So tired of running into C-Levels who think Cloud/SAAS and Outsourcing are the answer to everything.
I’m so tired of having to change jobs every one to three years because a new CIO or CEO comes in and immediately decides, “Let’s move everything to the cloud or to SaaS, and then we can outsource whatever little in-house work is left.” They act as if we’re supposed to be cool with it—or even excited—that our jobs will disappear in a few months.
I see this pattern at every corporation I join.
How do others handle what feels like a constant, never-ending issue?
https://redd.it/1pisx29
@r_systemadmin
I’m so tired of having to change jobs every one to three years because a new CIO or CEO comes in and immediately decides, “Let’s move everything to the cloud or to SaaS, and then we can outsource whatever little in-house work is left.” They act as if we’re supposed to be cool with it—or even excited—that our jobs will disappear in a few months.
I see this pattern at every corporation I join.
How do others handle what feels like a constant, never-ending issue?
https://redd.it/1pisx29
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
Microsoft 365 issues in Australia again?
Outlook isn't syncing, can't access admin centre from any internet connection.
https://redd.it/1pirgju
@r_systemadmin
Outlook isn't syncing, can't access admin centre from any internet connection.
https://redd.it/1pirgju
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
I am in Remote Desktop Hell
I am two months into a new System Admin position and things are going pretty well overall, except for the Remote Desktop environment. I’m reaching out here as a last-ditch effort and hoping to draw on some of y’all’s experience.
Basically, for the last several years the RDS environment has been dealing with a whole range of problems. Users get profile-loading errors, sometimes they connect and just get a black screen, and most frustratingly there are random disconnects that seem to hit without any real pattern. Thin clients especially will drop the RDP session after being logged in for about two minutes. Event Viewer on the hosts hasn’t been very helpful, but on the client side I’m consistently seeing a TCP socket error. At this point I feel like I live in Event Viewer and I’m constantly chasing my tail with nothing ever actually improving the connection.
It is a Windows Server 2022 RDS environment supporting under 1000 users.
What I Have Tried:
I’ve made a number of changes through Group Policy, including adjusting session timeouts, security settings, and RDP encryption levels. I’ve combed through the logs on both the hosts and the clients repeatedly trying to correlate disconnects with any specific event. I’ve checked the health of the broker, verified certificates, and confirmed licensing is functioning. I have even captured packets in Wireshark to try and see what the disconnects look like on the wire, but nothing has clearly pointed to a single root cause. Despite all of this effort, (This really has consumed my last couple of weeks) I have seen minor improvement on the profile errors and basically no improvement on the disconnects.
https://redd.it/1pirnfi
@r_systemadmin
I am two months into a new System Admin position and things are going pretty well overall, except for the Remote Desktop environment. I’m reaching out here as a last-ditch effort and hoping to draw on some of y’all’s experience.
Basically, for the last several years the RDS environment has been dealing with a whole range of problems. Users get profile-loading errors, sometimes they connect and just get a black screen, and most frustratingly there are random disconnects that seem to hit without any real pattern. Thin clients especially will drop the RDP session after being logged in for about two minutes. Event Viewer on the hosts hasn’t been very helpful, but on the client side I’m consistently seeing a TCP socket error. At this point I feel like I live in Event Viewer and I’m constantly chasing my tail with nothing ever actually improving the connection.
It is a Windows Server 2022 RDS environment supporting under 1000 users.
What I Have Tried:
I’ve made a number of changes through Group Policy, including adjusting session timeouts, security settings, and RDP encryption levels. I’ve combed through the logs on both the hosts and the clients repeatedly trying to correlate disconnects with any specific event. I’ve checked the health of the broker, verified certificates, and confirmed licensing is functioning. I have even captured packets in Wireshark to try and see what the disconnects look like on the wire, but nothing has clearly pointed to a single root cause. Despite all of this effort, (This really has consumed my last couple of weeks) I have seen minor improvement on the profile errors and basically no improvement on the disconnects.
https://redd.it/1pirnfi
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
Anyone actually pulling Entra risk/NHI signals into their SASE console yet?
Trying to get real Entra identity health (user risk, signIn anomalies, NHI scores, leaky token alerts, etc.) to show up natively in our SASE dashboard (Cato, Netskope, Zscaler, whatever) instead of just basic "user authenticated" events.
Docs only talk about the standard Entra IDP connector. Nothing about the deeper risk telemetry or identity protection feed.
Has anyone cracked this in production? Graph API polling? SCIM hack? Direct feed from Defender for Identity?
