Anyone else been force promoted?
I have been in IT for about 10 years now. I have been at the same company the whole time. The company wants me to step into a cyber security director role against my will lol. It feels like I live in a clown world sometimes. The impostor syndrome is real. I have been an soc analyst for 2 years....
I absolutely want nothing to do with managing people. Systems are much easier in my mind. So I am curious is it worth leaving a company that is forcing a promotion that I dont want? Important to add they have not delivered any raise yet. They also havent gotten that kind of work out of me yet because I won't do the work without the pay. Supposedly the money is on the way.
Supporting a few hundred servers and about 1500 endpoints.
Anyone else experience this or something similar? How did you handle it? If the answer is leave I am willing to I just love the people I work with and thats hard to find.
I do well on my own. I dont like to be stuck between my friends and top management. Translating that mess = a monkey humping a football!
I feel like maintaining my peace at this point is a more intelligent move, or maybe I should stop being a little bitch and "sack up" as they say? Embrace the suffering 🤷♂️.
Let's say I do stay, I would be managing two security team members two analysts and one engineer at some point. How much of a salary should I ask for? Thanks reddit mob in advance!
https://redd.it/1pim1de
@r_systemadmin
I have been in IT for about 10 years now. I have been at the same company the whole time. The company wants me to step into a cyber security director role against my will lol. It feels like I live in a clown world sometimes. The impostor syndrome is real. I have been an soc analyst for 2 years....
I absolutely want nothing to do with managing people. Systems are much easier in my mind. So I am curious is it worth leaving a company that is forcing a promotion that I dont want? Important to add they have not delivered any raise yet. They also havent gotten that kind of work out of me yet because I won't do the work without the pay. Supposedly the money is on the way.
Supporting a few hundred servers and about 1500 endpoints.
Anyone else experience this or something similar? How did you handle it? If the answer is leave I am willing to I just love the people I work with and thats hard to find.
I do well on my own. I dont like to be stuck between my friends and top management. Translating that mess = a monkey humping a football!
I feel like maintaining my peace at this point is a more intelligent move, or maybe I should stop being a little bitch and "sack up" as they say? Embrace the suffering 🤷♂️.
Let's say I do stay, I would be managing two security team members two analysts and one engineer at some point. How much of a salary should I ask for? Thanks reddit mob in advance!
https://redd.it/1pim1de
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
How do you handle certified destruction of HDDs/SSDs during large fleet refreshes?
In large-scale replacement scenarios, I keep seeing three recurring paths: NIST 800-88 overwrite for HDDs (one pass + verification), crypto-erase for SSDs where the controller supports it, and, when it doesn’t, physical destruction with controlled particle size. What mattered for us was having serial-to-device mapping before and after, a verifiable chain of custody, and reports that can go straight to auditors without extra translation.
For big batches we used E-Waste Squad specifically for the operational side: uniformed team and tamper seals at pickup, tight per-serial inventory, destruction certificates delivered within 24 hours, and reports that include serial matching plus timestamps for each stage. It also helped that their processes align with R2v3, ISO 14001, NAID AAA, and NIST 800-88-documented erasure, which cut down audit friction.
What do you require in the SOW when you outsource ITAD: on-site witness, photo/video of shredding, sub-24h SLA for certificates, CSV/JSON serial exports, or even on-site destruction for certain media?
https://redd.it/1pih7nd
@r_systemadmin
In large-scale replacement scenarios, I keep seeing three recurring paths: NIST 800-88 overwrite for HDDs (one pass + verification), crypto-erase for SSDs where the controller supports it, and, when it doesn’t, physical destruction with controlled particle size. What mattered for us was having serial-to-device mapping before and after, a verifiable chain of custody, and reports that can go straight to auditors without extra translation.
For big batches we used E-Waste Squad specifically for the operational side: uniformed team and tamper seals at pickup, tight per-serial inventory, destruction certificates delivered within 24 hours, and reports that include serial matching plus timestamps for each stage. It also helped that their processes align with R2v3, ISO 14001, NAID AAA, and NIST 800-88-documented erasure, which cut down audit friction.
