/r/sysadmin

Photograph via snooOG

A reddit dedicated to the profession of Computer System Administration.

A reddit dedicated to the profession of Computer System Administration


Rules

  1. Community members shall conduct themselves with professionalism.

  2. Do not expressly advertise products or services outside of approved threads.

More details on the rules may be found in the wiki.


For IT career related questions, please visit /r/ITCareerQuestions


Please check out our Frequently Asked Questions, which includes lists of subreddits, webpages, books, and other articles of interest that every sysadmin should read!

Checkout the Wiki Users are encouraged to contribute to and grow our Wiki.

So you want to be a sysadmin? RTFM


Sysadmin Jobs

Official IRC Channel - #reddit-sysadmin on irc.libera.chat Official Discord - https://discord.gg/sysadmin


/r/sysadmin

878,628 Subscribers

1

Install New Teams on Server 2019 RDSH Farm

I'm trying to get the New Teams client running on Win Server 2019 for weeks.

Tried all ways mentioned somewhere, tried a bunch of things on my own - nothing ever worked.

Sometimes it will start exact for 1 time, but if you close it or reboot the RDSH, it will never ever start again.

We are currently on Windows Server 2019 Datacenter (1809 Build 17763.5458) with 10 RDSH Servers. Using newest FSLogix Version (2.9.8784.63912). Can't get this shitty MSTeams-x64.msix running on my Test Server, still on Teams Old client on the production environment. The troubleshooting has already cost me days of investigating, reading endless and kind of senseless logfiles and forums/posts.

Did someone managed to get it properly running on 2019? When yes - how?

Would be grateful for any hints how to get it working!

0 Comments
2024/04/15
12:33 UTC

1

Best Practice to setup AD

Hello everyone,

I have inherited a network in Shambles and would like to start organizing my AD. what is the correct way to create department inside the AD . is it

OU then only global group for Users and one for Computers and devices ? or something else

0 Comments
2024/04/15
12:30 UTC

0

How much of a security risk are old cisco switches?

Hey everyone,

We're a medium-scale company considering purchasing a used Cisco WS-C3560-24PS-S switch for our network. However, I discovered that this model reached its end of service back in 2013. We plan to use it for VLANs, QoS, DHCP relay ACL, inter-VLAN routing, and dynamic routing with other L3 devices. The management IP will be on a dedicated VLAN accessible only by network engineers.

I'm curious about the risks associated with using older switch devices like this one and what measures we can take to mitigate those risks. Any insights or advice would be greatly appreciated.

Thank you!

9 Comments
2024/04/15
12:14 UTC

0

AD tidy up tools

Hi everyone

I've got a project to tidy up our AD - we have probably 800-1000 user groups and generic users which are not used any more but i can't tell if they are running any specific function in the background I don't know about. Do you have any recommendation for tools to help with this? I was looking at AD Manager Plus by ManageEngine but I've not used it before. There is some budget especially if it will help us keep it tidy going forward by alerting us when there are unused accounts.

Thank you for your help.

2 Comments
2024/04/15
12:07 UTC

0

SSL Certificate for Company website. Let'sEncrypt vs Commercial companies?

Dear colleagues/redditors,

few days ago I had an interesting conversation with a network colleague about SSL Certificates, and he provided me answers which raised some doubts.

Some background information: I am working for a Public Hospital in Germany. Our SSL Certificate (wildcard certificate) associated with our Netscaler/Citrix external access, as well as our Exchange Server was going to expire, so we needed to renew it.

Instead of buying the renewal of our certificate from GlobalSign, this colleague of miine suggested to use a LetsEncrypt certificate, because "what matters at the end is the green flag on the browser, that is all". Netscaler does not officially support let's encrypt certificates directly, but there is a trick where a linux machine could renew and apply the let's encrypt certificate regularly before the expiration directly on the netscaler.

I personally always tought it was a good idea to use Let's Encrypt for homelabs or services hosted at home, while for official sites (companies, business, education or Healtcare, an so on) you should always buy a standard certificate.

The discussion went also over the "warranty" you get with commercial certificates: this network admin said they cover issues on the globalsign/companycertificate end, not customer end.

