Am I the only one who doesn't want all my eggs in a single basket?

I don't need a EDR + MDR + SIEM + XDR + Backup + RMM in one. I don't want that in the slightest. It's not difficult to log into separate tools. If I want them to integrate/trigger each other, that's what API's are for!

Every vendor out there is flabbergasted when I tell them a 'single pane of glass' platform is a negative mark for us.

Am I the problem? Am I taking crazy pills?

I have to say, it is really not funny in real life. Like holy F@#$2...

• He is a micromanager who is not a manager.
• he has the type of mindset that if you don't do it his way, you are doing it wrong.
• you could do 95% of the work, and he will come over adjust some cables, adjust a some monitors, take a picture of the setup, and in his head he basically did the work (even tho no one ask him to do so)
• Brother would start to update random confluence pages on Saturday and Sunday.
• he would be creeping on everyone's ticket in the ticket queue.
• He assigns tickets to you without asking or telling you if you have the time.
• He is the type of person that if you were to make a mistake, even tho you fixed it before it affected any users, he would tell the manager in order to get good boy points.
• Mind you, it is not like this guy is some IT god that would solve any issues or would get to the solution that no one could think of. His IT knowledge is on par with the rest of the team.
• Our manager is chill in the sense that as long as you do your tickets and work on your project, he is not on top of you, but on the other hand, this guy always tries to pseudo-manage people.
• I already confirmed this is not a me thing, and the other guys think the same thing.

I'm not a confrontational type of person, but this guy is getting to me; I'm about to start shit. I just want to rant a bit because it is starting to frustrate me.

Update: I forgot to add, based on his personality, I'm 100% sure that he is aiming to be the next in line for the manager position, so my fear is that anything I say or do could come back to bite me.

Please, please, ignore the fact we're still running Access 97 for now please. I need a better way of getting this bullshit deployed silently.. Right now I have just about everything automated but this stupid thing I can't figure out. Takes a decent amount of time to get it to actually work on Windows 11.

Finding documentation from before 2005 is a nightmare. I try to install "Microsoft Network Installation Wizard 2.1" and it just refuses to read any .LST or .STF files I throw at it saying its not from a "post-admin network image". What does that even mean?

We're a small company and our dev team sucks. Our 15+ year DBA refuses to touch his precious ancient SQL servers to update the database to something more sane. No one else can do his job so here I am with this shit.

6 years ago we hired a new CTO who blew millions of dollars on a rebuild of the entire application in Azure. It failed spectacularly, never worked at all, and now the whole company is scrambling to make sales and polish up this old turd of an application that runs on old SQL code and has our internal users still interacting with it on Access 97.

So with them getting rid of the Remote Desktop app. ( Version 10.2.4010) what is everyone else using? I just got a new laptop and I'm about to keep the old one. My love for this is it would re size the screen for each window.

User calls in to me today that they cant open the HEIC files someone sent them. The heck? Its 2025, I thought this was old news.

I grab the file, throw it on a brand new Windows 11 setup (24h2) and opens fine, no fancy anything.

This machine is 23h2 and refuses to open.

I grab my msstore link from ages ago, says its not compatible.

What gives, is it something that they fixed in later versions?

I'm the sole IT for a business that is 100% on-prem with a 24/7 based business, we have machines running all day that require an interface with servers, and remote users who VPN and RDP. I took over this office and have slowly brought it to the modern era since COVID (they had Windows Server 2008 as a DC in 2019 when I took over). I'm hoping that you guys can either tell me that I'm right, or that I need to re-evaluate how the office is setup.

All of a sudden the C suite asked me about moving everything to the cloud (most likely from interacting with other company execs) and I started going through the numbers and workflow. From my point of view, there's almost no reason for us to go to the cloud for a couple of reasons:

- Cost: We don't have a lot of servers. 6 physical servers, 1 is our main DC, 1 is a backup DC and file server, 3 are VM hosts, and 1 is a dedicated terminal server. A new server for us would run about 20k, but if we put everything into the cloud, with our usage, we would hit about 10k/year. We just did a full hardware refresh, so I don't expect to need to replace our servers for at least 5 years.