What do you require in the SOW when you outsource ITAD: on-site witness, photo/video of shredding, sub-24h SLA for certificates, CSV/JSON serial exports, or even on-site destruction for certain media?
https://redd.it/1pih7nd
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
I now understand why other IT teams hate service desk
I started on a service desk, moved my way to L2&3 support then now to where I am in cyber security and while on service desk never really understood the animosity other people had for SD, I now really do! Whether it is the rambling "documentation", no troubleshooting or just lack of screenshots forcing me to chase up with the end user rather than actually fix the problem.
The issue is that while there are some amazing people working on it the majority are terrible. Something I forget is that most decent support people move out of SD as fast as possible so that the remaining are just shite.
Don't say "we did some troubleshooting" then not document what you actually did, and for the love of christ I'd take a blurry screenshot or even you taking a pic of the screen with your phone over nothing at all.
\- signed frustrated AF support person
https://redd.it/1pioxb2
@r_systemadmin
I started on a service desk, moved my way to L2&3 support then now to where I am in cyber security and while on service desk never really understood the animosity other people had for SD, I now really do! Whether it is the rambling "documentation", no troubleshooting or just lack of screenshots forcing me to chase up with the end user rather than actually fix the problem.
The issue is that while there are some amazing people working on it the majority are terrible. Something I forget is that most decent support people move out of SD as fast as possible so that the remaining are just shite.
Don't say "we did some troubleshooting" then not document what you actually did, and for the love of christ I'd take a blurry screenshot or even you taking a pic of the screen with your phone over nothing at all.
\- signed frustrated AF support person
https://redd.it/1pioxb2
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
At some point in the past 10 years, configuration management went from open-source, to mostly paid/gatekept solutions...
I've been somewhat behind on employing configuration management software to standardize VMs: its only recently I have a stable enough environment to attempt this on again. That being said, the landscape is... changed...
* Salt's still around, but it's owned by VMWare, now Broadcom. Given Broadcom's behavior of late, I am weary of trying Salt again without running into some future license/legal demand.
* Perforce owns Puppet now: If you have less than 25 nodes, you're good, else expect to pay otherwise.
* Chef is now owned by some AI-focused firm: there appears to be a free version for non-commercial use, but the listed OS support is somewhat out-of-date.
* There's Rudder: it has a free tier, but it doesn't include Windows systems for endpoints.
* There's Terraform from HashiCorp, now owned by IBM: not really suited for my use case, but an option for others with "fleets" of systems.
* It looks like technically you can use Ansible (owned by RedHat, who's also owned by IBM) without a paid plan? Just need to be semi-proficient in Python.
* The one "truly free" option I found is Capistrano: requires some Ruby knowledge but appears to work for hosted application deployment; not sure about state-enforcement.
Right now, I have queries out to Perforce and Rudder for my small-scale environment, else I might forge ahead with an Ansible deployment. Otherwise, the purpose of this post is to let folks know what I found, and maybe find out if there are newer options not on my radar.
https://redd.it/1pip1ui
@r_systemadmin
I've been somewhat behind on employing configuration management software to standardize VMs: its only recently I have a stable enough environment to attempt this on again. That being said, the landscape is... changed...
* Salt's still around, but it's owned by VMWare, now Broadcom. Given Broadcom's behavior of late, I am weary of trying Salt again without running into some future license/legal demand.
* Perforce owns Puppet now: If you have less than 25 nodes, you're good, else expect to pay otherwise.
* Chef is now owned by some AI-focused firm: there appears to be a free version for non-commercial use, but the listed OS support is somewhat out-of-date.
* There's Rudder: it has a free tier, but it doesn't include Windows systems for endpoints.
* There's Terraform from HashiCorp, now owned by IBM: not really suited for my use case, but an option for others with "fleets" of systems.
* It looks like technically you can use Ansible (owned by RedHat, who's also owned by IBM) without a paid plan? Just need to be semi-proficient in Python.
