Compliance is slowly choking actual work
Trying to add anything new to the stack now feels like punishment. I’m not proposing a bank merger, I just want to test a tool. But no, gotta do a security review, risk form, data flow diagram, legal sign-off, “how does this map to our framework”, three Jira tickets and sacrificing your first born
By the time it’s “approved”, the problem it was supposed to solve has either been worked around, forgotten, or replaced with an external agency for 4x the cost.
Compliance was supposed to stop stupid decisions, not make every small improvement feel like a six-week project. At this point, the process doesn’t keep bad tools out of the stack, it just kills any motivation to improve it.
https://redd.it/1p8728z
@r_systemadmin
Trying to add anything new to the stack now feels like punishment. I’m not proposing a bank merger, I just want to test a tool. But no, gotta do a security review, risk form, data flow diagram, legal sign-off, “how does this map to our framework”, three Jira tickets and sacrificing your first born
By the time it’s “approved”, the problem it was supposed to solve has either been worked around, forgotten, or replaced with an external agency for 4x the cost.
Compliance was supposed to stop stupid decisions, not make every small improvement feel like a six-week project. At this point, the process doesn’t keep bad tools out of the stack, it just kills any motivation to improve it.
https://redd.it/1p8728z
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
Deprecation and removal of WINS after Windows Server 2025
It's official; Microsoft has announced that WINS is now deprecated, and *will be removed* from all Windows Server releases after Windows Server 2025 and will remain under the standard support lifecycle through November 2034.
No flowers
https://support.microsoft.com/en-gb/topic/wins-removal-moving-forward-with-modern-name-resolution-f00381f0-7237-4f7b-8e78-aa6f9c5b279f
https://redd.it/1p885nv
@r_systemadmin
It's official; Microsoft has announced that WINS is now deprecated, and *will be removed* from all Windows Server releases after Windows Server 2025 and will remain under the standard support lifecycle through November 2034.
No flowers
https://support.microsoft.com/en-gb/topic/wins-removal-moving-forward-with-modern-name-resolution-f00381f0-7237-4f7b-8e78-aa6f9c5b279f
https://redd.it/1p885nv
@r_systemadmin
Docs
Fixed Lifecycle Policy - Microsoft Lifecycle
The Microsoft Fixed Lifecycle Policy provides consistent, predictable guidelines for product support and servicing.
How do you handle IAM access visibility and access reviews?
Hey all,
Curious how other sysadmins handle access visibility and access reviews across Okta / Entra-connected apps.
I see approaches ranging from fully manual spreadsheets to automated review cycles, and I’m curious how teams here structure this in practice.
Nothing commercial, just trying to compare real-world practices with others who deal with this stuff daily :)
Would love to hear how you handle it in your environment.
Thanks!
For anyone who is up to share their experience with more background, I put together a very short 3–5 min form. Link: https://forms.gle/RtK1jjpKjyPh67bf8
Happy to share the aggregated results back with the community once enough responses come in.
https://redd.it/1p89vo1
@r_systemadmin
Hey all,
Curious how other sysadmins handle access visibility and access reviews across Okta / Entra-connected apps.
I see approaches ranging from fully manual spreadsheets to automated review cycles, and I’m curious how teams here structure this in practice.
Nothing commercial, just trying to compare real-world practices with others who deal with this stuff daily :)
Would love to hear how you handle it in your environment.
Thanks!
For anyone who is up to share their experience with more background, I put together a very short 3–5 min form. Link: https://forms.gle/RtK1jjpKjyPh67bf8
Happy to share the aggregated results back with the community once enough responses come in.
https://redd.it/1p89vo1
@r_systemadmin
Google Docs
Short IAM/Governance Survey
Context
I’m collecting anonymous insights from people working with IAM, application access, or related IT operations. The goal is simply to understand how different teams handle identity/application visibility, reviews, and access patterns. Nothing commercial…
I’m collecting anonymous insights from people working with IAM, application access, or related IT operations. The goal is simply to understand how different teams handle identity/application visibility, reviews, and access patterns. Nothing commercial…
Personal Keyboard
I’m trying to look for a wireless keyboard for me to use at the office. I currently have a Logitech MX650 that I’ve been using for a few years. I’m not a huge fan of it as it just feels cheap. I think I want a mechanical keyboard but I want a more silent option. I’m moving to a more automation/programming role and I’m worried that it could get loud. The space I work in has two other people and at times I can hear my current keyboard in the background of our call recordings. I’ve looked at Aula F108, keychrone, Cherry kc 200, among others. All the YouTube videos I find they like to do the full ASMR which doesn’t help. I want to be able to swap keys and make it my own at some point if possible. What are you all using and does anyone have any recommendations? I’m trying not to do trial and error as I tend to be forgetful about returns lol
https://redd.it/1p8d1dl
@r_systemadmin
I’m trying to look for a wireless keyboard for me to use at the office. I currently have a Logitech MX650 that I’ve been using for a few years. I’m not a huge fan of it as it just feels cheap. I think I want a mechanical keyboard but I want a more silent option. I’m moving to a more automation/programming role and I’m worried that it could get loud. The space I work in has two other people and at times I can hear my current keyboard in the background of our call recordings. I’ve looked at Aula F108, keychrone, Cherry kc 200, among others. All the YouTube videos I find they like to do the full ASMR which doesn’t help. I want to be able to swap keys and make it my own at some point if possible. What are you all using and does anyone have any recommendations? I’m trying not to do trial and error as I tend to be forgetful about returns lol
https://redd.it/1p8d1dl
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
DFS - Sharing Folder
Hi
Hoping you can help or point me in the right direction.
