My job has been Database Admin for the past 25 years, still is. But nowadays it's more shifting to infrastructure and automation. And of course I do some self-hosting.. like lemmy.world and mastodon.world and many others.. Thank you [@DarraignTheSane@lemmy.world](https://lemmy.world/u/DarraignTheSane) for creating this community!

cross-posted from: https://lemmy.ml/post/1163202 I setup this community specifically because of the time I've spent over the years browsing and relying on reddit.com/r/sysadmin for sources of information on tips/tricks, security exploits & patches, outages, and yes even the ranting about how our jobs all suck. (I like mine, for what it's worth.) Come on down, ask questions, post what the sysadmin community needs to know about, or head in to get either sympathy or chastisement about why you haven't left your job yet. 🤣 Want to be a mod? Let me know!

I am a PSE for a large corporation that most people would not be familiar with (those users that frequent this sub probably would). However, we supply business critical software to *many* of the big companies you definitely do know. This puts me in a position where I work directly with some of the most well paid 'tech execs' you can find and has lead to many hilarious situations. Those are stories for another day however. Today is about Reddit - for they have angered me greatly. I get a ticket this morning around 10 AM. As usual, I get a bunch of helpful information including an irrelevant screenshot and a one liner about how the RSS feed that they have pulling into one of their widgets wasn't working. On closer inspection, these mf's were hitting the r/sysadmin(!) RSS feed and pulling in new posts. Now, this is strictly business software we are dealing with. So while I can absolutely see why certain groups would value that feed, it was definitely the first I had ever seen such a thing in any of our environments. Naturally (I feel), I am immediately floored with the potential possibilities and started thinking about how I might have to explain to this guy all that has transpired the last ~week in a business-professional email... I took a minute just to soak that in and let out a small chuckle. Fuck u/spez, I mutter. Well since I was given zero actual information about their issue, other than 'no workie', I slid over to my main PC to go check r/sysadmin as I have done many times in the past - like muscle memory. I snap out of that, of course. I am done with Reddit. I had an idea. Just for fun I hit up Lemmy, just to see what was there. And lo and behold we have a fucking post about the *massive* reddit outage that went down today. I am all smiles at what has already happened here and hit downdector just to confirm. Yup, almost 50k reports at peak. LMFAO. I mean, really? My god Reddit. What are you doing? So, given the info I was provided, I let him know that there was an outage and that was likely all the issue was - Try again once it has resided. A few small chuckles and I thought the story was done. Now here's where I really lost it. I get word back a bit later and it's once again a one liner - 'No. Our sad, sad admins have been without r/sysadmin for almost two weeks now :(' I was laughing for a good 5 minutes at just the absurdity of it all (this issue obviously doesn't have anything to do with the recent changes, lol), all against the background of what we are seeing with Reddit. It also helped me realize how far reaching these failures are actually going to be once the end of the month rolls around. Colossal fuck up. Happy to be here on Lemmy with you boys!

I'm fearful of people going redditZero and deleting their years-old accounts, as reddit has become a vast trove of information for a vast number of systems. If I go dark and delete, it won't be everything. Memes and regular conversations may go, but I'll be sure to leave every technical response I've ever given (or even edit it if I have since learned more precise information). It feels like so many are ready to cut off their nose to spite their face. The community we had was built by us collectively and enriched by the content we shared. I feel like despite reddit literally doing everything wrong, by deleting our collective wisdom, we aren't hurting reddit as much as we're hurting our own community of sysadmins. Please consider that we are facing a [Wisdom of the Ancients](https://xkcd.com/979/) situation here, and I sure as shit know that *I* don't want to be the one on the other end of seeing "deleted", then "Thanks that worked!" in my future. Just food for thought.

