/r/sysadmin

Photograph via snooOG

A reddit dedicated to the profession of Computer System Administration.

A reddit dedicated to the profession of Computer System Administration


Rules

  1. Community members shall conduct themselves with professionalism.

  2. Do not expressly advertise products or services outside of approved threads.

More details on the rules may be found in the wiki.


For IT career related questions, please visit /r/ITCareerQuestions


Please check out our Frequently Asked Questions, which includes lists of subreddits, webpages, books, and other articles of interest that every sysadmin should read!

Checkout the Wiki Users are encouraged to contribute to and grow our Wiki.

So you want to be a sysadmin? RTFM


Sysadmin Jobs

Official IRC Channel - #reddit-sysadmin on irc.libera.chat Official Discord - https://discord.gg/sysadmin


/r/sysadmin

957,614 Subscribers

0

User Organization Question

Management has requested that all usernames and passwords we use be consolidated into a single, central location where credentials can be managed across different platforms to prevent unauthorized access.

I’m still relatively new, but I’m not sure how feasible this is without utilizing a dedicated password manager. Are there tools or systems in place for managing credentials centrally that I might not be aware of? Or does everyone just manage credentials independently across various platforms? For instance, I have a Microsoft email account and this Reddit account, with passwords saved in my browser. These aren’t centrally managed, except perhaps through a tool like Bitwarden.

2 Comments
2024/12/02
22:19 UTC

1

Windows Server + Hyper-V on a Minisforum AtomMan G7 PT

Has anyone ever tried running Windows Server with Hyper-V on this specific device.

Website is https://www.minisforum.com/page/g7pt/index.html?lang=en

Google AI indicates it should be possible but my company's lead sysadmin doesn't believe it will work.

This is mainly for a personal project of mine and not anything directly work specific.

The goal is to use the device to get more familiar with Hyper-V while outside of work, which would benefit me on the job.

The processor is a AMD Ryzen™ 9 7945HX Processor, 16 Cores / 32 Threads (64M Cache, up to 5.4 GHz) so core count shouldn't be an issue when it comes to running maybe 2 or 3 VMs.

2 Comments
2024/12/02
21:55 UTC

0

User logon details

I want some Tool which can fetch me data for user logon details in a detailed way. Should be free like winlogon view. I am not preferring winlogonview due to its limited and non detailed Data. I am not in a AD

1 Comment
2024/12/02
21:36 UTC

1

Exagrid or data domain?

If you had to choose between exagrid and data domain for a local backup target, what would you choose and why, they are both about the same price in the same size.

3 Comments
2024/12/02
21:13 UTC

3

Seeking Advice on Managing +100 TB of SharePoint Online Data: Archiving Strategies & Tools?

Hello fellow IT pros,

I'm facing an issue where SharePoint has grown tremendously to over 100 TB and continues to expand at a rapid pace. $$

The growth is becoming difficult to control, and I need to figure out a sustainable strategy for managing these SharePoint sites, especially focusing on data archiving. I'm interested in hearing about what has worked (or hasn't worked) for you all when managing such large SharePoint environments.

Specifically:

  1. How do you decide what to archive and what needs to remain accessible?
  2. Are there any tools (Microsoft-native or third-party) that you’d recommend for archiving and managing large SharePoint instances?
  3. What are the pros and cons of different approaches/tools you’ve used for controlling SharePoint growth?
  4. Any best practices on structuring SharePoint content to ensure it doesn’t grow out of hand?

I know this is a complex area with a lot of nuances, and I’d love to hear from people who've dealt with similar situations. Insights, experiences, tool recommendations, or even just some guiding principles would be greatly appreciated!

Thanks in advance for your help!

1 Comment
2024/12/02
21:09 UTC

0

What is your go-to remote tool?

I used to use AnyDesk a lot but now they added a 999 seconds wait if you don't have a license. That is 16 minutes! lol

29 Comments
2024/12/02
21:06 UTC

2

domain joined laptop and smartworking

Hi

got an AD site with users that have logon script that simply mapping some network drive and open an intranet web page.
It works smootly when the laptop is connected to company network, of course when is not connected, the logon script is not executed, so no network drive and no intranet page.

Any idea on how to create a script (I was thinking to put on scheduled tasks and repeat every 5 min) that check for domain controller presence (ie: reply to a ping) and if found, execute user script?

