation is looking to replace our Citrix NetScaler load balancers (Virtual) due to rising renewal costs, and I’ve been tasked with evaluating alternatives.
Has anyone here moved away from NetScaler, and if so:
* What did you move to?
* How has it worked out in practice?
Our primary use cases are:
* Load balancing and reverse proxy for applications
* Global Server Load Balancing (GSLB)
* SSL/TLS termination/offload
Any real-world recommendations, lessons learned, or gotchas would be greatly appreciated.
https://redd.it/1oyehkg
@r_systemadmin
Our organisation is looking to replace our Citrix NetScaler load balancers (Virtual) due to rising renewal costs, and I’ve been tasked with evaluating alternatives.
Has anyone here moved away from NetScaler, and if so:
* What did you move to?
* How has it worked out in practice?
Our primary use cases are:
* Load balancing and reverse proxy for applications
* Global Server Load Balancing (GSLB)
* SSL/TLS termination/offload
Any real-world recommendations, lessons learned, or gotchas would be greatly appreciated.
https://redd.it/1oyehkg
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
Trying out a new server monitoring idea — would love feedback
Hi all, I’ve been experimenting with a very simple server monitoring tool (servers only for now).
The goal is to make it fast, shareable, and free for basic use. Some features I’ve added:
Instant server tests (no signup, 10/hour)
Public share links (
Server mood indicators (Happy / Stressed / Danger)
Response metrics and basic stats
Optional 3-second benchmark for registered users
I’m mostly trying to figure out:
Does this feel useful?
Would you actually use public share links for servers?
Any confusing parts or missing info?
If you have a few minutes, you can try it here: **https://mapnitor.com/**
Really appreciate any thoughts — even just “this is confusing” helps.
https://redd.it/1oyibi0
@r_systemadmin
Hi all, I’ve been experimenting with a very simple server monitoring tool (servers only for now).
The goal is to make it fast, shareable, and free for basic use. Some features I’ve added:
Instant server tests (no signup, 10/hour)
Public share links (
/s/<shareId>)Server mood indicators (Happy / Stressed / Danger)
Response metrics and basic stats
Optional 3-second benchmark for registered users
I’m mostly trying to figure out:
Does this feel useful?
Would you actually use public share links for servers?
Any confusing parts or missing info?
If you have a few minutes, you can try it here: **https://mapnitor.com/**
Really appreciate any thoughts — even just “this is confusing” helps.
https://redd.it/1oyibi0
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
VM recommendations
Looking for VM recommendations for small company trying to manage short term contingent workers with less than 1 year duration.
https://redd.it/1oyirgn
@r_systemadmin
Looking for VM recommendations for small company trying to manage short term contingent workers with less than 1 year duration.
https://redd.it/1oyirgn
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
Need network 2 racks.110-Cross Connect still used?
We have a server rack where all of the network keystones are terminated. We have to bring a lot of these cables in to another rack. In the old days I would have seen 110 cross connect punch down used with a single cable.
Would it be so wrong just to use patch cables with a passthrough patch panel. Can't use fiber as it's two disconnected networks. It's not the best solution so looking for ideas. Running new lines is also not an option.
https://redd.it/1oyog4e
@r_systemadmin
We have a server rack where all of the network keystones are terminated. We have to bring a lot of these cables in to another rack. In the old days I would have seen 110 cross connect punch down used with a single cable.
Would it be so wrong just to use patch cables with a passthrough patch panel. Can't use fiber as it's two disconnected networks. It's not the best solution so looking for ideas. Running new lines is also not an option.
https://redd.it/1oyog4e
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
Is anyone else's browser security strategy just... hope?
Honest question: how are you all actually managing browser security across your org? We've got endpoint protection, we've got firewalls, we've got email filters but the browser feels like this massive blind spot that everyone just kind of ignores.
Users are logged into everything, constantly switching between personal and work accounts, and I have zero visibility into what's happening at that layer. It feels like we're just hoping nothing bad happens.
Am I overthinking this, or is browser security something that actually deserves its own strategy?
https://redd.it/1oyosy7
@r_systemadmin
Honest question: how are you all actually managing browser security across your org? We've got endpoint protection, we've got firewalls, we've got email filters but the browser feels like this massive blind spot that everyone just kind of ignores.
