Sysadmin

This is an automated archive.

The original was posted on /r/sysadmin by /u/alexcisn1 on 2023-10-24 13:33:39+00:00.

Is there an official IT Support Staff per employee ratio from ITIL or any other frameworks that can justify headcount? Looking for something official if it exists.

This is an automated archive.

The original was posted on /r/sysadmin by /u/Vivid_Mongoose_8964 on 2023-10-24 13:26:59+00:00.

Anyone else affected by this? Seems Starlink is affected by this carrier and it happens to be one of my hops on my way to a vpn partner. I'm getting almost 300ms of latency from tampa fl to salt lake city utah.....fun way to start the day!

This is an automated archive.

The original was posted on /r/sysadmin by /u/Low_codedimsion on 2023-10-24 13:17:08+00:00.

Hi sysadmins,

I'm currently in the process of planning for the rollout of a new ITSM solution at my job. We're looking into options like HaloITSM, Hornbill, and Fresh. While the licensing prices appear reasonable, the implementation costs are unexpectedly steep (sometimes even surpassing the licensing fees) ranging from 5000-25000€ - even if we are planning to do some work by ourselves.

I'd like to hear about your experiences, whether it's with the mentioned solutions or any others. I've worked with Top Desk, SN and ALVAO, but haven't implemented any of them yet.

This is an automated archive.

The original was posted on /r/sysadmin by /u/YMCATech on 2023-10-24 12:50:23+00:00.

We all know about them holding consumer grade products hostage by making you purchase their ink, their supplies, and making you register with an online account before using products.

I just tried updating a Proliang DL380 Gen 9 and found that the firmware for their servers are now behind paywalls where you have to purchase a service agreement to get to them.

So again, honestly, why would anyone buy HP anymore? What's your attachment to them?

This is an automated archive.

The original was posted on /r/sysadmin by /u/Duerogue on 2023-10-24 12:22:39+00:00.

If I hadn't seen it myself I would have archived the ticket under the Tag "User Hallucinating".

Thing is, User opens his Outlook GAL, we're getting A LOT of Deutsche Telekom Addresses, everything looking legit. Just..it's not ours.

So we just go full emergency, assume the Global Admin has been hacked, check all logs.. Not a single sign of a breach. No apps, no logins, no change in our GAL policies.

Close the Addressbook (not even Outlook) reopen it.. it's back to normal.

Had I not made a screenshot I would have questioned my own sanity.

Anything similar happened to any of you?

This is an automated archive.

The original was posted on /r/sysadmin by /u/KahlaHaraka on 2023-10-24 11:23:42+00:00.

Hello guys!

Sorry it may be a dumb question. I work as a SE and when installing Microsoft teams on my phone, my company requires to install the company portal app.

Is there anything to consider? Whats the point of having it? I didn't have that in previous jobs.

They can access some personal data on my phone? (It's a personal device)

Thanks for the help!

This is an automated archive.

The original was posted on /r/sysadmin by /u/Poilaucul on 2023-10-24 11:12:23+00:00.

Windows Server noob here, is it possible to create an Exchange mailbox server DAG with a clone of the actual exchange server given I change the IP, hostname and licence?

This is an automated archive.

The original was posted on /r/sysadmin by /u/brian1974 on 2023-10-24 11:11:24+00:00.

I opened a MS business support request on Saturday. Single incident for $499. It was C/minimal impact. I fixed my issue and dont need the help. How do I cancel? Any way to get my money back? Thanks

This is an automated archive.

The original was posted on /r/sysadmin by /u/808Vibez on 2023-10-24 11:07:05+00:00.

Hey guys

I have set up a Windows Server 2022 in ESXi Cluster on which a NPS Radius Server has been configured. The settings have been configured by default, so far everything is ok. However, the server is not accessible, neither from the RADIUS clients (access points) nor from me as a client. Firewall ports are released. A remote desktop connection exists to the Radius Server. The IPv4 settings are all correct. I have also tried to reach the RADIUS port 1812 via telnet, but this does not work either. Windows Defender ports were also configured. i even turned off the defender to test. still no connection. meanwhile i don't know any more. there is a problem with the network and the accessibility of the server. as i said pinging works but telnet doesn't. does anyone have any ideas?

This is an automated archive.

The original was posted on /r/sysadmin by /u/Living-Tangerine on 2023-10-24 11:04:36+00:00.

Hi All,

Does anyone know what GPOs control the Advanced Setup? we still use exchange on prem but unattended users will still click M365 even after instruction which can cause problems with it not being set up. I want to force users to either just use exchange or better yet, not give them any choice.

Thanks in advanced,

LT

This is an automated archive.

The original was posted on /r/sysadmin by /u/DictatorOfSweden on 2023-10-24 10:37:38+00:00.