Real experiences only, please. Thanks. (Im already convinced that it might not be possible but still need to see if by any chance there is any possibility?
https://redd.it/1pizuc9
@r_systemadmin
Trying to get real Entra identity health (user risk, signIn anomalies, NHI scores, leaky token alerts, etc.) to show up natively in our SASE dashboard (Cato, Netskope, Zscaler, whatever) instead of just basic "user authenticated" events.
Docs only talk about the standard Entra IDP connector. Nothing about the deeper risk telemetry or identity protection feed.
Has anyone cracked this in production? Graph API polling? SCIM hack? Direct feed from Defender for Identity?
Real experiences only, please. Thanks. (Im already convinced that it might not be possible but still need to see if by any chance there is any possibility?
https://redd.it/1pizuc9
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
Print drivers
Hi All,
I updated the driver for our canon copiers on our Windows print server. Most of our devices have received the new driver and are working fine. However, it seems some of our devices are holding on to the old driver, and only obtaining basic settings from the copier. (only A4 size paper, no hole punch, etc.) Is there a way I can force this driver to update on the end user side? I've been having to manually grab the device, stop the spooler, delete the driver, start the spooler, and reboot. I'm not sure how many of these are broken like this in the wild, so i'd like to find a better method.
https://redd.it/1pj5fxk
@r_systemadmin
Hi All,
I updated the driver for our canon copiers on our Windows print server. Most of our devices have received the new driver and are working fine. However, it seems some of our devices are holding on to the old driver, and only obtaining basic settings from the copier. (only A4 size paper, no hole punch, etc.) Is there a way I can force this driver to update on the end user side? I've been having to manually grab the device, stop the spooler, delete the driver, start the spooler, and reboot. I'm not sure how many of these are broken like this in the wild, so i'd like to find a better method.
https://redd.it/1pj5fxk
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
What do you do when a vendor screws up?
I work for a small local government org. We have to do some minor broadcasting of meetings which I will admit is a bit out of my realm. We recently had some issues during a meeting and found out that they were due to a switch losing a config after a power outage that a vendor forgot to save... While we have a good relationship with them, it's hard to swallow paying a service fee which will probably only be about $1k maybe even less. Would you hammer them to cover it or let it slide?
https://redd.it/1pj2wyo
@r_systemadmin
I work for a small local government org. We have to do some minor broadcasting of meetings which I will admit is a bit out of my realm. We recently had some issues during a meeting and found out that they were due to a switch losing a config after a power outage that a vendor forgot to save... While we have a good relationship with them, it's hard to swallow paying a service fee which will probably only be about $1k maybe even less. Would you hammer them to cover it or let it slide?
https://redd.it/1pj2wyo
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
VMware
Any of you guys being f-ed over by your VMware renewal this year? Ours went from 11k last year to 65k this year.
https://redd.it/1pj7z68
@r_systemadmin
Any of you guys being f-ed over by your VMware renewal this year? Ours went from 11k last year to 65k this year.
https://redd.it/1pj7z68
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
Windows Server 2019 is rebooting itself when updates are applied, even though I have it turned off
I have a Windows 2019 Server hosted on Azure that rebooted itself during the day yesterday which brought our production system down.
The message in the System Event Log is:
The process C:\Windows\system32\svchost.exe (MyServerSQL) has initiated the restart of computer MyServerSQL on behalf of user NT AUTHORITY\SYSTEM for the following reason: Operating System: Service pack (Planned)
Reason Code: 0x80020010
Shutdown Type: restart
We are a small company that doesn't have a sysadmin, and I'm a developer trying to manage these systems. I have turned off the "reboot after update" on the Windows Update Manager, but I've obviously missed something.
What can I do to ensure that this isn't rebooted unless I say so?
https://redd.it/1pj5boi
@r_systemadmin
I have a Windows 2019 Server hosted on Azure that rebooted itself during the day yesterday which brought our production system down.
The message in the System Event Log is:
The process C:\Windows\system32\svchost.exe (MyServerSQL) has initiated the restart of computer MyServerSQL on behalf of user NT AUTHORITY\SYSTEM for the following reason: Operating System: Service pack (Planned)
Reason Code: 0x80020010
Shutdown Type: restart
We are a small company that doesn't have a sysadmin, and I'm a developer trying to manage these systems. I have turned off the "reboot after update" on the Windows Update Manager, but I've obviously missed something.
