Windows 11 is Microsoft trying to be Apple without doing Apple’s homework
Just tried to map a network drive. Simple, right? Clicked “Browse” in the Map Network Drive dialog and got “Insufficient system resources exist to complete the requested service.”
Opened cmd. Ran net use \\SERVER\Share. Worked instantly.
The GUI is literally a broken wrapper around functional tools. In 2025.
This is Windows 11 in a nutshell. Microsoft is having an identity crisis:
• They want Apple’s clean, idiot-proof aesthetic
• So they keep making the Settings app prettier while half the options still dump you into Control Panel from 2009
• They removed easy access to adapter settings, group policy, proper right-click menus — power user stuff
• But the underlying system still NEEDS those tools because it’s the same janky foundation
Apple gets away with “simple” because they control everything and will burn legacy support to the ground without hesitation. When Apple simplifies, the complexity is actually gone.
Microsoft wants the Apple look without doing the work. So we get:
• Rounded corners on top of Win32 spaghetti code from the 90s
• TWO settings apps (neither complete)
• Ads and Bing in the Start menu of an OS we paid for
• Copilot shoved everywhere while File Explorer still chokes on basic network operations
• Features removed “for simplicity” but the complexity is still there, just hidden behind extra clicks
It’s the worst of both worlds. A dumbed-down interface that pretends everything is fine, while the same old demons run underneath. Power users get gaslit by a pastel UI while troubleshooting problems that shouldn’t exist.
We’re not asking for much. Just stop hiding the tools we need while failing to fix the problems that require them.
/rant
https://redd.it/1pfx0mp
@r_systemadmin
Just tried to map a network drive. Simple, right? Clicked “Browse” in the Map Network Drive dialog and got “Insufficient system resources exist to complete the requested service.”
Opened cmd. Ran net use \\SERVER\Share. Worked instantly.
The GUI is literally a broken wrapper around functional tools. In 2025.
This is Windows 11 in a nutshell. Microsoft is having an identity crisis:
• They want Apple’s clean, idiot-proof aesthetic
• So they keep making the Settings app prettier while half the options still dump you into Control Panel from 2009
• They removed easy access to adapter settings, group policy, proper right-click menus — power user stuff
• But the underlying system still NEEDS those tools because it’s the same janky foundation
Apple gets away with “simple” because they control everything and will burn legacy support to the ground without hesitation. When Apple simplifies, the complexity is actually gone.
Microsoft wants the Apple look without doing the work. So we get:
• Rounded corners on top of Win32 spaghetti code from the 90s
• TWO settings apps (neither complete)
• Ads and Bing in the Start menu of an OS we paid for
• Copilot shoved everywhere while File Explorer still chokes on basic network operations
• Features removed “for simplicity” but the complexity is still there, just hidden behind extra clicks
It’s the worst of both worlds. A dumbed-down interface that pretends everything is fine, while the same old demons run underneath. Power users get gaslit by a pastel UI while troubleshooting problems that shouldn’t exist.
We’re not asking for much. Just stop hiding the tools we need while failing to fix the problems that require them.
/rant
https://redd.it/1pfx0mp
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
Managing multiple M365 tenants without losing your sanity – how do you do it?
He Fellow Sysadmins,
We’ve ended up with multiple Microsoft 365 tenants thanks to acquisitions and some “business logic” that made sense at the time (you know how it goes…). Now I’m the lucky one trying to keep them all under control.
Curious how others handle this mess:
Do you have a single pane of glass for monitoring/admin, or is it just a bunch of browser tabs and prayers?
Any tricks for keeping security policies consistent without manually clicking through each tenant?
For context: i have to manage around 5 tenants in total. 1 of 75 user, 3 of 40 users and 1 more with 60.
Also i'm thinking to do tenant to tenant migrations and keep everything in 1 tenant in the end. Feedback on that would be appreciated.
Basically, I’m looking for war stories, best practices, or even “don’t do what we did” horror tales. Anything that makes life easier when you’re juggling more than one tenant.
Cheers!
https://redd.it/1pfzry1
@r_systemadmin
He Fellow Sysadmins,
We’ve ended up with multiple Microsoft 365 tenants thanks to acquisitions and some “business logic” that made sense at the time (you know how it goes…). Now I’m the lucky one trying to keep them all under control.
Curious how others handle this mess:
Do you have a single pane of glass for monitoring/admin, or is it just a bunch of browser tabs and prayers?
Any tricks for keeping security policies consistent without manually clicking through each tenant?
For context: i have to manage around 5 tenants in total. 1 of 75 user, 3 of 40 users and 1 more with 60.
Also i'm thinking to do tenant to tenant migrations and keep everything in 1 tenant in the end. Feedback on that would be appreciated.