Users are logged into everything, constantly switching between personal and work accounts, and I have zero visibility into what's happening at that layer. It feels like we're just hoping nothing bad happens.
Am I overthinking this, or is browser security something that actually deserves its own strategy?
https://redd.it/1oyosy7
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
Single Hyper-V host patching strategy
We are rolling out a single Hyper-V host to replace an aging VMware servers.
In its final state it will be running a handful of VMs, including our DC and radius server.
How do you manage patching of the host and the outage of the key infrastructure servers?
edit: …and how to handle the host if it’s patching goes wrong.
https://redd.it/1oyoqx1
@r_systemadmin
We are rolling out a single Hyper-V host to replace an aging VMware servers.
In its final state it will be running a handful of VMs, including our DC and radius server.
How do you manage patching of the host and the outage of the key infrastructure servers?
edit: …and how to handle the host if it’s patching goes wrong.
https://redd.it/1oyoqx1
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
RDGateway/rdweb/HTML5 to physical, in-office PC?
Just some background: throughout COVID we used Citrix (gateway, etc in cloud, but most sessions running/hosted on-prem). As mostly everyone is now back in-office, we've just got \~12 users still utilizing it from home periodically to connect directly to their physical in-office PC. These are users that, even in the past, couldn't use a shared terminal server. I.e. "power users" with abnormal software/hardware that couldn't be baked into a shared desktop situation.
I'm sure everyone is aware, Citrix is raising rates and not allowing license reductions, so we're planning on dropping them.
I looked into RDGateway with HTML5 and it seems like exactly what we're doing now with Citrix - open a browser, hit the cloud portal, sign in, launch your desktop and work out of the browser with no "fat client" installation necessary. What I don't see (after trying to piece together a decade of scattered MS docs and forum posts) is a definitive mention of connecting to a physical (non hyperv/virtual) in-office PC, but I did see mentions of a "Connect to a Remote PC tab", "Personal (non-Pooled) Desktops", etc, and I figure there has to be some way to do it, even if it's a roundabout way.
So I spin it all up, everything works great to shared "terminal server" sessions, but currently the only way I can see to accomplish what I want is to publish mstsc as a RemoteApp on a terminal server (or "session host"), and point it to the desktop in question, adding an extra hop between them and their desktop. Is this really the only way, or am I missing something? Is it better to just go with a paid remote PC access solution for these 12 users, or perhaps go with something like Apache Guacamole?
It would be possible to move these people to laptop/VPN, but due to the low frequency of working from home and their "super user" status I mentioned above, it would be a headache. I figured with RDS it would provide a free/quick/easy solution, and even still it seems within reach, I just hate to abandon it yet...
https://redd.it/1oyrp5b
@r_systemadmin
Just some background: throughout COVID we used Citrix (gateway, etc in cloud, but most sessions running/hosted on-prem). As mostly everyone is now back in-office, we've just got \~12 users still utilizing it from home periodically to connect directly to their physical in-office PC. These are users that, even in the past, couldn't use a shared terminal server. I.e. "power users" with abnormal software/hardware that couldn't be baked into a shared desktop situation.
I'm sure everyone is aware, Citrix is raising rates and not allowing license reductions, so we're planning on dropping them.
I looked into RDGateway with HTML5 and it seems like exactly what we're doing now with Citrix - open a browser, hit the cloud portal, sign in, launch your desktop and work out of the browser with no "fat client" installation necessary. What I don't see (after trying to piece together a decade of scattered MS docs and forum posts) is a definitive mention of connecting to a physical (non hyperv/virtual) in-office PC, but I did see mentions of a "Connect to a Remote PC tab", "Personal (non-Pooled) Desktops", etc, and I figure there has to be some way to do it, even if it's a roundabout way.
So I spin it all up, everything works great to shared "terminal server" sessions, but currently the only way I can see to accomplish what I want is to publish mstsc as a RemoteApp on a terminal server (or "session host"), and point it to the desktop in question, adding an extra hop between them and their desktop. Is this really the only way, or am I missing something? Is it better to just go with a paid remote PC access solution for these 12 users, or perhaps go with something like Apache Guacamole?