I am wondering... is it really like this? Can we all use Let's Encrypt certificate for this purpose?

Also, right now Let's Encrypt is use for the official hospital website (public one). Is that ok, or is there something I should be aware of?

Thanks in advance!

5 Comments
2024/04/15
12:07 UTC

0

How does my salary rate?

Sole IT guy for a startup software company of about 60 people, still have my boss who oversees infrastructure as one of his many hats

117k base 0 deductible good Healthcare at around 50/mo Free dental Equity adding about 10k/yr with current valuation for the first 4 years Pretty flexible schedule, 1-2 times/mo afterhours work for maintenance 98% remote 3wk vacation 40ish easy hours a week is the norm

Edit

For COL, I'm in a large Midwest metro area, average rent is 1500/mo for basic apartments, 2k for "nice" apartments.

6 Comments
2024/04/15
12:01 UTC

1

DPM 2022: Vss Error: Class not registered

We have a DPM instance that's backing up databases on a SQL server but the backups are failing with VssError: Class not registered. I came across this post which seemed promising

https://www.reddit.com/r/SCCM/comments/17uygeu/dpm_2022_ur2_agent_dependencies_for_sql_backup/

But checking the server we already have version 18.7.2 of the OLE DB driver installed on the DPM server. I have checked Vss writers and that's showing no errors for the SQL writer. I've tried restarting the Vss service, restarting the server but still getting the same error.

I'm struggling to find any other information relating to this issue elsewhere online so hoping someone might have a lead that can give me something to look in to as I'm completely stumped as are the engineers who set up DPM in the first place.

0 Comments
2024/04/15
11:51 UTC

1

Rdm alternative?

hello admins, We need some solution in the company to connect to the servers. we have many users using various connection tools, putty, mRemoteNG, vnc...etc. Is there a solution where we can centralize everything, something like this: servers are divided into groups and each user has access to a specific group of servers, without being able to see the server's credentials. it would be best if it had a free version, but it can also be paid only cheaply. I see that "rdm devolutions" offers those possibilities, is there anything cheaper than that that does a similar thing?

1 Comment
2024/04/15
11:41 UTC

6

Pour one out for the H&R admins right now

Unable to file my taxes along with a hard of other folks. Unable to connect to the server.... fml, that's what I get for waiting until the last minute.

9 Comments
2024/04/15
11:37 UTC

0

How did you solve recent price increase of Kinston's datacenter SSDs?

DC600Ms -- the price went from ~160 EUR per 1.92TB to ~220 EUR for the same :/

Did you switch to something else? if yes, to what please?

Thx.

5 Comments
2024/04/15
11:27 UTC

22

Would you consider keeping Clippy on full-time if MS decides to bring it as a co-pilot?

I'm not sure if I'm being childish or if everyone else loved Clippy back in the days.

So, if Microsoft decides to bring back Clippy and enable you to click on it to activate co-pilot, would you keep Clippy floating over your apps?

31 Comments
2024/04/15
11:16 UTC

15

Lack of leadership and direction at employer

Mornings Sysadmin.

I need your advice, again. (noted sd)

I've been the sole sysadmin at a company of +170 heads for the last 10 years. The starting years went well but IT here has become stagnant. It's been a communication challenge (hell) trying to have a relationship with my reporting operations director regarding the IT Infrastructure and Future.

I have a junior who handles Tier 1 Support. I handle Tier 2 and our company environment (365 / Procurement / IT Assets / Budgets / IT Reports / Third party vendors etc). My direct reporting manager is an almost 70 year old Director who oversees company operations who handles multiple departments.

My frustration is that there is no leadership or guidance in the company's IT infrastructure. It feels as though IT at this company is seen as a "sit in the corner and fix whatever breaks". There is no growth, no new tech implementation, changes or improvements to the IT core. IT is seen as a janitor who isn't part of the current cycle of operations. We're not involved in new business projects and we don't even get dedicated parking.

Want to implement MFA Security? No

Want to Upgrade 365 Standard to Premium to take advantage of exchange security, intune, aad? No

Want to implement RMM? No

No changes, No improvements, Nada. Sit around and browse reddit and wait for a ticket. This means the pay is atrocious (6% and no bonus).