Hi,

We encountered an issue with one of our clients who has a guest account in our tenant.

In the old teams client when they joined a meeting they got a prompt asking them if they wanted to join with their own account or with the guest account.

In the new client they don't get that question, it defaults to using the guest account.

This meant that they couldn't join the meeting and choose one of the teams room audios in their tenant, instead they could access all room audios in our tenant (even those I don't have access to).

I've tried searching for the issue but couldn't find anything, has anyone encountered this and/or have any ideas what to do? Feels like an oversight from Microsoft.

The client is concerned since they too have guest users invited and if they can choose to join with teams room audio from one of the meeting rooms where the board is having a meeting it'd be bad.

This is an automated archive.

The original was posted on /r/sysadmin by /u/teqqyde on 2023-10-24 09:02:12+00:00.

Hi,

we have some issues with some Windows Server 2022 with rds enabled. The Servers are all vms on a hyper-v cluster.

After some restart the systems thinks that they are connected via a metred connection. The registry values vor the network costs are setup fine. The toggle button on the ethernet connection are not set to metred connection.

Is there some services or checks that windows makes to configure it correctly. If i restart the server all connections are fine.

Thanks.

This is an automated archive.

The original was posted on /r/sysadmin by /u/Dry-Web-4821 on 2023-10-24 08:07:32+00:00.

In documentation it is statet that chines characters can make such en error.

This error can be caused by ö,ä and ü too. This is pretty annoying if you enherit users with this characters in the name. (European problem)

This is an automated archive.

The original was posted on /r/sysadmin by /u/sysadminbj on 2023-10-24 02:12:37+00:00.

I have a network cabinet in the middle of a water treatment facility's filter house. It has one C9300x48 connected by multimode back to another IDF and is probably about 60% full with business, security, and wlan drops. The building is about 500ft long with an IDF on one end and the problem IDF in the middle of the building. The problem is the environment. It's apparently so corrosive that we have gone through 2 switches in the last year and I'm tired of explaining why I need to pay my low voltage contractor AGAIN to come out and hang a switch and take another swing at hardening the enclosure against the environment. It's a pain in the ass and my budget people are sharpening their pitchforks to the point where I don't even go into our headquarters anymore.

Does anyone have experience with NEMA enclosures that will hold a minimum of around 6u of equipment (1u patch, 1u switch, 1u fiber, 2u UPS) while providing a good seal against elements?

Does anyone have experience with managed switches that are better at dealing with industrial environments than my Cisco gear? We use Hirshmann in our controls environment if that helps. Whatever it is will need to play nice with Cisco.

I'm getting to the point where I'm seriously considering ripping out all the CAT6 and re-running everything someplace better even if I start flirting with the 100m limit.

Suggestions are appreciated.

This is an automated archive.

The original was posted on /r/sysadmin by /u/dudedormer on 2023-10-24 07:40:15+00:00.

Hi!

TL;DR: Is there ANY way to remove the 'ringing' sound when transfering or reciving calls to and from Auto Attendants?

For example if I setup a phone system which has Phone Number "xxxx".

I assigned to an Auto Attendant, "AA".

I Tell AA to call a Call Queue, "CQ" during hours

and

reroute to external Answering Service, "AS" After hours.

Now Within hours the customer experience is:

Customer Dials "xxxx"

Customer hears their phone ringing "xxxx"

When it connects to "xxxx" it sounds like it Rings "AA"

Then "AA" rings "CQ"

Until staff answer.

If out of hours, caller RINGS xxxx and hears his phoen ringing

Number then rings AA, different ringing sound

AA then Rings External number,

External number does whatever it does.

During this process its xxxx-ring-aa-ring-cq-ring.

So in out of hours it rings three different way before going to someone, and in hours exactly the same!

TL;DR: Is there ANY way to remove the 'ringing' sound when transfering or reciving calls to and from Auto Attendants?

Any help would be appreciated.

This is an automated archive.

The original was posted on /r/sysadmin by /u/Brush_bandicoot on 2023-10-24 07:28:48+00:00.

Hello everyone. I Have 2 Domain controller environment, primary and secondary.

I have a new ESXi vSphere and I migrate all of my server to the new host. I already migrated the secondary domain controller and adconnect servers and it runs perfectly, two domain controllers see each other replicates and everything. Now I need to migrate the main domain controller and as I see it, I have 2 options.

1. Transfer all of FSMO roles to the DC that is already on the new environment effectively making it into the primary DC
2. shut down main DC after working hours, use Vcenter convertor and let it do it's magic and configure the machine once it's on the new ESXi.