Basically, I’m looking for war stories, best practices, or even “don’t do what we did” horror tales. Anything that makes life easier when you’re juggling more than one tenant.
Cheers!
https://redd.it/1pfzry1
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
Is there a version of OneTimeSecret where you can REQUEST one from someone else? Password.link ticks all the boxes but it has almost no online mention or community presence which is a red flag.
So basically I am trying to help a client who often REQUESTS credentials from their clients. I'd like to set up a secure request method for this, but the only elegant solution I found was password.link. However, I'm seeing almost no community discussion online which is skeeving me out a bit.
I basically just want OneTimeSecret to send a request to someone to fill in a secret, and then send it back to me.
I assume there's a reason something like this doesn't exist because the use case seems pretty obvious?
https://redd.it/1pfvjxb
@r_systemadmin
So basically I am trying to help a client who often REQUESTS credentials from their clients. I'd like to set up a secure request method for this, but the only elegant solution I found was password.link. However, I'm seeing almost no community discussion online which is skeeving me out a bit.
I basically just want OneTimeSecret to send a request to someone to fill in a secret, and then send it back to me.
I assume there's a reason something like this doesn't exist because the use case seems pretty obvious?
https://redd.it/1pfvjxb
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
Reassign Global Admins to lower privileged roles?
There are too many global admins in the organization that use it as a catch all role when they don’t know what permissions or role meets the minimum permissions to perform their daily job tasks. They are active as a global admin all day everyday when they may only do global admin-specific tasks for a few hours per month.
We could use PIM for global admins, but it won’t help much if they just activate the global admin role all day everyday because they don’t have another role assignment available that provides the access they need for the majority of their work.
Is there any kind of Azure activity analyzer that audits what tasks certain admins have actually been doing with their current roles and can point you to new roles to assign to replace their global admin role assignment?
https://redd.it/1pg2ocn
@r_systemadmin
There are too many global admins in the organization that use it as a catch all role when they don’t know what permissions or role meets the minimum permissions to perform their daily job tasks. They are active as a global admin all day everyday when they may only do global admin-specific tasks for a few hours per month.
We could use PIM for global admins, but it won’t help much if they just activate the global admin role all day everyday because they don’t have another role assignment available that provides the access they need for the majority of their work.
Is there any kind of Azure activity analyzer that audits what tasks certain admins have actually been doing with their current roles and can point you to new roles to assign to replace their global admin role assignment?
https://redd.it/1pg2ocn
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
How much power does Cloudflare actually have?
The recent hiccups have caused me to look a bit deeper into cloudflares services (very much a beginner) and why everything dies when they do totally scheduled and planned for server maintenance.
I came across a lot of "What to do if I am blocked from a site by them" comments. The answer is invariably "contact that sites admin and tell them u are a good noodle."
How do I contact the admin of a page I am blocked from?
Maybe the cloudflare blocking page thing is supposed to give you an address, but the sites I encountered where badly set up?
What promted the question above was running into a complaint by a (admittedly questionable) website, that cloudflare was placing restrictions on their domain.
What does this mean for a website?
The CF FAQ and Forum don't seem to give a lot of info about their ban-hammer.
Is that only an issue if I was previously their customer, or does this mess with everything?
Thanks in advance!
https://redd.it/1pg3iyx
@r_systemadmin
The recent hiccups have caused me to look a bit deeper into cloudflares services (very much a beginner) and why everything dies when they do totally scheduled and planned for server maintenance.
I came across a lot of "What to do if I am blocked from a site by them" comments. The answer is invariably "contact that sites admin and tell them u are a good noodle."
How do I contact the admin of a page I am blocked from?
Maybe the cloudflare blocking page thing is supposed to give you an address, but the sites I encountered where badly set up?
What promted the question above was running into a complaint by a (admittedly questionable) website, that cloudflare was placing restrictions on their domain.
What does this mean for a website?
The CF FAQ and Forum don't seem to give a lot of info about their ban-hammer.
Is that only an issue if I was previously their customer, or does this mess with everything?
Thanks in advance!
https://redd.it/1pg3iyx
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
How to make your SQL injection attacks obvious
I have a very old website, in ASP, running on old Windows IIS, with old SQL Server. The server itself is isolated, and the database is read only, so I'm not worried. Get regular attempted attacks, but fail2ban slows them down.
Today, I've had almost 164,000 (oops 344,000, forgot the other server) SQL injection attempt requests so far.
The user agent string starts: "Mozilla/5.0 (SymbianOS 9.4; Series60/5.0 NokiaN97-1/10.0.012"
I think I might be able to blanket block that with no worries.
Edit: since the first two comments were critical of my skills and decisions:
it's read only, and there's a proxy in front of it
it's for reference only
it was for a customer that went out of business well over a decade ago
but it's the archives of a magazine that I'm keeping online in case it's useful to some member of the public
It's not "security by obscurity" as one suggested - nothing obscure about it - it's read only - that's the security.