* The one "truly free" option I found is Capistrano: requires some Ruby knowledge but appears to work for hosted application deployment; not sure about state-enforcement.
Right now, I have queries out to Perforce and Rudder for my small-scale environment, else I might forge ahead with an Ansible deployment. Otherwise, the purpose of this post is to let folks know what I found, and maybe find out if there are newer options not on my radar.
https://redd.it/1pip1ui
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
Auditor asking for access review evidence we never recorded
We’re going through our SOC 2 renewal and the auditor is asking for evidence for everything (2024) like access reviews, onboarding/offboarding everything
Problem is this:
No one stored anything we don't have any screenshots or logs. The guy who owned security left six months ago and apparently he didn't document and keep track of everything
Now leadership is asking me to ‘recreate’ what happened last year (in my head I think it's impossible but I don't wanna give an answer without being 100% sure)
What do you suggest me to do?
https://redd.it/1pir9oi
@r_systemadmin
We’re going through our SOC 2 renewal and the auditor is asking for evidence for everything (2024) like access reviews, onboarding/offboarding everything
Problem is this:
No one stored anything we don't have any screenshots or logs. The guy who owned security left six months ago and apparently he didn't document and keep track of everything
Now leadership is asking me to ‘recreate’ what happened last year (in my head I think it's impossible but I don't wanna give an answer without being 100% sure)
What do you suggest me to do?
https://redd.it/1pir9oi
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
So tired of running into C-Levels who think Cloud/SAAS and Outsourcing are the answer to everything.
I’m so tired of having to change jobs every one to three years because a new CIO or CEO comes in and immediately decides, “Let’s move everything to the cloud or to SaaS, and then we can outsource whatever little in-house work is left.” They act as if we’re supposed to be cool with it—or even excited—that our jobs will disappear in a few months.
I see this pattern at every corporation I join.
How do others handle what feels like a constant, never-ending issue?
https://redd.it/1pisx29
@r_systemadmin
I’m so tired of having to change jobs every one to three years because a new CIO or CEO comes in and immediately decides, “Let’s move everything to the cloud or to SaaS, and then we can outsource whatever little in-house work is left.” They act as if we’re supposed to be cool with it—or even excited—that our jobs will disappear in a few months.
I see this pattern at every corporation I join.
How do others handle what feels like a constant, never-ending issue?
https://redd.it/1pisx29
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
Microsoft 365 issues in Australia again?
Outlook isn't syncing, can't access admin centre from any internet connection.
https://redd.it/1pirgju
@r_systemadmin
Outlook isn't syncing, can't access admin centre from any internet connection.
https://redd.it/1pirgju
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
I am in Remote Desktop Hell
I am two months into a new System Admin position and things are going pretty well overall, except for the Remote Desktop environment. I’m reaching out here as a last-ditch effort and hoping to draw on some of y’all’s experience.
Basically, for the last several years the RDS environment has been dealing with a whole range of problems. Users get profile-loading errors, sometimes they connect and just get a black screen, and most frustratingly there are random disconnects that seem to hit without any real pattern. Thin clients especially will drop the RDP session after being logged in for about two minutes. Event Viewer on the hosts hasn’t been very helpful, but on the client side I’m consistently seeing a TCP socket error. At this point I feel like I live in Event Viewer and I’m constantly chasing my tail with nothing ever actually improving the connection.
It is a Windows Server 2022 RDS environment supporting under 1000 users.
What I Have Tried:
I’ve made a number of changes through Group Policy, including adjusting session timeouts, security settings, and RDP encryption levels. I’ve combed through the logs on both the hosts and the clients repeatedly trying to correlate disconnects with any specific event. I’ve checked the health of the broker, verified certificates, and confirmed licensing is functioning. I have even captured packets in Wireshark to try and see what the disconnects look like on the wire, but nothing has clearly pointed to a single root cause. Despite all of this effort, (This really has consumed my last couple of weeks) I have seen minor improvement on the profile errors and basically no improvement on the disconnects.
https://redd.it/1pirnfi
@r_systemadmin
I am two months into a new System Admin position and things are going pretty well overall, except for the Remote Desktop environment. I’m reaching out here as a last-ditch effort and hoping to draw on some of y’all’s experience.