I'm a data scientist, but i lurk too with the sysadmin people. Anyone begun to use any aspects of Microsoft Fabric? It seems MS really wants to democratize data for organizations. [Link to Fabric announcement](https://azure.microsoft.com/en-us/blog/introducing-microsoft-fabric-data-analytics-for-the-era-of-ai/)

I'm wondering if anyone here can help me get my head around MS Defender for Business. We're currently in the process of switching over and have one month until the contract with our current AV Provider (Sophos) runs out. So far it's been plain sailing with 100% of our standard users having an MS 365 License which includes defender. They all have "their own" computer so that works out nice and easy. The server licenses/onboarding has been working fine as well following the set process from MS (scripts etc.). But we also have a few manufacturing departments where computers are shared for ease of use. Following MS's guide, we'd need at least one licensed user (i.e. the main one) per computer to get that working. We were initially hoping we could get away with onboarding the computers and using a single user for all 40+ of them but that seems impossible (MS wants to make money of course) The workaround we've been considering was using a licensed dummy user per computer that we use to simply sign into MS 365 (for the license). So we'd keep our current structure but then have for example FactoryUserA1 etc. with the license. Simply creating the users would save us a ton of work and I'd rather not have to generate 40+ users in our AD and then painstakingly configure them all to fit our current structure. Hope I'm making sense here and that someone can help. Thanks for your time fellow Admins. UPDATE: We've sorted it out. Our supplier neglected to tell us about the Defender for Endpoint licenses. We were under the false impression that the new licenses could oinly be assigned per user as they are included in the Business Premium package.

Greetings, all! I'm new to Lemmy and to this community, but hoping there might be some here with opinions to offer on whether Solarwinds Patch Manager is worth the price or if I should just continue to make due with plain WSUS. Initially I found WSUS to be unreliable and a general pain in the ass, but after some tinkering I actually have it running pretty well now so I'm not as sure that I need Patch Manager. Anyway, I'm happy to be here on Lemmy with you all and look forward to participating in this community. Cheers!

I am setting up a new RMM solution and my first thought was to create a VPN with active directory. It turned out to be harder than I expected so I'm looking for cost effective solutions. The company I work for used to use pulseway but everyone who set it up either left or is deceased. It seems to be priced right and it seems to have all the features I need. If anything its overkill. Has anyone here ever used it? I'm a bit scared of supply chain attacks but I think I can get over my fear with convenience and price.

cross-posted from: https://lemmy.world/post/288652 > Thanks to a comment by [@LargeHardonCollider@lemmy.world](https://lemmy.world/u/LargeHardonCollider) , I checked and saw that 'Federation debugging' mode was enabled. I had enabled that when the server just started (less than 3 weeks ago) and I had an issue with federation. > > I thought I had switched that off again, but apparently not. This mode causes the federation to be done in the foreground, so your 'Post' or 'Comment' action will wait for that to finish... > > This solves the most annoying issue, and makes the site way more useable. There are many other issues, but we'll get there.

My company is just starting to utilize O365 email encryption for sensitive information, which I know a lot of people are already using. One thing we've run into is when sending a sensitive email to a third-party vendor, a lot of them utilize shared mailboxes/distribution groups, so the encryption is not allowing the members of the external mailbox/group to open the encrypted email as their account doesn't have permissions (the group email address does, instead of their individual account). The only way I've come up with to solve this issue is setting the encrypted emails to not allow a "social" sign-on for decryption, and instead only offer "send a one-time passcode" as the authentication method, then the group/mailbox receives the code to view the email. Curious how others have combatted this issue if they've crossed it, this feature has been around a while and I am unable to find much on Google about it specifically. For the moment, users are just re-sending the encrypted email to the external recipient that replies "We can't open this email", which solves the problem but creates more work and takes longer for everyone.

cross-posted from: https://lemmy.world/post/224140 > My home ISP does CGNAT for IPv4, but provides native IPv6. I can use IPv6 just fine to access most of my resources, except for one specific server. I can access the server over IPv4 from my home network, and either over v4 or v6 from other networks I've tried. But I can't access it over IPv6 from my home network. > > What could be the problem here? Where do I begin to diagnose it

I do a lot of VMWare work but I'd like to tinker with proxmox at home- I just don't want to bring an awful old HPE server/etc home to try it out on- Anyone have any reccomendations for a quiet, small homelab server with a solid (12-16 thread) core count?

