Subscribe to Sysadmin feed
A reddit dedicated to the profession of Computer System Administration.Sysadmin
Updated: 17 min 32 sec ago

Can not having the DNS role on a DC mess with things?

19 min 48 sec ago

The guys before me who setup our primary DC never put the DNS role on it. I always thought that was odd and not according to best practice. I think this may be causing our sysvol not to replicate to other DC's. What are your thoughts? Just trying to narrow down this replication issue.

submitted by /u/chugger93
[link] [comments]

Am I Getting Fucked Friday, January 18th, 2019

21 min 13 sec ago

Brought to you by the /r/sysadmin 'Trusted VARs': /u/SquizzOC and /u/bad0seed with Trusted Telecom Broker /u/Each1Teach1x27 for Telecom. This weekly thread is here for you to discuss pricing and quotes on hardware and services or ask software questions. Last Post: January 11th.

Required Info for accurate answers:

  • Manufacturer
  • Part Number
  • Quantity
  • Service Type and Location

All questions welcome, keep in mind that there are of course more pieces to this IT puzzle we can dig out of the box

  1. Cloud Options (Hybrid, Azure, AWS, security and storage integrations and migrations…)
  2. Server configs and quote answers
  3. Storage Vendor options, details and selection
  4. Network hardware from routers, switches, load balancing, Aps…
  5. Security - firewalls, 2FA, cloud DNS, layer 7 services, antivirus, email, DLP….
  6. Client-side: Is it a really big quantity? User equipment doesn't have major negotiations without big numbers
  7. Bandwidth - Internet, MPLS, dark fiber, carrier SD-WAN
  8. Voice- SIP, Hosted VoIP, PRI etc.

As always, PMs welcome with your questions any time, not just Fridays.

Warning: This thread is neither vetted, nor approved by the reddit administration or /r/sysadmin moderation team. All interaction is explicitly at your own risk.

submitted by /u/bad0seed
[link] [comments]

Question about RHEL support

21 min 55 sec ago

My company runs a research computing cluster that currently runs on Solaris. For obvious reasons we want to get away from anything Oracle so we are thinking about switching to RHEL. Does anyone have experience with their enterprise support? How is it? Any experiences you can share, good or bad, would be helpful.

submitted by /u/billwrugbyling
[link] [comments]

Switch port up and down

22 min 14 sec ago

I have a Cisco switch with a port that's going up and down and the device quits working until I shutdown the port and bring it backup.  


This is what show log returns:  


%LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet1/0/35, changed state to up %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet1/0/35, changed state to down shows this over and over with about a 5 minute gap between each  


The end device is a camera the switch port is configured exactly like the other cameras on other switch ports. Same config and same cameras type.  


I have switched ports, cameras, and cable all have the exact same problem with the port going up and down and the camera shutting down. Duplex settings are set to auto exactly like the other cameras; I even tried to manually set the duplex to full 100mb on the camera and the switch port but the problem kept happening.  


My original thought was port security was blocking the device but I removed port security settings from that switch port config and it still had the problem.  


The strangest part is if I keep and constant ping on the device it will stay up but if I stop the ping it goes down within 20-30 minutes.  


Any ideas on whats going on or some troubleshooting I can try?

submitted by /u/twisted636
[link] [comments]

symobolic links and permissions

27 min 51 sec ago

In linux, if say i have a symbolic link with no owner e.g.

lrwx... 500 501 ...... /mypath/myfile rwx ... root root ... /mypath/myfile.0

myfile is symbolic link to myfile.0 . Does it matter if I leave the unknown user and group as it is for myfile? Or should i change owner to root as well? thanks

submitted by /u/s802645
[link] [comments]

HITRUST vendor

27 min 54 sec ago

Hi, im not sure if this is the best place to post this question, but im looking for vendor recommendations to assist us in HITRUST certification. Im the Sysadmin for my company and will not be able to do this without outside help given my workload. Looking to see if anyone here has used and recommends a vendor? thanks!

submitted by /u/Liquidjojo1987
[link] [comments]

Question regarding Java subscription

34 min 58 sec ago

This whole Java subscription thing is super confusing. I just need a plain answer here, preferably with a website source for proof.

At our business, we have somewhere around 7,300 computers that have Java on them. When I say they have Java, I mean that they have the Java Runtime Environment (JRE) that you download for free from . The newest release just a few days ago is Java 8 Update 201. If you look in Programs and Features, it'll say Java (not Java SE, Java JRE, JDK, etc). It's just the end user software that the PC needs to be able to run certain applications for the end user. We do not do any type of developing software. We normally push the Java updates via PDQ.