Basically, for the last several years the RDS environment has been dealing with a whole range of problems. Users get profile-loading errors, sometimes they connect and just get a black screen, and most frustratingly there are random disconnects that seem to hit without any real pattern. Thin clients especially will drop the RDP session after being logged in for about two minutes. Event Viewer on the hosts hasn’t been very helpful, but on the client side I’m consistently seeing a TCP socket error. At this point I feel like I live in Event Viewer and I’m constantly chasing my tail with nothing ever actually improving the connection.
It is a Windows Server 2022 RDS environment supporting under 1000 users.
What I Have Tried:
I’ve made a number of changes through Group Policy, including adjusting session timeouts, security settings, and RDP encryption levels. I’ve combed through the logs on both the hosts and the clients repeatedly trying to correlate disconnects with any specific event. I’ve checked the health of the broker, verified certificates, and confirmed licensing is functioning. I have even captured packets in Wireshark to try and see what the disconnects look like on the wire, but nothing has clearly pointed to a single root cause. Despite all of this effort, (This really has consumed my last couple of weeks) I have seen minor improvement on the profile errors and basically no improvement on the disconnects.
https://redd.it/1pirnfi
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
Anyone actually pulling Entra risk/NHI signals into their SASE console yet?
Trying to get real Entra identity health (user risk, signIn anomalies, NHI scores, leaky token alerts, etc.) to show up natively in our SASE dashboard (Cato, Netskope, Zscaler, whatever) instead of just basic "user authenticated" events.
Docs only talk about the standard Entra IDP connector. Nothing about the deeper risk telemetry or identity protection feed.
Has anyone cracked this in production? Graph API polling? SCIM hack? Direct feed from Defender for Identity?
Real experiences only, please. Thanks. (Im already convinced that it might not be possible but still need to see if by any chance there is any possibility?
https://redd.it/1pizuc9
@r_systemadmin
Trying to get real Entra identity health (user risk, signIn anomalies, NHI scores, leaky token alerts, etc.) to show up natively in our SASE dashboard (Cato, Netskope, Zscaler, whatever) instead of just basic "user authenticated" events.
Docs only talk about the standard Entra IDP connector. Nothing about the deeper risk telemetry or identity protection feed.
Has anyone cracked this in production? Graph API polling? SCIM hack? Direct feed from Defender for Identity?
Real experiences only, please. Thanks. (Im already convinced that it might not be possible but still need to see if by any chance there is any possibility?
https://redd.it/1pizuc9
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
Print drivers
Hi All,
I updated the driver for our canon copiers on our Windows print server. Most of our devices have received the new driver and are working fine. However, it seems some of our devices are holding on to the old driver, and only obtaining basic settings from the copier. (only A4 size paper, no hole punch, etc.) Is there a way I can force this driver to update on the end user side? I've been having to manually grab the device, stop the spooler, delete the driver, start the spooler, and reboot. I'm not sure how many of these are broken like this in the wild, so i'd like to find a better method.
https://redd.it/1pj5fxk
@r_systemadmin
Hi All,
I updated the driver for our canon copiers on our Windows print server. Most of our devices have received the new driver and are working fine. However, it seems some of our devices are holding on to the old driver, and only obtaining basic settings from the copier. (only A4 size paper, no hole punch, etc.) Is there a way I can force this driver to update on the end user side? I've been having to manually grab the device, stop the spooler, delete the driver, start the spooler, and reboot. I'm not sure how many of these are broken like this in the wild, so i'd like to find a better method.
https://redd.it/1pj5fxk
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
What do you do when a vendor screws up?