What can I do to ensure that this isn't rebooted unless I say so?
https://redd.it/1pj5boi
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
So what software do folks use to run VMs these days?
Not bare metal hosting like Proxmox, but running VMs on Windows. My go-to used to be Virtualbox, but it's been awhile since I've messed with this and I wasn't sure if there was a better way.
Apologies if this is a dumb post, I just wanted to make sure I'm using the latest and greatest.
Thanks!
https://redd.it/1pjbn4h
@r_systemadmin
Not bare metal hosting like Proxmox, but running VMs on Windows. My go-to used to be Virtualbox, but it's been awhile since I've messed with this and I wasn't sure if there was a better way.
Apologies if this is a dumb post, I just wanted to make sure I'm using the latest and greatest.
Thanks!
https://redd.it/1pjbn4h
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
Value of VMware ESX-based knowledge?
How worthwhile is it to learn VMware ESX-based virtualization these days? How valuable is this knowledge today? I am considering purchasing a Udemy course on the subject. I am interested in virtualization, but so far I have only had experience with Proxmox.
https://redd.it/1pjdl8d
@r_systemadmin
How worthwhile is it to learn VMware ESX-based virtualization these days? How valuable is this knowledge today? I am considering purchasing a Udemy course on the subject. I am interested in virtualization, but so far I have only had experience with Proxmox.
https://redd.it/1pjdl8d
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
Invoke-WebRequest December 2025 Changes
This month Microsoft made the default deny option for Invoke-WebRequest. For automating you can add -usebasicparsing to bypass the prompt. What stops the actor from just adding -usebasicparsing to their powershell command? It's not like you need admin rights to use it.
https://redd.it/1pj8v3n
@r_systemadmin
This month Microsoft made the default deny option for Invoke-WebRequest. For automating you can add -usebasicparsing to bypass the prompt. What stops the actor from just adding -usebasicparsing to their powershell command? It's not like you need admin rights to use it.
https://redd.it/1pj8v3n
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
Windows 11 Pro RDP not working
I have a single Windows 11 Pro machine (24H2) that will not allow RDP connections. I've enabled RDP, changed the port, disabled the firewall, and rebooted several times, but I'm unable to connect. Netstat -a shows nothing listening on port 3389, which likely explains why I can't connect. The machine is fully patched. Does anyone have any suggestions for something I haven't tried?
Thanks
EDIT: Finally found a solution here
https://redd.it/1pjhqkh
@r_systemadmin
I have a single Windows 11 Pro machine (24H2) that will not allow RDP connections. I've enabled RDP, changed the port, disabled the firewall, and rebooted several times, but I'm unable to connect. Netstat -a shows nothing listening on port 3389, which likely explains why I can't connect. The machine is fully patched. Does anyone have any suggestions for something I haven't tried?
Thanks
EDIT: Finally found a solution here
https://redd.it/1pjhqkh
@r_systemadmin
Microsoft
Windows 2022 server RDP not listening on port 3389 - Microsoft Q&A
Hi,
We have a windows 2022 server that is remote to us and we rely on remote desktop services (admin only).
A recent reboot has broken our RDP sessions to this device - It no longer has port 3389 open.
I have checked all of the registry and current…
We have a windows 2022 server that is remote to us and we rely on remote desktop services (admin only).
A recent reboot has broken our RDP sessions to this device - It no longer has port 3389 open.
I have checked all of the registry and current…
Infuriating - User tried to tell me I was wrong by using ChatGPT
So how many have had this happen to you? Does it drive you insane?
A lab at our facility was having a problem with a lab instrument (ICP-MS) that had lost connection to the computer that was controlling it (via ethernet). It turns out that they were using samples prepared with acid-digestion that were very corrosive, and the computer's connections had corroded to un-usability due to inadequate venting.
This instrument is quite old, and the software cannot run on Windows 11. I explain to him that we can't really purchase new computers with Windows 10, and that new computers don't support Windows 10. I did mention that driver support was the main issue, but didn't get into the details.
He then proceeds to argue with me and insist that we can install Windows 10 on a new computer, and *asks ChatGPT* while on the phone with me! Of course ChatGPT says it can be done, and he basically says, "See, I was right!". Of course then he reads further and at least ChatGPT then notes "you may run into problems with driver support and full functionality of the computer" (duh!), which was my point in the first place.
It drove me insane, it felt *so* disrespectful. I managed not to lose my temper, but I did politely ask him not to doublecheck me against ChatGPT in the future, that if I'm not confident in my knowledge of something, I won't hesitate to tell him.
