Sysadmin

This is an automated archive.

The original was posted on /r/sysadmin by /u/danj2k on 2024-01-22 10:28:14+00:00.

At the moment we use an Excel spreadsheet to keep track of when our servers were last updated.

I'd like to add some conditional formatting to this to make it visually easier to spot servers that are out of date and need the latest updates installing.

At the moment I've got a simple "30 days" formula, but this doesn't take account of situations when the server was updated within the current month but before Patch Tuesday.

Does anyone have formulas that can be used with Excel conditional formatting that account for Patch Tuesday correctly?

This is an automated archive.

The original was posted on /r/sysadmin by /u/AutoModerator on 2024-01-22 10:00:15+00:00.

Howdy, /r/sysadmin!

It's that time of the week, Moronic Monday! This is a safe (mostly) judgement-free environment for all of your questions and stories, no matter how silly you think they are. Anybody can answer questions! My name is AutoModerator and I've taken over responsibility for posting these weekly threads so you don't have to worry about anything except your comments!

This is an automated archive.

The original was posted on /r/sysadmin by /u/LordLoss01 on 2024-01-22 10:22:38+00:00.

I'm trying to set up a PiSignage Server (). Unfortunately, one of the requirements if you want to access it from any computer is that you need to use a Public IP, of which I have none. Also, while both the Players and the servers would be on the same Wifi, it's a publicly accessible wifi for which I have no access to the admin side.

I do however have pretty much unlimited resources on Azure. I wasn't sure if I could set up some kind of VM on Azure, have it hosted on the web, and then point the server towards that instead of a Public IP?

I'd like for the web interface of the server to be accessible from any PC, even ones not on the same network as the server/player. Ideally, I'd prefer to use a physical machine over Azure because (A) My experience with Azure is minimal as I focus more on Intune and (B) Cut down on costs, however minimal.

This is an automated archive.

The original was posted on /r/sysadmin by /u/Lopsided-Dig-4661 on 2024-01-22 09:27:09+00:00.

Hello, is anyone aware of a service that can be used to pull all of the status pages/alerts from multiple SaaS products into one place?

Whenever someone reports downtime I find the relevant status page and put a message on slack to make people aware. I think it would be nice if there was some kind of service that would allow me to register for status updates for all the SaaS products we use all in one place so that if someone suspects downtime they just go to one place and can see for themselves easily.

I'm pretty sure it doesn't exist but wonder if it would be quite a simple thing to build.

This is an automated archive.

The original was posted on /r/sysadmin by /u/No_Competition_8788 on 2024-01-22 09:15:43+00:00.

I'd like to delete some print queues that are no longer used in my Papercut application. However, I'd like to keep the job logs that users have sent to these print queues for statistical purposes. Do you know if deleting these print queues will delete users' job history?

This is an automated archive.

The original was posted on /r/sysadmin by /u/Pflummy on 2024-01-22 09:03:33+00:00.

Hello,

What is stronger gpo or delegated permissions? I guess both needs to be set to allow to allow a certain settings? For deny if deny in gpo exists it always wins?

Many thanks

This is an automated archive.

The original was posted on /r/sysadmin by /u/ELMIOSIS on 2024-01-21 13:43:49+00:00.

So, i wonder whats the easiest way to deploy apps via sccm. In this scenario, all pc's in the organisation run Windows. When apps are being deployed, they're either in .exe file or a .msi file. I heard something about .msi apps being easier and simpler to deploy and are more windows friendly.

Is it possible to covert .exe to a .msi file for deployment then? Do y'all use a free msi wrapper when deploying apps, if so, which one and when in the process of deployment do you use it?

This is an automated archive.

The original was posted on /r/sysadmin by /u/frocsog on 2024-01-22 08:37:19+00:00.

Hello, I'm just a simple sysadmin in a middle school somewhere in an obscure country in Europe. I've been here (and in the trade) since 3 years, and one of the things I've learned pretty quickly is just how unreliable UTP cables are. Our school building has network cables running in the walls and the attic, and the number of times a mysterious network issue resolved with just changing a cable is mad. Now everytime someone calls me, saying "no net", I immediately check the cables. Well, almost everytime.

