My boss doesn't think anyone wants to be a Jr Messaging Engineer/Sysadmin

Is this like a corporate thing now that Junior Engineers are a worthless expense?

https://redd.it/1p1w93p
@r_systemadmin

Thickheaded Thursday - November 20, 2025

Howdy, /r/sysadmin!

It's that time of the week, Thickheaded Thursday! This is a safe (mostly) judgement-free environment for all of your questions and stories, no matter how silly you think they are. Anybody can answer questions! My name is AutoModerator and I've taken over responsibility for posting these weekly threads so you don't have to worry about anything except your comments!

https://redd.it/1p1zbzf
@r_systemadmin

What’s a customer story that made you rethink your product?

I work for a storage and backup company, which usually means quiet days and very boring graphs.

Then one day I encounter a customer story that rewires how you see your own product.

Monitoring lit up on a single account:

* Roughly 5 TB stored – fine
* Close to 30 TB egress in under two weeks – not fine for backups

We flagged it and took a closer look.

The account was based in South Asia. They had just claimed a promo and opened a support ticket asking for help with access management. On paper, it looked totally normal, so support treated it like any other request.

But the traffic pattern didn’t feel like backups at all.

* Lots of reads, not a lot of writes.
* Pretty steady throughout the day.

We explain the situation in an email, point to our ToS, and ask them to clarify what they’re building. They never responded.

No replies or follow-ups. Just total silence.

At that point we suspended the account, kept an eye on things for a while, and eventually closed it.

We never got a straight answer on what they were doing, but we couldn’t help forming a few hypotheses based on the patterns:

* constant high-bandwidth reads, not many writes
* lots of small objects accessed frequently
* traffic peaking at “evening entertainment” hours in multiple regions

Could have been a scrappy video streaming platform or even piracy, but my personal favourite hypothesis is that it was a adult video streaming platform.

What actually stuck with me wasn’t the mystery though.

It was the reminder that people will get incredibly creative with your product the moment you give them the slightest opening. They don’t care about the neat ToS and ToU you build with your legal advisor. They care that it solves their problem and they will try anything.

Those edge cases are uncomfortable, but they’re also free product research. They force you to get clearer about what you’re for, what you’re not for, and where your guardrails need to evolve.

https://redd.it/1p207e8
@r_systemadmin

How to secure a device you don't own, but the CEO insists on using?

So interesting problem. I've discovered that our CEO like to use their own device that they recently purchased and had a family member "secure". They are using it, while travelling abroad. This scares the bejesus out of me for obvious reasons.

I do not currently have a strict MDM policy, but after this, I'm considering it. How would you go about wrapping their O365 (E5) account to greater security, just to make sure its extra... secure? :D


Obviously I can't block them with conditional access, or they'll know, since its been working until now (and I really dont want to block them, but I do want to secure the situation a little better).



https://redd.it/1p1l91w
@r_systemadmin

How to deal with dream job rejection? :(

Feeling down in the dumps because after 2 months of really intensive recruitment process I got rejected from my dream job. In September I was contacted on LinkedIn by a recruiter saying that an American tech company is interested in my profile. At first I thought it was a scam because they were offering almost $180k a year, fully remote and I could work from anywhere in the world as the job is more project focused. The role was supposed to be a Senior IT Engineer. But I did my due diligence and they are a legit company and I found out that wages in the US are indeed that much higher than here in the UK.

I didn't think much of it but agreed to an interview. It went exceptionally well and I was asked to do a first test project for that company. I did it, they loved it and they paid me via paypal as promised (they pay every candidate). Then they set up a much more extensive second test project which I had to complete in 10 days. I did it and I was extremely proud of it. They paid me for it as well. I spent soooo much time on it. I submitted it within the required timeframes and I was patiently awaiting their response. I now really wanted this job and from the online reviewers that company is fantastic to work for so I had high hopes. They kept emailing me every couple of days apologizing for the delay and saying that they should be finished with the project review shortly.