Under the new Java EULA, apparently starting at the end of this month, will we be required to buy a license to update these 7,300 devices, or can we still download the end user version of Java (JRE) from the website I linked above?

submitted by /u/TechNickGaming
[link] [comments]

Source Control (Git) and Why You Should Absolutely Be Using It as a SysAdmin

36 min 25 sec ago

I'm going to start with a bold statement:

If you learn Git and apply it in your daily work (where it makes sense) you WILL find it useful and you WILL be glad you invested the time learning a new and marketable skill.

Source control is all about tracking revisions and sharing changes of sets of files. The files are usually text but can also be binary, images, etc though the benefits of source control in those scenarios are somewhat diminished.

Git is a popular source control tool and for the purposes of this post Git can usually be interchanged with any popular source code management tool. Realistically the world has mostly settled on Git (Google Trends).

"I'm a SysAdmin, not a programmer! I don't write source code. How can Git help me?"

Pretty much any time you want to permanently save the state of any files with a note, timestamp, backup, etc is a perfect time to use Git.

A few examples:

  • Updates to server/application configuration files
  • Updates to deployment scripts
  • Updates to the domain login script
  • Updates to any text-based documentation

"I'm interested in learning. How does Git enhance my workflow?"

  • Encourages you to make save points in the form of commits
  • Encourages you to document and make notes in the form of commit messages
  • Encourages easy experimentation in the form of branches
  • Makes it harder to accidentally lose code (if it's committed!)
  • Metadata is automatically captured such as who changed what and when.
  • Can easily retrieve previous known-good configuration/documentation

Bringing valuable programming practices into the SysAdmin work...

Even if you're not a programmer there are valuable practices from programming that can be implemented into your daily SysAdmin life. You might think of this as "how to begin thinking like and understanding what DevOps really means in practice"...

  • Thinking about changes as "new releases of a service you provide".
    • Say you're updating the script that configures a brand new employee in your environment.
    • Do your testing/experimentation on a "development" branch
    • Once you're satisfied with your new process, merge that "development" branch into the "production" branch.
    • Immediately replace the "real" version of the script, maybe on a file share or in Task Schedule or something, with the production version.
    • You've now "released" an update to your "new employee provisioning service". You now have a changelog of the exact lines that changed on which date.
  • Being more formal about what is in development vs what is in production and being able to quickly see the differences.
    • "I think my deployment script is reliable, what changes am I actually implementing if I load this new version into SCCM?"
    • From the development branch: `git diff production`
    • "Oh yeah I forgot I added that tiny MSI install parameter in addition to the 50 lines I work on to pull the files from the right server. I'll be pushing that new MSI parameter too, good to keep in mind if there are any issues."
  • Collaboration becomes easier than emailing files or copying files to/from shared drives.
    • Each person has their local repository and can make changes locally testing whatever they want whenever they want.
    • Sharing changes involves pushing and pulling the latest changes from the server.
    • Changes are tracked and you can see who edit which lines of the file when.
      • "This line is strange and there are no comments. Lets see who added it..."
      • "Hey Bill, why did you add this line back in June?"
      • "Oh we found some edge case where if a new user had an apostrophe in their last name their username had it as well which screwed up a bunch of their access to systems."
  • More mature practices include continuous delivery concepts such as automatically updating the actual production environment when you submit changes to the production branch.
    • In the scenario of your "new employee provisioning service" you can have your central Git server trigger activity when new commits come in. One of those triggers could be "any time a new commit comes in to the production branch" and the activity that happens is "upload the Create-NewEmployee.ps1 to Z:\IT\Scripts\".
    • In a different scenario maybe you have a login script which needs to be updated. You're a 1000 person company and all of IT dog foods changes like this. When your "testing" branch receives an update it updates the "login-test.vbs" login script. When your "production" branch receives an update it replaces the "login-prod.vbs" login script.

Where you might have trouble...