What especially drives me nuts about this is that they will make decisions based on ChatGPT, but then expect us to *fix* the issues after. I'm fully confident that if he had gone ahead and done this, they would have complained to us if the network ports or sound didn't work due to driver failures.
https://redd.it/1pjn20e
@r_systemadmin
So how many have had this happen to you? Does it drive you insane?
A lab at our facility was having a problem with a lab instrument (ICP-MS) that had lost connection to the computer that was controlling it (via ethernet). It turns out that they were using samples prepared with acid-digestion that were very corrosive, and the computer's connections had corroded to un-usability due to inadequate venting.
This instrument is quite old, and the software cannot run on Windows 11. I explain to him that we can't really purchase new computers with Windows 10, and that new computers don't support Windows 10. I did mention that driver support was the main issue, but didn't get into the details.
He then proceeds to argue with me and insist that we can install Windows 10 on a new computer, and *asks ChatGPT* while on the phone with me! Of course ChatGPT says it can be done, and he basically says, "See, I was right!". Of course then he reads further and at least ChatGPT then notes "you may run into problems with driver support and full functionality of the computer" (duh!), which was my point in the first place.
It drove me insane, it felt *so* disrespectful. I managed not to lose my temper, but I did politely ask him not to doublecheck me against ChatGPT in the future, that if I'm not confident in my knowledge of something, I won't hesitate to tell him.
What especially drives me nuts about this is that they will make decisions based on ChatGPT, but then expect us to *fix* the issues after. I'm fully confident that if he had gone ahead and done this, they would have complained to us if the network ports or sound didn't work due to driver failures.
https://redd.it/1pjn20e
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
Any newsletters y'all follow?
Know any newsletters or creators that gives good, underrated IT advice? Maybe even some pro tips, basically something that makes me stand out?
https://redd.it/1pjnkow
@r_systemadmin
Know any newsletters or creators that gives good, underrated IT advice? Maybe even some pro tips, basically something that makes me stand out?
https://redd.it/1pjnkow
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
Built a VPN manager using pure wireguard and iptables (multi-node, fault-tolerant)
Blog
I built a full VPN management system for our internal infrastructure for my internship. The idea was to create a single, secure entry point into all private services without exposing anything to the public internet. Users authenticate with a pre-auth key, get their WireGuard configuration automatically, and the system handles the entire lifecycle of provisioning, routing, and restricting what each user can access.
The backend is written in Go and controls everything: generating keys, assigning IPs, applying firewall rules, adding and removing WireGuard peers, and managing role-based access. The VPN servers run with a strict iptables setup where nothing is allowed by default. Each user’s access is explicitly granted based on their role, and all forwarding rules are created dynamically.
The cluster itself runs in a high-availability layout with one master and multiple slave servers behind a virtual IP. Because the servers communicate through a WireGuard overlay instead of a physical LAN, normal failover mechanisms do not work. So the client takes responsibility for detecting which server is active and switches automatically.
I also added support for dynamic subnet advertisement and VPN-only ports, so new internal networks and restricted services can be exposed to the team instantly. The goal was to make the VPN the single gateway to everything private, while keeping the setup predictable and secure for the developers using it.
Read the blog and share your thoughts guys.
https://redd.it/1pjosnn
@r_systemadmin
Blog
I built a full VPN management system for our internal infrastructure for my internship. The idea was to create a single, secure entry point into all private services without exposing anything to the public internet. Users authenticate with a pre-auth key, get their WireGuard configuration automatically, and the system handles the entire lifecycle of provisioning, routing, and restricting what each user can access.
The backend is written in Go and controls everything: generating keys, assigning IPs, applying firewall rules, adding and removing WireGuard peers, and managing role-based access. The VPN servers run with a strict iptables setup where nothing is allowed by default. Each user’s access is explicitly granted based on their role, and all forwarding rules are created dynamically.
The cluster itself runs in a high-availability layout with one master and multiple slave servers behind a virtual IP. Because the servers communicate through a WireGuard overlay instead of a physical LAN, normal failover mechanisms do not work. So the client takes responsibility for detecting which server is active and switches automatically.
I also added support for dynamic subnet advertisement and VPN-only ports, so new internal networks and restricted services can be exposed to the team instantly. The goal was to make the VPN the single gateway to everything private, while keeping the setup predictable and secure for the developers using it.
Read the blog and share your thoughts guys.
https://redd.it/1pjosnn
@r_systemadmin
Best junior system admin pathway
If you had to start from zero. No degree no certificate - where would you restart, timeline, and how would you reproach it all?
