Sysadmin

Greetings, all! I'm new to Lemmy and to this community, but hoping there might be some here with opinions to offer on whether Solarwinds Patch Manager is worth the price or if I should just continue to make due with plain WSUS. Initially I found WSUS to be unreliable and a general pain in the ass, but after some tinkering I actually have it running pretty well now so I'm not as sure that I need Patch Manager.

Anyway, I'm happy to be here on Lemmy with you all and look forward to participating in this community. Cheers!

It's confusing for new users, and this instance in particular has 7k users but no interactions. It's a bot army, with the top user being called @admin.

Extremely shady and misleading.

I'm interested to know whether you have a specific process or tool you use for managing your PGP keys?

I was thinking it'd be great if Lemmy allowed you to use PGP to verify your identity across multiple users on different instances. This made me think I need a good way to make sure I never lose my keys!

I am setting up a new RMM solution and my first thought was to create a VPN with active directory. It turned out to be harder than I expected so I'm looking for cost effective solutions.

The company I work for used to use pulseway but everyone who set it up either left or is deceased. It seems to be priced right and it seems to have all the features I need. If anything its overkill.

Has anyone here ever used it? I'm a bit scared of supply chain attacks but I think I can get over my fear with convenience and price.

When offboarding a user, the option to retain that user's mailbox and give other people access is, convert to a shared mailbox. When you do this it doesn't delete the user account. It still shows up as an active, unlicensed user. This can be sort of troubling as reporting of active user counts still includes those users. I'm not 100% sure that this is different, but many of our users are hybrid with an on-prem AD. When we try to delete the user and convert to a shared mailbox, the deletion fails, but the convert to shared succeeds. If we subsequently move to on-prem account to an un-synchronized OU, the user account and it's associated share mailbox also get deleted. The way I've found to fix this is to restore the AAD user account after we move the on-prem account. It's all a bit of a hassle and I wonder if there's a better way. How do you handle offboarding hybrid accounts?

I don't know how to crosspost properly.

I think this is a serious design flaw. If you agree please upvote the post on lemmy.ml community for visibility

cross-posted from: https://lemmy.world/post/288652

Thanks to a comment by @[email protected] , I checked and saw that 'Federation debugging' mode was enabled. I had enabled that when the server just started (less than 3 weeks ago) and I had an issue with federation.

I thought I had switched that off again, but apparently not. This mode causes the federation to be done in the foreground, so your 'Post' or 'Comment' action will wait for that to finish...

This solves the most annoying issue, and makes the site way more useable. There are many other issues, but we'll get there.

I'm wondering if anyone here can help me get my head around MS Defender for Business. We're currently in the process of switching over and have one month until the contract with our current AV Provider (Sophos) runs out.

So far it's been plain sailing with 100% of our standard users having an MS 365 License which includes defender. They all have "their own" computer so that works out nice and easy. The server licenses/onboarding has been working fine as well following the set process from MS (scripts etc.).

But we also have a few manufacturing departments where computers are shared for ease of use. Following MS's guide, we'd need at least one licensed user (i.e. the main one) per computer to get that working. We were initially hoping we could get away with onboarding the computers and using a single user for all 40+ of them but that seems impossible (MS wants to make money of course)

The workaround we've been considering was using a licensed dummy user per computer that we use to simply sign into MS 365 (for the license). So we'd keep our current structure but then have for example FactoryUserA1 etc. with the license. Simply creating the users would save us a ton of work and I'd rather not have to generate 40+ users in our AD and then painstakingly configure them all to fit our current structure.

Hope I'm making sense here and that someone can help.

Thanks for your time fellow Admins.

UPDATE: We've sorted it out. Our supplier neglected to tell us about the Defender for Endpoint licenses. We were under the false impression that the new licenses could oinly be assigned per user as they are included in the Business Premium package.

cross-posted from: https://lemmy.world/post/224140

My home ISP does CGNAT for IPv4, but provides native IPv6. I can use IPv6 just fine to access most of my resources, except for one specific server. I can access the server over IPv4 from my home network, and either over v4 or v6 from other networks I've tried. But I can't access it over IPv6 from my home network.

What could be the problem here? Where do I begin to diagnose it

cross-posted from: https://lemmy.ml/post/1300027

Here come the helpdesk tickets!