Lately, the longstanding extracurricular club "Edison club", which helps technically inclined students develop their skills and interests, built a new club house near our school. It has no official ties to our school, but their leader is our IT teacher, and they are somewhat integrated with us. So, they ask if they can have internet from our network. I say yes, because I'm nice, I don't see safety hazards and I know the principal, my boss, is OK with this. It's not a big job anyway, just putting an RJ45 on the end of their cable and firing up a Wi-Fi router. (they did the cabling from our building to theirs, but their cable connects with our in-built network).

Now, the connection is established, but it's unstable. Strange things happen. One time it works, the other time it does not. In the room where their cable is connected, there is an AP which spreads our own network. I discover that either the AP is working, or the club's router. If both connected physically, they do not work. I fiddle with our network settings, putting them in different vlans seems to work. I think I got the issue and I'm walking home happily. Now, after some days, it's not working again. I'm mad at this point, because what started as a 30 minute extra job is now occupying all my problem-solving skills (luckily there's not much work I have to do, one of the things I love this place), and I'm not even payed extra (as this is basically not my work).

So I start to experiment with putting their network connection behind another router, which I know is working, and it turns out it won't work that way either. Then I discover that our cable, with which they connect, is a crossover cable. It shouldn't matter in the age of auto MDI/MDIX, but what do I know. I've seen strange things. I re-make it, and it gets weirder. Judged on the colors, it looks like a straight-through cable, but it measures as a crossover. I look at the cable, I notice there's no "cat 5", or any other sign printed on it. Some 10 meters of cable, running through walls and the attic. I say to the club: we need another cable. I don't have any UTP cable, but they say the will buy and even replace it. They did it, thankfully it wasn't as in-built as I thought, and now it's working fine. Surprise, they discovered a hidden patching somewhere that I didn't know of.

So, check your cables first, folks. After DNS of course.

This is an automated archive.

The original was posted on /r/sysadmin by /u/ReactNativeIsTooHard on 2024-01-22 06:51:38+00:00.

Hey guys! I finally convinced my manger to allow us to migrate the DHCP role from our 2008 server (so we could shut it off) to our AD server. He wants me to write up a plan, obviously I know how to do the migration - I’ve looked into that. So I’ll include those steps in the plan of course, but what else do I put in said plan? Maybe estimated time, possible issues, etc.?

This is an automated archive.

The original was posted on /r/sysadmin by /u/MauriceMouse on 2024-01-22 05:58:15+00:00.

Hello, not sure if this is the right place to ask this question but here goes. My company bought a batch of Gigabyte servers recently and we're looking to buy more, particularly their all-flash storage server S183-SH0. One thing that Gigabyte tells us is a great advantage is their free-of-charge value-added management applications for remote server management. If I may paraphrase from the link:

GIGABYTE Management Console

For management and maintenance...the GIGABYTE Management Console is pre-installed on each server. IT staff can perform real-time health monitoring and management on each server through the browser-based graphical user interface. There's also support for standard IPMI specifications, automatic event recording, integrated SAS/SATA/NVMe devices and RAID controller firmware to monitor and control Broadcom® MegaRAID adapters.

GIGABYTE Server Management (GSM)

Software suite that can manage clusters of servers simultaneously over the internet. GSM can be run on all GIGABYTE servers and has support for Windows and Linux and complies with IPMI and Redfish standards. GSM includes the following utilities:

GSM Server: Real-time, remote control using a GUI through an administrator’s computer or through a server in the cluster.

GSM CLI: A command-line interface for monitoring and managing remotely.

GSM Agent: A software program installed on each node that retrieves information from each system and devices through the OS.

GSM Mobile: A mobile app for both Android and iOS that provides admins with real-time system information.

GSM Plugin: An application program interface that allows users to use VMware vCenter for real-time monitoring and management of server clusters.

My question is whether you all think this is impressive or not? We've surveyed other brands and they all charge us for similar functions, some even have a subscription system (meaning that we'll lose access to the software we bought if we stop paying!) So this is mighty generous of Gigabyte, right? Thanks, cheers.

This is an automated archive.

The original was posted on /r/sysadmin by /u/Archdragoon on 2024-01-22 03:51:05+00:00.

