Got quoted $11.40 / envelope on renewal with Docusign lol (rant)


Working with possibly the worst vendor rep in my career. Refused to send me pricing until 3 days before renewal, with a 4x increase. Discounted down from $22,000/ year for 2000 envelopes (lol) by 40% to $9200 for 2000. The existing $1600 overage from last year.

At this point I want to go monthly so I can cutover to different software, but I’m stuck because of the holidays.

https://redd.it/1pzmsk8
@r_systemadmin

VMware now threatening outages to perpetual license holders

# The saga with VMware continues!!!

Backstory:
We've been a VMware shop for 10+ years with multiple data centers globally. We decided to let our service/support contract expire this year after we found out it jumped from $43k to $99k. We have perpetual licenses so there's not much concern in the department about things breaking. We are already in the process of migrating to AWS (we already have a large AWS presence) and Hyper-V. We're also evaluating Proxmox as a potential replacement for Hyper-V as well but that's a 2026-2027 initiative.

Today's Communication:
Our license expires on (Dec 31st, 2025). Our VMware rep was already being pushy but today it escalated when the rep sent this email:

>Your licenses expire today and you will face environment disruptions as well as penalty fees if a PO is not submitted today. Please let me know if you need anything else from me. 

> Happy New Year!

><name of rep>


I would normally just ignore this email but it really upsets me that they're trying to use scare tactics by straight up lying to people. There will be no outage unless they decided to deactivate our perpetual license or some other malicious action which I'm sure would violate our sales contract and terms of agreement. I realize this is most likely just a scare tactic by a sales rep but damn this really irks me that instead of saying something like "IF there's an issue you won't have support" they said "YOU WILL" have outages. Trying to figure out how I want to respond but I can't let that false claim go unanswered. What an absolute tool of a company/rep.

Draft Email:

>Hi <name of rep>,

>To clarify, our VMware licenses are perpetual and explicitly show an expiration of 'Never' within our environment.

>Could you please clarify what specific 'environment disruptions' you are referring to when you say "will face...disruptions"? My understanding is that while our SnS (Support and Subnoscription) may be ending, the software itself will continue to function AS LICENSED.

>Has the legal definition for perpetual changed recently?

>Regards



# UPDATE 1:

Just received another notice from our VAR & Broadcom:

>Providing an update regarding your VMware subnoscription in hopes that this allows your team to make a confident decision with this renewal. I have informed your Broadcom representative, <name of rep redacted>, that <name of company> does not plan to renew its VMware subnoscription. It's come to my knowledge that Broadcom has recently implemented cancellation policy requiring customers to uninstall their current licenses which will result in a loss of connection between your vSphere and vCenter, bringing down your environment. If your team decides that letting the subnoscription lapse is still the best course of action, the attached “Software, Certificate of Destruction” will need to be signed and returned asap.

It contains an attachment called "Software, Certification of Destruction.pdf". Here's the contents of said attachment:

>Certification Regarding Use of Subnoscription Software

>Customer acknowledges that the subnoscription term for Subnoscription Software acquired under the Order referenced in the above letter has expired, and therefore Customer must cease its use of such Subnoscription Software and deinstall the Subnoscription Software licenses. Customer further acknowledges that continued use of the Subnoscription Software beyond the Term Expiration Date is a material breach of the Order and the governing contracts between Customer and Broadcom (the “Agreements”) and an infringement of Broadcom’s intellectual property rights, potentially resulting in claims for enhanced damages and attorney’s fees.

>By signing this certification, Customer certifies that it has discontinued all use of the Subnoscription Software and has deinstalled the licenses.

>Broadcom reserves all rights it may have with respect to this subject matter.

>Printed Name of Authorized Signatory of Customer:

>Signature of Authorized Signatory of Customer:

>Title of

Signatory:

>Date:

https://redd.it/1pzp3eo
@r_systemadmin

Defender for server licensing. How are you doing it?

For those using Defender for servers, how are you licensing it? We are currently an E-5 shop but our licensing rep is telling us we need to purchase Business premium licenses for each server then the defender license as an add on for each server. All servers are on-prem. Can anyone validate if this is how they are licensing their servers with Defender?

https://redd.it/1pzliu7
@r_systemadmin

PearsonVue Ruined my Exam, I Reported It

I just had my CompTIA exam canceled by Pearson VUE because of technical/proctoring issues that weren’t my fault. They failed to validate my appeal.