Finally yesterday I got a heart-breaking response saying that unfortunately they will not be proceeding to the 4th (and I assume last) stage which was supposed to be a 2 hour interview with the team... :(

What's even worse is that they didn't provide any feedback (be it positive or negative, apparently that's their recruitment policy) so I don't even know what I did wrong and what I should improve. Such a strange thing to do.

I'm absolutely gutted. This was my future and a way to finally make it big in IT. I don't feel like speaking to anyone since yesterday and just feel like my dreams have been crushed. I don't think I'll ever be approached with such a brilliant job offer again in the future so I'm absolutely devastated.

I am currently employed by a different company but the money isn't great and they lied to me regarding the hybrid working model (after 2 months they said I now need to be in 4 or 5 days a week instead of 2 as they initially agreed to, keep in mind I live 2 hours away from the office so it's taking a huge toll on me) so I'm debating leaving the job and thought this could be my golden ticket. Well, it wasn't...

That being said, I guess I'm just curious how you guys deal with rejection?

https://redd.it/1p22zj7
@r_systemadmin

Cloudflare

Back down again https://www.cloudflarestatus.com/incidents/wjrblb0pftg2

https://redd.it/1p24rlw
@r_systemadmin

Update on the job market?

People that are looking for IT jobs since some time now, have things gotten better or worse? I've looked for jobs since November 2024, accepted an on site job in June 2025 but i'm considering leaving due to the toxic environment. Is it a good time to look in the market again or is it painful as it was the whole year?

https://redd.it/1p2682l
@r_systemadmin

Is it unreasonable of me to expect a user to have their email password?

I just do not understand this. For reference, I am GenX (53). With the exception of some random account like Starbucks app or something, I remember my essential passwords for email, my domain account, etc... Am I being unreasonable expecting users to take responsibility to remember their own email password? Its always boomers and early GenX that I am constantly resetting email, domain, essential SaaS apps that we use daily and other passwords. WTF? I just went scorched earth on this asshole for not being responsible for his own email password. I even found the password in the text chain a few swipes up. Hopefully I will still be employed...

EDIT: Well, this turned into a shitshow. A bit more context. This particular client is a very small manufacturing company. The owners do not want to spend money at all, on anything, ever. The PC's are old, the servers are old, hell, I think they even still use Acrobat 9. I have tried and tried to get them to upgrade the hardware, they refuse. Anything modern is just not going to work there. Attacking me is pretty childish and petty even without the facts but its Reddit and its expected I guess. It is what it is and I still think it is unreasonable for this user to not remember the PW I have sent him multiple times.

EDIT 2: Another user suggested "should have access to" rather than "remember" and yes, this. Poor choice of words on my part. Frustration has the best of me.

https://redd.it/1p2823q
@r_systemadmin

Sysmon to be Native to Windows 11/Server 2025 Soon

Haven't seen anyone mention this yet here: https://techcommunity.microsoft.com/blog/windows-itpro-blog/native-sysmon-functionality-coming-to-windows/4468112

Just when you think Microsoft will only continue to reach new lows, out of nowhere they (slightly) redeem themselves. Don't know why it took them this long.

I hope they better integrate it with Windows, so that config is easier to deploy. (GPO or Intune CSP?) However, I'm mostly thrilled to not have the pain of deploying and updating Sysmon anymore. (Again, why it was never packaged it differently, such as an MSI, is beyond me.)

https://redd.it/1p287m5
@r_systemadmin

Prioritizing Easy Over What Makes Sense?

I don't know if I am the crazy one here or if other sysadmins would agree with my employer. We are an MSP and we just recently had a request come up to set up an SFTP server. Use case is that the clients vendor sends a file to SFTP and clients needs to be able to retrieve it from SFTP. I suggested we just use a Linux VM and spin up an SFTP server with a user for the vendor and a user for the client.
What we actually went with was an entire Windows VM that runs a paid for SFTP software that costs $99 because it is "easier to support". Am I the crazy one? Or does that seem wildly unnecessary and inefficient. And this is not the first time we have spun up a Windows machine to do a single simple task.