Git is not always easy and some of the error messages may be confusing. My best advice is here:

  • Any time you see "origin" it usually means "the central point of truth for this repository, usually remote, like GitHub".
  • Errors usually mean you're doing something your not supposed to, or more commonly, one of these:
    • Local Repository is Behind - Someone has made changes to the branch you're working on, you need to pull their changes down to your repository before you can push your new code. Merging never happens on the server.
    • Merge Conflict - Someone has edited the files you have also edited and Git needs help settling some disputes (called merge conflict resolution). This can sometimes happen when you pull from a repository that has new changes.
  • If you are totally just screwed up it is always OK to rename the repository folder and re-clone it from the server, copy your change into the file and commit. It's not the "right way" but it's a normal and common thing for git newbies.
  • "git commit --amend" is very useful and will stop you from making pointless commit messages like "Trying new value" 20 times in a row, or wasting time writing seemly valuable but overly-verbose messages like "Trying True instead of False because False did X".

Some Anecdotes

  • Make commits often and push them often.
    • As long as your make a commit AND push it you will ALWAYS be able to recover that committed code as long as the repository exists on the central server.
  • GitHub is not Git. Git is a source control tool. GitHub is the most popular public repository hosting service unrelated to the creators/maintainers of Git.
  • As you gain more experience what you're doing will feel better and more natural. This is when you see the real value.
    • The first time you and a co-worker are working on the same file at the same time and you recognize and resolve a merge conflict you'll be like "wow, that was pretty slick".
    • The first time you and your team work together to review the diffs or changes for an update to production you'll have newfound confidence that everyone understands what is changing and why.
  • GitHub now supports unlimited private repositories for free (up to 3 collaborators). You do not need to use GitHub, there are many alternatives including self-hosted ones like GitLab (unrelated to GitHub). You also use any file share or SSH endpoint to store your repositories.
  • I personally recommend using the the git command line all the time. There are many great GUIs out there that may be more your style but it will hide some of the inner workings and why git does what it does will make less sense to you.
  • For those nitpicking, I know Git is a decentralized source code management tool. However it is almost always used in a client-server kind of relationship with a central repository as an intermediary for many developers. In the 8 years I've been using Git I have never pulled directly from another person's machine. I have simplified the explanations here since the distinction isn't really valuable to new users.
submitted by /u/SpectralCoding
[link] [comments]

Can someone explain Ariba by sap, punchout2go, EDI like I'm 5?

50 min 42 sec ago

I inherited a new environment that has our ERP system. We also have Ariba as a supplier to customers. Punchout and looking to implement edi.

I want to streamline a lot of things we have currently that is being manually done.

  1. Can I integrate ariba with my erp system to have the orders and PO going directly to ERP and back and forth? What can I use?

  2. Can Ariba do EDI? I can't find a clear answer from searching.

  3. can we use punchout to do what I asked above?

We currently have our erp system with customers on Ariba. I like to where the orders, PO, and invoices going directly into our erp system and back out if necessary. If there is a best practice or best way, I would love to find out more.

I know a lot of this stuff is vague is because I'm still new to all of this.

submitted by /u/itman404
[link] [comments]

Make our branch office network/sys independant

1 hour 1 min ago


Rookie FR Admin here :)

Here is our network . We do not have backup infrastructure (everything is windows srv).

What we would like to do is making our branch office less MPLS dependant.

If MPLS fails they need to have access to : FS, the internet, the apps and so on.

> This could be solved by adding an internet access there I guess

But what if one of our servers in main office fails? What is the best thing to do ?

> I thought about adding a few servers on branch office with : Branchecache , DFS-R, RO DC. Can't go wrong with it.

But what could I do for apps redundancy ? Is Load balancing a good solution ? I don't really know what to do.

Should we actually "mirror" our infrastructure in branche office ?

Should we strengthen main office infrastructure with redundancy ? (clustering)

Is Hyper-V replication service useful in our case (if we put an hyper-V in branche office , since we do not have any CSV SAN infrastructure)?

Thank you for your help. I am a bit confused for this autonomy project

submitted by /u/SeismoSpam
[link] [comments]

Windows Server 2016 Remoteapps - Slow "login" / first start

1 hour 4 min ago


we got a Windows Server 2016 Remoteapp-farm which has 2 connection brokers and mutiple rds servers. Everything works fine as soon as you are using it - but the first login, when you begin to use the remoteapps in the begining of the day, takes like 5 minutes.

Where could I check for the performance-problem? Are there any guides?

submitted by /u/Senorragequit
[link] [comments]

Sophos EDR worth the extra 5k?