Has anyone here used new Dell latitude 5440 with Windows 11 from last year? My end user faced a weird issue which the external virtual switch that bridge with WiFi adapter lost the IP address it received from DHCP server, in this case it's the Wireless router from the ISP. I asked her to try to connect to mobile hotspot but it still didn't get the IP address. If I asked her to remove the external virtual switch the laptop immediately get the IP address again. This laptop OS image is out of the box.

the combination of Hyper-v external virtual switch plus Zscaler client connector work fine on another laptop with Windows 11 like on my laptop but my laptop is Latitude 5330 which is 1 year older. still the WiFi adapter is the same Intel AX211.

What I find it strange is that the laptop with the problem was working perfectly fine at my house.

This is an automated archive.

The original was posted on /r/sysadmin by /u/HazmarKoolie on 2024-01-22 03:11:33+00:00.

Hi Nerds,

I manage a couple of file servers that each have multiple disks of ~4TB, with one at ~9TB (a total of ~15TB each server) . I'd like to get your thoughts on backups and restore performance on these sorts of disks. I don't have huge experience with real world DR scenarios but my thoughts are:

Run more, smaller disks rather than fewer large disks. During a restore event, it's better to restore a smaller disk to get the bulk of current working data available to the business to get them up and running. Then, work on restoring auxiliary/non-critical data. Does this hold water or am I making it up?

The backup product, repository and scenario will of course have an impact on what how this is best handled but, I figure there's a fundamental in there that rings true, less data is always easier to restore than more. Right?

Hit me! Cheers.

This is an automated archive.

The original was posted on /r/sysadmin by /u/appleeimac1 on 2024-01-22 03:03:28+00:00.

Hi!

Does anyone know if the command omconfig storage globalinfo action=setnondellcertifiedmode mode=yes works on the MD3000/3000I forward

This is an automated archive.

The original was posted on /r/sysadmin by /u/need_some_water2 on 2024-01-22 02:51:58+00:00.

Contemplating a new job offer, what're your guys thoughts and would you take the offer or stick with the current job I have? Both don't require on-call responsibilities. Just looking to see if it's worth taking a pay cut to work in the Public Cloud space as my current job is all on-prem. I have around 10 years of experience but slim to none working in a Cloud provider (Azure, AWS, GCP, etc.) with the exception of some minor Office 365 administration.

I feel like my current gig is almost a Unicorn with how much it's paying (in relation to the work I do) and how lax the work environment is and given the 98% WFH. Thinking about giving it up is very hard but I know I need to start gaining some solid Cloud experience (Azure/AWS/GCP/etc.) so I'm stuck at a standstill. Do I stay or do I go?

Current gig:

Contractor W-2 (Public Trust)

Systems Engineer

• $80/hr
• 20 days PTO
• Meh, expensive health benefits and non-matching 401k
• Lax work environment, 98% WFH (Only time I'll really have to go in is if one of our devices in the DC goes down, even then I have a backup who can go in for me if I'm not available ASAP.)
• Managing VMware and Citrix environment, no cloud, all on-prem
• Doesn't have any room for upward trajectory in terms of career due to smaller team and supporting a smaller environment. Contract will most likely get renewed vs going FTE.

New Offer:

FTE (non Govt.)

Cloud Engineer

• $110k base and 10% bonus
• Unlimited PTO + (18 holidays and 12 sick days)
• Good health benefits and 8% matching 401k (3yr vesting period)
• Hybrid Remote (3 days in office 2 days remote)
• Performing VMware migrations from on-prem to Azure and working in Azure environment. This company also has infra in the AWS environment as well so I could potentially get to work on that.
• Has bigger upward trajectory for career since environment is much bigger and supporting much more

This is an automated archive.

The original was posted on /r/sysadmin by /u/Reddit_vialins3 on 2024-01-22 02:10:32+00:00.

I need an inexpensive tool to remote into a customer’s laptop and do admin work without giving the user local admin pw. Any suggestions? This is for Windows 10 or 11 enterprise or Pro.

This is an automated archive.

The original was posted on /r/sysadmin by /u/AppearanceAgile2575 on 2024-01-22 00:24:50+00:00.

Whenever I get on the command line on my windows machine and can’t navigate the same way I am flustered and was wondering if there is a chart, video or infographic on this. I am decent on a Linux CLI and want to get to the same proficiency on windows. While there are some differences, the Mac CLI and Linux CLI are much more similar so I don’t get flustered as much. If there’s a resource that explains the differences between all three that would be preferred. Also, should I skip learning the windows CLI and jump straight to powershell?