I’m trying to setup a shared folder via DFS Management.
The folder itself gets created on the C drive of Win Server Core which I’m accessing through File Explorer and I can see it but when I double click on it errors with either permissions and DFS tab shows it as inaccessible.
Any advice or pointers or a simple guide to get this sorted would’ve greatly appreciated.
Thanks in advance.
https://redd.it/1p8af7z
@r_systemadmin
Hi
Hoping you can help or point me in the right direction.
I’m trying to setup a shared folder via DFS Management.
The folder itself gets created on the C drive of Win Server Core which I’m accessing through File Explorer and I can see it but when I double click on it errors with either permissions and DFS tab shows it as inaccessible.
Any advice or pointers or a simple guide to get this sorted would’ve greatly appreciated.
Thanks in advance.
https://redd.it/1p8af7z
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
Me every time: testing if VPN works using my phone's hotspot. Thinking it works. Then realizing my hotspot acts as a repeater for the office WiFi.
Gets me every time!
https://redd.it/1p8flvl
@r_systemadmin
Gets me every time!
https://redd.it/1p8flvl
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
Which is the most popular CI/CD tool used nowadays?
SO, there are many CI/CD tools like Jenkins, Azure pipelines, GitHub Actions etc., Which one is the most popularly used in current market? I guess it would be GtHub actions based on its ease of use and flexibility. Any other tool apart from these that you can mention here? Thank you
https://redd.it/1p8gmp0
@r_systemadmin
SO, there are many CI/CD tools like Jenkins, Azure pipelines, GitHub Actions etc., Which one is the most popularly used in current market? I guess it would be GtHub actions based on its ease of use and flexibility. Any other tool apart from these that you can mention here? Thank you
https://redd.it/1p8gmp0
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
Happy Thanksgiving, fellow sysadmins. I’m the new (and first) in-house IT Administrator for a ~70-endpoint company. No servers, no domain, and until two weeks ago everything went through an MSP. Now all requests come to me first, and I escalate only when necessary. Here’s what I walked into:
Almost every workstation is running Windows 11 Home
A handful are Windows 11 Pro
All users log in with local accounts
About half the company is on M365 Business Premium, the other half on Business Standard
No Intune, no Entra ID join, no AD (on-prem or cloud), no real identity management
The MSP provides ThreatLocker and Huntress, and the long-term goal is to reduce the monthly spend and move IT responsibilities more in-house while maintaining a co-managed relationship with the MSP.
My first major project, already approved by leadership, is to:
1. Upgrade all appropriate users to Business Premium
2. Upgrade all endpoints to Windows 11 Pro
3. Entra-join every workstation
4. Enroll everything into Intune
5. Begin modernizing the environment and decreasing MSP dependency
My background is seven years as a server engineer, so this is a big shift for me. I’m learning a lot as I go, and I’d appreciate any advice, lessons learned, or “watch out for this” insights from anyone who has gone through a similar small-business modernization or MSP off-ramp process.
What pitfalls should I expect? What would you tackle first?
Thanks in advance and enjoy the holiday.
Edit: Leadership mentioned that in about 6-9 months we will reevaluate and if needed we can either bring in another IT person or continue co-managed with the MSP.
ALSO, the long term (3-5 years) plan for my role is to transition into a Director of IT.
https://redd.it/1p8i2ia
@r_systemadmin
Almost every workstation is running Windows 11 Home
A handful are Windows 11 Pro
All users log in with local accounts
About half the company is on M365 Business Premium, the other half on Business Standard
No Intune, no Entra ID join, no AD (on-prem or cloud), no real identity management
The MSP provides ThreatLocker and Huntress, and the long-term goal is to reduce the monthly spend and move IT responsibilities more in-house while maintaining a co-managed relationship with the MSP.