Catch is you have 1 year to land your that role. As a reminder, no it work experience and certs / volunteer work are your way in.
https://redd.it/1pjpsl9
@r_systemadmin
If you had to start from zero. No degree no certificate - where would you restart, timeline, and how would you reproach it all?
Catch is you have 1 year to land your that role. As a reminder, no it work experience and certs / volunteer work are your way in.
https://redd.it/1pjpsl9
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
The AppStack Was Pirated.
In a previous role, I worked for a large healthcare company running a VMware Horizon non-persistent VDI environment.
If you’ve ever managed Horizon in a healthcare setting, you already know how “fun” that combination can be – duplicate sessions, pool unavailability, network issues, and the constant battle of keeping clinical staff happy without breaking anything.
VMware Horizon in Prod
Our setup was pretty complex: Windows 10 virtual desktops, a stack of AppVolumes packages, and a plethora of departmental customizations sprinkled across different user groups.
Most users lived their entire day inside a session that was completely wiped the moment they logged off. Everything they needed had to come from Network storage, logon noscripts, or an attached AppStack.
One of those AppStacks was Adobe Acrobat.
In fact, we had four different versions of Adobe Acrobat:
# How did we handle licensing?
We had a poorly documented process for each:
Adobe Reader free – the standard version of Adobe that all users got by default. No purchase/approval needed.
Adobe Acrobat Standard DC – subnoscription-based, assigned only to admin or power users who actually needed editing capabilities. We’d raise a ticket to procurement who would buy a license in the Adobe portal, and we’d make the user an Adobe Account and assign the license \+ appstack.
Adobe Acrobat Pro – subnoscription-based, used by executives and operational teams. We would pass these straight to our procurement team, they’d then purchase a license and assign it through an internal system, [then pass the ticket back](https://blog.chrispro.live/wp-content/uploads/2025/12/image-8-768x512.png) so we can update the users appstack.
Adobe Acrobat 2017 – perpetually licensed version that some operational teams used, because they had old licenses for it. We’d keep the licenses attached to tickets within our ITSM system, which made them easy to find – yeah…
# What went wrong?
Well, it all started on a Monday morning when I came into the office and saw an influx of tickets regarding Adobe being “broken”.
It turns out, our VDI guys had pushed new appstacks for Adobe Reader/Standard, updating them to the latest version – which had quite a different user interface from what they were used to.
Not much was actually broken, users just saw the app looking a bit different and got scared, the only real issue was that one of the PDF editing tools wouldn’t load correctly because it relied on a DLL or something that was omitted from the appstack.
So we got that sorted and thought all was well, but then we started to see some more tickets come in, from all over the business, about a licensing error.
Huh, nothing changed with licensing, what’s going on here?
# Where did our licenses go?
So it turns out that alongside Adobe Reader and Standard, Adobe Pro was updated as well.
Normally, this would be fine, however it revealed something rather scary, nobody knows where the Adobe Pro licenses for all of these users are, we only have the tickets with approvals from our procurement team, so we asked them about it.
>Oh, we have no action needed on our end for these, we just review the request and assign back to you guys for the technical work.
Well, that tells us exactly what I was afraid of, we had dozens of users without valid licenses for Adobe Pro, and they need it now.
And so began a procurement spree, getting a list of users that need Adobe Pro and actually buying licenses this time.
# Our packaging guy had a well-kept secret
The guy that actually packaged all our apps, for both VDI and non-VDI, was an older gentleman, who very much wanted to
In a previous role, I worked for a large healthcare company running a VMware Horizon non-persistent VDI environment.
If you’ve ever managed Horizon in a healthcare setting, you already know how “fun” that combination can be – duplicate sessions, pool unavailability, network issues, and the constant battle of keeping clinical staff happy without breaking anything.
VMware Horizon in Prod
Our setup was pretty complex: Windows 10 virtual desktops, a stack of AppVolumes packages, and a plethora of departmental customizations sprinkled across different user groups.
Most users lived their entire day inside a session that was completely wiped the moment they logged off. Everything they needed had to come from Network storage, logon noscripts, or an attached AppStack.
One of those AppStacks was Adobe Acrobat.
In fact, we had four different versions of Adobe Acrobat:
# How did we handle licensing?
We had a poorly documented process for each:
Adobe Reader free – the standard version of Adobe that all users got by default. No purchase/approval needed.
