Sysadmin

This is an automated archive.

The original was posted on /r/sysadmin by /u/Ngocnguyen2282 on 2023-07-18 02:20:05+00:00.

Hello Everyone,

My company have a one Enterpirse Root CA in Active Directory Environment.

Now I have a task to migrate it to Two Tier PKI with Offline Standalone Root CA (not join domain) and Enterprise Subordiante CA (online, domain joined) and then we can safely shutdown the Offline Root CA.

I do Google search alot, but can not find any topic/page/blog regarding my task. They only guide about migrate From Enterprise root ca to Enterprise root ca (one tier, migrate from os 2012 to 2019, ex.) or Two Tier PKI to Two tier PKI or deploy a fresh two tier PKI environment.

I Tried to combine all the guide above to do my task but not successfully.

Could anyone help me to find the documents/guide to complete this task? I really appreciate it and thanks in advance.

This is an automated archive.

The original was posted on /r/sysadmin by /u/Environmental-Wave87 on 2023-07-17 19:05:17+00:00.

So all of our users are unable to search a network mapped drive. It is stuck in a “Working on it loop” I figured I’d come ask the Reddit A Team for some advice.

This is an automated archive.

The original was posted on /r/sysadmin by /u/PizzaCatLover on 2023-07-17 18:40:07+00:00.

Okay so here's a weird one that may not have a solution...

My employees work with design files and diagrams that are listed as part numbers on a network share. They often want to use File Explorer's search function to see what all files exist for a part, with revisions and such. The problem is, they aren't getting consistent results. Check this out...

There are about 60 files in a given folder that start with "1116-". Of those, 40 or so start with "1116-A". There are three that start with "1116-A0003_".

Typing "1116-" in the search box comes up with full results as expected. But putting "1116-A", it only shows one result instead of the 40 that there should be matched to that string. Continue entering characters up to "1116-A00" and there is no change, it only shows one result. When you get to "1116-A000" by putting in the third zero, the only result you had disappears and you get "No items match your search". Adding a 3, still nothing. Punch one more character in for "1116-A0003_" and poof - all three results show up. as they should. Interestingly, in the results box, it's only highlighting the "1116" part in the results, but all three files that should show are now showing.

We've also figured out that if you put a leading wildcard asterisk, like "*1116-A", it works completely as expected and all the files show up when and how they should(though still only highlighting 1116 and not the full string).

I've replicated this behavior on several Windows 11 and Windows 10 boxes, as well as on Server 2019. To rule out a problem with the network fileshare, I copied all these files to a local path on my workstation, and it works exactly the same way.

Surely there is some bug with Windows search here? Has anyone else discovered a fix for this? Alternatively, is there an application similar to Everything that could be used as a workaround for these employees?

Thanks!

This is an automated archive.

The original was posted on /r/sysadmin by /u/Only-Rent921 on 2023-07-17 16:02:35+00:00.

Hello, our company is going under and trying to sell all our laptops. Most places I’ve called are requesting the devices be removed from MDM. Most of our laptops are Intune enrolled. Is there a way to mass remove all laptops from it so we can sell these? Thanks for any input

This is an automated archive.

The original was posted on /r/sysadmin by /u/russellville on 2023-07-17 14:59:03+00:00.

I'd like to think I speak for most users here when I say that I'd love to hear about your experience with a crypto virus.

• How did you get it?

• Did your local back ups get encrypted? If not, were they on your DOMAIN?

• Did your cloud backups get encrypted?

• Did you lose any data or machines?

I'm about to build a new VEEAM server and I was thinking about protecting my local backups by not having the machine and it's local repository on my domain. Then I started thinking more about the overall situation. Would like to hear your experiences.

This is an automated archive.

The original was posted on /r/sysadmin by /u/jwckauman on 2023-07-17 14:22:22+00:00.

We use SolarWinds Patch Manager to deploy software updates/upgrades. For years I have tried to deploy WinZip upgrades but have never been successful because of this WinZip.wzmul registration file that has to live in to C:\ProgramData\WinZip. When you upgrade WinZip to a higher major version, you have to replace the registration file for the previous version with the one for the new version. The filename is the same across versions, but the contents are unique to each major version (e.g. 25.x, 26.x, 27.x). Something is preventing the deployment package overwriting the previous file with the new one. I'm guessing it's UAC or possibly the file is in use? I've tried terminating WinZip prior to upgrading but that doesn't help. Any ideas? I suspect no matter what product you are using to upgrade software, the issues are similar, so I appreciate any thoughts on how you might have or would solve this problem (either with WinZip or a similar product that has the same type of registration process).