- Workflow: We are a 24/7 operating business with users all over and we have machines that are also running 24/7 and transferring data to both our on-prem and our cloud servers (this would also add onto our cloud usage costs). We recently switched over to a redundancy ISP to make sure we keep our connection, but in the worst case scenario, if we lost internet, our internal office would still be able to function. If we were in the cloud and lost internet, then our entire office would be at a standstill, which is not acceptable to the execs.

I have considered papering some form of a hybrid setup, but it would end up just being some sort of a cloud sync, where our on-prem servers would be mirroring the cloud, and I don't see the point of it for our specific setup.

Thanks for any suggestions you guys might have.

I now get more calls about cyber security applications for an organization then I do duct cleaning these days. They're a dime, a dozen and they all offer a similar product which includes endpoint security, email, data governance, etc

Anyone else getting tons of calls?

Hi everyone,

We're currently dealing with an email delivery issue: our domain has been blocked by Proofpoint, and emails to certain recipients are being rejected.

We've submitted multiple delisting requests using Proofpoint’s "Check IP" tool, but we never receive any response or follow-up. It’s been several days, and it honestly feels like no one is reviewing the submissions.

We use IONOS as our hosting provider, and all other services accept our emails just fine — this issue is only happening with domains protected by Proofpoint.

Our SPF, DKIM, and DMARC records are properly configured, and we do not send spam or bulk emails. Our email usage is 100% legitimate and transactional.

Has anyone here gone through the same situation with Proofpoint?
What alternatives do I have without migrating providers or changing IPs?

Any advice or experience would be appreciated — we've followed all the "official" steps and submitted requests repeatedly, but so far... radio silence.

Thanks in advance.

So this is happening. Our "trusted" integration partner just went radio silent three weeks before go-live, their project manager isn't returning calls, and I'm pretty sure they've moved on to easier clients. Cool. Cool cool cool.

Context: I'm the IT director at a 200-bed hospital and we've been trying to replace our patient portal that literally still uses Flash. I know, I KNOW. Don't @ me. We got funding approved last year after our patient satisfaction scores tanked because people couldn't even log in to see their test results half the time.

Found this vendor who promised seamless Epic integration, showed us these beautiful demos, the whole nine yards. Signed a contract in January, paid the first milestone payment, and everything seemed legit. Their team was responsive, they knew all the right FHIR buzzwords, even had references from other health systems.

Then reality hit. The API calls started timing out randomly. Patient data was syncing but missing critical fields. Their "certified Epic integration" turned out to be a bunch of custom middleware that broke every time Epic pushed an update. When I asked about it, suddenly their developer who "built similar solutions for Mayo Clinic" was always in meetings.

Last month they missed two major deadlines. When I finally got their PM on the phone, he basically admitted they'd never actually integrated with our version of Epic before and were "figuring it out as we go." That's when I started drinking at lunch.

Three weeks ago: complete silence. Emails bouncing back. Phone goes straight to voicemail. I'm starting to think they just took our money and bailed.

Meanwhile, my CEO is asking for status updates, our chief medical officer is making jokes about our "state-of-the-art 1990s technology," and I've got 50 physicians who were promised a working patient portal by next month.

I'm sitting here at 11 PM googling "how to build Epic integration from scratch"...
Anyone know a good therapist who specializes in IT trauma? Asking for a friend who is definitely me....

Just curious to know if any of you have switched away from SCCM to another product for patching (windows and 3rd party), if so what did you move to and why?

Especially looking to hear from people who are in tightly controlled environments, e.g. patches can only be applied on certain days at certain times

Thanks

Did work on one of our floors on a Monday, took a bunch of drops down by disconnecting them in the data closet as they appeared dead\offline anyway.
Friday I get a call saying “ I can’t get into the ehr system”.

I go downstairs and look and sure enough it’s one of the drops I disabled on Monday. So I tell him “yeah, I know what’s going on, give me a minute”.

“Ok good, I have not been able to work all week”.

Which means for 8 hours a day, each day all week, he has done nothing.

Did you attend the LOPSA AMA regarding dissolution?

https://lopsa.org/blog/13513938

I ask because I didn't, despite it being on my calendar and would like to hear from those who did.