1 hour 5 min ago

We are looking to switch our AV away from Trend, what we are looking at is sophos,

Sophos Central Intercept X Advanced with EDR is $7 extra per PC verse Sophos Central Intercept X Advanced without EDR. We did a demo and i belive the EDR was just the extra reporting center, which we were like meh about. basically im asking would you pay a extra 5k per year for the EDR feature? what does it even do? why do you feel like its worth it?


submitted by /u/Trekky101
[link] [comments]

Local Reverse Image Search Software?

1 hour 9 min ago

Hi All

Recently the marketing guy at my job left the business and now whenever anyone wants images that falls on my shoulders... Unfortunately, these requests tend to come in the format of "can you give me a higher res version of this picture"

All the marketing guys materials are completely all over the place. No logical file structure at all. Meaning I end up spending sometimes hours going through different folders and checking thousands of thumbnails until I find the image in question.

Can anyone recommend a free reverse image tool that will save me endless amounts of time? Everything I've found thus far seems to be more for the sake of scanning directories to find ALL potential duplicates of ALL images in the directory.

I want to say; look at THIS specific image, does this image have potential matches, if so where?

Anyone use anything like this?


submitted by /u/HoguesUK
[link] [comments]

Suddenly Word and Excel attachments are blocked from opening in Outlook

1 hour 40 min ago

Hi there,

This issue started yesterday and more and more of our users call in to report it.

Word and Excel attachments can't be opened by double clicing them in Outlook.

When you save them on your desktop, they'll still not be able to be opened.

Error message in Excel:

Error message in Outlook:


Saving the file locally > Properties > UnblockThen you can open that particular file

As a workaround, you can disable Protected View in Word And Excel:

File > Options > Trust Center > Trust Center Settings > Protected View > uncheck option "Enable Protected view for

The issue is not related to recent Windows Updates because my devices only received updates from December. Not yet from January.

The issue started yesterday where no updates were installed.

It is not related to the Office 365 ProPlus version.

I've updated Office on a particular device from 1803 (9126.2336) to 1808 (10730.20264)The issue persists.

It is also not related to the Windows version. We have devices with Windows 10 and Windows 8.1 with this issue.

What I have noticed:

Mails coming from external senders have these issues.
Attcahments in mails from internal colleagues can all be opened without problems.
If you forward one of those external mails to a colleague, he can open them. If he in turn forwards it back to you, you can open it as well.

Did anyone have a similar issue? Or an idea where it comes from?

submitted by /u/dinci5
[link] [comments]

client VPN in China

1 hour 44 min ago

Where I work we have locations in the US, China, and Mexico. Our US and mexico users run the cisco client for VPN and they connect back into our network through in the US. For china they connect to a vpn device in country, we've ran like this for years.

Recently the team in china is telling us that they are getting letters from china telcom saying that because we us a domain name of that our domain name can not be found in the approved domestic domain registration organization, therefore the domain can not be applied for filing in China. They are being told the domain must be applied for in China.

I've talked to other local companies that have sites in China and they have not heard of this and us their .com for VPN.

Wondering if anyone else has ran into this? we don't want to get a .CN or use a registrar in China.


submitted by /u/benwaynet
[link] [comments]

Can't send outlook mail, OWA works

2 hours 15 min ago

Nobody in my company seems to be able to send mail through Outlook, but receiving works fine.

Sending and receiving both work in OWA.

Can't see anything relevant on the Service Health portal.

Anyone else having issues?

Edit: correction, they are going through, it just takes a minute or longer.

submitted by /u/LeslieStroobant
[link] [comments]

RDS 2016 Farm Cached Web Credentials

2 hours 18 min ago

I have deployed a new Server 2016 RDS Farm with User Profile Disks. When a user signs into some kind of website, for example Office 365 portal, and chooses the “remember me” option, it works as expected and the session is remembered after closing/reopening the browser. However, when the user logs off the RDS session and back in, they have to log in to all their websites again. same behavior between Chrome and IE.

This doesn’t happen on our old 2008 R2 RDS Farm. Any suggestions on how to troubleshoot? I’m guessing something missing from the UPD. I have it set to save appdata and user registry settings currently.

submitted by /u/ryolin1
[link] [comments]

Need reg setting or PS to keep desktop in presentation mode

2 hours 19 min ago

Need to keep the screen on without screensaver or having it go dark. Tried all sorts of hacks without success. Apparently easier to do on laptops. Using Win 10 1703. Any help appreciated. Thx

submitted by /u/leftydog1961
[link] [comments]