NOTE: we use WinZip because we have 20 years of development invested in it. If we were starting from scratch, I'd use something else.

This is an automated archive.

The original was posted on /r/sysadmin by /u/Gsxing on 2023-07-18 01:48:42+00:00.

Just recently I opened up an SR for a NIC replacement on a high priority ticket. I let them know about all the troubleshooting performed, and that the fault is without a doubt, pointing to the NIC. Dell decides to set up a labor only dispatch, which threw me into a argument about how much of a waste of time that would be if/when we found out the NIC needed to be replaced.

But then, on another day, I get a Dell technical support engineer that gives zero push back, no nonsense, and gets the job done quick and painlessly.

This is an automated archive.

The original was posted on /r/sysadmin by /u/JackTheRipper91 on 2023-07-18 01:48:23+00:00.

I recently worked as a software engineer for a project and was moved to a qa automation engineer position. On paper, I would use continuous integration tools ( e.g., Jenkins), working with Windows/Red Hat Linux OS in a sys admin capacity, developing bash scripts, applying security guides and requirements, and desktop automation.

However, that's far from the case. The team has a high turnover due to a project manager and team leads needing to figure out what to do.

The team maintains RHEL images with vulnerability scanner software. Additionally, the images must be configured with security implementation guides. The team additionally provides patches to the system for the security vulnerability software. Once this has been done, the vulnerability scanner is run, and the findings are patched. A physical copy is made and distributed for production.

This is all completed off-network because the project manager will not/cannot maintain our systems on the network. I am constantly creating "up-to-date" images on disc drives and installing them to test them. I need to download the patches from a machine on network to patch the systems. Burn the patches to a disc. And update the systems. The only caveat is that the production image has to be eventually burned to a disc for dissemination.

Since this is my first time working in this environment, I must rely on something other than my team leader for direction. The silver lining is I have been given clearance to rewrite the process.

My start to-do includes updating our machines and passing security scans to be on the network. Update the red hat os from el6 to el8. I have briefly looked into using Red Hats image builder, creating a golden image pipeline, e.g., I am looking for suggestions to help make this process efficient and automated, e.g., Thank you.

This is an automated archive.

The original was posted on /r/sysadmin by /u/drosmi on 2023-07-18 01:43:06+00:00.

I’ve been applying around and ran upon this list of states where remote work wasn’t permitted. Anyone have an idea why?

States Excluded from Remote Work: Alabama, Arkansas, Delaware, Florida, Georgia, Hawaii, Indiana, Iowa, Louisiana, Maryland, Mississippi, Missouri, Ohio, Oklahoma, Pennsylvania, South Carolina, Tennessee, Virginia

This is an automated archive.

The original was posted on /r/sysadmin by /u/dankdooker on 2023-07-18 01:23:55+00:00.

What's your must have/go to item? Charger of course. Headphones maybe?

This is an automated archive.

The original was posted on /r/sysadmin by /u/selltekk on 2023-07-18 01:18:07+00:00.

Currently W2012R2. ~600 printers. ~5000 users. Most remote but ya know.

2cpu, 16GB Ram.

Random failures. Usually mondays of course. Found a few driver mismatches, fixed. Random fails still happening. Most drivers are type 3. Some are older drivers which I suspect to be the main issue.

My inclination is to build new 2022 server similar specs, all type 4 drivers if available. We already pretty heavily use universal drivers for HP, Canon, Ricoh, other big names. Still have some model specific drivers for the smaller brands.

Thoughts? Managed print via printer logic or azure not really an option yet.

This is an automated archive.

The original was posted on /r/sysadmin by /u/_Nismo on 2023-07-18 01:17:27+00:00.

Folks who have used Hirens, when you boot a vSphere VM to Hirens, have you had mouse acceleration problems? Using VMRC, Keyboard and mouse work, it's just that the mouse is all over the place. Using the keyboard to navigate works well, but not in the password reset tool. You need the actual mouse to click on an account, then to click change password. Using tab won't select the account, and just tabs around the buttons on the active password reset program. Hirens is great and saved me quite a bit, but I just need to get the vSphere mouse acceleration issue fixed. What in the VM settings or in Hirens can be changed to make the mouse work better?

Hirens PW Reset Pic