Adobe Acrobat Standard DC – subnoscription-based, assigned only to admin or power users who actually needed editing capabilities. We’d raise a ticket to procurement who would buy a license in the Adobe portal, and we’d make the user an Adobe Account and assign the license \+ appstack.
Adobe Acrobat Pro – subnoscription-based, used by executives and operational teams. We would pass these straight to our procurement team, they’d then purchase a license and assign it through an internal system, [then pass the ticket back](https://blog.chrispro.live/wp-content/uploads/2025/12/image-8-768x512.png) so we can update the users appstack.
Adobe Acrobat 2017 – perpetually licensed version that some operational teams used, because they had old licenses for it. We’d keep the licenses attached to tickets within our ITSM system, which made them easy to find – yeah…
# What went wrong?
Well, it all started on a Monday morning when I came into the office and saw an influx of tickets regarding Adobe being “broken”.
It turns out, our VDI guys had pushed new appstacks for Adobe Reader/Standard, updating them to the latest version – which had quite a different user interface from what they were used to.
Not much was actually broken, users just saw the app looking a bit different and got scared, the only real issue was that one of the PDF editing tools wouldn’t load correctly because it relied on a DLL or something that was omitted from the appstack.
So we got that sorted and thought all was well, but then we started to see some more tickets come in, from all over the business, about a licensing error.
Huh, nothing changed with licensing, what’s going on here?
# Where did our licenses go?
So it turns out that alongside Adobe Reader and Standard, Adobe Pro was updated as well.
Normally, this would be fine, however it revealed something rather scary, nobody knows where the Adobe Pro licenses for all of these users are, we only have the tickets with approvals from our procurement team, so we asked them about it.
>Oh, we have no action needed on our end for these, we just review the request and assign back to you guys for the technical work.
Well, that tells us exactly what I was afraid of, we had dozens of users without valid licenses for Adobe Pro, and they need it now.
And so began a procurement spree, getting a list of users that need Adobe Pro and actually buying licenses this time.
# Our packaging guy had a well-kept secret
The guy that actually packaged all our apps, for both VDI and non-VDI, was an older gentleman, who very much wanted to
retire, but he was just “too good” at what he did.
Arthur, was our (illustrative purposes only) app packaging engineer.
I had a chat with him after we figured out what the issue was, and he told me that the Adobe Pro appstack was basically built for 2 specific VIP’s in the company.
I let him know that there were about 50 users in it right now, and he proceeded to get very pissed off at us/SD.
In the end, someone from management got through to him, and found out that Adobe’s DRM had been bypassed when appstacking Adobe Pro – meaning we were effectively running a pirated Appstack for months.
# Well, that was fun.
Yep, the business sort of turned this into a bit of a cost-saving opportunity as well.
None of the managers wanted to use their IT budgets on this issue so we were advised to only procure a license if someone explicitly raised a ticket about it.
In the end, everyone already hated VDI, and we had a bad reputation because of it – so it didn’t really impact us all that badly.
Adobe, if you are reading this, know 2 things:
Our company paid for licenses immediately after identifying the issue.
I no longer work for this company, you could probably find out where I worked pretty easily, but know this issue was years ago, and I was just in a standard L2 role, not at all in a position where I could be accountable for this.
Hope you enjoyed!
https://redd.it/1pjrwbu
@r_systemadmin
Arthur, was our (illustrative purposes only) app packaging engineer.
I had a chat with him after we figured out what the issue was, and he told me that the Adobe Pro appstack was basically built for 2 specific VIP’s in the company.
I let him know that there were about 50 users in it right now, and he proceeded to get very pissed off at us/SD.
In the end, someone from management got through to him, and found out that Adobe’s DRM had been bypassed when appstacking Adobe Pro – meaning we were effectively running a pirated Appstack for months.
# Well, that was fun.
Yep, the business sort of turned this into a bit of a cost-saving opportunity as well.
None of the managers wanted to use their IT budgets on this issue so we were advised to only procure a license if someone explicitly raised a ticket about it.
In the end, everyone already hated VDI, and we had a bad reputation because of it – so it didn’t really impact us all that badly.
Adobe, if you are reading this, know 2 things:
Our company paid for licenses immediately after identifying the issue.
I no longer work for this company, you could probably find out where I worked pretty easily, but know this issue was years ago, and I was just in a standard L2 role, not at all in a position where I could be accountable for this.