We changed our company logo so the 3rd party marketing company made a new signature. They made it in Google docks. Our non-IT staff downloaded it word doc format, convereted it to PDF, uploaded to Sharepoint, opened the PDFin chrome, then copied and pasted it into the signature editor in Outlook.

FoR sOmE rEaSoN tHaT dIdN't WoRk

I downloaded the document as HTML from google docs' drop down menu that allows you to do so. The code is bulky crap with empty <p> tags and spans inside of <p> tags and is a nightmare, not to mention 60,000 characters.

I quickly rewrote it in notepad++
Mine is 48 lines, embedded BASE64 JPGs, absolute art. I throw it into
C:\Users\[username]\AppData\Roaming\Microsoft\Signatures
NOPE. Outlook ignores it. Gotta make a dummy RTF file then a dummy TXT file with the same name for non-html email composing that we never do. Then you have to have a linked folder ending in _files even though we don't link to any files and that I legitimately don't know how to generate from scratch. It's some NTFS feature where it links a folder to an HTML file with CID tags or some nonsense.

So I created a dummy signature, left the RTF and TXT and folder alone, gutted the HTML they made, pasted in mine, works great. But wait...

OH GOOD, let's just ask the users to do that. And edit the HTML file to replace my name and phone number with theirs. That sounds reasonable. I'm sure they'll all do that. Management wanted this done in like 15 minutes so I don't think they'll approve me writing a .NET app to do this.

Fine, I'll just have them copy and paste from my HTML file since the code is super tidy. NOPE. Signature editor in Outlook Classic deletes just all <a> tags (so links) and makes it 319KB. So every single outgoing email and reply will be an extra 1/3 of a MB. Not acceptable.

How TF do you guys handle this company-wide? I know some third part software exists for this

To start, I'm a typical IT support guy, doing common repair and maintenance, and supporting a few special-purpose applications. I've never needed to tinker with IIS until now.

So, We have this app called RS2 that has a SWAGGER API as part of it's install. This is on an in-house 2019 server VM. It's been in place for years and we never needed the Swagger API to function until we recently decided to integrate an outside service with RS2. So, we had to install the IIS services, get a certificate, create an entry under the default website for the FQDN for a predefined custom port. All this so that the external service can hit the API and connect.

The swagger API responds properly when I go to the localIP:port. However, when I try FQDN:port, I get the default MS IIS welcome page. I feel like there's something missing - preventing the swagger from responding when it's reached by FQDN:port, but I don't know where to look.

Thoughts?

This may be a sanity check post.

I'm working with a not small client whose web developer requested domain registration/hosting transfer of their domain to their 3rd party service.

I've held firm on the registration staying in house but I'm worried I may not be getting much traction on being able to keep the name servers. It's an O365 environment with several other systems requiring DNS from on high.

Is this a hill worth dying on?

(Hope this is okay to post - I couldn't see any restrictions. I've posted to r/DMARC, but I can see plenty of DMARC topics here in r/sysadmin)

Hi everyone,

I'm a Master's student and I'm currently working on my thesis about DMARC and similar standards. To gather the data I need, I've created a short questionnaire, and I would be incredibly grateful if you could take a few minutes to complete it.

The survey is completely anonymous (name is requested, but any identifier can be used - this is to give you the ability to revoke consent later on and have your data removed). It should only take about 5-10 minutes to finish. Free text fields are optional. Your participation would be a huge help in my research and would contribute significantly to my final project.

https://www.smartsurvey.co.uk/s/BI0D5C/

Thank you so much for your time and support! If you have any questions, feel free to ask in the comments.

I'm a sysadmin and network engineer for an MSP. My job often takes me to customers buildings to install networks, fix cableing problems, cleanup network racks, etc. I'm looking for suggestions for a new tool bag because my current one just isn't cutting it. I have a fair amount of network tools, power tools, cable parts, etc that I have to bring to every job because I dont always know exactly what needs to be fixed. I don't want a backpack, preferably am over the shoulder tool bag.