I work for a small local government org. We have to do some minor broadcasting of meetings which I will admit is a bit out of my realm. We recently had some issues during a meeting and found out that they were due to a switch losing a config after a power outage that a vendor forgot to save... While we have a good relationship with them, it's hard to swallow paying a service fee which will probably only be about $1k maybe even less. Would you hammer them to cover it or let it slide?
https://redd.it/1pj2wyo
@r_systemadmin
I work for a small local government org. We have to do some minor broadcasting of meetings which I will admit is a bit out of my realm. We recently had some issues during a meeting and found out that they were due to a switch losing a config after a power outage that a vendor forgot to save... While we have a good relationship with them, it's hard to swallow paying a service fee which will probably only be about $1k maybe even less. Would you hammer them to cover it or let it slide?
https://redd.it/1pj2wyo
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
VMware
Any of you guys being f-ed over by your VMware renewal this year? Ours went from 11k last year to 65k this year.
https://redd.it/1pj7z68
@r_systemadmin
Any of you guys being f-ed over by your VMware renewal this year? Ours went from 11k last year to 65k this year.
https://redd.it/1pj7z68
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
Windows Server 2019 is rebooting itself when updates are applied, even though I have it turned off
I have a Windows 2019 Server hosted on Azure that rebooted itself during the day yesterday which brought our production system down.
The message in the System Event Log is:
The process C:\Windows\system32\svchost.exe (MyServerSQL) has initiated the restart of computer MyServerSQL on behalf of user NT AUTHORITY\SYSTEM for the following reason: Operating System: Service pack (Planned)
Reason Code: 0x80020010
Shutdown Type: restart
We are a small company that doesn't have a sysadmin, and I'm a developer trying to manage these systems. I have turned off the "reboot after update" on the Windows Update Manager, but I've obviously missed something.
What can I do to ensure that this isn't rebooted unless I say so?
https://redd.it/1pj5boi
@r_systemadmin
I have a Windows 2019 Server hosted on Azure that rebooted itself during the day yesterday which brought our production system down.
The message in the System Event Log is:
The process C:\Windows\system32\svchost.exe (MyServerSQL) has initiated the restart of computer MyServerSQL on behalf of user NT AUTHORITY\SYSTEM for the following reason: Operating System: Service pack (Planned)
Reason Code: 0x80020010
Shutdown Type: restart
We are a small company that doesn't have a sysadmin, and I'm a developer trying to manage these systems. I have turned off the "reboot after update" on the Windows Update Manager, but I've obviously missed something.
What can I do to ensure that this isn't rebooted unless I say so?
https://redd.it/1pj5boi
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
So what software do folks use to run VMs these days?
Not bare metal hosting like Proxmox, but running VMs on Windows. My go-to used to be Virtualbox, but it's been awhile since I've messed with this and I wasn't sure if there was a better way.
Apologies if this is a dumb post, I just wanted to make sure I'm using the latest and greatest.
Thanks!
https://redd.it/1pjbn4h
@r_systemadmin
Not bare metal hosting like Proxmox, but running VMs on Windows. My go-to used to be Virtualbox, but it's been awhile since I've messed with this and I wasn't sure if there was a better way.
Apologies if this is a dumb post, I just wanted to make sure I'm using the latest and greatest.
Thanks!
https://redd.it/1pjbn4h
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
Value of VMware ESX-based knowledge?
How worthwhile is it to learn VMware ESX-based virtualization these days? How valuable is this knowledge today? I am considering purchasing a Udemy course on the subject. I am interested in virtualization, but so far I have only had experience with Proxmox.
https://redd.it/1pjdl8d
@r_systemadmin
How worthwhile is it to learn VMware ESX-based virtualization these days? How valuable is this knowledge today? I am considering purchasing a Udemy course on the subject. I am interested in virtualization, but so far I have only had experience with Proxmox.
https://redd.it/1pjdl8d
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
Invoke-WebRequest December 2025 Changes
This month Microsoft made the default deny option for Invoke-WebRequest. For automating you can add -usebasicparsing to bypass the prompt. What stops the actor from just adding -usebasicparsing to their powershell command? It's not like you need admin rights to use it.