I searched my state AG’s consumer protection office. I Included what happened, dates, and any proof I had.

Each complaint is logged. If enough people report similar issues, regulators notice patterns, investigate, and may force companies to fix policies.

I know companies can be pressured to allow retakes, issue refunds, or clarify appeal processes.

Also I reported it to consumer protection bureau. Comptia and Pearson hate to see the attorney general and CPB complaints.

https://redd.it/1pzt1hv
@r_systemadmin

The mess of overlapping posture controls (ZTNA vs. EDR vs. MDM)

In my org, we have 3+ layers (EDR, MDM, ZTNA) performing independent posture checks, even though we basically rely on Intune as the "Source of Truth."

It feels like this creates a visibility gap where I don't actually know the real state of the assets in my org.

Is this a real pain point causing friction and support tickets or is it just a minor nuisance?

https://redd.it/1pzvc97
@r_systemadmin

How do I talk some sense into my boss?

I'm the SCCM guy for my company (among other things), which means I'm the one in charge of patching and software management for the servers and desktops. I've been working with SCCM for most of my career so I know all its features and quirks, but I'm not married to it or anything. It's just another tool as far as I'm concerned and I could take it or leave it. My boss, however, has an irrational hate-boner for SCCM and wants to replace it with something else next year. He keeps putting demos on my calendar for NinjaOne, ManageEngine, PDQ, etc. and it's driving me nuts.

First, he complains that SCCM is a black box, I'm the only one who knows anything about it, and the whole org would be fucked if I got hit by a bus (or rage-quit as I like to say). But that's a "him" issue. I've documented my processes. I've posted vendor support links to our team project board for every piece of software I maintain. The app repository is immaculately organized, and I've used every comment field available to explain what's what. There's no way I could possibly make this any easier if someone else had to take up the mantle. But he's obstinate in his refusal to even look at it. He'll swear that some vulnerability alerts in our MDR dashboard are because of missing patches, but won't even let me share my screen with him to walk through the patching reports. It's as if SCCM molested him as a child and the sight of it on my screen brings back too much trauma.

Secondly, he complains that I spend too much time packaging apps, and he's absolutely right about that part. Once a quarter, I have to block a week in my calendar to package and push software updates. I hate it doing it, but most of the software we use is esoteric engineering crap that needs constant maintenance and requires some noscript-fu on my part to get installed correctly. It doesn't matter how many thousands of canned packages other vendors have in their app catalogs; a different product is not going to solve that problem. Keeping Windows, Office, Zoom, Adobe, Chome, etc. patched are not where I'm spending my time.

Like I said before, I'm no SCCM fanboy. But we're already using the hell out of it, so switching to another product would just create a shit ton of extra work for me to have to re-tool and convert everything without solving a single problem my boss complains about with SCCM. He’s just a sucker for pretty dashboards, but "vibes" are a terrible reason to upend an entire workflow for no other tangible benefit.

https://redd.it/1pzvxy6
@r_systemadmin

Document Translation Services

Hi All,

TL:DR looking for reccomendations on document language translation services that take in a document, and exports a translated one with the same formatting.


I have had an increased need for non-profits wanting/needing to translate their public-facing documents to more languages. One of the non-profits I work with recently trialed https://www[.\]deepl[.\]com/en/pro and it worked really well - the drop in a PDF, select the language, it spits out the PDF.

While it worked well, the cost is a bit steep for what they currently want to take on.

The biggest issue they face is that they would only need to use the software once or twice a year, but when they need it, they need to translate 30+ documents. This service, in the team plan, only allows 20 documents a month. The next plan up becomes overly expensive.

We are happy to pay for the service, but are looking for something that is maybe a similar price range (20-30 a month per user) with more translations, with similar accuracy.

While I am mostly referring to a single org, I have other orgs that would benefit from a solution like this.

Historically, they have painstakingly translated documents with Google Translate, but this causes formatting and accuracy issues - while something like DeepL is fairly accurate (anecdotally), and maintains format.