This is an automated archive.

The original was posted on /r/sysadmin by /u/just-another-npc-89 on 2024-01-21 22:08:48+00:00.

Hello everyone

I'm in a bit of pickle career wise, so I'm needing some advice.

Prior to starting IT in October of 2022, I worked in residential cable and low voltage/voip.

My 1st IT job was as a project technician. I would go to new offices, pull their cable, dress it into the patch panel, configure firewalls, switches and access points. I would onboard servers and workstations prior to going on site. If there was an issue help desk couldn't fix, I would go onsite. I also did office upgrades, server migrations amd workstation upgrades.

I worked there from October of 2022 until June of 2023. I had a fairly large coverage area. Oklahoma, Missouri, Arkansas, Kansas and Nebraska was covered by myself. On new office builds, I was typically on my own thrown to the wolves and without any on-site help.

After being promised help and relief, I got fed up and took a local job that paid a little bit more and I'm always local. Here's the kicker: When I was offered this job, I was told this company was a 3rd party MSP. We contract out all msp services to a friend of the owner. I network copiers, setup scan to email, network folders and drivers. I have been here for 7 months and my earning potential is maxed out. I'm not learning anything here and if anything, feel as if I am regressing.

I start school here soon and I am getting a computer networking and IT certificate from a local university here in Tulsa. While I know this will help me in the future, I need out of this hell hole I'm stuck in. What type of job would you guys recommend I look for?

This is an automated archive.

The original was posted on /r/sysadmin by /u/_Synchronicity- on 2024-01-22 03:42:17+00:00.

Hi all here is the context. Do enlighten me if there is an easier way to do this.

Currently there are 2 data centers: DCA and DCB, with a grand total of 6 Windows domain controllers per data center. The plan is to decommission all servers on DCB.

Since these servers share the same forest, are there any ways to properly isolate them such that member servers on DCB side is still able to login with the domain accounts? Eventually, DCB's domain controllers will be demoted and decommissioned.

Is the above correct way to do so? If not, are there any suggestions on what the alternatives to the above are? TIA.

This is an automated archive.

The original was posted on /r/sysadmin by /u/ShaneDoesIT on 2024-01-22 03:25:25+00:00.

I had a user call up today;

• Outlook has his work account as primary email
• Has his personal @outlook.com added as well.

When trying to send an email from the personal @outlook.com account receives "You do not have the permission to send the message on behalf of the specified user"

I tried the usual (delete autocomplete entries etc) and still had the error. The From field wasn't an autocomplete entry and was pulled from the second account being added.

I typed his email address in manually into the From field and found when navigating out it changed from [email protected] to [email protected].

Checking the address book, I found a contact for;

• fullname: "randomlargebusiness.com - [email protected]"
• Email: "[email protected]"

I removed his email from the fullname field and re-tested and now emails are sending. It's almost like Outlook was changing the 'from' field to the email on this Outlook address book entry although the email on this entry wasn't his email and only existed in the fullname field.?

Anyway - keep this in the back of your mind in case it appears..

This is an automated archive.

The original was posted on /r/sysadmin by /u/Slight_Diamond_796 on 2024-01-22 02:53:54+00:00.

Our last congressional administrator mostly worked from home, though with some days in the building. She was the admin for Google Workspace, Constant Contact, Stripe, is the main user on Quickbooks online (this may change somewhat, but she will still have access) and has online access to all of the banking info. And now would also be an admin for Planning Center (which supports SMS and something like Google authenticator)

We set her up with a cheap church owned cell phone for MFA, supposed to be left at the office, but after she left, the team discovered she was using her personal cell phone. (Her supervisor was aware but wasn’t willing to force the issue). Due to being between ministers, she was supervised by volunteers, until we got a new minister recently.

So, my question is, how do we keep all of those accounts secure and still be able to revoke access if our next CA leaves suddenly, while allowing her access from home.

I’m the tech coordinator but not a security expert as my day job by any means.

This is an automated archive.

The original was posted on /r/sysadmin by /u/Hollow3ddd on 2024-01-22 02:44:55+00:00.

I currently avoid GPOs unless they are a required security setting per policy. Other cases I use an RMM to script deploy it, or if that proves difficult, I use GPOs. Company is closer to intune.