Edit 2: This web site has been running like this for close to a decade, on an isolated VM. Which could be restored from a snapshot if it was ever needed. Never needed it. I only noticed because - for reasons I don't know - fail2ban on the load balancer decided to stop banning anything early today. So fail2ban on the proxy started complaining.
https://redd.it/1pg495f
@r_systemadmin
I have a very old website, in ASP, running on old Windows IIS, with old SQL Server. The server itself is isolated, and the database is read only, so I'm not worried. Get regular attempted attacks, but fail2ban slows them down.
Today, I've had almost 164,000 (oops 344,000, forgot the other server) SQL injection attempt requests so far.
The user agent string starts: "Mozilla/5.0 (SymbianOS 9.4; Series60/5.0 NokiaN97-1/10.0.012"
I think I might be able to blanket block that with no worries.
Edit: since the first two comments were critical of my skills and decisions:
it's read only, and there's a proxy in front of it
it's for reference only
it was for a customer that went out of business well over a decade ago
but it's the archives of a magazine that I'm keeping online in case it's useful to some member of the public
It's not "security by obscurity" as one suggested - nothing obscure about it - it's read only - that's the security.
Edit 2: This web site has been running like this for close to a decade, on an isolated VM. Which could be restored from a snapshot if it was ever needed. Never needed it. I only noticed because - for reasons I don't know - fail2ban on the load balancer decided to stop banning anything early today. So fail2ban on the proxy started complaining.
https://redd.it/1pg495f
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
Hired but worried about underperforming.
So I went through a number of interviews and was hired on for a sysadmin position and I start soon.
I was in the military as a sys admin, but not for long, and never was in one position long to gain a lot of proficiency.
I know a bit of linux, and I know a bit of windows, I've done password resets and everything, but just not a ton.
The interviews were pretty straightforward and asked pretty open ended questions that weren't very technical in nature, but I answered with the experience I do have and was hired, and I'm just worried about not being up to speed.
Thoughts? Advice?
https://redd.it/1pg67l1
@r_systemadmin
So I went through a number of interviews and was hired on for a sysadmin position and I start soon.
I was in the military as a sys admin, but not for long, and never was in one position long to gain a lot of proficiency.
I know a bit of linux, and I know a bit of windows, I've done password resets and everything, but just not a ton.
The interviews were pretty straightforward and asked pretty open ended questions that weren't very technical in nature, but I answered with the experience I do have and was hired, and I'm just worried about not being up to speed.
Thoughts? Advice?
https://redd.it/1pg67l1
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
How did you find your sysadmin mentor?
As the noscript says: how did you find your mentor? I’m new to this role and I’m looking for a mentor to help navigate me to be successful in this role.
https://redd.it/1pg3r2y
@r_systemadmin
As the noscript says: how did you find your mentor? I’m new to this role and I’m looking for a mentor to help navigate me to be successful in this role.
https://redd.it/1pg3r2y
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
AV recommendations
I run a one-man IT services business on the side and can’t yet call myself a Managed Service Provider (MSP). My focus is currently on helping small businesses. Now I need to deploy antivirus software on all users’ desktops. I’m currently using Action1 but might switch to NinjaOne or something similar. I don’t mind patch management.
So, back to the main question: what antivirus or endpoint detection and response (EDR) software should I use? I’m leaning towards BitDefender but I’d appreciate any suggestions.
The software should be easy to use on a cloud level and manageable remotely. It should be low on system resources or at least not hog the entire computer. Additionally, it should allow remote uninstallation and the ability to send users a URL to download and run the software.
If they already have my Action1 agent installed, I’ll use Action1 to deploy it.
Finally, the price must be reasonable. My clients are small businesses, single individuals or traders who can’t afford expensive services.
https://redd.it/1pg5enr
@r_systemadmin
I run a one-man IT services business on the side and can’t yet call myself a Managed Service Provider (MSP). My focus is currently on helping small businesses. Now I need to deploy antivirus software on all users’ desktops. I’m currently using Action1 but might switch to NinjaOne or something similar. I don’t mind patch management.
So, back to the main question: what antivirus or endpoint detection and response (EDR) software should I use? I’m leaning towards BitDefender but I’d appreciate any suggestions.
The software should be easy to use on a cloud level and manageable remotely. It should be low on system resources or at least not hog the entire computer. Additionally, it should allow remote uninstallation and the ability to send users a URL to download and run the software.
If they already have my Action1 agent installed, I’ll use Action1 to deploy it.