It would be possible to move these people to laptop/VPN, but due to the low frequency of working from home and their "super user" status I mentioned above, it would be a headache. I figured with RDS it would provide a free/quick/easy solution, and even still it seems within reach, I just hate to abandon it yet...
https://redd.it/1oyrp5b
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
Drive Letter and Device Instance Path in Windows 11
I have six USB connected SATA HDDs attached to my laptop and would like to permanently assign drive letters to each. I'm using USBDLM and need to know the unique "Device instance path" for a given HDD. My problem is that when I follow Disk Management > select the drive the in upper panel >context menu properties > Hardware, I can't associate the drive with its path. All disk drives are named "ASMT 2115 SCSI Disk Device" and all drives have a "Bus Number 0, Target id 0, LUN 0". Any ideas?
https://redd.it/1oytfax
@r_systemadmin
I have six USB connected SATA HDDs attached to my laptop and would like to permanently assign drive letters to each. I'm using USBDLM and need to know the unique "Device instance path" for a given HDD. My problem is that when I follow Disk Management > select the drive the in upper panel >context menu properties > Hardware, I can't associate the drive with its path. All disk drives are named "ASMT 2115 SCSI Disk Device" and all drives have a "Bus Number 0, Target id 0, LUN 0". Any ideas?
https://redd.it/1oytfax
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
Windows SMB: Cannot rename folder at root of share though I have full control
I can change at subfolders, but when it comes to folders at the root of the share, I am unable to change the folder names. It tells me to notify the owner of the folder. Do i need to be owner of the folder before I can rename it? why does that not hold for subfolders...
Share permissions is full control, while the ntfs permissions are "full control" for "this folder, subfolders and files". Am i missing something?
https://redd.it/1oyvm8a
@r_systemadmin
I can change at subfolders, but when it comes to folders at the root of the share, I am unable to change the folder names. It tells me to notify the owner of the folder. Do i need to be owner of the folder before I can rename it? why does that not hold for subfolders...
Share permissions is full control, while the ntfs permissions are "full control" for "this folder, subfolders and files". Am i missing something?
https://redd.it/1oyvm8a
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
IT Specialist Simulator
Well then, looks like we have now entered the era of full blown sys admin simulation. New PC game on being a sys admin.
https://youtu.be/sfy78FiUYNA?si=6QH2TC_7K2ne0E0p
https://redd.it/1oyxf1f
@r_systemadmin
Well then, looks like we have now entered the era of full blown sys admin simulation. New PC game on being a sys admin.
https://youtu.be/sfy78FiUYNA?si=6QH2TC_7K2ne0E0p
https://redd.it/1oyxf1f
@r_systemadmin
YouTube
IT Specialist Simulator - Official Launch Trailer
Don't miss the Launch Trailer for IT Specialist Simulator, an immersive information technology simulation game developed by Pixel Team RED. Players will diagnose a suite of issues, from network problems, server issues, and more, to solve problems and rise…
Windows Server 2022 not reporting proper update status to WSUS
I have a on prem windows server 2022 WSUS. Which services windows 11 and windows server 2022 machines. For some reason half of the windows server 2022 machines are displaying they are at 100% for installed updates. They have no needed updates even though they are missing the accumulative updates for the past 3 months. I tried removing the device from WSUS, recreating the software folder on the client, deleting the registry key for the wsus uid on the client but still no luck. Any advice would be appreciated.
https://redd.it/1oywvbz
@r_systemadmin
I have a on prem windows server 2022 WSUS. Which services windows 11 and windows server 2022 machines. For some reason half of the windows server 2022 machines are displaying they are at 100% for installed updates. They have no needed updates even though they are missing the accumulative updates for the past 3 months. I tried removing the device from WSUS, recreating the software folder on the client, deleting the registry key for the wsus uid on the client but still no luck. Any advice would be appreciated.
https://redd.it/1oywvbz
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
Which DNS approach is considered "best practice"?
We have 4 DNS servers in our environment:
2 Active Directory DNS Servers Which act as our authoritative DNS and 2 PowerDNS Recursor DNS servers which act as our Recursive servers.
Now, which of the following approaches do you think is better and more secure?
1. Clients > AD , *[If external query, forward to]* > PDNS > Internet
This approach requires to enable recursion on AD DNS and set PDNS as forwarders in the AD DNS.
