Overlooked Aspects of Sysadmin Work

It's funny, you know, how often we sysadmins are reduced to "IT guy" status in the eyes of coworkers and friends. It's not just about resetting forgotten passwords or installing updates. There is so much depth in our roles that too often—for the sake of brevity—gets overlooked. I was recently knee-deep in crafting an intricate data backup strategy, protecting vital company information and ensuring business continuity. Yet, when asked about my day, I simply replied, "Oh, you know, usual computer stuff."

You would think it gets tiresome; that constant trivialization of what we do, but I've actually come to find it somewhat amusing. It's like our own little secret – they never truly grasp the complexity nor scope of our responsibility. We're the guardians in the shadows, silently ensuring the company’s technological lifeline doesn't falter. Have others noticed this pattern and how do you usually respond?

Title: The Hidden Puzzles of Sysadmin Life

Body: So there I was at 2 am, frantically troubleshooting a network issue. The invisible wires that connected our entire company were down, and the responsibility to fix them rested on my shoulders. A typical Saturday night for most, right? It should have been stressful: a high stakes hide-and-seek with problematic IP addresses and elusive whispers of connectivity. But somewhere within that quiet, late-night chaos, I found a strange sense of harmony.

There's something rewarding about conquering those hidden puzzles embedded within sysadmin work. And even though it's all binary codes and command lines on the surface, underneath it's like weaving a complex web of connections and solutions to support the company. But what do you guys think? Is there a particular aspect of sysadmin work that you find strangely enjoyable or rewarding?

Title: The Solitude and Solidarity of Sysadmin Days

Body: Working as a sysadmin provides an interesting contrast. On one hand, we spend a good chunk of our time in solitude—squinting at lines of code, wrestling with network configurations, managing server looms in hushed isolation. But on the other hand, we play such an integral role in ensuring everyone else's workday goes smoothly. In a way, we are solo performers playing in an orchestra of organizational systems.

The rhythm of this solitude and solidarity can be strange, often feeling like we’re silently sailing in a crowded sea. But it all adds to the uniqueness of the job. Despite being mostly behind-the-scenes, we hold this essential place in any organization. What's your take on it—does the solitude/solidity contrast resonate with your experience as a sysadmin?

https://redd.it/1pmiwsk
@r_systemadmin

Is there any reason to change user source of authority to Entra when still using domain-joined devices?

https://learn.microsoft.com/en-us/entra/identity/hybrid/user-source-of-authority-overview

I watched a couple of videos describing how to move the source of authority for hybrid users from on premises AD to Entra.

They mentioned needing the applications needing to be configured for SAML or Open ID Connect authentication, no on premises Exchange Server dependencies, users account configured with Entra ID passwordless authentication with Cloud Kerberos Trust. However, they never mention sign-in to domain joined hybrid devices. There were even some questions about this in comments in some of the related blog posts, but no response given.

Are they just assuming all the computers accessed by these users are Entra joined?

Even with Cloud Kerberos Trust, how are those users going to sign in to hybrid joined workstations? How is RDP going to work? How is UAC elevation going to work?

How will they use run as a different user?

Sign in to Windows Server?



https://redd.it/1pmho6q
@r_systemadmin

Purview is being INCREDIBLY slow

I started a 50gb export of Mailbox + Sites yesterday at 9AM, the orinal ETA for it was 8 hours, it has now been 30 hours and the ETA is still 7 hours, this is not going normally, i've done bigger exports that took less time i was supposed to do this on the weekend so I could get the exported PSTs and files on another account before monday, now that just wont be possible.

Is Microsoft experiencing instabilities and such? Cause this does not make sense

https://redd.it/1pmkjld
@r_systemadmin

Curiousity: Female vs Male Ratio

What is the standard female to male ratio you see on your teams and in your IT/Dev departments? How many female IT managers are out there?

Edit: I'm a chick who just got promoted into a leadership role. I've been an engineer for 7 years.

https://redd.it/1pmmom1
@r_systemadmin

Scan to email

What are people who have a 365 enviroment doing for scan to email functionality for a printer which doesnt support M365 authentication natively.

I am loathe to turn off the security settings even on 1 account because of the security risk.

I have considered sendgrid - but is there a better way?
Scanner is a Epson WF-7845

https://redd.it/1pmojfu
@r_systemadmin

How do you manage your asset changes?

How do you keep track of Hostname, IP address, site, vlan.... Etc changes? A simple sheet? Or a more advanced way?

https://redd.it/1pmoo6d
@r_systemadmin

Do ski hills hire sysadmins

I’m approaching the end of tenure at my current employer. I’ve worked as their primary sysadmin, helped deploy their entire network infrastructure, was the primary on moving their systems off VMware and to Proxmox. now I’m looking to see what’s next. I’ve always wanted to be closer to the ski hills. Do ski hills have sysadmins/network admins?

https://redd.it/1pmsv1a
@r_systemadmin

FINALLY got the AZ-104!!