I am looking for a simple tool that I can monitor available bandwidth on my 3 different ISPs in real time. Not what is being used, but what is available...like a speed test, but one that can show historical data. I have PRTG but that shows what is being used. I also do not want it to constant speed tests, that would take up everything I have. I know I could just as easily do a spreadsheet and fill it in. Anyone maybe have a Powershell script that would do this, do a speed test and then fill in results on a spreadsheet?

A few years ago I had a couple old and slow Optiplex's running Hyper-V, with Windows/Linux VM's, doing things like NPS, AD, etc. Had some old equipment collecting dust, so I've built out a decent homelab and am curious if anyone else has done the same, and if so what are they running on them for fun? In my new "rack": - PowerEdge R430 - Running ProxMox, with a Windows VM (DC), and a Linux VM with Docker for Plex - EqualLogic PS4100 - VM storage for both PowerEdge servers (10TB) - Ubiquiti EdgeSwitch 24 250w - PowerEdge R720 - Running ProxMox, with some Linux VM's, most utilizing Docker for Plex "assistance/automations" (ahem), NextCloud for phone photo backup and wife's photography, and another DC as a failover of R430's DC.

I don't know how to crosspost properly. I think this is a serious design flaw. If you agree please upvote the post on lemmy.ml community for visibility

cross-posted from: https://lemmy.ml/post/1300027 > Here come the helpdesk tickets!

It's confusing for new users, and this instance in particular has 7k users but no interactions. It's a bot army, with the top user being called @admin. Extremely shady and misleading.

When offboarding a user, the option to retain that user's mailbox and give other people access is, convert to a shared mailbox. When you do this it doesn't delete the user account. It still shows up as an active, unlicensed user. This can be sort of troubling as reporting of active user counts still includes those users. I'm not 100% sure that this is different, but many of our users are hybrid with an on-prem AD. When we try to delete the user and convert to a shared mailbox, the deletion fails, but the convert to shared succeeds. If we subsequently move to on-prem account to an un-synchronized OU, the user account and it's associated share mailbox also get deleted. The way I've found to fix this is to restore the AAD user account after we move the on-prem account. It's all a bit of a hassle and I wonder if there's a better way. How do you handle offboarding hybrid accounts?

How can I allow a user/s to edit/update shared contacts in Exchange/Outlook 365?

I feel kinda bad about feeding google with data. Is there some name server I can point my servers to that upholds my privacy and does not run analytics on the requests it gets?

cross-posted from: https://lemmy.ml/post/2956502 > I have 15 VM's running for clients and I'm looking for a way to keep the tools up to date without having to connect to each server and do it manually. A few examples are WinDirStat, Firefox, SSMS, Filelocator, etc. > > We have expanded recently and I'm at the limits of doing this manually. These servers are not domain joined and are in separate virtual networks.

Hello c/sysadmin, and welcome to the Patch Megathread! I'm editing this post and leaving it up as a single catch-all sticky post for patch days for the time being, since we're not seeing enough activity to warrant new threads IMO. If someone wants to help moderate / curate content and actively create new patch day posts, please let me know and I'll add you to the mod team.   This is the place to talk about the latest patches, updates, and releases. We put this thread into place to help gather all the information about this month's updates: What is fixed, what broke, what got released and should have been caught in QA, etc. We do this both to keep clutter out of the community, and provide a singular resource to read.   While this thread is timed to coincide with Microsoft's Patch Tuesday, feel free to discuss any patches, updates, and releases, regardless of the company or product.   Remember the rules of safe patching: * Deploy to a test/dev environment before prod. * Deploy to a pilot/test group before the whole org. * Have a plan to roll back if something doesn't work. * Test, test, and test!

The email: Hi this is Scammy McScamface and I'd like to scam you please click the scam link below.

Hey guys, We are struggling with our Azure joined machines used by multiple people during the day. Each time they log on to a new machine we get a helpdesk call for us to set up OneDrive / Sharepoint libraries synchronization in the client. We know Intune can do this but Intune settings can take up to 8 hrs to propagate by which the user has already called us. This takes too long. I've made a support call with Microsoft which has been open for a month now with what I think is a fairly straight forward question but they keep telling me they' re discussing this with their team. Is there a scenario that sets these settings instantly that minimizes helpdesk calls? Or is this made for 1 user per device scenario's? Apart from reinstating on-prem DC's and whatnot ;) Hope you guys can point me somewhere because Microsoft doesn't seem to..