Finally, the price must be reasonable. My clients are small businesses, single individuals or traders who can’t afford expensive services.
https://redd.it/1pg5enr
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
Higher Ed: The IT environment I will never work in again
Yesterday, I put in my 2 weeks at a large university that I've been at for less than a year. I feared I'd feel like a failure, but honestly, all I feel is relief.
Relocated my family across the country last March when my wife got an offer for a dream job, (legal). My former job was not keen to let me work remotely, so I quit after 14 years the last 8 of which was basically being "the guy" around anything server or data center. Thought I'd stay in that job until retirement, but it wasn't it the cards. Worked a contract job for about a month, and then landed what appeared to be a fantastic job at a large public university supporting their data center infrastructure.
In hindsight, there were some red flags I overlooked when I interviewed, but at the end of the day the reality of working in higher ed has been nothing short of a complete dumpster fire. Dysfunctional doesn't do justice to how awful things have been.
Senior leaders who have been at the university for 4 decades refusing to act on anything that isn't a rubber stamp. Directors and middle managers who have their heads so far up their own asses that they prefer to ask CoPilot for decisions on proprietary software and policy rather than listen to recommendations from myself or any of my colleagues who literally run the goddamned core infrastructure of the university. Conflicting edicts that both openly violate established policy and the industry norms. Making policy decisions, then leaving the explanation and justification to junior staff members, and refusing to communicate changes to the larger university until "things are going smoothly".
Some faculty members thinking they walk on fucking water because they have an advanced degree, which in their mind somehow makes them exempt from any sort of security standard (especially muti-factor auth). The situation had me so disgruntled that I came to the conclusion that I will never understand how the actual fuck competent people are supposed to work in higher ed.
My interview process required me to have a 1 on 1 interview with the CTO. I have not seen or heard directly from him since, despite him being the project sponsor of 4 of the projects I'm currently serving as lead on. My boss's boss's boss (there are 6 levels of management between me and the CTO) refuses to talk to more than half of my colleagues because of some bullshit argument they had over a decade ago. Pettiness everywhere, and more effort from management to clamp down on dissent than to actually accomplish anything.
Everything came to a head the first week of October. I was asked to present a plan to upgrade some of the oldest hardware in our datacenter, which involves porting an in-house built application that hasn't had a full time employee supporting it since about 2014. The director of my department decided to use the presentation time to try to grill me (with an audience of \~100 university employees on why a bunch of projects I have no part of were off schedule, and spent an entire hour telling me that he didn't believe I had "it". He said that higher ed was likely not a great place for me. When I asked for examples of what I had done wrong, he blabbered for an hour about ITIL and how critical it is to success - aka, he didn't bother answering. All of this in a public forum.
To my fellow higher ed IT folks, I sincerely hope you never have to deal with this level of dysfunction, and I hope my story is an anomaly. Or, at the very least I hope you have a chance to escape any toxic environment.
EDIT - Spelling
https://redd.it/1pge29t
@r_systemadmin
Yesterday, I put in my 2 weeks at a large university that I've been at for less than a year. I feared I'd feel like a failure, but honestly, all I feel is relief.
Relocated my family across the country last March when my wife got an offer for a dream job, (legal). My former job was not keen to let me work remotely, so I quit after 14 years the last 8 of which was basically being "the guy" around anything server or data center. Thought I'd stay in that job until retirement, but it wasn't it the cards. Worked a contract job for about a month, and then landed what appeared to be a fantastic job at a large public university supporting their data center infrastructure.
In hindsight, there were some red flags I overlooked when I interviewed, but at the end of the day the reality of working in higher ed has been nothing short of a complete dumpster fire. Dysfunctional doesn't do justice to how awful things have been.
Senior leaders who have been at the university for 4 decades refusing to act on anything that isn't a rubber stamp. Directors and middle managers who have their heads so far up their own asses that they prefer to ask CoPilot for decisions on proprietary software and policy rather than listen to recommendations from myself or any of my colleagues who literally run the goddamned core infrastructure of the university. Conflicting edicts that both openly violate established policy and the industry norms. Making policy decisions, then leaving the explanation and justification to junior staff members, and refusing to communicate changes to the larger university until "things are going smoothly".
Some faculty members thinking they walk on fucking water because they have an advanced degree, which in their mind somehow makes them exempt from any sort of security standard (especially muti-factor auth). The situation had me so disgruntled that I came to the conclusion that I will never understand how the actual fuck competent people are supposed to work in higher ed.
My interview process required me to have a 1 on 1 interview with the CTO. I have not seen or heard directly from him since, despite him being the project sponsor of 4 of the projects I'm currently serving as lead on. My boss's boss's boss (there are 6 levels of management between me and the CTO) refuses to talk to more than half of my colleagues because of some bullshit argument they had over a decade ago. Pettiness everywhere, and more effort from management to clamp down on dissent than to actually accomplish anything.