I was also thinking to create a small VB6 app for that, but maybe there's some other simply way of it.

maybe leaving domain joined computers to smart worker is not a good idea?

NOTE: yes yes ok ! network drive is old, VB6 also...

3 Comments
2024/12/02
20:59 UTC

0

Migrating Windows server 2003 from RHV to VMware

Good Day SysAdmins
Currently we're running a V2V operation, migrating from our RHV env. to VMware 8 using VinChin.

So far the operation is going good, but I'm facing an issue with a windows server 2003, the server is crucial to the company, it's running an old software where the company that made it is no longer with us, hence I'm stuck with migrating it with no other options unfortunately.

When migrating it to VMware and after changing the "Virtual Device Node
" to "IDE0" from the disk config, then running the VM the windows logo and loading banner appears for a split second and then jumps to a blue screen and restarts immediately,(I tried using ) I used the F8 trick to prevent it from restarting and the blue screen error is "STOP: 0x0000007B (0xF789EA94, 0xC0000034, 0x00000000, 0x00000000)"
I figured from another post that this error code indicates an issue with storage drivers that are not loading so I tried to follow this article https://recoverhdd.com/blog/enable-ahci-mode-for-sata.html
and couldn't even find the mentioned registry entries on the server.

What is needed to have this server run on an ESXi 8 host?

In summary I got this really important windows 2003 server that needs to be migrated from RHV to VW 8, when migrated it doesn't work, always run into a blue screen and the server restarts.

Pardon me If forgot to mention any important relevant detail.

1 Comment
2024/12/02
09:23 UTC

0

I can’t boot windows 11 on my chromebook from my usb

I have a IP 5i 16iau7 chromebook and I'm trying to install windows 11. I watched multiple tutorials and everything was good in developer mode with turning off WP and everything. I downloaded it onto my 32 gb flash drive (it said it was successful), but when I tried to boot using the usb I get the message "booting from usb failed: verify it contains a 64-bit UEFI OS" I've tried everything I've seen but nothing it working, what do I do? What does 64-bit UEFI OS mean? I know windows 11 is compatible with my model. Nothing I do will let me exit this screen including powering down.

3 Comments
2024/12/02
01:11 UTC

2

MFA Management and Removals - How do you do it right?

Hey everyone,

I'm making an effort to harden our password reset and authenticator management in our organization. However, I've hit a wall regarding authenticators.

I've established in policy that we will only handle password resets in person or via the Microsoft SSPR (We're entirely Microsoft, everyone has MFA). The trouble I'm running into is when users have changed out their phone but didn't move their authenticator or re-enroll it. This of course makes it impossible for them to change their password or login because we have to remove the authenticator from the old device.

Our service desk is pushing to allow for remote authenticator removals, which I'm against since we can't verify anyone over the phone. We're cleaning up old policies and tech debt, but this is one piece I'm not really willing to budge on.

I'm looking for advice on how some organizations operate their authenticator removals. Should anyone who has it done just come in person? For reference, we're geographically centralized due to how our business operates, and there is no such thing as a 'full remote' employee.

I know some organizations have things like verifying the last 4 of the social, and other 'secret' information, which I'm not entirely a fan of either.

Am I missing something easy or am I overthinking it in terms of removal?

Thanks!

8 Comments
2024/12/02
20:48 UTC

0

SharePoint Administration

Hey everyone,

I am being given more responsibilities in 2025 and one of them is managing our SharePoint sites. Right now, someone who isn't in IT is handling it because she had previous experience, but they want to move it back in IT. I will be in charge of creating new sites, managing permissions, and maintaining our automations that create new and update sites.

What's everyone experience with this and what can I do to prepare?

Thanks!

6 Comments
2024/12/02
19:27 UTC

10

Vending Machines aren’t even my job🤦‍♂️

Any of y’all have to deal with vending machines in your professional IT job? Looking for a company that isn’t a pain to work with. Already tried Nayax and Cantaloupe. Nayax wouldn’t take our billing type and Cantaloupe would never respond.