My first major project, already approved by leadership, is to:
1. Upgrade all appropriate users to Business Premium
2. Upgrade all endpoints to Windows 11 Pro
3. Entra-join every workstation
4. Enroll everything into Intune
5. Begin modernizing the environment and decreasing MSP dependency
My background is seven years as a server engineer, so this is a big shift for me. I’m learning a lot as I go, and I’d appreciate any advice, lessons learned, or “watch out for this” insights from anyone who has gone through a similar small-business modernization or MSP off-ramp process.
What pitfalls should I expect? What would you tackle first?
Thanks in advance and enjoy the holiday.
Edit: Leadership mentioned that in about 6-9 months we will reevaluate and if needed we can either bring in another IT person or continue co-managed with the MSP.
ALSO, the long term (3-5 years) plan for my role is to transition into a Director of IT.
https://redd.it/1p8i2ia
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
I fucked up. I removed ACL inheritance from a folder and broke quickbooks. Windows server 2016.
Right so I fucked up and now need some guidance from more experienced wizards.
What happened was, in an effort to lock down a bunch of folders for an RDP user, I disabled inheritance for a ton of folders in D:\ that are owned by the administrators group.
Within this D:\ folder is a mix of administrator-created folders and files along with user created folders and files.
One of the folders I did this in is D:\SHARE
D:\SHARE also happens to be a network shared folder which holds our company.QBW database file along with the .TLG, .NG and the quickbooks attachment folder.
After disabling and deleting inheritance for D:\SHARE, I started receiving reports that the accounting users could no longer upload .PDF documents to invoices and other users could no longer upload files directly to D:\SHARE
I’m now in a situation where I cannot manipulate certain ACLs for certain files because they were uploaded to D:\SHARE by network shared drive users.
So far, my game plan is to re-take ownership of D:\SHARE as the administrators group and propagate the ownership to all objects within D:\SHARE, then re-apply “modify”, “read”, “write” perms to D:\SHARE and make sure that every file within D:\SHARE that relates to a quickbooks service has “QBDataServiceUserXX” group defined with full access.
This is a huge issue because we have yearly audits coming up soon and I need to make sure that there are no permissions-related hangups when the audit comes around so that we accurately provide auditors with the data they need.
I am way over my head when it comes to figuring out a solution to making sure things work properly again, at least for Quickbooks Desktop.
The silver lining is that at least one user can open the quickbooks database file stored in D:\SHARE and I’ve resolved the general write perms for users so they can put data into D:\SHARE but how on gods green earth can I ensure that quickbooks services like the following work and where do these permissions changes need to happen:
PDF attachments
Multi User Mode
Saving Transactions
Printing
Emailing invoices
Backups
Verify/rebuilding
Invoice history
Logging
Am I fucked, gents?
Edit: the only silver lining here is this happened the day before we went on thanksgiving break so I have until Sunday night to resolve this issue as there won’t be anyone in the office.
https://redd.it/1p8ek4d
@r_systemadmin
Right so I fucked up and now need some guidance from more experienced wizards.
What happened was, in an effort to lock down a bunch of folders for an RDP user, I disabled inheritance for a ton of folders in D:\ that are owned by the administrators group.
Within this D:\ folder is a mix of administrator-created folders and files along with user created folders and files.
One of the folders I did this in is D:\SHARE
D:\SHARE also happens to be a network shared folder which holds our company.QBW database file along with the .TLG, .NG and the quickbooks attachment folder.
After disabling and deleting inheritance for D:\SHARE, I started receiving reports that the accounting users could no longer upload .PDF documents to invoices and other users could no longer upload files directly to D:\SHARE
I’m now in a situation where I cannot manipulate certain ACLs for certain files because they were uploaded to D:\SHARE by network shared drive users.
So far, my game plan is to re-take ownership of D:\SHARE as the administrators group and propagate the ownership to all objects within D:\SHARE, then re-apply “modify”, “read”, “write” perms to D:\SHARE and make sure that every file within D:\SHARE that relates to a quickbooks service has “QBDataServiceUserXX” group defined with full access.
This is a huge issue because we have yearly audits coming up soon and I need to make sure that there are no permissions-related hangups when the audit comes around so that we accurately provide auditors with the data they need.
I am way over my head when it comes to figuring out a solution to making sure things work properly again, at least for Quickbooks Desktop.
The silver lining is that at least one user can open the quickbooks database file stored in D:\SHARE and I’ve resolved the general write perms for users so they can put data into D:\SHARE but how on gods green earth can I ensure that quickbooks services like the following work and where do these permissions changes need to happen:
PDF attachments
Multi User Mode
Saving Transactions
Printing
Emailing invoices
Backups
Verify/rebuilding
Invoice history
Logging
Am I fucked, gents?