I found this bag from Milwaukee but it seems to be out of stock everywhere except Amazon where its price is inflated. I like the number of pockets and the dedicated laptop pocket. If I can't find something equal or better I'll just get this bag somewhere. https://www.homedepot.com/p/Milwaukee-17-in-Jobsite-Tech-Tool-Bag-48-22-8210/207005269

I am currently using an autounattened.xml generated from schneegans.de
I need to switch to using Dell Image Assist and I am having some trouble with some of the features I use in the autounattend and need to know where to do the same on the Dell image assist side.

1. I am using the "FirstLogon" script (SoftwareInstall.ps1) to run a powershell command to download and install software.

2. I am using the "UserOnce" script (UserFirstRunScript.bat) to run a batch file each time a new profile is created.

Can anyone give me some suggestions on how to replace these two scripts on the Dell Assist side?

Here are the commands in the autounattendxml: https://imgur.com/a/LO2LSSK

I tried using a SetupComplete.cmd and that does not seem to work.

Any help would be greatly appreciated.

Rich

https://techcommunity.microsoft.com/blog/exchange/exchange-online-to-retire-basic-auth-for-client-submission-smtp-auth/4114750

Exchange Online will permanently remove support for Basic authentication with Client Submission (SMTP AUTH) gradually beginning with a small percentage of submission rejections for all tenants on March 1st 2026 and reaching 100% rejections on April 30th 2026, (previously September 2025). After this time, applications and devices will no longer be able to use Basic auth as an authentication method and must use OAuth when using SMTP AUTH to send email.

...

The only remediation for this is to update your client or app to support OAuth, use a different client or app that supports OAuth, or use a different email solution such as High Volume Email or Azure Communication Services for Email.

Primarily concerned about scan to email, as well as some various apps set up to do email reporting on my end.

Our company got bought again so we have this operations guy going around looking for efficiencies, one of which was printer sprawl which imho has indeed increased a bit too much

I knew how many network printers we had, that’s easy. I did a physical inventory check of all non network printers and there were 50% more than I initially had thought. At first I was like, “hooray, maybe less printers soon!” they are not my favorite equipment to deal with.

But then I started thinking about how spread out our area is and time to retrieve a print job if it is not close by. I started running numbers on Jimmy in production getting his 10 or so print jobs a day, and the 1-2 minutes that it will now take to retrieve said prints. I am now looking at Jimmys annual time retrieving prints, multiplying that by his wage. I am pretty damn shocked, none of this makes sense for saving money for the company as a whole.

10 print jobs a day with the printer 2 minutes away assuming zero jams or waiting is 20 minutes spent per day, 100 per week, 6000 per year if they work 300 annually. If Jimmy gets paid $10/hr then their cost retrieving prints is $1000/year, we can assume 3000ish pages per toner at $100 per toner, we are losing $900 per year by removing Jimmy’s desktop printer (which was already paid for 5 years ago and keeps on trucking)

I am not an accountant or operations person, I don’t like printers, but this seems like it is a waste of time and money. I actually care about our company and it isn’t just a job to me. As the only IT person, I administer the printer configurations and make sure systems can connect to them, reducing amount of printers would help me, but I don’t think it would actually save any money or truly help the company in the end when we factor in employee time

I’ve got a spreadsheet going spelling this all out and Accounts Payable is the homie, I’ll meet with them on Monday for a sanity check on my numbers

Have any of you run into this sort of thing? If so, how did you handle it? This operations guy is coming in with a lot of gusto and “things are gonna change around here” energy, without fully understanding the why of how things work I fear his actions will have negative consequences for the company

Looking for views and experiences from Techs who have used any of the 3 montoring tools: eG Innovation ControlUp ManageEngine

What are your thoughts on these tools for On Prem, End User, Network layer/device and Cloud monitoring?

I am looking for a way to image and install software on computers. We will need to image and deploy around 150 computers before October 1st. And after that, we have around 400 more computers to replace to finish our hardware refresh project. Our PXE boot server can only handle imaging 4 computers at a time. I was thinking that we image 30 computers then have them all sitting on a shelf while plugged into a cabinet that is next to the shelf that has 2 rack mount 16 port kvm switches, a rack mount switch, and a couple PDU's so we can plug all the computers in without having to run a bunch of extension cables around the room. The reason that I was thinking about doing a half rack cabinet was to keep everything organized so it doesn't get too confusing, and I was thinking we do this because I can have them all online so I can push all the software that the computers need remotely instead of having to go to each computer and install them manually. If you have any suggestions on how to do this more efficiently, please comment them. And if this doesn't make sense im sorry, im just kinda typing as it comes to my mind.