Edit: Need a credit card processor

62 Comments
2024/12/02
19:22 UTC

0

Well it finally happened

I knew it was going to be a problem and I In nder a 8 months I've been proven correct

Currently in reddit because our entire network is for because Zayo f'ed up layer 2 yesterday. Now we have two data drops and the other is Cogent which USES THE SAME ZAYO INFRASTRUCTURE for last mile We knew that was a choke point and didn't act (I'm not CIO so my options meant nothing) Do now both are down and I'm catching up on my reading (ie reddit) Of course the SLA only counts after ticket is opened, really wanted to beat the 5 9s this time

5 Comments
2024/12/02
19:17 UTC

1

Having a weird printer issue on one of our 2022 RDS servers

Odd issue this morning, if I log into our 2022 RDS server (well, anyone really) and you open printers and scanners, it's prompting for a MS login. This is joined to a LOCAL domain and not connected to entra/azure. Printers are on a local print server. All workstations are OK and not getting this prompt.

No new events in the viewer when it kicks off. Ever see something like that?

Edit: No new updates have been pushed out since the week before Thanksgiving. We had users in and working OK last week.

edit again: I am going to blow out my profile and rebuild it and see what it does. It's only on my login after just checking with a few people.

11 Comments
2024/12/02
19:12 UTC

5

SMB Firewall Question: Subscription Based vs Non Subscription Based

I usually use Fortigate 40F as my security device on my networks and pay the ~$200 annual subscription for the security but for small businesses such as restaurants, would it not be better to just use a TP-Link ER707-M2 or am i missing something?

10 Comments
2024/12/02
19:08 UTC

0

Windows Fileshare 2012 > 2016

I have to get a fileshare upgraded to 2016.

Current setup: Everything is on a VX VM in vSphere 3 disks total: OS, 2 for shares

Total data is ~4TB

Which option is path of least resistance:

  1. Take a snapshot of the VM, update 2012 to 2016
  2. Spin up new VM, detach share drives, move to new VM. Copy registry, update IP and DNS records
  3. Spin up new VM, make new shares, robocopy

Update: Since this is a small environment and next year I'm going to have to get onto an up to date OS version, just gonna go with option 1.

10 Comments
2024/12/02
19:05 UTC

3

Tips for interviewing Help Desk applicants?

I work for a medium sized company and am currently the only IT person. Management agreed to add another IT person, as we're growing. I'm doing all the resume screening and interviews. My boss, who is not an IT person, will do the 2nd interview for two candidates I choose, then we'll decide which one to hire.

It's essentially a 1-3 yr experience Help Desk role.

Anyone have some suggestions on what kind of questions I should be asking when interviewing people for the new role? I'm asking a couple low-level tech questions, having them describe a difficult tech issue that they solved, and a time they dealt with a frustrated end user. I'm also asking them to describe what tasks they performed for specific skills they mention in their resume. "What kinds of tasks have you performed in Active Directory?" for example.

What kinds of questions do you ask your interviewees?

22 Comments
2024/12/02
18:57 UTC

193

When did Google Search get SO bad?

https://imgur.com/a/IUEhnRX

I don't know if it happened slowly or all at once, but when did Google become so anti-user? I remember fondly back in the 00s when Google was dethroning Ask Jeeves and Yahoo because they just gave you search results, and any suggestions or sponsored content was boxed off to the side. In what world is sponsored content taking up 90% of the page acceptable?

101 Comments
2024/12/02
18:23 UTC

1

How to configure WinServer Remote Acess for VPN access such that in the client side only the traffic under the VPN subnet is routed through the VPN interface. All other traffic should use the default interface.

Windows Server 2022

Or should i put a route rule in the client side. But this seems an additional step from the perspective of the client user.
How should i set the route rule?

~Thanks

2 Comments
2024/12/02
18:20 UTC

5

Mac support

I was asked if we could support Mac on a predominantly Windows Server/Domain environment. I know we can, but there would be limitations.

We have Intune to aid in managing the Mac’s but we still have a handful of legacy applications on the domain and file/print servers.

I’m doing my research now, and can anyone speak from experience on the roadblocks and hard limits of supporting Mac on a Windows domain?

26 Comments
2024/12/02
18:09 UTC

43

How to deal with Power Users

I've got an issue.

I have a few power users who are amazing at their job. Productive, and we'll versed in the programs they use. Specifically Excel Macros.

Issue is, when they encounter a problem in their code base of 15k lines, they come to IT expecting assistance.

I know my way around VBA, and have written my own complex macros spanning all of the M365 platform. HOWEVER, I do not know what is causing your bug, because I didn't write the thing.