Does anyone have any recommendations? Thank you in advance.


I will soon be looking into some human-led services and Redokun.

https://redd.it/1pzv2sn
@r_systemadmin

Windows 11 ram hungry

Lots of old Win10 machines were happy on 8GB.

Upgraded around 1000+ to Win 11 over the past year and they need at least 16GB.

Throw Teams in there and after a few days uptime they have a 20+ GB page file and really need 24 or 32 GB physical memory. Insane.

Cheaper to pay ESU for Windows 10 support and fly along on 8GB.

IMHO Windows 11 is a memory hog and with the insane memory prices it's not good enough.

https://redd.it/1pzicmp
@r_systemadmin

Anyone else feel like ERP projects fail before software even enters the picture?

I’ve been reading a lot of ERP-related threads here and in other subs, and I keep seeing the same pattern repeat over and over.

The demo looks great. Everyone is optimistic. Then implementation starts — timelines slip, customizations pile up, users resist, and suddenly the ERP is blamed for everything. A year later, people are stuck with something expensive that technically “works” but nobody really trusts or likes.

What strikes me is that many of these problems don’t sound like software limitations at all. They seem to come from unclear or undocumented business processes, decisions made during sales that aren’t revisited later, and a lack of shared understanding about how the business actually runs day to day.

I’m curious from people who’ve been involved in ERP projects — whether as buyers, operators, IT, finance, or consultants:

• Where do ERP projects really go wrong most often — before vendor selection, during implementation, or after go-live?
• What do you wish you had clarified, documented, or stress-tested earlier?
• Was there anything you only realized after it was too late to change easily?

I’m not selling anything here — genuinely trying to understand where the biggest blind spots are and why so many ERP stories follow the same trajectory.

https://redd.it/1q019go
@r_systemadmin

First time getting a virus on a server, need advice

So while doing regular maintenance for one of my servers I found a suspicious binary running in htop having 5 instances of `/root/GZ5pBwko/cCxf -o www.githubabout .top:80 --tls` running image of htop (separated the .top so no one accidentally clicks). They were running for about 22 hours when I caught it but I'm guessing they've been there longer and restart every 24 hours, just guessing ofc.

My course of action has been to block all ports except ssh and remove all ssh keys except my own which I have reissued. All apps on the server run in docker containers with the majority being simple app + database combos and 20% are more complex.

Would the recommendation be here to backup the server, dump all databases, wipe the server and reinstall from scratch ofc keeping all the dockerfiles while changin the password or would you do it differently. I'm quite concerned since I mostly do server maintenance and docker container maintenance and not much else especially no running random noscripts so I don't know how this could've happned so I'm trying to be as careful as possible now.

https://redd.it/1q032nc
@r_systemadmin

Dell claiming SED SSDs are unavailable

I'm trying to order a fairly run of the mill server from Dell. PowerEdge R7615 to be exact.

As part of our security policy, cross-OS support, and standardization, we prefer SED (self encrypting disks).

Our Dell team is telling us that "We are showing low inventory/unavailable on 1.6, 3.2, 3.84, and 7.68TB SED"

The only option they've offered up is 800GB drives which won't work for our use case.

We're actually wondering if this is just a ploy to draw the order out past Jan 1st as we've been told that's when the new RAM pricing applies.

Has anyone else has run into this...?

https://redd.it/1q01yij
@r_systemadmin

Security scans and backported fixes ignorance

We maintain servers (Ubuntu/RHEL) for a customer who hired an external firm for a security scan.

Customer calls us in a panic. The audit report says their servers are a "Company Wide Risk" with critical CVEs. The reason? The auditors scraped the Apache version banner, saw it wasn't the latest bleeding-edge number from the Apache website, and flagged it.

We explained backporting. We showed them the updates proving the security fixes were applied by the OS vendor. Their reply? "No. You need to upgrade Apache to version x.y.z." It took several meetings to finally convince them we weren't negligent. (The security vendor also wanted the sell their services "to help")

One year later, same customer, same audit firm, different manager. This time we hid the Apache version banner. The auditors sent a questionnaire asking for the specific version number. We provided it, assuming they learned their lesson last time.

Exact the same "Critical Failure" report.