2. Clients > PDNS *[if internal query, forward to]* > AD, *[if external query forward to]* > Internet
This approach requires to disable recursion on AD DNS and set the PDNS to forward internal domains (*.domain.local) to AD DNS and everything else to the Internet
3. Put all 4 servers on clients. Windows will query them simultaneously and first server with answer will respond. [In case of internal domains that would be AD and external domain that would be PDNS]
In this case we also disable recursion on AD DNS.
Which approach is preferable?
https://redd.it/1oyvyny
@r_systemadmin
We have 4 DNS servers in our environment:
2 Active Directory DNS Servers Which act as our authoritative DNS and 2 PowerDNS Recursor DNS servers which act as our Recursive servers.
Now, which of the following approaches do you think is better and more secure?
1. Clients > AD , *[If external query, forward to]* > PDNS > Internet
This approach requires to enable recursion on AD DNS and set PDNS as forwarders in the AD DNS.
2. Clients > PDNS *[if internal query, forward to]* > AD, *[if external query forward to]* > Internet
This approach requires to disable recursion on AD DNS and set the PDNS to forward internal domains (*.domain.local) to AD DNS and everything else to the Internet
3. Put all 4 servers on clients. Windows will query them simultaneously and first server with answer will respond. [In case of internal domains that would be AD and external domain that would be PDNS]
In this case we also disable recursion on AD DNS.
Which approach is preferable?
https://redd.it/1oyvyny
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
Dante AV?
Any system admins troubleshooting AV systems communicating through Dante? It feels like networking 🙄
https://redd.it/1oyz311
@r_systemadmin
Any system admins troubleshooting AV systems communicating through Dante? It feels like networking 🙄
https://redd.it/1oyz311
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
Anyone else seeing Office apps crashing after recent Monthly Enterprise Channel update? (Version 2509 Build 19231.20246)
Pushing this out because I’m running into the same mess across multiple users and I want to know if this is widespread.
We’re on **Microsoft 365 Apps – Monthly Enterprise Channel**, and several users updated today to:
**Office Version:** 2509
**Build:** 19231.20246
Since updating, **various Office apps are regularly crashing**. For most people it’s **Outlook**, but I’m also seeing Word/Excel instability here and there.
What I’ve tried (no improvement):
* Online repair
* Full reinstall
* Reboot (obviously)
* Verified no add-ins causing the issue
* Tried launching safe mode
Same behavior every time.
Anyone else getting hammered by this build?
If you’ve found a workaround or rolled back successfully, drop details — I’m trying to figure out whether to force a downgrade or wait for MS to unfuck the build.
https://redd.it/1oz3tv4
@r_systemadmin
Pushing this out because I’m running into the same mess across multiple users and I want to know if this is widespread.
We’re on **Microsoft 365 Apps – Monthly Enterprise Channel**, and several users updated today to:
**Office Version:** 2509
**Build:** 19231.20246
Since updating, **various Office apps are regularly crashing**. For most people it’s **Outlook**, but I’m also seeing Word/Excel instability here and there.
What I’ve tried (no improvement):
* Online repair
* Full reinstall
* Reboot (obviously)
* Verified no add-ins causing the issue
* Tried launching safe mode
Same behavior every time.
Anyone else getting hammered by this build?
If you’ve found a workaround or rolled back successfully, drop details — I’m trying to figure out whether to force a downgrade or wait for MS to unfuck the build.
https://redd.it/1oz3tv4
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
Limiting access to two particular folders in OneDrive for Business
I’m a little unfamiliar with OneDrive in this aspect but how do you restrict access to just two folders in OneDrive for a user?
https://redd.it/1oz4prb
@r_systemadmin
I’m a little unfamiliar with OneDrive in this aspect but how do you restrict access to just two folders in OneDrive for a user?
https://redd.it/1oz4prb
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
How do you handle non Windows PXE boot
We currently push 3 windows flavors (23h2 24 25) through PXE managed by sccm/wds but are looking at adding our main linux distribution as well as blancco amd so far looks like theres not really a way without rebuilding our entire pxe setup
https://redd.it/1oz50bf
@r_systemadmin
We currently push 3 windows flavors (23h2 24 25) through PXE managed by sccm/wds but are looking at adding our main linux distribution as well as blancco amd so far looks like theres not really a way without rebuilding our entire pxe setup
https://redd.it/1oz50bf
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
Can I disable Windows 11 from defaulting to a non-admin user in UAC?