They send me the sheet (atleast they create an incident for it) and ask me to find the root cause of their bug, or error, or odd behavior ect ect.

I help to the best of my ability, but I can't really say it fits my job description.

How can I either, be of greater help and resolve their issue quicker, ooooor push it of as not my problem in the most polite way possible???

Plz help ~Overworked underpaid IT Guy.

66 Comments
2024/12/02
18:06 UTC

1

File Migration: What's the recommended approach

Greetings all,

I'm in the process of virtualizing an environment. There is a group policy in effect that redirects all users Documents folder. The redirect has some users on one server and other users on a different server. Both servers are DCs.

I'm trying to determine what is the best way to handle this rediection Do I turn off the policy and have the files returned to the user devices, some of whom work remotely. Or can I just change the path of redirect and windows will handle everything else?

What I have done in the mean time is to use robcopy to copy the user folders from the two servers to the new file server vm.

I would appreciate any feedback on how you would/have approached a similar case.

8 Comments
2024/12/02
17:57 UTC

1

Office 365 Issues / Slow to sign in after password update

Having a weird experience with office 365 after users update their passwords.

Office won't accept the updated password until we run dsregcmd /leave and reboot the pc.

Once we reboot, the password is accepted - but until after waiting about 5 minutes of "Just a moment" its super painful for users.

Any one have this experience as well?

1 Comment
2024/12/02
17:36 UTC

0

User folder spelled wrong

Hello All,

I'm still fairly new in the I.T. world so there is a ton I'm learning. I created a user in AD and spelled her name wrong (Paulette instead of Pauletti). I went through the users properties and corrected all instances of her name being spelled incorrect. So far the only place I can find where it is still misspelled is the user folder on her PC.

My first thought was NETPLWIZ but it is a domain issue not a local machine issue. I have checked everywhere, including the attribute editor to ensure I didn't miss a spelling error somewhere. I found an article that said if I add a value to "Profile Path" it will change that folder to the correct spelling; however, that also didn't work. My last resort is to completely delete the user and create them again. I don't want to do that because it'll also delete the user from Microsoft 365 and I'll have to rebuild the entire user after hours and remote into her machine to be sure it worked. Normally I would move on but the user has found it and is making a big deal about it being misspelled, which I guess I understand.

Does anyone have any ideas that I am missing?

17 Comments
2024/12/02
17:08 UTC

1

Can't get Microsoft 365 developer program sandbox subscription

I am new to managing the M365 environment and we have a very basic production area and I was hoping to setup a Dev type environment to be able to test policy changes and Intune and just about everything beyond having email with Exchange.

I am super gun shy about playing around in our current production environment as another sys admin has already cause 2 company wide outages with some changes they made, without understanding the full impact.

I found some handy guides and videos, but none of them seem valid as I seem to be hitting the error message "Thank you for joining. You don't current qualify for a Microsoft 365 Developer Program sandbox subscription."

I know that we can get it with a Visual Studio subscription, but we don't have any use case for it and I know that the business will not spend the money on it.

I thought that I had read that there is supposed to be some sort of new verification process that I can use to get a Dev sandbox, but I am not sure where to actually go to start the process.

Anyone have any way to get this going today, or some other method to get a M365 sandbox?

8 Comments
2024/12/02
16:50 UTC

2

Bitlocker on Dells

Hi everyone!

I am having this issue that I am just about DONE with and Dell support is no help so far...

We started having issues with Latitudes 5450s and 5550s and now received and testing a Precision 5690 and again the same thing (almost ).

What is happening on RESTART the computer throws a Bitlocker screen which if you let it time out (no input until the computer shuts down ) , next time you power on the computer just boots normally into Windows.

We found out that for 5450s and 5550s it's happening only when the AC is unplugged. For 5690 doesn't matter if AC is plugged in or not.

We are using BIOS passwords with RebootBypass being enabled as part of the onboarding and initial setup (which is technically is "default" for the machine from Dell anyways ) and the issue seems to resolve then the RebootBypass is disabled . But that's just a workaround and this should work anyways

Another thing I've done so far is compare Bitlocker settings on the OEM Dell image/Microsoft image to our gold image and it looked similar ?