I've recently completed AZ-900 and MS-900. Operations Director wasn't phased by the skills improvement and thus, salary increase isn't considered.

IT feels like headless chickens. Dare I say we fall under r/shittysysadmins due to the gap of communications and guidance.

I'm looking at jumping ship as growth at this employer is capped.

The only perk is that we are hybrid.

What's your take on this? I've made an error sticking around for 10 years.

24 Comments
2024/04/15
10:47 UTC

1

Odd SPF Gmail behavior for external POP accounts

Hi all, I added ad external POP account (let's say: sughenji@external.com) to my Gmail mailbox.

Almost every message that I receive on sughenji@external.com and then is fetched from Gmail is marked as spam, with "SPF fail on 0.0.0.0", which is completely no-sense to me: the SPF check should be done ONLY on external.com's mx, NOT gmail, which acts a simple POP3 client.

Any suggestion?

Thank you very much!

3 Comments
2024/04/15
10:06 UTC

1

Moronic Monday - April 15, 2024

Howdy, /r/sysadmin!

It's that time of the week, Moronic Monday! This is a safe (mostly) judgement-free environment for all of your questions and stories, no matter how silly you think they are. Anybody can answer questions! My name is AutoModerator and I've taken over responsibility for posting these weekly threads so you don't have to worry about anything except your comments!

1 Comment
2024/04/15
10:00 UTC

3

server/pc organization for medium-sized company

we are a small italian manufacturing company with about 20 windows office workstations, divided in different locations, collaborating on a saas software for production management, orders etc..
more and more often we are having to collaborate or have to move from one office to another or work from home and this makes it difficult to take our workspace (folders, files, software) with us. i would like to ask you if you think it is possible to virtualize the workstations, thus making it easier to log out of one pc and log back in to another finding your desktop and all your files, maybe making it mandatory to log in when you turn on your pc. is there something like that? or do you know of other possible solutions?
thank u

13 Comments
2024/04/15
09:53 UTC

1

Anyone know a good roombooking tool?

so we are a company with around 700 people, 3 floors and a lot, but still not enough meeting rooms. We have iPad's on the wall next to the rooms and all that fun stuff, room booking via outlook works... kind of. Especially for meeting series, where a room might be free the next 2 weeks, but in the 3rd week it isn't etc., it's just annoying.

Does anyone know of a tool which takes away the room booking from people? I am not a developer but I can't imagine it being that hard to build something like this?
Especially with all the "AI" floating around, why is this not done yet?

What I would be looking for is a tool where

  • IT puts in all the rooms and it's info (how many ppl. what hardware is in there etc.)
  • users get the option to say which rooms they prefer and dislike
  • when booking a meeting, the tool simply checks how many people are invited, if VC equipment is required and books a room accordingly, facturing in the creators preferences

Is there any tool like that? Have looked around quite a bit and not found anything, they all just offer "we sell you hardware that you can put infront of the room and then you can see, right there, that no room is available :)" ...

4 Comments
2024/04/15
09:39 UTC

1

Alternative to Checkpoint Capsule that isn't Office 365/Outlook mobile?

Hello folks,

Where I work, we use Checkpoint Capsule for remote e-mail access. Checkpoint have announced the end of Capsule for the 31st of December 2024 so I'm asked to find an alternative.

Long story short, we did a POC for Office 365, but management is undecided on it and has been for a year. Outlook mobile would make everything so much easier but it's currently not an option.

Anyway, what "simple" alternative do you recommend? I used to have VMware Boxer where I worked at previously. It worked fine but it sounds like a lot of work to set up an entire Workspace One infrastructure just for e-mail access 🙄

Thanks for your feedback.

0 Comments
2024/04/15
09:26 UTC

0

Hardware Benchmarking

Hi All, I am seeking your recommendations on free hardware benchmarking tools. I have been using www.userbenchmark.com but it's become unreliable.

I have moved on to other applications to test CPU and graphics (like Cinebench) but I want to know what the wider community use to test their hardware.