https://redd.it/1pj8v3n
@r_systemadmin
This month Microsoft made the default deny option for Invoke-WebRequest. For automating you can add -usebasicparsing to bypass the prompt. What stops the actor from just adding -usebasicparsing to their powershell command? It's not like you need admin rights to use it.
https://redd.it/1pj8v3n
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
Windows 11 Pro RDP not working
I have a single Windows 11 Pro machine (24H2) that will not allow RDP connections. I've enabled RDP, changed the port, disabled the firewall, and rebooted several times, but I'm unable to connect. Netstat -a shows nothing listening on port 3389, which likely explains why I can't connect. The machine is fully patched. Does anyone have any suggestions for something I haven't tried?
Thanks
EDIT: Finally found a solution here
https://redd.it/1pjhqkh
@r_systemadmin
I have a single Windows 11 Pro machine (24H2) that will not allow RDP connections. I've enabled RDP, changed the port, disabled the firewall, and rebooted several times, but I'm unable to connect. Netstat -a shows nothing listening on port 3389, which likely explains why I can't connect. The machine is fully patched. Does anyone have any suggestions for something I haven't tried?
Thanks
EDIT: Finally found a solution here
https://redd.it/1pjhqkh
@r_systemadmin
Microsoft
Windows 2022 server RDP not listening on port 3389 - Microsoft Q&A
Hi,
We have a windows 2022 server that is remote to us and we rely on remote desktop services (admin only).
A recent reboot has broken our RDP sessions to this device - It no longer has port 3389 open.
I have checked all of the registry and current…
We have a windows 2022 server that is remote to us and we rely on remote desktop services (admin only).
A recent reboot has broken our RDP sessions to this device - It no longer has port 3389 open.
I have checked all of the registry and current…
Infuriating - User tried to tell me I was wrong by using ChatGPT
So how many have had this happen to you? Does it drive you insane?
A lab at our facility was having a problem with a lab instrument (ICP-MS) that had lost connection to the computer that was controlling it (via ethernet). It turns out that they were using samples prepared with acid-digestion that were very corrosive, and the computer's connections had corroded to un-usability due to inadequate venting.
This instrument is quite old, and the software cannot run on Windows 11. I explain to him that we can't really purchase new computers with Windows 10, and that new computers don't support Windows 10. I did mention that driver support was the main issue, but didn't get into the details.
He then proceeds to argue with me and insist that we can install Windows 10 on a new computer, and *asks ChatGPT* while on the phone with me! Of course ChatGPT says it can be done, and he basically says, "See, I was right!". Of course then he reads further and at least ChatGPT then notes "you may run into problems with driver support and full functionality of the computer" (duh!), which was my point in the first place.
It drove me insane, it felt *so* disrespectful. I managed not to lose my temper, but I did politely ask him not to doublecheck me against ChatGPT in the future, that if I'm not confident in my knowledge of something, I won't hesitate to tell him.
What especially drives me nuts about this is that they will make decisions based on ChatGPT, but then expect us to *fix* the issues after. I'm fully confident that if he had gone ahead and done this, they would have complained to us if the network ports or sound didn't work due to driver failures.
https://redd.it/1pjn20e
@r_systemadmin
So how many have had this happen to you? Does it drive you insane?
A lab at our facility was having a problem with a lab instrument (ICP-MS) that had lost connection to the computer that was controlling it (via ethernet). It turns out that they were using samples prepared with acid-digestion that were very corrosive, and the computer's connections had corroded to un-usability due to inadequate venting.
This instrument is quite old, and the software cannot run on Windows 11. I explain to him that we can't really purchase new computers with Windows 10, and that new computers don't support Windows 10. I did mention that driver support was the main issue, but didn't get into the details.
He then proceeds to argue with me and insist that we can install Windows 10 on a new computer, and *asks ChatGPT* while on the phone with me! Of course ChatGPT says it can be done, and he basically says, "See, I was right!". Of course then he reads further and at least ChatGPT then notes "you may run into problems with driver support and full functionality of the computer" (duh!), which was my point in the first place.