How should I do it? anything I should look out for? what if I go with option 2 and it loses the sysvol\netlogon shares.. or I have to reconfigure all of DNS on servers and machines switching from primary DNS and secondary if I go with option 1

This is an automated archive.

The original was posted on /r/sysadmin by /u/ironclad_network on 2023-10-24 07:23:47+00:00.

Hello! I’m curious about the tweaks and changes you apply to your Windows Server templates.

For instance, we remove Xbox Game Bar from Server 2016 and disable Server Manager from popping up when logging into a server. I’m looking for more examples and wondering if there’s anything else we should add

This is an automated archive.

The original was posted on /r/sysadmin by /u/bukkithedd on 2023-10-24 07:18:25+00:00.

Here's a question that's probably either been answered a bunch of times, or that has had many of us stumped (or both): How do you keep control of the various versions of the GPO definitions as time goes on? How do you track it?

I have, as many others, a rather old AD to keep control of. Our primary domain was created back in september 2004, so there's been a lot of muppetations happening in it over the years. We don't have a lot of policies in place, however, which I'm looking to get on top of.

But as I started looking into this, a thought struck me: How do other Sysadmins keep control of versioning of the GPO definitions? Do you go full-on Scorched Earth on the store every now and then and just wipe everything and then update it with the newest defs? Or do you carefully track each version of the defs in an Excel-document with version-numbers and dates downloaded/installed?

Of course, all of this might end up with getting replaced through us going for Intune down the road, but it's interesting to know how others do things and learning from it.

This is an automated archive.

The original was posted on /r/sysadmin by /u/Switcheerz on 2023-10-24 06:54:22+00:00.

Hi all,

Currently I am looking for a applocker solution for our Hybrid environment.

The idea is to block certain apps / software from installing. To prevent mallware. And if possible, also the option to request an app to be whitelisted remotely by the user.

The solution can be on premises, but I prefer cloud based.

people here can recommend me anything? Can be third party software.

This is an automated archive.

The original was posted on /r/sysadmin by /u/Standard_Pay9021 on 2023-10-24 06:07:37+00:00.

Hi all, Just wondering if there's any known impact on updating .net 4.7 to 4.8 on domain controller?

Thanks.

This is an automated archive.

The original was posted on /r/sysadmin by /u/StrikingPeace on 2023-10-24 04:40:09+00:00.

How would you handle a situation where users and their superiors are not keen on learning a software/system/platform? I'm having a frustrating situation in my org now. We have the Zoom rooms sytems for online meetings, it has a slight edge to plugins installation and meeting setup but nothing which is not undoable. We have placed a laminated guide in the boardroom -no one reads it

We have placed guides in the Public share folders -no one reads them

I have offered training for those that don't know how to go about it -absolutely no one came through or responded to the emails, in which their superiors are also copied

Instead -whenever they need to setup a meeting or when they face a challenge they want to call me, and me being the main support person im the one who gets called to this. My superiors even just point them to me. Worse thing you get called 10 mins after their fiddling fails, and this is minutes after the meeting start time when you have 20 people sitted in the boardroom and sometimes more waiting online. It looks bad on me, the IT dept and the org. Its time consuming and frustrating.

This is an automated archive.

The original was posted on /r/sysadmin by /u/malikto44 on 2023-10-24 04:23:47+00:00.

Link here

Pretty much, their tenant got breached through a cookie, did some things, including trying to pull a list of admin users.

The good news is that 1Password has been pretty solid. Their secret key system, which requires that plus a password to unlock someone's main database key goes a long ways in mitigating attacks, even if an attacker was able to grab the backend database. Apparently once the IPS went off, the attack was over, from what the article stated.

Overall, it is interesting how a relatively well designed PW management company handles a breach of this size, where, AFAIK, it is pretty much a non-issue.

This is an automated archive.

The original was posted on /r/sysadmin by /u/AutoModerator on 2023-10-23 10:00:43+00:00.

Howdy, /r/sysadmin!

It's that time of the week, Moronic Monday! This is a safe (mostly) judgement-free environment for all of your questions and stories, no matter how silly you think they are. Anybody can answer questions! My name is AutoModerator and I've taken over responsibility for posting these weekly threads so you don't have to worry about anything except your comments!

This is an automated archive.

The original was posted on /r/sysadmin by /u/asdflmnop_01 on 2023-10-24 00:24:30+00:00.

Hellooo,

I'm new to this field and would love to hear your thoughts/suggestions to this problem.

So this does not happen often but enough to make it cumbersome. Sometimes a user who works remotely needs admin rights to install programs/applications onto their laptops.

The current process is to remote into their laptop and manually install the programs and input the admin password whenever it pops up.

As you can tell, it is a long and annoying process doing this one by one for each program installation.

Is there a better way?

Thank you~~