It’s not just this one firm. I’ve noticed this with almost every audit we go through. There is zero nuance. The reports never say "This version appears old, please verify patch status." It is always presented as an absolute, undeniable fact that we are vulnerable, which sends the "less technical" managers into a panic before we can even speak.

Does anyone else deal with this constantly?

How do you handle (bad) auditors who rely entirely on version numbers and refuse to acknowledge how Enterprise Linux distros work?

https://redd.it/1q06vhw
@r_systemadmin

ARM and Windows in 2025

What is your current experience with Windows and ARM? How is the compatibility of programs?

https://redd.it/1q0absu
@r_systemadmin

Solo Admin to VP of IT? Proposing an new role that doesn't exist at my job.

Hi All,

I’m currently the sole IT person (Title: Network Administrator) at a place with 65 employees. All things need to go through a board of directors, and our CEO/President just stepped down unexpectedly after less than a year.

I’ve been here for a few years, the prior IT person was here for 25 years. There is another employee with an unrelated job noscript, that does 25% of the work that an IT team should be doing (specific job related software). We use a local MSP for most things I cannot handle (Email, O365, Firewall patching, etc.).

Where I'm at: My noscript is becoming a mismatch for what I actually do. I’ve been working with HR to hire a second IT employee to offload the day-to-day tickets, but I want to take it a step further. I just got approval for the budget of a second IT person, but need to align it with a higher role.

I want to propose a VP of Information Technology role for myself to formalize the strategic, budgetary, and compliance work I’m already doing.

EDIT: There are 6 "Vice Presidents" at this job. That's just how the managers of each department are listed.

The Issue: The role doesn't exist. I report to the CEO/Board on things like compliance and risk management, but I'm still the guy people call when a mouse stops working. My boss, the acting CEO (Executive V.P.) has worked here for longer than I've been alive.

What I need advice on: Has anyone successfully "job-crafted" their way into an executive or high-level management role at a small-to-medium org?

Specifically:

- How do I frame the move from "Tech Guy" to "Business Executive" to a Board that might only see me as the IT guy?

- Is it better to ask for the new hire first, or bundle it into a departmental "restructuring" proposal?

I used some statistics to show that 1/65 IT/employee ratio is insane, and that 1:18 is normal for a small organization. Having a helpdesk break/fix, and a second IT admin would be ideal, but I can't really justify that with the MSP contract.


I’m finishing up my MBA in IT Management soon, so I'll have the credentials moving into 2026, but I want to make sure the business case is airtight. Any advice/guidance is appreciated :)

https://redd.it/1q0c68p
@r_systemadmin

Recommended solution that does both Mac and Windows MDM?

Our set up is very fragmented which is annoying, we use about 7 different tools, none of which have remote wiping or MDM capabilities. Are there any solid solutions that look after both systems?

https://redd.it/1q0bwom
@r_systemadmin

Is devops/site reliability engineer, platform engineer and similar jobs, same thing as sys admin? At some websites when you filter by sys admin it shows these jobs. Can you maybe talk about this? Thank you.

I don't really know.

If you can do sys admin jobs would you say you can probably do these jobs as well?

Do you have to read the same kind of code as a full stack or backend developer? Or is it more like noscripting code like powershell or something like that or maybe just python? Thank you.

Edit: I've also seen people on Linkedin go from sys admin to cloud, sre/devops roles. So I guess it seems very common, but I just I just need to hear it from someone to feel okay about it.

https://redd.it/1q0eew7
@r_systemadmin

In charge of a long overdue upgrade to systems - Need some advice from experienced sysadmins

Hello everyone,

I'm in search for wisdom and advice/suggestions.



"Short" version of the story: small IT EU-based company (<50 users) got absorbed by a bigger one (now 170-200 users, still EU-based).

I never had to care about "server modernization" given before me (and a colleague with on-par experience) there was a Senior IT which basically managed everything, leaving only basic tasks to us (internal helpdesk and customer service mostly). Turns out, there was never enough time for Senior IT and DEVs to modernize the systems to keep them "on par" with recent standards.

"Senior IT" went away, leaving mostly no documentation, and there was a certain employee turnover even among DEVs, and it seems they didn't leave anything really documented too.