It drove me insane, it felt *so* disrespectful. I managed not to lose my temper, but I did politely ask him not to doublecheck me against ChatGPT in the future, that if I'm not confident in my knowledge of something, I won't hesitate to tell him.
What especially drives me nuts about this is that they will make decisions based on ChatGPT, but then expect us to *fix* the issues after. I'm fully confident that if he had gone ahead and done this, they would have complained to us if the network ports or sound didn't work due to driver failures.
https://redd.it/1pjn20e
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
Any newsletters y'all follow?
Know any newsletters or creators that gives good, underrated IT advice? Maybe even some pro tips, basically something that makes me stand out?
https://redd.it/1pjnkow
@r_systemadmin
Know any newsletters or creators that gives good, underrated IT advice? Maybe even some pro tips, basically something that makes me stand out?
https://redd.it/1pjnkow
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
Built a VPN manager using pure wireguard and iptables (multi-node, fault-tolerant)
Blog
I built a full VPN management system for our internal infrastructure for my internship. The idea was to create a single, secure entry point into all private services without exposing anything to the public internet. Users authenticate with a pre-auth key, get their WireGuard configuration automatically, and the system handles the entire lifecycle of provisioning, routing, and restricting what each user can access.
The backend is written in Go and controls everything: generating keys, assigning IPs, applying firewall rules, adding and removing WireGuard peers, and managing role-based access. The VPN servers run with a strict iptables setup where nothing is allowed by default. Each user’s access is explicitly granted based on their role, and all forwarding rules are created dynamically.
The cluster itself runs in a high-availability layout with one master and multiple slave servers behind a virtual IP. Because the servers communicate through a WireGuard overlay instead of a physical LAN, normal failover mechanisms do not work. So the client takes responsibility for detecting which server is active and switches automatically.
I also added support for dynamic subnet advertisement and VPN-only ports, so new internal networks and restricted services can be exposed to the team instantly. The goal was to make the VPN the single gateway to everything private, while keeping the setup predictable and secure for the developers using it.
Read the blog and share your thoughts guys.
https://redd.it/1pjosnn
@r_systemadmin
Blog
I built a full VPN management system for our internal infrastructure for my internship. The idea was to create a single, secure entry point into all private services without exposing anything to the public internet. Users authenticate with a pre-auth key, get their WireGuard configuration automatically, and the system handles the entire lifecycle of provisioning, routing, and restricting what each user can access.
The backend is written in Go and controls everything: generating keys, assigning IPs, applying firewall rules, adding and removing WireGuard peers, and managing role-based access. The VPN servers run with a strict iptables setup where nothing is allowed by default. Each user’s access is explicitly granted based on their role, and all forwarding rules are created dynamically.
The cluster itself runs in a high-availability layout with one master and multiple slave servers behind a virtual IP. Because the servers communicate through a WireGuard overlay instead of a physical LAN, normal failover mechanisms do not work. So the client takes responsibility for detecting which server is active and switches automatically.
I also added support for dynamic subnet advertisement and VPN-only ports, so new internal networks and restricted services can be exposed to the team instantly. The goal was to make the VPN the single gateway to everything private, while keeping the setup predictable and secure for the developers using it.
Read the blog and share your thoughts guys.
https://redd.it/1pjosnn
@r_systemadmin
Best junior system admin pathway
If you had to start from zero. No degree no certificate - where would you restart, timeline, and how would you reproach it all?
Catch is you have 1 year to land your that role. As a reminder, no it work experience and certs / volunteer work are your way in.
https://redd.it/1pjpsl9
@r_systemadmin
If you had to start from zero. No degree no certificate - where would you restart, timeline, and how would you reproach it all?
Catch is you have 1 year to land your that role. As a reminder, no it work experience and certs / volunteer work are your way in.
https://redd.it/1pjpsl9
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community