So, what would you have chose and why?

https://redd.it/1p25pbg
@r_systemadmin

Anyone want to drink in misery with a fellow sysadmin?

I had an admin user have the mainframe doods generate a new RSA key for the mainframe. They then emailed BOTH the public and private key from their gmail to a client because "our email system stripped the attachment" So now I have a live private key out there.


Boss said I can leave and 4 and drink early.

https://redd.it/1p2cgng
@r_systemadmin

Damn the printers!

My predecessor believed in serverless direct IP printing. It's 2025 and I have been hand installing print queues for people one at a time on their machines like some kind of neanderthal IT jerk from the dark ages.

We are finally moving to a modern solution involving PaperCut with automatic driver and queue deployment, new printers and actual, honest to god modern setups. Except it's more than 30 zones that we are just now defining and go live is in 2 days.

Because the bosses that signed the contract fucked about for months and didn't want any of the techs involved to "unfairly influence" the decision.

So now I'm spinning up servers, building queues, working with site techs to figure out zones, coordinating with the vendor to get the software (no, I don't even have the goddamn software yet) and somehow am expected to have the new hardware (that I wasn't involved in ordering) installed, tested, documented and ready to go by EOD Tuesday.

The only reason the boss is still alive at this point is that next week is a holiday and nobody will be around so I'll be able to get shit done.


My question to you all: how many drugs will make this bearable? Is it all of them? I bet it's all the drugs.

https://redd.it/1p2dcmj
@r_systemadmin

Which free/open-source SMS gateway should I use for OTPs? (Jasmin, Kannel, playSMS, or Gammu?)

Hey everyone!
I'm building an app that needs SMS-based OTP verification, and honestly, I'd rather not dump all my money into Twilio or similar services if I can avoid it. Trying to figure out if self-hosted/open-source SMS gateways are actually worth it or if I'm just setting myself up for pain.
So far, I've been looking at:
Jasmin SMS Gateway
Kannel
playSMS
Gammu / Gammu-SMSD
SMSTools3
jSMPP (just the library)


Here's what I actually need:
Reliable delivery (it's for OTPs, so... yeah, can't really afford messages not showing up)
Works with SMPP or HTTP APIs
Docker-friendly setup would be amazing
Delivery reports so I know what's going on
Needs to scale eventually — not looking to stay hobby-level forever


Questions for anyone who's actually done this:
Which one would you recommend for OTP stuff in 2024/2025? Is there a clear winner, or are they all kind of the same?
Any annoying surprises when hooking up to SMPP providers? Like hidden costs, weird config issues, that sort of thing?
Is the whole USB modem setup (Gammu/SMSTools3) still a thing people do for small-scale OTPs, or has everyone moved on?
Any good tutorials, Docker Compose examples, or GitHub repos I should check out? Bonus points if they're beginner-friendly.
Do I need to stress about country-specific rules? Like sender ID registration, carriers blocking stuff, etc.?


Full disclosure: I'm pretty new to SMS gateways and SMPP in general, so this is all kind of overwhelming. If you've got any "I wish someone had told me this earlier" advice or ELI5 resources, I'd really appreciate it.
Thanks so much for any help! 🙏

https://redd.it/1p27aty
@r_systemadmin

What's your Microsoft Secure Score at?

For those that monitor that... Where are you at? After a good month or so of implementing recommendations, we've hit over 86% now which feels pretty good. According to Microsoft other orgs our size are at 43% on average.

https://redd.it/1p2hf1l
@r_systemadmin

Where do ya'll go to stay informed about zero-days now?