Environment is

- Custom image from MDS - Win 10 and Win 11 (updated from the same Win 10 image ) , drivers from Dell site, their packs for the appropriate models

- Using Bios passwords (user/admin)

I've been in contact with Dell and they are releasing BIOS versions like their are getting paid on a regular lately (at least once a month ) . I am being asked to collect their logs to after each update and replicate the issue, which it does replicate but after initial testing SOMETIMES I have to reimage/ play with BIOS ( just going in and out without change ) and the issue comes back etc.

Dell also is harping on Image being not OEM which is understandable but we are using Microsoft image in the core and using Dell's utilities to change settings etc for the machines initially.

I am just lost on what I can try/do at this point without just going through RebootBypass and disabling this feature. I'd really like to resolve this as we never used to have this issue with OUR gold image prior to June/July this year.

ANY ideas/suggestions are WELCOME...

Thanks in advance !!

*** quietly rocking in the corner ***

11 Comments
2024/12/02
16:42 UTC

1,704

Hot Take - All employees should have basic IT common sense before being allowed into the workforce

EDIT - To clarify, im talking about computer fundamentals, not anything which could be considered as "support"

The amount of times during projects where I get tasked to help someone do very simple stuff which doesnt require anything other than a amateur amount of knowledge about computers is insane. I can kind of sympathise with the older generations but then I think to myself "You've been using computers for longer than I've been working, how dont you know how to right click"

Another thing that grinds my gears, why is it that the more senior you become, the less you need It knowledge? Like you're being paid big bucks yet you dont know how to download a file or send an email?

Sorry, just one of those days and had to rant

501 Comments
2024/12/02
16:23 UTC

48

Webroot causing slow logons

Anyone else having computers taking 30+ min to load the desktop this morning?

Edit1 - Called Webroot support. At first, they said they are not aware of an issue, they said they have not pushed out any updates that would cause this and wanted to blame Microsoft. I was asked to pull logs from affected computers...Only suggestion was to shutdown/remove webroot.

Edit2 - 19:00 UTC Webroot has updated their status page. https://status.webroot.com/ Degraded Performance

45 Comments
2024/12/02
16:06 UTC

0

Teams phone reliability and service health stats

Hey all, looking to do a phone migration to teams, trying to weigh whether we go with teams natively and getting phone services through them or link up with operator connect/direct routing with a VOIP PSTN provider.

Hows everyones (longer term) service health like on the phone system

For obvious reasons its challenging to find a health report that doesn't go away in 30 days.

I found some articles already about phone outages but looking for something more concrete

Date Impact Resolution Time (if can find) Area Link 10-Oct-24 Call Queue and Attendants don't work, routed unhealthy area 7 hours North america https://answers.microsoft.com/en-us/msteams/forum/all/unable-to-receive-calls-on-a-teams-auto-attendant/0e493453-1f21-4584-8134-c8f56541ddb6 Sep 12 2024 can't access teams 2 hours USA (ATT) USA via ATThttps://www.nexustek.com/blog/update-microsoft-services-connectivity-issue-for-att-users-mo888473 19-08-2024 Calling Plan and Direct Route users affected, cannot place calls; SBCs for customers flapping 13 hours EU/US https://www.reddit.com/r/sysadmin/comments/1bpu49n/microsoft_teams_calling_outage/ Current running list of issues (globally) that Ive found Engaging MS to further identify uptime, as their service portal takes information down after 30 days. Did find this X/Twitter official m365 status page https://x.com/MSFT365Status

The above is nearly the best I could come up with

3 Comments
2024/12/02
15:59 UTC

10

Spam Confidence Level 8 even though whitelisted in O365

I receive an automated monthly email with the worst subject line ever:

revised releases for 4hx4134,4bc4141,4bc4134,4bc4135,4bc4136,4bc4144,4bc4535,4bc4536,4bc4537,4bc4549, and 4bc4590

And, it ends up in O365's Quarantine, every, single, month. I have the entire domain listed in the "Anti-spam inbound policy" Allowed Domains, plus, I have an Exchange rule that says if sender's address domain portion belongs to any of these domains: 'domainxyz.com' or 'domain123.com', then Set the spam confidence level (SCL) to '-1' Yet I get the below when analyzing the headers. What am I missing?

|| || |Spam Confidence Level|8| |Spam Filtering Verdict|SPM| |IP Filter Verdict|NLI|

8 Comments
2024/12/02
15:40 UTC

Back To Top