Everything came to a head the first week of October. I was asked to present a plan to upgrade some of the oldest hardware in our datacenter, which involves porting an in-house built application that hasn't had a full time employee supporting it since about 2014. The director of my department decided to use the presentation time to try to grill me (with an audience of \~100 university employees on why a bunch of projects I have no part of were off schedule, and spent an entire hour telling me that he didn't believe I had "it". He said that higher ed was likely not a great place for me. When I asked for examples of what I had done wrong, he blabbered for an hour about ITIL and how critical it is to success - aka, he didn't bother answering. All of this in a public forum.
To my fellow higher ed IT folks, I sincerely hope you never have to deal with this level of dysfunction, and I hope my story is an anomaly. Or, at the very least I hope you have a chance to escape any toxic environment.
EDIT - Spelling
https://redd.it/1pge29t
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
What's your organization's employees-per-sysadmin ratio?
Disclaimer: I am not a sysadmin. I work in an organization with 65 people and 1.5 sysadmin, an employees-per-sysadmin ratio of 43.
Most employees have no particular computer skills, but work exclusively with email and documents. But users need to be serviced, passwords reset, servers upgraded, printers repaired, etc.
It's my impression that this ratio of 43 is way too high - our sysadmins have little time to do anything besides the most urgent. But we are a few who frequently have more demanding requests, and we find ourselves competing for our sysadmins' time.
What's the ratio at your workplace, and what would you say is a good ratio?
https://redd.it/1pgf8qv
@r_systemadmin
Disclaimer: I am not a sysadmin. I work in an organization with 65 people and 1.5 sysadmin, an employees-per-sysadmin ratio of 43.
Most employees have no particular computer skills, but work exclusively with email and documents. But users need to be serviced, passwords reset, servers upgraded, printers repaired, etc.
It's my impression that this ratio of 43 is way too high - our sysadmins have little time to do anything besides the most urgent. But we are a few who frequently have more demanding requests, and we find ourselves competing for our sysadmins' time.
What's the ratio at your workplace, and what would you say is a good ratio?
https://redd.it/1pgf8qv
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
NinjaOne - delaying updates till reboot?
When using NinjaOne for patch management of Windows clients (especially Windows updates) we often face stability issues because NinjaOne insists on applying patches to live systems, and only applying a delayed reboot. There's roughly at least one update every two months that was completely unsafe to apply by NinjaOne.
While that works somewhat fine for browser and office applications, we have now repeatedly experienced issues with more specialized applications, and even severe issues like file system corruptions on systems running Docker as several updates (especially Windows updates) were definitely not fine to install while applications or services were still running.
Most common victims are the explorer.exe as well as GPU divers which when installed like that often end up in a state where still running instances are barely surviving, but hot-reloading them then consistently fails until the reboot is applied.
Taking a closer look at how patch management systems for Windows are supposed to operate, is that there's a shutdown hook in which it's usually safe to run any installers, including manually applying Windows updates. But NinjaOne doesn't appear to be using that hook at all, or even support triggering patch management from within that hook?
I would be fine if NinjaOne did force a reboot onto the user and then deferred patching until the system had entered the shutdown hook - but the current state of risking system instability by blindly applying patches to live systems is simply unacceptable to me.
Maybe I'm missing something obvious, but is NinjaOne really not even capable of installing updates correctly in a way that doesn't expose an inconsistent state to the user?
https://redd.it/1pgh1y2
@r_systemadmin
When using NinjaOne for patch management of Windows clients (especially Windows updates) we often face stability issues because NinjaOne insists on applying patches to live systems, and only applying a delayed reboot. There's roughly at least one update every two months that was completely unsafe to apply by NinjaOne.
While that works somewhat fine for browser and office applications, we have now repeatedly experienced issues with more specialized applications, and even severe issues like file system corruptions on systems running Docker as several updates (especially Windows updates) were definitely not fine to install while applications or services were still running.
Most common victims are the explorer.exe as well as GPU divers which when installed like that often end up in a state where still running instances are barely surviving, but hot-reloading them then consistently fails until the reboot is applied.
Taking a closer look at how patch management systems for Windows are supposed to operate, is that there's a shutdown hook in which it's usually safe to run any installers, including manually applying Windows updates. But NinjaOne doesn't appear to be using that hook at all, or even support triggering patch management from within that hook?
I would be fine if NinjaOne did force a reboot onto the user and then deferred patching until the system had entered the shutdown hook - but the current state of risking system instability by blindly applying patches to live systems is simply unacceptable to me.
Maybe I'm missing something obvious, but is NinjaOne really not even capable of installing updates correctly in a way that doesn't expose an inconsistent state to the user?
https://redd.it/1pgh1y2
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
How difficult was it for you to become a System Administrator and reach a peaceful work life?