Hope you enjoyed!
https://redd.it/1pjrwbu
@r_systemadmin
what is the best heatmap tool for a beginner?
so i’m trying to get a better understanding of how users interact with my website, and i’ve heard heatmaps are a good way to visualize all that. i’ve never used one before, but i’m really interested in seeing where people click the most, how far they scroll, etc. i’ve done some research and there are a ton of options out there, but i’m not sure which one’s worth the investment.
i’m looking for something that’s fairly easy to set up and doesn’t require too much of a learning curve, since i’m not super techy. also, i’m on a bit of a budget, so if there are good options that aren’t too pricey, that’d be a bonus.
a few things i’m wondering:
* are heatmap tools pretty accurate, or should i be using them alongside other analytics to get a fuller picture?
* do the free versions of heatmap tools actually give you enough data, or is it worth it to pay for a more robust plan?
* if you’ve used any heatmap tools for your website, which one has been the easiest to use and most helpful?
i’ve heard about a few like hotjar and crazy egg, but not sure if there are better alternatives out there. looking forward to hearing what you guys think
https://redd.it/1pjpnoq
@r_systemadmin
so i’m trying to get a better understanding of how users interact with my website, and i’ve heard heatmaps are a good way to visualize all that. i’ve never used one before, but i’m really interested in seeing where people click the most, how far they scroll, etc. i’ve done some research and there are a ton of options out there, but i’m not sure which one’s worth the investment.
i’m looking for something that’s fairly easy to set up and doesn’t require too much of a learning curve, since i’m not super techy. also, i’m on a bit of a budget, so if there are good options that aren’t too pricey, that’d be a bonus.
a few things i’m wondering:
* are heatmap tools pretty accurate, or should i be using them alongside other analytics to get a fuller picture?
* do the free versions of heatmap tools actually give you enough data, or is it worth it to pay for a more robust plan?
* if you’ve used any heatmap tools for your website, which one has been the easiest to use and most helpful?
i’ve heard about a few like hotjar and crazy egg, but not sure if there are better alternatives out there. looking forward to hearing what you guys think
https://redd.it/1pjpnoq
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
Thickheaded Thursday - December 11, 2025
Howdy, /r/sysadmin!
It's that time of the week, Thickheaded Thursday! This is a safe (mostly) judgement-free environment for all of your questions and stories, no matter how silly you think they are. Anybody can answer questions! My name is AutoModerator and I've taken over responsibility for posting these weekly threads so you don't have to worry about anything except your comments!
https://redd.it/1pjtu3w
@r_systemadmin
Howdy, /r/sysadmin!
It's that time of the week, Thickheaded Thursday! This is a safe (mostly) judgement-free environment for all of your questions and stories, no matter how silly you think they are. Anybody can answer questions! My name is AutoModerator and I've taken over responsibility for posting these weekly threads so you don't have to worry about anything except your comments!
https://redd.it/1pjtu3w
@r_systemadmin
Reddit
From the sysadmin community on Reddit
Explore this post and more from the sysadmin community
How I nuked the network at a small gaming facility with one line.
[There was a post requesting horror stories from helpdesk and my story was swept away by a sea of comments, please enjoy.\]
There was a general data segment for most of the computers at a small gaming facility i worked for before we granulized our segmentation. On this data segment you could find the computers for all of the departments and the POS up front. Printers, servers, switches, ATMs, gaming machines, phones, cameras and a few other devices were excluded from this segment and had their own. The departments affected were generally security, surveillance, cashier cage service counter, player club service counter, food services, counting room, gaming inspection, slot mgmt, tables mgmt, operations mgmt, facilities mgmt, custodial services, receiving and IT helpdesk.
Some context, the previous IT administrators were actually an outside consulting firm that came out and did IT work for both sites. Needless to say, they were great at talking up large goals for infrastructure change and development, and had absolutely zero follow through, ending up in a spaghettified network full of crap configurations, SPOFs, and general lack of foresight and ability. Only the main-site gaming facility a few cities away had a de facto network administrator, an overworked sysadmin who managed basically every application and server and the network configuration cleanup after that firm was terminated. The company would not approve a network technician for the off-site smaller gaming facility only a couple years after parting with that disaster.
I was working on helpdesk and was a fairly new unofficial off-site network technician working with approval and under the discretion of the main-site IT director. I was working on organizing and relabeling the IDF cables with verbally approved minimal downtimes for each endpoint, manually clearing out bad switch configuration lines and replacing them with our preferred agreed upon configurations, and in general documenting the wild frontier we were stuck with. These were the first major change these switches had seen in years, and it was clear that they had been manually configured at different times with different intents. Many also had common bad practices security holes that are easily fixed with a line or two. At this point too the IT budget was abysmal so there was no good remote management solution aside from the singular SecureCRT license afforded to the department, or custom PuTTY configs shared amongst us.