Edit: the only silver lining here is this happened the day before we went on thanksgiving break so I have until Sunday night to resolve this issue as there won’t be anyone in the office.
https://redd.it/1p8ek4d
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
Vendor's update crashed our test network, told us it worked fine on their network.
A software vendor for the past few months failed to deliver a working update that met the organization's annual Authority to Operate renewal requirements and also not break something. For a vendor's software or equipment to get a foothold onto our network requires jumping through the ATO hoops. No ATO or failing a renewal means the software or equipment is to be removed from the network, unless someone is willing to take the big office politics risk of signing off on it and hoping it doesn't bite them.
A few weeks ago, they released an update that finally met the ATO, but also hosed our test network. Nobody could log into it.
Upon informing them of the situation, they sent an obviously AI generated email that I summarized the multiple paragraphs as:
- It worked on our network perfectly fine.
- Your test network was probably incorrectly configured.
- Can you roll out the update onto your operational network (which has thousands of users and host numerous services that even more users rely on) to see if it works?
- Can you ask your organization to revise the ATO requirements? They are excessive.
I had to step away from my computer and go walk around the building to calm down.
They later determined that the automatic update function was bugged and suggested that as a workaround, we manually make configuration changes before each update.
Right before Thanksgiving, the vendor reached out to us to ask if the ATO renewal was at risk.
The worst case situation for us of their ATO being pulled is a major disruption to the organization's workflows. Now I'm just waiting on my leadership to decide if they're going to tolerate further delays or dump the vendor and look for a new one.
https://redd.it/1p8ijs5
@r_systemadmin
A software vendor for the past few months failed to deliver a working update that met the organization's annual Authority to Operate renewal requirements and also not break something. For a vendor's software or equipment to get a foothold onto our network requires jumping through the ATO hoops. No ATO or failing a renewal means the software or equipment is to be removed from the network, unless someone is willing to take the big office politics risk of signing off on it and hoping it doesn't bite them.
A few weeks ago, they released an update that finally met the ATO, but also hosed our test network. Nobody could log into it.
Upon informing them of the situation, they sent an obviously AI generated email that I summarized the multiple paragraphs as:
- It worked on our network perfectly fine.
- Your test network was probably incorrectly configured.
- Can you roll out the update onto your operational network (which has thousands of users and host numerous services that even more users rely on) to see if it works?
- Can you ask your organization to revise the ATO requirements? They are excessive.
I had to step away from my computer and go walk around the building to calm down.
They later determined that the automatic update function was bugged and suggested that as a workaround, we manually make configuration changes before each update.
Right before Thanksgiving, the vendor reached out to us to ask if the ATO renewal was at risk.
The worst case situation for us of their ATO being pulled is a major disruption to the organization's workflows. Now I'm just waiting on my leadership to decide if they're going to tolerate further delays or dump the vendor and look for a new one.
https://redd.it/1p8ijs5
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
wtf is the point to vendor account managers? Absolutely useless.
ok so this rant is in particular to our lenovo account manager. Absolutely useless:
barely gives me a discount
orders are never followed up on to give me an update
waits until the last minute, or after, to advise pending payment/transfers
We've gone through 3 different account managers in the last few years - and it is so damn obvious these jobs are from people halfway across the world where culturally, they have no idea, english, they have no idea and overall account management, they seem to have no idea.
Sure, we aren't a huge customer, but we've spent a few hundred thousand over the years.
I couldn't care less if we had a penguin as our account manager, so long as we were taken care. That's all I've ever cared about. Give me the deserved courtesy we've damn well paid for.
I'm finding this across the board with other vendors, and it's why I am open to give huge kudo's to companies that have great support at any point I can - whether thats a phone call or a support ticket feedback.. Because vendors as big as Lenovo are so incompetent to not know how to read their own invoice due dates (stop \&(\^#\^ emailing me for invoices that aren't due!) can't get it right, so it's not about revenue or popularity, it's about the company and how they are taught to treat their customers. Plain and simple.
Ok rant over. thank you for listening. fudge you lenovo.
https://redd.it/1p8lzu4
@r_systemadmin
ok so this rant is in particular to our lenovo account manager. Absolutely useless:
barely gives me a discount
orders are never followed up on to give me an update
waits until the last minute, or after, to advise pending payment/transfers
We've gone through 3 different account managers in the last few years - and it is so damn obvious these jobs are from people halfway across the world where culturally, they have no idea, english, they have no idea and overall account management, they seem to have no idea.
Sure, we aren't a huge customer, but we've spent a few hundred thousand over the years.
I couldn't care less if we had a penguin as our account manager, so long as we were taken care. That's all I've ever cared about. Give me the deserved courtesy we've damn well paid for.