: Today's Patch Tuesday summary: this month's release addresses 61 vulnerabilities from Microsoft: TWO zero days (one with PoC!), five critical. Plus many important third-party vulnerabilities: Android, Google Chrome, Firefox, Ivanti, SCADA, Citrix, Splunk, Notepad++, Juniper, Apple, Skype, WinRAR, Intel, AMD, and Siemens. Quick summary: Windows: 61 vulnerabilities: two zero-days: CVE-2023-36761 and CVE-2023-36802 five critical: CVE-2023-38148, CVE-2023-36796, CVE-2023-36793, CVE-2023-36792, CVE-2023-29332 Android: two sets of fixed vulnerabilities, one zero-day CVE-2023-35674 Adobe: zero-day CVE-2023-26369 Chrome: 9 vulnerabilities Ivanti: seven critical vulnerabilities SCADA: zero-day CVE-2023-39476 (CVSS 9.8) Citrix: CVE-2023-3519, part of extensive malware campaign Splunk: several serious vulnerabilities Notepad++: four critical vulnerabilities Juniper: four serious vulnerabilities Apple: two zero-daysCVE-2023-41064 and CVE-2023-41061 Skype: vulnerability revealing user's IP address WinRAR: serious vulnerabilities CVE-2023-40477 and CVE-2023-38831 Intel: CVE-2022-40982, aka "Downfall" AMD: CVE-2023-20569 aka “Inception" Siemens: over 30 vulnerabilities Sorry, can’t post the full details here due to the max post size limit, so go to the Action1 Vulnerability Digest page: https://www.action1.com/patch-tuesday-september-2023/?vmr (it is updated in real-time as we learn more) Other sources: Zero Day Initiative. https://www.zerodayinitiative.com/blog/2023/9/12/the-september-2023-security-update-review Bleeping Computer: https://www.bleepingcomputer.com/news/microsoft/windows-11-kb5030219-cumulative-update-released-with-24-fixes-changes/ MSRC: https://msrc.microsoft.com/update-guide/vulnerability

Patches released roundup notes from bleeping computer https://www.bleepingcomputer.com/news/microsoft/windows-10-kb5029244-and-kb5029247-updates-released/ https://www.bleepingcomputer.com/news/microsoft/microsoft-august-2023-patch-tuesday-warns-of-2-zero-days-87-flaws/ https://www.bleepingcomputer.com/news/microsoft/windows-11-kb5029263-cumulative-update-released-with-27-fixes/

We are facing constant problems with the desktop apps in O365, wheter it's RDS servers that somehow are Azure joined by a user from login 1001 errors to modern authentication Windows that automatically disappear or other generic error 1001 logon bullshit. We have a tome of registry bullshit with shit like EnableADAL to deleting the AAD appx folder from the user profile and/or reinstalling it through Powershell and so it goes on.. usually dicking around with these settings will make it magically work for a few weeks.. The amount of time this costs us and our customers is truly staggering, are we the only shop facing this?

If I create a VM role, I can assign it's networking to a VLAN, however I can't do the same to a file server role. Does anyone know if it's somehow possible?