Okay, so I gotta admit, I'm a bit of an idiot when it comes to learning things from books and I know that some of you got the AZ-104 certification after studying for something like a week, with zero experience, but I am absolutely not like that. I've never been able to learn from books. Like, never. Give me a teacher in a classroom and I'm great. Ditto with learning on my own, but trying to learn it from a book? Forget it. But... I've been hands on with Azure for a few years now and learning AVD mostly on my own for almost a year. I tried the test back in February and bombed with a 55%.

Finally figured out that reviewing the MS Press book with ChatGPT helped me learn the stuff I hadn't touched / wasn't allowed to touch in our work environment, and studied like an insane madman over the past two weeks. I think it was something like 80-90+ hours, averaging 5-10 minutes per page asking questions over and over to the point where I didn't just understand the concepts but I felt like I really knew it. Every time I could, I'd log on to the portal and poke around, look at things in real time, with a lot of questions for ChatGPT about why this interface was different or that option wasn't available, but I got to a point where I was comfortable.

I also had Tutorials Dojo and went through their various exams (timed mode, review mode, and section-based) 22 separate times. I was averaging in the high 90s towards the end. Finally felt ready.

Then I start the actual exam and I'm like... wait... WTF is this? I've never seen this? And I haven't seen that either. I'm also not sure what this other thing is supposed to mean. And so on. My confidence was largely shot about 20 minutes in and while I was hopeful that I *might* pass, I was actually kinda shocked when I found that I'd passed with a 726.

I don't know how some of you guys do it and yeah, as I said, I'm not the best at reading comprehension and learning out of a book, but damn am I happy right now. I'm giggling like a little boy who got locked in a candy store overnight.

https://redd.it/1pmtb2i
@r_systemadmin

Trust relationship

I have new computers, all 2022 servers, linked in a domain that has been upgraded a few times.

From time to time (not every month) we get a trust relationship fail from one of the workstations.

Once in a blue moon, that happens on one of the servers.

The Microsoft information has way too many variables.

We have two Hyper V virtual domain controllers on two hosts plus a simple instance of SQL on its own Hyper V VM

What is a good way to start to trouble shoot this small network?

https://redd.it/1pmt2ru
@r_systemadmin

Fire Department software vendors have been bought up by Private Equity. The fallout is pretty much as you would expect.

Gift article from the NY Times:

https://www.nytimes.com/2025/12/14/us/fire-department-software-private-equity.html?unlocked\_article\_code=1.8k8.ZJtO.RUUHl-kXIsmx&smid=nytcore-ios-share



https://redd.it/1pmwdc8
@r_systemadmin

How to Detect & Stop Shadow AI Tools in the Company

We approved certain AI tools for the team but it feels pointless when people use random tools anyway. Last week someone uploaded customer data to a sketchy Chrome extension and our DLP never saw it because it did not touch our network.

We block what we can at the web filtering layer but new tools keep popping up. By the time we identify and block tool X half the team already uses tool Y. Enforcement conversations are exhausting and it feels like we are constantly behind.

Is this the new normal?....is there a proven way to enforce AI security at scale without becoming compliance bottleneck

https://redd.it/1pn1y3v
@r_systemadmin

How do you protect against this?

Today I found myself reading through a few articles about different spam and phishing attacks out there.

After the one below, I realized "Hey, how come they don't give suggestions on how to protect yourself against this?"

https://www.bleepingcomputer.com/news/security/new-consentfix-attack-hijacks-microsoft-accounts-via-azure-cli/

How do you protect your tenant against this sort of thing? Is there a conditional access policy that can be created to stop this sort of attack from happening or being successful?

And is there a wiki or something full of known threats and best methods to stop them?


https://redd.it/1pmyt24
@r_systemadmin

Is it just me, or are we spending more time reverse-engineering how our own systems work than securing them?

The deeper I dig into our environment, the more it feels like half the job now is figuring out what our systems are really doing - not what the docs say they do, or what teams think they do.

Data moving between services nobody remembers, SaaS connectors doing silent jobs, internal automations with no clear owner…

Lately it feels like the real challenge isn’t new threats, it’s understanding the system-of-systems we’ve accidentally built.