Hey guys,
I’m trying to understand something real and honest from the sysadmin community.
How many of you started from nothing — poor education, no proper guidance, zero background — but still managed to become a System Administrator because of your own curiosity, questions, observation skills, and unique thought process?
I want to know:
What were the hardest struggles you faced from scratch?
How did you learn complex sysadmin concepts when everything felt like a mystery?
What moments made you feel like, “Okay, maybe my brain actually works differently — maybe I can solve anything if I just observe and ask the right questions”?
How long did it take to finally reach a stable and peaceful work environment?
I’m searching for stories of people who built their entire career only with their brain, problem-solving attitude, and nonstop questioning nature — real geniuses who didn’t come from privileged backgrounds but still cracked this field.
If you are one of those, please share your journey.
Your story might help someone like me who is trying to climb the same mountain.
Thanks in advance! 🙏
https://redd.it/1pge3ev
@r_systemadmin
Hey guys,
I’m trying to understand something real and honest from the sysadmin community.
How many of you started from nothing — poor education, no proper guidance, zero background — but still managed to become a System Administrator because of your own curiosity, questions, observation skills, and unique thought process?
I want to know:
What were the hardest struggles you faced from scratch?
How did you learn complex sysadmin concepts when everything felt like a mystery?
What moments made you feel like, “Okay, maybe my brain actually works differently — maybe I can solve anything if I just observe and ask the right questions”?
How long did it take to finally reach a stable and peaceful work environment?
I’m searching for stories of people who built their entire career only with their brain, problem-solving attitude, and nonstop questioning nature — real geniuses who didn’t come from privileged backgrounds but still cracked this field.
If you are one of those, please share your journey.
Your story might help someone like me who is trying to climb the same mountain.
Thanks in advance! 🙏
https://redd.it/1pge3ev
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
Can a next months MS cumulative update correct a prior months fail to install?
We’re having an issue with Nov cumulative update installing and are hopeful that this months cumulative will correct the issue. On the end points failing to install, deleting the softdist folder contents had corrected the issue. Clearly something broke, but we’re wondering if this month’s will correct it all. Have you guys ever had a ms CU update correct a prior months update fail to install issue?
https://redd.it/1pgif3d
@r_systemadmin
We’re having an issue with Nov cumulative update installing and are hopeful that this months cumulative will correct the issue. On the end points failing to install, deleting the softdist folder contents had corrected the issue. Clearly something broke, but we’re wondering if this month’s will correct it all. Have you guys ever had a ms CU update correct a prior months update fail to install issue?
https://redd.it/1pgif3d
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
Our help desk is drowning. What’s working best for fast-growing orgs?
We went from 150→600 employees in 2 years.
Our Jira setup was okay when we were small, but now everything takes 5 clicks and half the team refuses to update tickets because it’s too slow.
Looking for something that:
• can handle internal operations, not just IT
• automates obvious stuff
• doesn’t require onboarding 20HR/admin people for basics
Curious what other mid-size orgs have adopted while scaling.
https://redd.it/1pgg436
@r_systemadmin
We went from 150→600 employees in 2 years.
Our Jira setup was okay when we were small, but now everything takes 5 clicks and half the team refuses to update tickets because it’s too slow.
Looking for something that:
• can handle internal operations, not just IT
• automates obvious stuff
• doesn’t require onboarding 20HR/admin people for basics
Curious what other mid-size orgs have adopted while scaling.
https://redd.it/1pgg436
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
Anyone monitoring what employees paste into AI browsers?
Seeing more users installing these "AI-first" browsers and I'm wondering if anyone has visibility into what's actually getting pasted into ChatGPT, Claude, or whatever LLM integration they're running. Sure, productivity gains are nice, but feels like we just opened a massive data exfiltration vector.
Traditional DLP doesn't catch this stuff since it's all HTTPS to legitimate domains. Anyone found decent ways to monitor or control what goes into these AI chats? Looking for actual config approaches, not just policy docs.
https://redd.it/1pgl5lj
@r_systemadmin
Seeing more users installing these "AI-first" browsers and I'm wondering if anyone has visibility into what's actually getting pasted into ChatGPT, Claude, or whatever LLM integration they're running. Sure, productivity gains are nice, but feels like we just opened a massive data exfiltration vector.
Traditional DLP doesn't catch this stuff since it's all HTTPS to legitimate domains. Anyone found decent ways to monitor or control what goes into these AI chats? Looking for actual config approaches, not just policy docs.
https://redd.it/1pgl5lj
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
Entra PIM Authentication Context Session Controls trivially bypassed by using "unsupported" browsers.