7 Comments
2024/04/15
09:26 UTC

2

Trusted Location - Conditional Access

Hi all,

For people using Entra and Conditional Access, do you use Trusted Locations to either stop or minimize the number of MFA prompts a user gets.

Just thinking in particular about people working from an office.

Or do you apply MFA uniform, regardless of location or device?

12 Comments
2024/04/15
09:17 UTC

1

Office 365 default signature font

Hi guys,

last week we finally switched from Office 2016 to Office 365. But if i deploy our default signature via word file and powershell, the signature font is Apthos and not as intended Calibri.

I know that Apthos is the new "main font" from Office but how can i change the default font for signatures in outlook?

I already contacted microsoft support but they don't know either. Maybe someone of u got a solution.

0 Comments
2024/04/15
09:10 UTC

4

How to replace a massive, broken Power App

Hi r/sysamdin,

I am volunteering in Africa at the moment and have a problem which I do not know where to even begin trying to solve. I am in the data science department and the former head of the department created a massive Power App which is being used to submit reams of data to an on-prem MS SQL Server.

Unfortunately the Power App can no longer be edited. It can be used and ran, but the edit function causes the browser window to crash. I have tried all the usual tricks to rescue Power Apps (I posted to the Power Apps forums, with limited results, as I cannot afford an Azure App Insights subscription), but honestly I think it is beyond salvaging based on the size of the app. We are talking 50+ screens and 1000's of controls, from the one time I was able to see it in edit mode.

One solution of couse would be to start from scratch and create several smaller Power Apps to replace the monster app, but, of course, there is no money for licenses for this. I assume the previous guy "saved money" by getting some PER APP Premium licenses and then crammed everything into one Power App.

Does anyone have any suggestions on how to get some kind of online interface that allows end-user's to read from massive paper reports, type the data into fields, and submit them to an MS SQL Server? We need to hire a team of developers, I guess?

Thanks in advance for any help!

3 Comments
2024/04/15
08:34 UTC

1

Exchange 2019 Troubleshooting probe issues and find solutions

At present, I found that one of the exchange2019 nodes has a service that is unavailable every once in a while. Restarting can solve the problem. Through troubleshooting, I found that the following three probes have problems.Rest.Protocol,Network,Monitoring.Anyone have some ideas? Currently only looking at one blog that has this issue, but it's not resolved.

1.Rest.Protocol:error logs prompt the remote server to return an error: (401) Unauthorized.

Management availability prompt EscalationMessage: Failed to maintain work item "{Monitor.StateAttribute2}" (ID: {Monitor.StateAttribute6}). Health Manager has detected that it was set to run once and then failed, or it was unable to be consistent. Maintenance work items
Failures may result in monitoring gaps and should be investigated.

2.Network :error logs prompt The sequence contains no elements.

Management Availability believes that the network adapter receiver scaling status is not enabled on the server. It tries to enable it, but the problem cannot be solved after enabling it. It is recommended to restart.

3.Monitor:error logs prompt null.

Manage Availability Think

(1)EscalationSubject: Process isolation: Process high CPU usage error alert: AzureMonitoringAgentBootstrapper. EscalationMessage: The process AzureMonitoringAgentBootstrapper has exceeded the CPU error threshold. (2)EscalationSubject: Process isolation: Process high memory usage error alert: Microsoft.Griffin.Monitoring.GriffinLocalWatchdog.

EscalationMessage: The process Microsoft.Griffin.Monitoring.GriffinLocalWatchdog has exceeded the memory error threshold.

(3) Maintenance work item "{Monitor.StateAttribute2}" (ID: {Monitor.StateAttribute6}) failed. Health Manager has detected that it was set to run once and then failed, or it was unable to be consistent. Failures in maintenance work items may cause gaps in monitoring and should be investigated.

0 Comments
2024/04/15
08:21 UTC

0

Opinion on platforms like Growrk, Workwize, and Hofy

Hi all, lets be real- buying and renting IT equipment for remote teams can be a pain. So during my research I discovered that platforms like Workwize, Growrk and Hofy actually simplify the process of end-to-end equipment management. I did book a demo with them to understand further too. So far Workwize seems quite nice.