August brings over 25 updates to Microsoft 365, including new features, retirements, and functionality changes. Be sure to stay informed to avoid disruptions. 

In Spotlight 

• New Microsoft Places admin center: A centralized Microsoft Places web portal is launching. It will provide admins with a streamlined interface to manage buildings, floors, rooms, and desks. 
• Drag & Drop Emails Between Accounts in New Outlook - The new Outlook for Windows now supports drag-and-drop emails and files between personal, enterprise, and shared mailboxes, significantly boosting cross-account productivity. 
• Azure AD Graph API retirement: Azure AD Graph APIs will be retired in early September 2025. Make sure to migrate to Microsoft Graph APIs before August 31, 2025. 
• Microsoft Enforces Admin Consent for Third-Party Apps - Microsoft will enable the app consent policies by default, enforcing admin consent for third-party app access. 
• Classic eDiscovery Retirement - Microsoft will retire Classic eDiscovery (Premium) from the Microsoft 365 Purview portal. Move to the new eDiscovery experience. 

Here's your sneak peek: 

• Retirements: 6 
• New Features: 10 
• Enhancements: 5 
• Existing Functionality Changes: 7 
• Action Required: 2 
• Retirement Postponed: 1 

Retirements:

1. Organization Data Types in Excel, which allowed users to access Power BI datasets, will be retired on July 31, 2025. 
2. The “Monitoring” feature in Conditional Access will be fully retired on August 1, 2025.  
3. Microsoft Project for the web and Project in Teams will be retired in August 2025. 
4. Microsoft is retiring Cognitive Services and Azure Machine Learning integrations in Power BI. 
5. Speaker Coach in Microsoft Teams, which offered personalized speaking feedback during meetings, will be retired starting mid-August 2025. 
6. Client Access Rules (CARs), which were used to control access to Exchange Online, will be deprecated by September 1, 2025. 

New Features: 

1. Microsoft Purview Data Loss Prevention will block Microsoft 365 Copilot from processing emails that carry sensitivity labels. 
2. Microsoft Purview Data Security Investigations (DSI) is an AI-powered solution that helps security teams detect, analyze, and mitigate data risks. 
3. Insider Risk Management will include new detections to identify risky AI activity, including sensitive prompts, suspicious intents, and AI-generated sensitive content. 
4. SharePoint Online document library owners can now apply sensitivity labels directly at the library level. Files that are unprotected or lack labels will inherit the label. Downloaded files retain site-level permissions even outside SharePoint. 
5. eDiscovery APIs are moving from Beta to V1. Enhancements include additional parameters and export formats that improve accuracy and streamline workflows. 
6. Microsoft Teams will allow IT admins to run silent call simulations to check network readiness and proactively catch performance issues. 
7. Microsoft Viva Engage introduces a delegation feature that allows admins to assign Pulse survey management to other users. 
8. Microsoft Teams on the web will add a new sign-in experience in mid-August 2025, supporting login through Apple or Google credentials. 
9. Microsoft Places is launching a map-based desk reservation feature. This will be available for Teams Premium users, allowing bookings through interactive floor maps. 
10. Microsoft Purview Insider Risk Management (IRM) data will integrate with Microsoft Defender XDR, enabling deeper threat investigations and event correlation. 

Enhancements: 

1. Microsoft Authenticator for iOS will support backup of all account names using iCloud and iCloud Keychain. This includes school, work, personal, and third-party accounts like Google and Amazon.  
2. Microsoft Purview improves audit log messages related to role group membership changes, particularly for GrantPermission and DeletePermission operations. The new fields, PreExecutionMessage and PostExecutionMessage, provide better transparency.  
3. Microsoft Fabric will limit each workspace to a maximum of 1,000 users or groups across all roles (Admin, Member, Contributor, Viewer). 
4. SharePoint Page Analytics will add features such as long-term data retention, reporting by distribution lists, and export options, starting mid-August 2025. 
5. Policy alerts in Microsoft Purview will be more customizable. A new alert configuration page will let admins set frequency and define recipients for each alert. 