I noticed that if I use Microsoft Edge in Windows, or Safari on iOS, the authentication contexts Conditional Access policy to require sign-in every time (so the user is prompted to reauthenticate to activate PIM even if they are already signed in with MFA), it works as expected, but if a third party browser like Brave or Firefox Focus is used, the rule is ignored and PIM happens without new authentication.
I noticed someone posted a question to Microsoft about a similar issue last year, but then they claimed in the comments that it magically fixed itself.
PIM MFA Requirement different for Edge & Chrome - Microsoft Q&A
This does not appear to be true, because I can still recreate the issue.
Is this a bug? Otherwise, this is an extremely weak security feature if it is fully relying on any browser the AITM is using choosing to follow the policy or not.
https://redd.it/1pgm3ud
@r_systemadmin
I noticed that if I use Microsoft Edge in Windows, or Safari on iOS, the authentication contexts Conditional Access policy to require sign-in every time (so the user is prompted to reauthenticate to activate PIM even if they are already signed in with MFA), it works as expected, but if a third party browser like Brave or Firefox Focus is used, the rule is ignored and PIM happens without new authentication.
I noticed someone posted a question to Microsoft about a similar issue last year, but then they claimed in the comments that it magically fixed itself.
PIM MFA Requirement different for Edge & Chrome - Microsoft Q&A
This does not appear to be true, because I can still recreate the issue.
Is this a bug? Otherwise, this is an extremely weak security feature if it is fully relying on any browser the AITM is using choosing to follow the policy or not.
https://redd.it/1pgm3ud
@r_systemadmin
Microsoft
PIM MFA Requirement different for Edge & Chrome - Microsoft Q&A
Tags like MFA, PIM and Conditional Access don't exist so I can't add those up there.
We have setup PIM in our environment and setup a Conditional Access Policy to force an MFA prompt with every activation. However, Edge will do it but Chrome will not.…
We have setup PIM in our environment and setup a Conditional Access Policy to force an MFA prompt with every activation. However, Edge will do it but Chrome will not.…
Is this my life now?
I've been in IT for 10+ years now. I've mostly been a jack of all trades, but always wanted to be a sysadmin, and since about 3 years, here I am. I thought I would also be the cool Sysadmin guy, teaching the new guys from Servicedesk, having nerdy fun with my Sysadmin coworkers, collaborating with the cool application, security and network guys, solving complex issues. So what did I find you ask?
Lazy snotnosed Servicedesk employees. No affinity with IT, no experience, no effort, no nothing. All they can do is click the 'Escalate' button and moan when I ask them to troubleshoot before escalating. If the should do any troubleshooting or solving, they want knowledge items on where to click for which problem, not the logic behind the solution.
Every fkn "IT" department within my company feels like the sysadmins should build, maintain, know, document, fix, upgrade their shit. What their own responsibility is? No one knows. My own sysadmin colleagues, one 20 something, same attitude as the service desk guys. One late fifties, in constant panic, no clue what he's doing, breaks what he touches. One guy my age, rather not speaks with me anymore because I hurt his feelings once I guess (called him awesome but too accommodating).
Project managers not knowing anything about It but meddling with anything and everything except managing the project. 2nd and third line colleagues, internal and external, completely clueless. Rather shit talk everyone else and pretend being busy with stuff rather than learning a skill and actually doing the job they're required to do.
The biggest letdown of all.. Security. I've always seen them from a distance and thought it would be pretty cool to work there. Now I work alongside them. The guys fake everything. They try to make me build shit you wouldn't do in a sandbox because of the risks. The senior of the department has no clue about least privilege. Tries to make me nest 8 or 9 Entra roles because he needs to activate them all manually each day. Want me to create service accounts that multiple people will use, so give us the credentials. Want to have personal MS Graph access. When asking them to react to something they state they just make policy. When asking them to make policy, they state they are just advisory. When telling me they want full owner or contributor access or whatever god mode, they are suddenly the messiah's of the company because what if they are required to fix everything when I mess up.
Now.. I'm just constantly tired and angry..
What happened? We're my eyes closed the last years or did something change? Is it my company or is this my life now?
https://redd.it/1pgq68v
@r_systemadmin
I've been in IT for 10+ years now. I've mostly been a jack of all trades, but always wanted to be a sysadmin, and since about 3 years, here I am. I thought I would also be the cool Sysadmin guy, teaching the new guys from Servicedesk, having nerdy fun with my Sysadmin coworkers, collaborating with the cool application, security and network guys, solving complex issues. So what did I find you ask?
Lazy snotnosed Servicedesk employees. No affinity with IT, no experience, no effort, no nothing. All they can do is click the 'Escalate' button and moan when I ask them to troubleshoot before escalating. If the should do any troubleshooting or solving, they want knowledge items on where to click for which problem, not the logic behind the solution.