I just upgraded to Windows 11. For security reasons, I have setup an admin account that I don't actually log in to, and I use a separate standard local account for daily use.
If I try to open anything as admin, UAC pops up and the preselected username is usually the standard account (although not sure why but other times the admin account is pre-selected).
I don't remember seeing this behavior on Windows 10 but I could be wrong. Is there any way to get UAC to only default to an admin user? It's a bit annoying having to scroll and make a few clicks when it should know already the standard user can't get past this screen lol.
Thank you
https://redd.it/1oz6h96
@r_systemadmin
I just upgraded to Windows 11. For security reasons, I have setup an admin account that I don't actually log in to, and I use a separate standard local account for daily use.
If I try to open anything as admin, UAC pops up and the preselected username is usually the standard account (although not sure why but other times the admin account is pre-selected).
I don't remember seeing this behavior on Windows 10 but I could be wrong. Is there any way to get UAC to only default to an admin user? It's a bit annoying having to scroll and make a few clicks when it should know already the standard user can't get past this screen lol.
Thank you
https://redd.it/1oz6h96
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
Finding the best KVM
I’m trying to find a KVM that I can plug my laptop (via USBC) and PC (via Display Port) into that has EDID emulation. Hopefully with 2 DisplayPort outputs for two monitors. I know this is a very specific thing to ask for so that’s why I need help with suggestions. I’m not worried about cost (as long as it’s reasonable) and I want a reputable brand. Thanks for any help!
https://redd.it/1oz6y04
@r_systemadmin
I’m trying to find a KVM that I can plug my laptop (via USBC) and PC (via Display Port) into that has EDID emulation. Hopefully with 2 DisplayPort outputs for two monitors. I know this is a very specific thing to ask for so that’s why I need help with suggestions. I’m not worried about cost (as long as it’s reasonable) and I want a reputable brand. Thanks for any help!
https://redd.it/1oz6y04
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
Wrapping RDP inside SSH to protect NTLM?
We have some Windows servers and appliances that are not AD-joined and never will be. They're OT. When we RDP to them, they're unfortunately using NTLM because that's what Windows requires when you're not using Kerberos (and Kerberos requires a KDC/domain controller). These are all on-prem so the risk is already pretty low, but we still don't like NTLM hashes floating across our network.
Does anyone have any experience with wrapping RDP sessions inside SSH sessions? I don't mind doing an extra step of establishing an SSH session when we need to RDP into them, but I do want the sessions to be stable.
https://redd.it/1oz8ufh
@r_systemadmin
We have some Windows servers and appliances that are not AD-joined and never will be. They're OT. When we RDP to them, they're unfortunately using NTLM because that's what Windows requires when you're not using Kerberos (and Kerberos requires a KDC/domain controller). These are all on-prem so the risk is already pretty low, but we still don't like NTLM hashes floating across our network.
Does anyone have any experience with wrapping RDP sessions inside SSH sessions? I don't mind doing an extra step of establishing an SSH session when we need to RDP into them, but I do want the sessions to be stable.
https://redd.it/1oz8ufh
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
Dumper v1.9.0 — This is a CLI utility for creating backups databases of various types (PostgreSQL, MySQL and etc.)
1. support docker
2. support shell noscript before and after backup
https://redd.it/1oz9cwp
@r_systemadmin
1. support docker
2. support shell noscript before and after backup
https://redd.it/1oz9cwp
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
Cheapest - secure way to clean Fortinet firewalls
Hello,
We did a network upgrade recently and have lots of 101E which is close to End of life with some HP switches. What is the easiest way to clean and dispose them?
I checked and they do not have any financial value at the moment.
Ps: I am junior system eng.
Thanks in advance!
https://redd.it/1ozaojc
@r_systemadmin
Hello,
We did a network upgrade recently and have lots of 101E which is close to End of life with some HP switches. What is the easiest way to clean and dispose them?
I checked and they do not have any financial value at the moment.
Ps: I am junior system eng.
Thanks in advance!
https://redd.it/1ozaojc
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community