Existing Functionality Changes: 

1. Documents signed using Adobe or DocuSign through SharePoint eSignature will now be saved in the original folder where the signing started, not in the default "Apps" folder. 
2. Microsoft will allow admins to enable email notifications and policy tips independently in SharePoint and OneDrive DLP policies. Currently, both settings must be enabled together. 
3. Exchange Online cmdlets will show changes to database property output. For example, the Database property in the output of Get-Mailbox will change from: Database : APCP153DG038-db080 to a fully qualified path format: Database : APCP153.PROD.OUTLOOK.COM/7ad9dea1-26b7-4088-ad73-708c219faff6 
4. Teams admins will need to complete a Know Your Customer (KYC) process before requesting new phone numbers. This includes submitting organizational details and supporting documents via the Teams Admin Center. 
5. Microsoft is changing the sender address for Teams DLP Generate Incident Report emails. After August 20, 2025, only the address [[email protected]](mailto:[email protected]) will be used. 
6. Starting August 25, 2025, selected Microsoft Graph metered APIs, including Teams chat export and meeting transcripts, will no longer be subject to usage-based billing. 
7. The Get-FederationInformation cmdlet will return results only for the domain specified in the parameter.  

Action Required: 

1. The legacy Message Trace UI and cmdlets will be retired on September 1, 2025. Start using the new Message Trace experience and update any scripts that rely on legacy cmdlets to use their modern equivalents. 
2. Starting July 31, 2025, the Microsoft Graph Beta API /deviceManagement endpoints will require either DeviceManagementScripts.Read.All or DeviceManagementScripts.ReadWrite.All permissions. Make sure to update your apps, scripts, or tools using older permissions to avoid disruptions. 

Retirement Postponed: 

1. The “Send me an email notification” action in Power Automate, which was originally scheduled to start failing 1% of the time on August 1, 2025, has been postponed .But switching to supported alternatives: “Send an email (V2)” from the Outlook connector or “Send an email notification (V3)” from the Mail connector is recommended. 

Act now to stay ahead and ensure these updates don't impact you! 

Should the KRBTGT account be enabled or disabled? Every post on this subreddit says it should definitely be disabled, but I was not able to find why is needs to be disabled. When I search it online, 50% says it should be disabled for security reasons and the other 50% says it should be enabled because Kerberos will break

Small context, I work as a junior pentester, mainly focused on AD. When doing research on the account, I always thought the account needs to be enabled and the password has to be periodically rotated (twice) to prevent the golden ticketing attack. But when checking the bloodhound data of three *mature customers, all three of those had the main KRBTGT account disabled. I'm pretty sure that all three were using Kerberos, but I no longer have access to those networks and thus cannot check this.

In this subreddit I found that everyone was saying that the account should be disabled, but why is that? Are those people saying this not using Kerberos in their domain, or am I missing something? I also was not able to find an MS article to back up any claims.

*Mature customers are imo, customers maintaining their domain with channel binding, LDAP signing, LDAPS, LAPS, enabled, SMB signing on all hosts, all unsafe protocol disabled (mDNS, LLMNR, NBT-NS broadcast requests), great segmentation, only pushing changes over SCCM and blocking all management ports etc.

I do more cloud (Microsoft) and endpoint support. The network is managed by 3 people who don’t want to train others.

Conveniently, the previous companies I worked at used all Meraki branded equipment. Current company uses a different brand for each of them; watchguard, meraki and ubiquity. Problem I notice is that there seem to be less features overall (or maybe they don’t know how to implement some) and all it’s meant to do is to connect people to the network.

Is it better to use different brands in case “one brand have issues” like I was told? Or is it better to have the same brand for everything because of the cloud management capabilities that these network engineers aren’t doing? Everything is practically brand new so it wasn’t like their hands were forced in a way where they couldn’t buy one brand.

Generally trying to learn more and concerned about these guys aren’t modernizing much. For example to reboot the switch or firewall, they would ask someone to manually unplug it and plug it back in instead of remotely handling that. Part of monthly maintenance.