I'm finding this across the board with other vendors, and it's why I am open to give huge kudo's to companies that have great support at any point I can - whether thats a phone call or a support ticket feedback.. Because vendors as big as Lenovo are so incompetent to not know how to read their own invoice due dates (stop \&(\^#\^ emailing me for invoices that aren't due!) can't get it right, so it's not about revenue or popularity, it's about the company and how they are taught to treat their customers. Plain and simple.
Ok rant over. thank you for listening. fudge you lenovo.
https://redd.it/1p8lzu4
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
Weekly 'I made a useful thing' Thread - November 28, 2025
There is a great deal of user-generated content out there, from noscripts and software to tutorials and videos, but we've generally tried to keep that off of the front page due to the volume and as a result of community feedback. There's also a great deal of content out there that violates our advertising/promotion rule, from noscripts and software to tutorials and videos.
We have received a number of requests for exemptions to the rule, and rather than allowing the front page to get consumed, we thought we'd try a weekly thread that allows for that kind of content. We don't have a catchy name for it yet, so please let us know if you have any ideas!
In this thread, feel free to show us your pet project, YouTube videos, blog posts, or whatever else you may have and share it with the community. Commercial advertisements, affiliate links, or links that appear to be monetization-grabs will still be removed.
https://redd.it/1p8r6jr
@r_systemadmin
There is a great deal of user-generated content out there, from noscripts and software to tutorials and videos, but we've generally tried to keep that off of the front page due to the volume and as a result of community feedback. There's also a great deal of content out there that violates our advertising/promotion rule, from noscripts and software to tutorials and videos.
We have received a number of requests for exemptions to the rule, and rather than allowing the front page to get consumed, we thought we'd try a weekly thread that allows for that kind of content. We don't have a catchy name for it yet, so please let us know if you have any ideas!
In this thread, feel free to show us your pet project, YouTube videos, blog posts, or whatever else you may have and share it with the community. Commercial advertisements, affiliate links, or links that appear to be monetization-grabs will still be removed.
https://redd.it/1p8r6jr
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
What's broken today
Another Friday another problem internet issue..
https://redd.it/1p8ropm
@r_systemadmin
Another Friday another problem internet issue..
https://redd.it/1p8ropm
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
Considering moving endpoints to cloud only. Experiences?
Hey everyone,
We’re currently running a hybrid setup with on-prem AD and cloud identities. Most of our users are remote, and managing VPNs, GPOs, and password resets has become a real pain in ***
I’ve been thinking about two directions. One is keeping some on-prem AD servers but having laptops join Entra ID directly and manage settings through Intune. The other is going fully cloud… no AD servers, all devices Entra joined, everything managed through Intune and SaaS apps. Fewer servers, simpler DR, no VPN headaches.
I can see the appeal of cloud only, but I’m not sure what hidden issues might come up with apps, legacy dependencies, or hybrid scenarios.
For those who’ve done this: what actually worked and what caused headaches? Did hybrid identity solve your problems, or just add complexity? And for full cloud setups, were there any surprises we should plan for?
https://redd.it/1p8s75k
@r_systemadmin
Hey everyone,
We’re currently running a hybrid setup with on-prem AD and cloud identities. Most of our users are remote, and managing VPNs, GPOs, and password resets has become a real pain in ***
I’ve been thinking about two directions. One is keeping some on-prem AD servers but having laptops join Entra ID directly and manage settings through Intune. The other is going fully cloud… no AD servers, all devices Entra joined, everything managed through Intune and SaaS apps. Fewer servers, simpler DR, no VPN headaches.
I can see the appeal of cloud only, but I’m not sure what hidden issues might come up with apps, legacy dependencies, or hybrid scenarios.
For those who’ve done this: what actually worked and what caused headaches? Did hybrid identity solve your problems, or just add complexity? And for full cloud setups, were there any surprises we should plan for?
https://redd.it/1p8s75k
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
Can my employer find my identity?
Anonymously reported the healthcare facility I work at to the health department for unsafe conditions. Using my iPhone on public WiFi, VPN, DuckDuckGo browser. I also have MDM on my phone for work apps. I assume with an investigation they could make an educated guess it’s me, but I doubt they’d waste time and resources for that since their IT department is almost non existent due to cuts. I’m willing to take the risk if it saves patients from harm.
https://redd.it/1p8umnp
@r_systemadmin
Anonymously reported the healthcare facility I work at to the health department for unsafe conditions. Using my iPhone on public WiFi, VPN, DuckDuckGo browser. I also have MDM on my phone for work apps. I assume with an investigation they could make an educated guess it’s me, but I doubt they’d waste time and resources for that since their IT department is almost non existent due to cuts. I’m willing to take the risk if it saves patients from harm.
https://redd.it/1p8umnp
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
Hardware Domain Controller + Fileserver
Hey folks,
I was researching for a few days already, but couldn't get a good solution for my problem.