I am wondering why don't more and more companies switch to these platforms for their IT asset procurement, retrieval and disposal needs? Any there any hiccups?

1 Comment
2024/04/15
08:10 UTC

0

Our company got hacked. What to do?

Writing this to ask you guys what to do. Our company server got hacked for ransomware today. It is a big shock to us since our company isn't big.

We don't know what to do from here. should we just pay the ransom? Files were mostly important and would hurt the company badly without them. we would have to re do all of them from way back 2016.

what to do?

edit: From the comments mostly flaming me for apparently obvious this. I'm not in any way IT savvy. Only thing close to IT for me is games. So I hope that explains my naiveness.
Also, I don't own the company. I'm just an employee that looked to reddit for answers/clarity.

59 Comments
2024/04/15
07:12 UTC

0

Anyone using Emsisoft has started to see some Windows 11 and 10 stuck at login screen?

We manage about 300 clients and since a week or so, after a reboot, PCs are stuck at the login screen. Sometimes the password box doesn't show, other times it accepts the password but then it spins indefinitely. No power options on the login screen, and when sometimes they are present, when clicking reboot or shutdown they do nothing. Booted in safe mode, uninstalled Emsi, everythings fine. Reinstalled again today, updated, rebooted, same problem...

I can't find anything online, so I'm hoping someone else here has the same problem.

PCs are different brands, different software installed, only thing in common is Emsisoft and Active Directory joined.

1 Comment
2024/04/15
06:33 UTC

1

Backing up a single file server

I am newly assigned to the role of IT Admin in our office since I am the most familiar with computers among our employees. I have no prior experience, I just know how to fiddle with computers as a hobby.

Basically, we are a small company with less than 30 employees. We have a network shared drive on a computer where most of our files and data are saved. I am want to backup that computer through backblaze and through an external hard drive but I have the following questions.

  1. Is Backblaze's personal plan suffice for our use case since we're just backing up a single computer?
  2. To those who create offline backups, what type of external drive do you use? Is it okay to purchase off the shelves backup drives such as Seagate Backup plus, etc?
  3. Do we need a software to create offline backups? Are there free ones?

I will probably have more questions once we start implementing the backups, but I think those covers my uncertainties for us to start at least. Thank you in advance.

6 Comments
2024/04/15
06:22 UTC

0

MDM on personal iPhone

I’m forced to use Google MDM profile on my personal iPhone to have access to work Gmail and Slack.

I really like having access to work conversations from portable phone with all notifications etc so I’ve went and installed profile. Fortunately this profile is removable at any time but I’m concerned about what data can they access on my phone.

My IT department says they don’t have access to data accept for name, email and ability to remove work apps. But it clearly says on the profile rights that they have more than that (screenshots in comments).

Do they really can’t access my data (files, browser history, photos etc) and can only erase it? What do they really see?

35 Comments
2024/04/15
06:06 UTC

8

Exchange 365 Webmail Attachments borked?

Is anyone else getting reports of users unable to preview or download attachments from webmail?

Not happening to ALL users, but the majority...

13 Comments
2024/04/15
05:38 UTC

1

Microsoft EOP Advanced Filter

How are you guys handling the abundance of false positives from Microsoft EOPs “Advanced Filter”? The latest round snagged meeting responses and invitations to the CEO flagging them as High Confidence Phish. They’re going to demand answers and I know Microsoft Support will give me nothing.

1 Comment
2024/04/15
04:41 UTC

0

Problems with my dell latitude 7320

I seen the post about the peak thing in my bios screen so I'm sure that should fix the charging problem but I can NOT figure out how to get back to the regular windows desktop screen. ( if that's even what it's called on a laptop) I am either taken to the bios screen after I put my password in or the blue bitlocker screen but never where I need to be. I read something about holding down the control alt and up button but it died before it did anything. I was holding it for some time though so I feel like that wasn't doing anything anyway.ANY SUGGESTIONS??? 7420 Idk why auto correct keeps changing that number

2 Comments
2024/04/15
04:07 UTC

Back To Top