Well, one unlucky day on the gaming floor working on one unlucky access switch in particular, i was clearing the vlan database of unused entries. At this point, I was new and self-taught mostly alone, and I was unaware of a certain unpopular protocol that would be my ultimate doom. Did i mention our enterprise was Cisco? well, i was just getting started and picked the first vlan to clear - the data vlan. On this access switch, for its purposes of connecting slot machines back to the distribution layer, it did not need this one. So i simply did my thing as i had on a few other switches beforehand, getting the hang of it, and entered the command “no vlan <num>” and saved. I didn’t notice any immediate change. I didn’t even notice my Wi-fi went.
Away from me all around the gaming facility, departments erupted into chaos. Although the slot machines kept going so the patrons were mostly unphased, all the customer-facing service counters, the point of sales, the back of house, security and surveillance, gaming operations, even our helpdesk lost network connectivity. The phones worked. And i soon found out so did everyone’s legs and voices, as the IT office was swarmed a few moments after my return. I assured everyone I would look into the issue and get it resolved immediately, and I called up the IT director, who at this time was the best network engineer I knew with 20 years of experience, and I explained what happened and what I had been doing.
He instructed me to go to core switch at our site and manually connect to
[There was a post requesting horror stories from helpdesk and my story was swept away by a sea of comments, please enjoy.\]
There was a general data segment for most of the computers at a small gaming facility i worked for before we granulized our segmentation. On this data segment you could find the computers for all of the departments and the POS up front. Printers, servers, switches, ATMs, gaming machines, phones, cameras and a few other devices were excluded from this segment and had their own. The departments affected were generally security, surveillance, cashier cage service counter, player club service counter, food services, counting room, gaming inspection, slot mgmt, tables mgmt, operations mgmt, facilities mgmt, custodial services, receiving and IT helpdesk.
Some context, the previous IT administrators were actually an outside consulting firm that came out and did IT work for both sites. Needless to say, they were great at talking up large goals for infrastructure change and development, and had absolutely zero follow through, ending up in a spaghettified network full of crap configurations, SPOFs, and general lack of foresight and ability. Only the main-site gaming facility a few cities away had a de facto network administrator, an overworked sysadmin who managed basically every application and server and the network configuration cleanup after that firm was terminated. The company would not approve a network technician for the off-site smaller gaming facility only a couple years after parting with that disaster.
I was working on helpdesk and was a fairly new unofficial off-site network technician working with approval and under the discretion of the main-site IT director. I was working on organizing and relabeling the IDF cables with verbally approved minimal downtimes for each endpoint, manually clearing out bad switch configuration lines and replacing them with our preferred agreed upon configurations, and in general documenting the wild frontier we were stuck with. These were the first major change these switches had seen in years, and it was clear that they had been manually configured at different times with different intents. Many also had common bad practices security holes that are easily fixed with a line or two. At this point too the IT budget was abysmal so there was no good remote management solution aside from the singular SecureCRT license afforded to the department, or custom PuTTY configs shared amongst us.
Well, one unlucky day on the gaming floor working on one unlucky access switch in particular, i was clearing the vlan database of unused entries. At this point, I was new and self-taught mostly alone, and I was unaware of a certain unpopular protocol that would be my ultimate doom. Did i mention our enterprise was Cisco? well, i was just getting started and picked the first vlan to clear - the data vlan. On this access switch, for its purposes of connecting slot machines back to the distribution layer, it did not need this one. So i simply did my thing as i had on a few other switches beforehand, getting the hang of it, and entered the command “no vlan <num>” and saved. I didn’t notice any immediate change. I didn’t even notice my Wi-fi went.
Away from me all around the gaming facility, departments erupted into chaos. Although the slot machines kept going so the patrons were mostly unphased, all the customer-facing service counters, the point of sales, the back of house, security and surveillance, gaming operations, even our helpdesk lost network connectivity. The phones worked. And i soon found out so did everyone’s legs and voices, as the IT office was swarmed a few moments after my return. I assured everyone I would look into the issue and get it resolved immediately, and I called up the IT director, who at this time was the best network engineer I knew with 20 years of experience, and I explained what happened and what I had been doing.
He instructed me to go to core switch at our site and manually connect to