Our company is still staying on-prem with mostly all services, soft- and hardware. So we're using physical domain controllers and fileserver and other things over here.
Now one of our domain controllers is already a few years old (8) at the moment, so we're going to upgrade it. At the moment it is a running windows server which functions as domain controller and fileserver role at the same time. Now I learned, that it is best practice to disconnect both roles from another. In a small company like ours (about 150-200 devices), it would be enough to use hyper-v and use a vm for each role (DC + Fileserver).
I was wondering, if you have better ideas, hints or anything, which could help me in decision making.
We configured a Supermicro Mainboard X14SBI-TF with 2x 1TB NMVe SSD for Windows and 2x 4TB NVMe SSD with a Asus PCI-E Adapter Card for storage. We configured a Xeon 6507P and 64GB of RAM. I know the hardware is pretty much overkill, that's why I'm asking for advice. The Server costs about 8k Euros.
Any ideas, what hardware to get? How powerful should it be? Should we use two different servers/hardware? Any advice?
Thanks in advance for your input!
https://redd.it/1p8usjz
@r_systemadmin
Hey folks,
I was researching for a few days already, but couldn't get a good solution for my problem.
Our company is still staying on-prem with mostly all services, soft- and hardware. So we're using physical domain controllers and fileserver and other things over here.
Now one of our domain controllers is already a few years old (8) at the moment, so we're going to upgrade it. At the moment it is a running windows server which functions as domain controller and fileserver role at the same time. Now I learned, that it is best practice to disconnect both roles from another. In a small company like ours (about 150-200 devices), it would be enough to use hyper-v and use a vm for each role (DC + Fileserver).
I was wondering, if you have better ideas, hints or anything, which could help me in decision making.
We configured a Supermicro Mainboard X14SBI-TF with 2x 1TB NMVe SSD for Windows and 2x 4TB NVMe SSD with a Asus PCI-E Adapter Card for storage. We configured a Xeon 6507P and 64GB of RAM. I know the hardware is pretty much overkill, that's why I'm asking for advice. The Server costs about 8k Euros.
Any ideas, what hardware to get? How powerful should it be? Should we use two different servers/hardware? Any advice?
Thanks in advance for your input!
https://redd.it/1p8usjz
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
Applied for new job that fell on my lap. Gave employer some pretty minimal asks - they have made promises but everything else is rubbing me the wrong way
Hey all,
I started here and took what was technically a step back in role, for more opportunity. I went to senior on helpdesk. My manager had plans for me to step into an Engineer role, with the lone Sysadmin who was overworked.
It eventually happened but was delayed by a year mostly due to HR getting in the way of what the team wanted. The other guy got it first on the condition that a backup (me) would be coming down the road. That was dragged out and he went on stress leave, they gave it to me then but forced me to do a temp contract - this really rubbed me the wrong way then, but it eventually worked out. We're both engineers, I've done so much including an Azure migration and setting up a SQL data warehouse for analytics, migrated acquired companies all in a short period of time.
Everything else about the job and environment are pretty great. Wfh, flexible, great boss, fun work.
---
IT manager job popped up at a smaller company nearby in the same industry. I got an offer. All in all its a slight pay bump, some benefits are slightly better, some a little worse. I told my company I was interested. They promised me next year there would be higher roles coming and that they have me in mind for them, these are delivery, architect, project manager roles, etc... that are all slated to come thru and actually going through the approval/posting processes right now.
I have no doubt that I will eventually get one of them, but also that I'm going to go through the same HR battle of posting - not promotion, contract work, etc...
I pushed back and said I am really looking for something right now to reassure me that these barriers wont be there next year, or that at least we can get over 1 or 2 of them. An extra week of vacation, a little out of bracket pay increase.
My boss, his C suite boss are all for it. But HR rubber stamps this stuff. They instead requested to dive in to the 1:1 likeness of the other company's offer. Quoting differences between personal/vacation/sick days.
This is really rubbing me the wrong way. And at this point I feel a little backed into a corner, that they need to offer anything other than promises at this point or I have to jump.
Just looking for advice from those who have gone through this before. The other job will be more of a 1 man show with either a MSP or junior. Both companies are pretty flexible, but I'll be in the office in the new one and they commit to building out a hybrid arrangement - they actually want me to create this for the company. It'll be extra hats, but as a smaller company I'll be able to get a lot more done and see the impact of my work more. Both companies are growing very fast, the other one is around 1/4 the size of mine. 80 people 4 locations versus 320 people 20 locations.
https://redd.it/1p8ww2k
@r_systemadmin
Hey all,
I started here and took what was technically a step back in role, for more opportunity. I went to senior on helpdesk. My manager had plans for me to step into an Engineer role, with the lone Sysadmin who was overworked.