Hello, TLDR; Approx 2 years ago we manually created Cloud users on our 365 Tenant to start using Teams. Now we're trying to sync our on-prem AD with AAD and experiencing issues due to pre-existing Exchange Online mailboxes. Cannot delete the mailbox without deleting the user. Can't delete the user because we don't want to lose anything in Teams. Looking for help. During the pandemic we had a lot of staff start working remotely. Our existing messaging platform was not up to the task and we jumped on the Teams bandwagon, shortly after we bought a mix of Business Basic and Business Standard licenses for all our staff. When applying the licenses to the staff we also inadvertently assigned an Exchange Online license. No big deal we thought at the time because our corporate email MX records point to our on-prem Exchange servers. Fast forward to now and we're in the process of trying to sync all on-prem users to Azure AD so we can ultimately migrate our mailboxes off of our on-prem Exchange 2013 servers and on to Exchange Online. We've run into an issue that Microsoft support is having trouble solving. Because the cloud users were manually created before we setup AAD Connect and configured Hybrid Exchange, the Tenant knows nothing about the on-prem mailboxes. I cannot sync on-prem users to our Tenant because a mailbox exists for the user already. I cannot delete the Exchange Online user mailbox without deleting the user. Deleting the user will cause data and permission loss with Teams. The sync process works fine if the user doesn't exist on the Tenant first, or if the 365 user doesn't have a pre-existing mailbox. Hoping to find someone who's been in a similar situation and was able to solve it. Information online is sparse for this scenario and I'm not able to find anything that helpful.

They hired a new hotshot engineering manager (the kind that makes physical things). He hates the engineering software we run. I don't blame him, it's crap software. He constantly complains about how slow it its. He's right again. Crap Software Vendor says it's my platform that makes their software slow and buggy. I'm willing to make any changes they recommend, but they've got nothing. They're like, "it runs fine in our test env." So hotshot goes rogue and signs contracts to move engineering to a cloud platform that he used at his old job. I wasn't brought in until after the ink dried. New vendor sends me a link, login, and password via email. I go to the link. It's fucking remote desktop gateway. Open to the internet. The password isn't a temp, that's my permanent unchangeable password. This is how they handle user access control. No MFA. Nothing between the screaming void and our data but IIS and an AD password. So I start pissing in the tent. I tell everyone this is unacceptable security for our IP. Vendor acknowledges that their security is insufficient and lays out their roadmap to fix it, hopefully by the end of year(I'm holding my breath). I ask if we can just run the software ourselves. I have a convo with our CEO who usually listens to my advice. He asks if we can just host the new software on our platform (the one that already has MFA and a whole lot of other security measures). I say, "That's exactly what I was thinking." So, CEO email in hand I go back to the group and tell them to make preparations to move the implementation to our platform. Hotshot starts bitching and moaning about how he doesn't want another slow app. A data analyst chimes in with her two cents out of fucking nowhere. I'm not even sure why she's on the email chain. I'm about two seconds away from going Joe Pesci on these goombas. What the fuck guys? Who cares if the app is slower on our platform (not that it necessarily will be)? What good is a fast app that's insecure? How fast is it gonna be when it's ransomwared to hell? It'll be nice that the app is fast when BianLian is downloading all our designs so they can extort us. "Well they're a big company and they haven't gotten hacked yet?" Thanks for that Captain Smith, but I know a fucking iceberg when I see one.

We're about to roll out 365 to all our users. Exchange Online mailboxes, Teams, OneDrive, SharePoint. What solutions for backing up and restoring the data are you experienced with, and would recommend? We currently use Veeam for VM backup, but their solution is a totally different product, not integrated with VBR. So since a separate product would have to be licensed and installed, we aren't necessarily locked in to using Veeam for that too. Thanks in advance.

IIRC correctly, the free version allows to manage 10 remote devices. It should be enough to see how it works and whether it's the solution for your specific environment.

My company is about to shift a large workload to a vendor that uses an RD Gateway hosted at Amazon to serve access to the front-end application. It's open to the internet at 443. There's no MFA. How worried should I be?

One of the more interesting uses of AI is to power natural language interfaces. Basically this means plumbing them in to reporting layers so that the AI can figure out what it is you're asking and create appropriate queries for data stores, execute them, and then present (and possibly interpret) the results. Imagine an ELK stack that you're shipping all your logs into. As well as getting some pretty graphs for management to coo at you could also just ask an AI interface connect to it: "Tell me who authenticated with $platform last Friday, in a table ordered by the number of authentication attempts" and it would just return that. Kinda tempting, huh? Well this link is to a SANS Internet Storm Centre Diary where they look at doing that from an Incident Response point of view. The short version - your job is safe. For now. But I think it's a good read simply because it gives us ideas about how we could use AI, and a pointer at what's likely to work. The fact that multiple models were tested is particularly interesting... What do you think?