I am looking for a simple tool that I can monitor available bandwidth on my 3 different ISPs in real time. Not what is being used, but what is available...like a speed test, but one that can show historical data. I have PRTG but that shows what is being used. I also do not want it to constant speed tests, that would take up everything I have. I know I could just as easily do a spreadsheet and fill it in. Anyone maybe have a Powershell script that would do this, do a speed test and then fill in results on a spreadsheet?

cross-posted from: https://lemmy.ml/post/1163202

I setup this community specifically because of the time I've spent over the years browsing and relying on reddit.com/r/sysadmin for sources of information on tips/tricks, security exploits & patches, outages, and yes even the ranting about how our jobs all suck. (I like mine, for what it's worth.)

Come on down, ask questions, post what the sysadmin community needs to know about, or head in to get either sympathy or chastisement about why you haven't left your job yet. 🤣

Want to be a mod? Let me know!

This release brings two significant new features: a config-driven import workflow and check blocks. Config-driven import is a new declarative workflow to add existing resources into Terraform state and solves the limitations of the existing import command. Checks are a new way to perform functional validation of provisioned infrastructure to ensure the real world matches expectations.

I am a PSE for a large corporation that most people would not be familiar with (those users that frequent this sub probably would). However, we supply business critical software to many of the big companies you definitely do know. This puts me in a position where I work directly with some of the most well paid 'tech execs' you can find and has lead to many hilarious situations. Those are stories for another day however. Today is about Reddit - for they have angered me greatly.

I get a ticket this morning around 10 AM. As usual, I get a bunch of helpful information including an irrelevant screenshot and a one liner about how the RSS feed that they have pulling into one of their widgets wasn't working. On closer inspection, these mf's were hitting the r/sysadmin(!) RSS feed and pulling in new posts. Now, this is strictly business software we are dealing with. So while I can absolutely see why certain groups would value that feed, it was definitely the first I had ever seen such a thing in any of our environments.

Naturally (I feel), I am immediately floored with the potential possibilities and started thinking about how I might have to explain to this guy all that has transpired the last ~week in a business-professional email... I took a minute just to soak that in and let out a small chuckle. Fuck u/spez, I mutter.

Well since I was given zero actual information about their issue, other than 'no workie', I slid over to my main PC to go check r/sysadmin as I have done many times in the past - like muscle memory. I snap out of that, of course. I am done with Reddit. I had an idea. Just for fun I hit up Lemmy, just to see what was there. And lo and behold we have a fucking post about the massive reddit outage that went down today. I am all smiles at what has already happened here and hit downdector just to confirm. Yup, almost 50k reports at peak. LMFAO. I mean, really? My god Reddit. What are you doing?

So, given the info I was provided, I let him know that there was an outage and that was likely all the issue was - Try again once it has resided. A few small chuckles and I thought the story was done.

Now here's where I really lost it. I get word back a bit later and it's once again a one liner - 'No. Our sad, sad admins have been without r/sysadmin for almost two weeks now :(' I was laughing for a good 5 minutes at just the absurdity of it all (this issue obviously doesn't have anything to do with the recent changes, lol), all against the background of what we are seeing with Reddit. It also helped me realize how far reaching these failures are actually going to be once the end of the month rolls around. Colossal fuck up.

Happy to be here on Lemmy with you boys!

I'm fearful of people going redditZero and deleting their years-old accounts, as reddit has become a vast trove of information for a vast number of systems. If I go dark and delete, it won't be everything. Memes and regular conversations may go, but I'll be sure to leave every technical response I've ever given (or even edit it if I have since learned more precise information). It feels like so many are ready to cut off their nose to spite their face. The community we had was built by us collectively and enriched by the content we shared. I feel like despite reddit literally doing everything wrong, by deleting our collective wisdom, we aren't hurting reddit as much as we're hurting our own community of sysadmins.

Please consider that we are facing a Wisdom of the Ancients situation here, and I sure as shit know that I don't want to be the one on the other end of seeing "deleted", then "Thanks that worked!" in my future.

Just food for thought.

I'm a data scientist, but i lurk too with the sysadmin people. Anyone begun to use any aspects of Microsoft Fabric? It seems MS really wants to democratize data for organizations.

Link to Fabric announcement

My job has been Database Admin for the past 25 years, still is. But nowadays it's more shifting to infrastructure and automation.

And of course I do some self-hosting.. like lemmy.world and mastodon.world and many others..

Thank you @[email protected] for creating this community!