There used to be a few great options, free or cheap but after twitter's API changes long ago, and and a few of them ramping up subnoscription costs, I just wanted to check in for anything a little more relevant.

https://redd.it/1p2g9r3
@r_systemadmin

Managing Email Signatures within 365

Hi admins! I am curious on your guy's solutions on automatically deploying email signatures in 365 and pulling information like job tile, ect. While also instering a logo and hyper links. I have used external applications in the past but am looking to cut cost and use what we got.

https://redd.it/1p2f0c2
@r_systemadmin

How much are you paying for new desktops?

How much does it cost you to order a basic workstation computer for just MS Office and general office work?

Last year I was able to order 3 of them from my Dell Premier site for only $610 each, but now I can't seem to find anything under $1000...

https://redd.it/1p2kn34
@r_systemadmin

Sysadmin salary whinge

So, I've been with this company since 2017. Started as senior support on 85k. After a year, moved into unofficial sysadmin role, slight bumps (mostly just with inflation) until I am now on 114k. Been doing IT in some capacity for 20 years now. We are now offering a desktop support (l2) role for a site, 90k. Not one applicant who will take under 110k, so now recruitment team is suggesting they will just have to pay someone 110k. 110k for a l2 person with 2-3 years exp. I've been asking for a realignment for 3 years now and keep getting told no. Is it just time to walk?

Edit: Should clarify, Sydney AUS.

https://redd.it/1p2nn2s
@r_systemadmin

Is it just me or are enterprise workflows held together by absolute chaos?

I swear, every time I look under the hood of a big company, I find some process that makes zero sense and somehow everyone is fine with it.

Like… why is there ALWAYS that one spreadsheet that nobody is allowed to touch?
Why does every department have one application that “just breaks sometimes” and everyone has accepted that as part of the job?
And why are there still approval flows that involve printing, signing, scanning, and emailing in 2025???

It blows my mind how normalised this stuff is.

Not trying to rant, I’m genuinely curious:

What’s the most unnecessarily complicated or outdated workflow you’ve run into at work?
The kind where you think, “There has to be a better way,” but it’s been that way for like 10 years so everyone just shrugs.

I love hearing these because they always reveal how companies really operate behind all the fancy software.

https://redd.it/1p2nzey
@r_systemadmin

Weekly 'I made a useful thing' Thread - November 21, 2025

There is a great deal of user-generated content out there, from noscripts and software to tutorials and videos, but we've generally tried to keep that off of the front page due to the volume and as a result of community feedback. There's also a great deal of content out there that violates our advertising/promotion rule, from noscripts and software to tutorials and videos.

We have received a number of requests for exemptions to the rule, and rather than allowing the front page to get consumed, we thought we'd try a weekly thread that allows for that kind of content. We don't have a catchy name for it yet, so please let us know if you have any ideas!

In this thread, feel free to show us your pet project, YouTube videos, blog posts, or whatever else you may have and share it with the community. Commercial advertisements, affiliate links, or links that appear to be monetization-grabs will still be removed.

https://redd.it/1p2uqsd
@r_systemadmin

Google buys Wiz for $32B… what’s the backup plan now in a worst-case scenario?

I just read that Google is acquiring Wiz for $32B to boost its cloud security footprint. While the deal hasn’t closed yet, this feels like a huge move, and honestly, I’m a bit nervous about what it could mean long term. Google’s track record with security acquisitions (Impermium, Mandiant, VirusTotal, Chronicle, etc.) hasn’t exactly been reassuring. It has merged or shut down parts of other acquired companies in the past.

Here’s why I’m concerned:

* There’s a real risk that Wiz’s multi‑cloud neutrality could be compromised. Some analysts worry Google will prioritize GCP features over AWS or Azure.
* Integrating Wiz into Google Cloud could lead to architectural changes or feature shifts that don’t align with how teams use it today.

How are other teams handling this?

* Are you sticking with Wiz or looking at alternatives?
* What’s your contingency plan if Google starts prioritizing GCP?
* Has anyone already switched to Orca, Prisma, or Lacework? Would love to hear comparisons.



https://redd.it/1p2unat
@r_systemadmin