Does this align right? I have a way to reliably push but GPOs seem to be something looked at that needs to be enforced per a policy or requirement.

I feel this will be the way when using intune and remediation, the rest will be imported security GPOs or templates..ext

Quick sanity check on this for those who moved into the cloud or are moving

This is an automated archive.

The original was posted on /r/sysadmin by /u/power300 on 2024-01-22 02:38:37+00:00.

People of the internet, I need your help.

I just found a (very) small and short job that requires me making a software, were in a specific part, has to comunicate with an APC UPS through a network card.

I don't have access to the UPS nor its network card right now, but I need some progress.

I have no experience with APC UPS, or network controlled UPSs in general.

Is there any way I can run the firmware of the network card in a vm or in some kind of emulated or virtual enviroment so I can know what I'm even working with here?

What do I actually need?

A way of getting statistics through an ssh command or http request. Battery level, battery voltage, age, host, ip, grid voltage, UPS status, etc.

If there's a github repo with a project like this, it would be very useful to.

This is an automated archive.

The original was posted on /r/sysadmin by /u/joshbudde on 2024-01-22 02:22:58+00:00.

A customer would like to turn off all the Teams automatic emoji and reactions (in an embarrassing meeting they said they were excited about a business prospect and some sort of balloons or confetti happened and the prospective partner was not impressed). I've never had a request like this--they want to disable these things tenant wide, but I don't see anything in the documentation about doing that. For added difficulty these are Macs and not managed Windows devices.

This is an automated archive.

The original was posted on /r/sysadmin by /u/Bowlen000 on 2024-01-22 02:07:20+00:00.

Hi All

So our tenant and our client's tenants leverage DUO MFA. This is controlled by Conditional Access that directly links into DUO for accessing M365 MFA.

My question is: does M365 recognise that MFA is enabled for a user, if it's done via CA with DUO? I'm looking at the security score and the MS recommendations and some of them are like "Ensure MFA is enabled for all users" and it basically says no user has MFA enabled (although they all do).

Assuming M365 doesn't recognise it if it's via DUO, but wanted to make sure.

This is an automated archive.

The original was posted on /r/sysadmin by /u/MailSuperb on 2024-01-22 00:37:01+00:00.

Hello y’all,

How should I get ready for this sys admin interview, this is the job description:” Responsibilities:

« Diagnoses hardware and software problems, and replaces defective components

« Maintains and administers computer networks and related computing environments including computer hardware, systems software, applications software, and all configurations

« Plans, coordinates, and implements network security measures to protect data, software, and hardware

« Operates master consoles to monitor the performance of computer systems and networks, and coordinates computer network access and use

« Performs routine network startup and shutdown procedures, and maintains control records

« Designs, configures, and tests computer hardware, networking software, and operating system software

« Recommends changes to improve systems and network configurations, and determines hardware or software requirements related to such changes

« Confers with network users about how to solve existing system problems

« Performs data backups and disaster recovery operations adjustments need to be made, and to determine where changes will need to be made in the future

« Monitors network performance

« Trains people in computer system use

« Monitors security and system updates and reports on compliance

« Gathers data pertaining to customer needs, and uses the information to identify, predict, interpret, and evaluate system and network requirements

« Analyzes equipment performance records to determine the need for repair or replacement

« Maintains logs related to network functions, as well as maintenance and repair records

Qualifications:

« Bachelor’s or IT Trade School education, or related experience, required

« Minimum of two (2) years of Information Technology experience

« Experience with Windows 10 (or other Windows Operating System background)

« Experience with Office 365, Cisco, and VMWare is preferred

And this is my experience and education:” Experience Help desk (1 year) • Day-to-day technical assistance and support to employees with computer systems, hardware, or software issues. • Worked on the delivery routing app. • troubleshooting and resolving application and system problems.

Store manager (1 year 1 month) • Provide technical assistance to employees and customers with computers, and cell phones. • Customer service and retention, Audits, Employee training, Inventory management.

Education ( I get my bachelors in cybersecurity in fall2024) Current Coursework: • MCSA Guide to Administering Microsoft Windows Server 2012/R2, Exam 70-411 • CompTIA Security+ SYO-601 Exam (Network Security Fundamentals) • CompTIA Security+ SY0-601 Exam (Information Security Fundamentals) • Linux Essentials • Scripting Fundamentals