It eventually happened but was delayed by a year mostly due to HR getting in the way of what the team wanted. The other guy got it first on the condition that a backup (me) would be coming down the road. That was dragged out and he went on stress leave, they gave it to me then but forced me to do a temp contract - this really rubbed me the wrong way then, but it eventually worked out. We're both engineers, I've done so much including an Azure migration and setting up a SQL data warehouse for analytics, migrated acquired companies all in a short period of time.
Everything else about the job and environment are pretty great. Wfh, flexible, great boss, fun work.
---
IT manager job popped up at a smaller company nearby in the same industry. I got an offer. All in all its a slight pay bump, some benefits are slightly better, some a little worse. I told my company I was interested. They promised me next year there would be higher roles coming and that they have me in mind for them, these are delivery, architect, project manager roles, etc... that are all slated to come thru and actually going through the approval/posting processes right now.
I have no doubt that I will eventually get one of them, but also that I'm going to go through the same HR battle of posting - not promotion, contract work, etc...
I pushed back and said I am really looking for something right now to reassure me that these barriers wont be there next year, or that at least we can get over 1 or 2 of them. An extra week of vacation, a little out of bracket pay increase.
My boss, his C suite boss are all for it. But HR rubber stamps this stuff. They instead requested to dive in to the 1:1 likeness of the other company's offer. Quoting differences between personal/vacation/sick days.
This is really rubbing me the wrong way. And at this point I feel a little backed into a corner, that they need to offer anything other than promises at this point or I have to jump.
Just looking for advice from those who have gone through this before. The other job will be more of a 1 man show with either a MSP or junior. Both companies are pretty flexible, but I'll be in the office in the new one and they commit to building out a hybrid arrangement - they actually want me to create this for the company. It'll be extra hats, but as a smaller company I'll be able to get a lot more done and see the impact of my work more. Both companies are growing very fast, the other one is around 1/4 the size of mine. 80 people 4 locations versus 320 people 20 locations.
https://redd.it/1p8ww2k
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
Internet being scrubbed of tribal knowledge: Dell Power Edge RAID Controller Activity Lights
Need some help,
Dell PowerEdge Raid Controllers - if you put a non dell certified drive in the server the hdd activity light will work in reverse. this has been a thing since the beginning of time, there is a command you can run to correct this issue / ignore the non-certified drive and then it will behave normally. i have boxes still where this has been done and is true.
I've done it many times on past machines, but now i cant find any info on the internet of it at all. it seems every day more and more tribal knowledge is gone and impossible to find.
If you have this in your notes anywhere, please share.
Thanks.
https://redd.it/1p8xyif
@r_systemadmin
Need some help,
Dell PowerEdge Raid Controllers - if you put a non dell certified drive in the server the hdd activity light will work in reverse. this has been a thing since the beginning of time, there is a command you can run to correct this issue / ignore the non-certified drive and then it will behave normally. i have boxes still where this has been done and is true.
I've done it many times on past machines, but now i cant find any info on the internet of it at all. it seems every day more and more tribal knowledge is gone and impossible to find.
If you have this in your notes anywhere, please share.
Thanks.
https://redd.it/1p8xyif
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
Hotel software integration issues are absolutely killing me, tell me I'm not alone
Im managing tech for a small hotel group, 8 properties total around 50-70 rooms each, and I'm genuinely at my breaking point with integration nightmares. We've got a PMS that's supposed to integrate with our booking engine, channel manager, payment processor, and guest messaging system. Except nothing actually works together the way it's supposed to.
Last week we had a guest's payment process through Stripe but it didn't sync to the PMS, so front desk tried charging them again at checkout. Guest was understandably pissed off and left us a 2 star review. This happens at least once a week across our properties. Our channel manager randomly stops syncing inventory and we end up with double bookings, then we're scrambling to relocate guests or comp rooms. Guest messaging doesn't pull reservation details automatically so staff has to manually look up everything.
I spent 3 hours on a vendor support call yesterday and basically got told to refresh the connection and clear the cache like I'm some kind of idiot who doesn't know how computers work. I have a CS degree, I understand how APIs are supposed to function, these systems are just poorly built.
Everything claims seamless integration but really it's a bunch of manual workarounds and constant firefighting. I seriously started considering consolidating to fewer vendors even if we lose some functionality, just to stop dealing with integration headaches every single day.