Every fkn "IT" department within my company feels like the sysadmins should build, maintain, know, document, fix, upgrade their shit. What their own responsibility is? No one knows. My own sysadmin colleagues, one 20 something, same attitude as the service desk guys. One late fifties, in constant panic, no clue what he's doing, breaks what he touches. One guy my age, rather not speaks with me anymore because I hurt his feelings once I guess (called him awesome but too accommodating).
Project managers not knowing anything about It but meddling with anything and everything except managing the project. 2nd and third line colleagues, internal and external, completely clueless. Rather shit talk everyone else and pretend being busy with stuff rather than learning a skill and actually doing the job they're required to do.
The biggest letdown of all.. Security. I've always seen them from a distance and thought it would be pretty cool to work there. Now I work alongside them. The guys fake everything. They try to make me build shit you wouldn't do in a sandbox because of the risks. The senior of the department has no clue about least privilege. Tries to make me nest 8 or 9 Entra roles because he needs to activate them all manually each day. Want me to create service accounts that multiple people will use, so give us the credentials. Want to have personal MS Graph access. When asking them to react to something they state they just make policy. When asking them to make policy, they state they are just advisory. When telling me they want full owner or contributor access or whatever god mode, they are suddenly the messiah's of the company because what if they are required to fix everything when I mess up.
Now.. I'm just constantly tired and angry..
What happened? We're my eyes closed the last years or did something change? Is it my company or is this my life now?
https://redd.it/1pgq68v
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
Freedom of information Act (FOIA) management software
Have a small private org but due the nature of what they do, fall under FOIA. Recently they have been hit with a lot of request and are looking for a system to manage the process.
They have like 5 employees so hoping for something not massive, and looking for cloud based as they have no local infra to run it on.
I know that is a pretty small target, was just seeing if anyone had suggestions or recommendations.
https://redd.it/1pgmq54
@r_systemadmin
Have a small private org but due the nature of what they do, fall under FOIA. Recently they have been hit with a lot of request and are looking for a system to manage the process.
They have like 5 employees so hoping for something not massive, and looking for cloud based as they have no local infra to run it on.
I know that is a pretty small target, was just seeing if anyone had suggestions or recommendations.
https://redd.it/1pgmq54
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
Does anyone else feel like Microsoft logs are written by someone who wasn’t there when the issue happened?
Spent part of today trying to figure out why something failed in M365.
Checked the logs.
They all said the same thing:
“Something happened.”
“Status: Unknown.”
“Result: Failed.”
“Reason: None.”
It’s like the logs are telling me, “Yes, it broke. No, we will not explain ourselves.”
Maybe I’m just tired, but does Microsoft ever give you a log entry that actually helps you understand what went wrong??
https://redd.it/1pgsxif
@r_systemadmin
Spent part of today trying to figure out why something failed in M365.
Checked the logs.
They all said the same thing:
“Something happened.”
“Status: Unknown.”
“Result: Failed.”
“Reason: None.”
It’s like the logs are telling me, “Yes, it broke. No, we will not explain ourselves.”
Maybe I’m just tired, but does Microsoft ever give you a log entry that actually helps you understand what went wrong??
https://redd.it/1pgsxif
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
Solution to allow end users to self-service install applications that are then patched regularly without local admin rights.
Hello reditors,
Alright, so I'm looking for a solution that allows end users to install software without local admin rights, and once the software is installed, it's regularly patched.
Ideally, I want this to be automated, where the end user simply goes to an ITSM and initiates the request.
I am aware that licensing for deployed applications will also be an issue.
I'm in a Greenfield environment, so I can roll out whatever I want, and the cost is actually not a concern.
I use SolarWinds as my help desk, and I'm unsure about the available integration options. However, we can also consider alternatives and displace SolarWinds.
I was thinking something along the lines of Intune, combined with BeyondTrust or CyberArk, as well as PatchMyPC. That's just an initial concept.
Our end-user assets are all Windows 11.
I'm open to all Enterprise Grade solutions.
TIA
https://redd.it/1pguauy
@r_systemadmin
Hello reditors,
Alright, so I'm looking for a solution that allows end users to install software without local admin rights, and once the software is installed, it's regularly patched.
Ideally, I want this to be automated, where the end user simply goes to an ITSM and initiates the request.
I am aware that licensing for deployed applications will also be an issue.
I'm in a Greenfield environment, so I can roll out whatever I want, and the cost is actually not a concern.
I use SolarWinds as my help desk, and I'm unsure about the available integration options. However, we can also consider alternatives and displace SolarWinds.
I was thinking something along the lines of Intune, combined with BeyondTrust or CyberArk, as well as PatchMyPC. That's just an initial concept.
Our end-user assets are all Windows 11.
I'm open to all Enterprise Grade solutions.
TIA
https://redd.it/1pguauy
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community