Anyone else dealing with this?

https://redd.it/1pn3wx1
@r_systemadmin

best helpdesk software for a tiny it team that is barely keeping it together

so i just got promoted to lead support at our tiny company and suddenly i am the person everyone comes to when slack or email explodes. we dont have anything set up for tickets or tracking issues right now. its all just replies in slack threads and sometimes i forget things and then someone reminds me a week later. its chaos.

i know helpdesk software is supposed to help with that but there are sooo many options and i literally have no idea where to start. we are like 10 people total, and support tickets are not crazy huge volume yet but it feels like it might hit us soon. i dont want something that feels like too much overhead or that i need a phd to understand.

for folks using helpdesk tools what do you actually like about yours? is there stuff you never use or features that seemed cool but ended up annoying? also how steep was the learning curve for your team? did your customers notice a change once you switched?

i also worry about setup time since i have to do this between answering real support questions. how long did it take you to get everything up and running? any tips to make that easier? thanks in advance

https://redd.it/1pn3omb
@r_systemadmin

Bought RAM in October to dodge price spikes… now I have to return it because “year-end optics”

Back in late October, I saw leaks on X/Twitter about upcoming RAM price hikes. So I did the smart thing: ordered extra RAM for workstations and laptops, delivery scheduled for December. Prices were great back then.

Fast forward to now: prices have tripled in some cases. My order arrives, I’m feeling good for saving the company a good amount of money.

Then accounting steps in:

>“We can’t spend anything in December, it makes the year-end numbers look bad.”

So now I’m sending back perfectly good, dirty cheap, already delivered RAM because optics. And if we reorder next year? We’ll pay 2–3× more. Brilliant.

Just some galaxy-brain financial engineering I’ll never understand, i guess?

Not my money, not my stress. No rant. I’ll just drink my tea (black with milk) and move on. Luckily, I bought some RAM for myself too.

Now I’m heading into vacation — wishing everyone a stress-free time and happy holidays!

https://redd.it/1pn5q0i
@r_systemadmin

December is like a year in 30 days

Every vendor: we need to roll out new breaking features now, did you make those urgent changes yet?

Contracts: all renewing now

Employees: Hey remember that important ticket I stopped responding to in May? It needs to be completed by next week.

Management: we need a POC for a new system, can you bang it out next week?

HR: You have 20 PTO days you're losing at the end of the year...

Anyone else really hate December? All I want to do is clean up my desk, wrap up projects and reset for next year, but it never happens. Every year its just literally more everything in the 3 usable weeks of December.

https://redd.it/1pn9bna
@r_systemadmin

Notepad++ fixes flaw that let attackers push malicious update files

Didn't see this posted here but a lot of people use N++, so I thought it worth mentioning. I believe they had another malware issue a few years ago.


https://www.bleepingcomputer.com/news/security/notepad-plus-plus-fixes-flaw-that-let-attackers-push-malicious-update-files/

https://redd.it/1pn8vro
@r_systemadmin

Server Room Cooling Systems

For those of you familiar with the planning for your data room/server room: Do you add your AC Units to the UPS circuits? How do you protect your AC units from power fluctuation and outages before the generator comes on?

https://redd.it/1pn80x5
@r_systemadmin

Told to purchase AI licensing because the board members want it.

Company created an "AI" taskforce which includes myself. Was told to find how employees are using AI and come up with a gameplan. After inquiring with employees I find that they're only using it to edit documents and don't need any upgraded licensing with it. Propose guidelines etc. and inform management upgraded licensing isn't needed and would cost ~10K/month if purchased. Apparently the board members really want to see us using AI and am told $10K/month is worth it to keep them happy.


Not my money but we're still in the start up phase and blowing through cash. I wonder how much money is wasted on things company wide because the board wants to see it regardless of if it's necessary.

https://redd.it/1pne8bf
@r_systemadmin

You guys ever just not contact vendor support because you're tired of their terrible troubleshooting?

I've literally set up an email template when I work with a particular vendor because they ask for tons of the same details every single time.

I'm tired, boss. I'll just work through the issue this time because I don't have the energy to deal with the email chain back and forth.

https://redd.it/1png22c
@r_systemadmin

Microsoft, if you're going to send us powershell commands, at least check them for accuracy first.

Just got an email from MS about the retirement of Activesync 16.0 and below in march. Nice that microsoft included an exchangeonline powershell string to quickly assess which devices might be impacted.

Except the string / query doesnt work because its not written properly.

I was able to fix the glaring issues quickly without any help from AI.

Original string sent to us my microsoft. Am I crazy?:

Get-MobileDevice | Where-Object {($_.ClientType -eq 'EAS' -or $_.ClientType -match 'ActiveSync') -and $_.ClientVersion -and (version$_.ClientVersion -lt version'16.1')} | Sort-Object UserDisplayName | Select-Object UserDisplayName, UserPrincipalName, DeviceId, DeviceModel

Fixed:

Get-MobileDevice | Where-Object {($_.ClientType -eq 'EAS' -or $_.ClientType -match 'ActiveSync') -and $_.ClientVersion -lt '16.1'} | Sort-Object UserDisplayName | Select-Object UserDisplayName, UserPrincipalName, DeviceId, DeviceModel

https://redd.it/1pniamu
@r_systemadmin