Do larger hotel groups deal with this constantly or is it just mid-size operations like ours that get screwed? Anyone successfully consolidated their tech stack and actually seen improvement?
https://redd.it/1p8swgg
@r_systemadmin
Im managing tech for a small hotel group, 8 properties total around 50-70 rooms each, and I'm genuinely at my breaking point with integration nightmares. We've got a PMS that's supposed to integrate with our booking engine, channel manager, payment processor, and guest messaging system. Except nothing actually works together the way it's supposed to.
Last week we had a guest's payment process through Stripe but it didn't sync to the PMS, so front desk tried charging them again at checkout. Guest was understandably pissed off and left us a 2 star review. This happens at least once a week across our properties. Our channel manager randomly stops syncing inventory and we end up with double bookings, then we're scrambling to relocate guests or comp rooms. Guest messaging doesn't pull reservation details automatically so staff has to manually look up everything.
I spent 3 hours on a vendor support call yesterday and basically got told to refresh the connection and clear the cache like I'm some kind of idiot who doesn't know how computers work. I have a CS degree, I understand how APIs are supposed to function, these systems are just poorly built.
Everything claims seamless integration but really it's a bunch of manual workarounds and constant firefighting. I seriously started considering consolidating to fewer vendors even if we lose some functionality, just to stop dealing with integration headaches every single day.
Do larger hotel groups deal with this constantly or is it just mid-size operations like ours that get screwed? Anyone successfully consolidated their tech stack and actually seen improvement?
https://redd.it/1p8swgg
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
Distributed wan monitoring system.
Our network is currently a star configuration of a core network and a load of remote branch offices connected over fixed vpns. We occasionally have speed or connectivity issues and it would help if we had a non-user machine on site that we could connect to and do testing, and diagnostics etc. as well as something to record historical statistics for various local metrics.
My proposed "solution" at the moment would be getting something like a raspberry pi or similar micro pc running linux to effectively sit as a client on these branch offices. We could then run docker with containers for things like "SmokePing", "MySpeed", "OpenSpeedTest" and similar tools to give us some live and historical statistics on the connections, as well as tailscale so we can still get on to it if/when the WAN vpn drops to aid management and diagnostics of the local devices to avoid sending someone out to the sites.
This is technically a workable solution, but feels a bit klunky. Is there an off the shelf appliance that could give us this functionality? Or possibly a one click install rather than having to setup and maintain multiple monitoring products?
We are predominately a MS/Azure/Windows house, so any linux based options are frowned upon, but not completely ruled out. So anything that simplifies the setup is a benefit.
I have had a look around and couldnt find anything that seems to meet the bill. There are a lot of tools that do middle-out monitoring like solarwinds, cacti, zabbix etc. but I've not seen anything that seems to do edge-in monitoring, and certainly nothing that combines that with remote control to allow ssh/https onto edge-local devices.
We also need something that can be easily secured and maintained to comply with the UK Cyber Essentials+ certification.
Any suggestions?
https://redd.it/1p907o1
@r_systemadmin
Our network is currently a star configuration of a core network and a load of remote branch offices connected over fixed vpns. We occasionally have speed or connectivity issues and it would help if we had a non-user machine on site that we could connect to and do testing, and diagnostics etc. as well as something to record historical statistics for various local metrics.
My proposed "solution" at the moment would be getting something like a raspberry pi or similar micro pc running linux to effectively sit as a client on these branch offices. We could then run docker with containers for things like "SmokePing", "MySpeed", "OpenSpeedTest" and similar tools to give us some live and historical statistics on the connections, as well as tailscale so we can still get on to it if/when the WAN vpn drops to aid management and diagnostics of the local devices to avoid sending someone out to the sites.
This is technically a workable solution, but feels a bit klunky. Is there an off the shelf appliance that could give us this functionality? Or possibly a one click install rather than having to setup and maintain multiple monitoring products?
We are predominately a MS/Azure/Windows house, so any linux based options are frowned upon, but not completely ruled out. So anything that simplifies the setup is a benefit.
I have had a look around and couldnt find anything that seems to meet the bill. There are a lot of tools that do middle-out monitoring like solarwinds, cacti, zabbix etc. but I've not seen anything that seems to do edge-in monitoring, and certainly nothing that combines that with remote control to allow ssh/https onto edge-local devices.
We also need something that can be easily secured and maintained to comply with the UK Cyber Essentials+ certification.
Any suggestions?
https://redd.it/1p907o1
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
Does anybody else have issues magically resolve just by looking at them?
I know it sounds cliche but "magic touch" seems to be true for me. A lot of problems get solved as soon as I watch the user show me what’s happening. That's all i wanted to say.
https://redd.it/1p94d2p
@r_systemadmin
I know it sounds cliche but "magic touch" seems to be true for me. A lot of problems get solved as soon as I watch the user show me what’s happening. That's all i wanted to say.
https://redd.it/1p94d2p
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community