Management decided to split me and colleague, leaving him to deal with "small company customer issues" and me to deal with "small & big company internal issues".

I landed better than him given at least for the "big company internal issues" part I have a few new colleagues from "big company" that know how to manage most of "their stuff", but cannot really help me comprehend issues I may have on my side.

Now I'm in charge of slowly modernizing our systems, given "bigger company" has higher standards, and some of our systems are "more than legacy" but without a proper documentation I'm a bit at a loss dealing with the mess regarding "server n.1" (there are many to fix).

I'm divided between checking firewall and proxy rules to sort out the various nats and pubblications, literally scavenging each and every webserver to search dependancies and referrals, and venturing into backend to see if all of the presumed referrals are good or there are things that are still there but unused.

Remaining DEV colleagues are no use (either moved to other groups where they have little to no spare time to help me or never apparently knew more than I actually know), new DEVs on those products/projects lack time and experience too and "Senior IT" is mostly unavailable as an external consultant (Management says he's too pricey so I cannot ask for paid help too much).

It's a mess, to say the least, and I feel like in a maze.



The baseline seems to be:

1) I have to be mostly on my own on solving those little issues

2) I cannot really spend money on this

3) Almost forgot: we work mostly on Windows (IIS + MS SQL + .Net )



Do you have any suggestion on how to approach this situation, or useful tools that I can use to "sort things out" or at least make proper documentation regarding newtork diagrams/dependencies and such?



TLDR; I'm alone trying to move "legacy products/projects" on more modern OSs with no documentation or knowledge-base from DEVs; trying to do some scavenging to find out how everything seems to work; I need tips and tools to survive the mess ahead.




Thank you in advance.

https://redd.it/1q0g1vb
@r_systemadmin

Finally got budget to implement an MDM

Capex budgets haven't been officially approved yet, but the implementation costs for an MDM have made it through all the rounds of approvals and I am STOKED.

We have around 150 mobile devices (mostly iPhones, some android phones/tablets) and it is an absolute NIGHTMARE managing them considering it's just my boss and me, and I mainly manage the phones. We've also got around 200 laptops that I'm hoping we can add to it next year, but at least we have an RMM for those that helps.

I've been asking for budget for budget for MDM for almost 2 years now, I know it's gonna be a ton of work to implement but we have an MSP to help with the legwork and it'll be so much less of my time wasted on stupid shit that an MDM can do automatically.

If folks have any suggestions for solutions you really like I'd love quick reviews - something that supports both android and apple, and if it can support windows laptops even better (we're unsure if we wanna go 3rd party or Intune). We've been trialing Vantage and it's super clunky, though my boss liked the super cheap price.

My top pick right now is MaaS360, and our SP recommended also looking at Ivanti, but I'm trying to identify a third one to demo and compare and there's... So much info to sift through online. (I've been back in the sysasmin world for about 3 years now after almost a decade career curve in telecom... Everything is a paid/sponsored ad nowadays and it feels so much more difficult to find actual useful info.)

https://redd.it/1q0i9or
@r_systemadmin

Personal Device

Curious how many tech workers use android devices vs apple for personal use. Mostly been an apple person having gotten the “free” with phone service but find myself leaning back to android now with Apple feeling pretty stagnant.

https://redd.it/1q0he3k
@r_systemadmin

"We're not allowed to copy files"

Just thought this was funny, in a kind of sad way. We have a third-party "technician" who's installed an updated version of their application on a few new servers I built for them. Disconnected herself from one of the servers when she disabled TLS 1.2 and 1.3 and enabled 1.0/1.1 (Sentinel One took the server offline due to perceived malicious activity). We managed to work that out after I explained HTTPS and certificates, so no harm, no foul.

But this is the same woman who previously had me copy 3.5Tb of files from an old server on our network to the new server (also on our network) for her, even though she has admin access on both, because she's "not allowed to copy files."


EDIT: btw, my heartache wasn't the "my company doesn't allow me to copy files" thing. I get that, even if I think it's excessive. It's the juxtaposition with disabling TLS 1.2 and 1.3 and enabling TLS 1.0/1.1 that was the what the actual F**K are you doing? reaction from me.

https://redd.it/1q0lrt4
@r_systemadmin