Sysadmin

Subscribe to Sysadmin feed
A reddit dedicated to the profession of Computer System Administration.Sysadmin
Updated: 21 min 34 sec ago

TIL: ifne tool for parsing data through pipe, stop passing empty strings

1 hour 2 min ago

I was using this simple script to remove older Docker images after build, but it was giving me errors when there was no images to delete and script returned bad exit code

docker images | grep "components" | awk "{if (NR>3) print }" | awk " { print $3 } " | xargs docker rmi -f

But today I discovered this little neat tool "ifne" (found in moreutils package) that allows you to stop passing empty input into desired command at the end when piping

docker images | grep "components" | awk "{if (NR>3) print }" | awk " { print $3 } " | ifne xargs docker rmi -f

If awk won't output anything, ifne won't execute docker command, hopefully it will improve your scripting a bit :)

submitted by /u/d47zm3
[link] [comments]

[Rant] How to deal with a bad CEO whose decisions endanger the company ?

1 hour 15 min ago

Hi fellow sysadmins,

I've had a couple hot discussions with my manager, who is also the company's CEO.

We are hiring a temporary worker starting this morning (CET timezone), and he wants me to set up a PC for her.

I'll be $ME, he'll be $CEO

$ME - Ok, so I'll set up a limited account, OpenVPN, Firefox, uBlock, 7zip and SublimeText as usual
$CEO - NO, I'VE RESET THIS PC YESTERDAY EVENING, IT WORKS AS IS, SHE WILL BE WORKING WITH THE ADMIN ACCOUNT AND IE AND NOTEPAD, JUST INSTALL OpenVPN AND 7zip, NOTHING ELSE. I'M TIRED OF YOU PEOPLE CRASHING THE COMPUTERS WITH ALL YOUR FANCY STUFF, DO AS I SAY
$ME - But boss, remember that you made the admin password the same on every computer AND server in the company (written order, I couldn't make him change his mind on that either), which means she will have access to EVERYTHING as admin or root... you don't want that for a temp worker whith no IT knowdlege!
$CEO - I DON'T CARE THE COMPUTER WORKS LIKE THAT IT IS YOUR JOB TO PREVENT HER DOING WHAT SHE'S NOT SUPPOSED TO DO !
$ME - Yes Boss, but that implies creating a limited account for her, not granting her admin privileges on all infrastructure $CEO - I DON'T CARE YOU DO NOT TOUCH THIS COMPUTER, I'LL SET IT UP MYSELF

A few minutes later...

$CEO - BARTH HOW DO YOU DOWNLOAD OPENVPN I CAN'T FIND THE DOWNLOAD LINK ON THIS SOURCEFORGE WEBSITE THERE ARE TOO MANY ADS
$ME - Well, if you refuse to install an adblocker, I don't know either, all those links have the same design and with only MS Security Essentials as antivirus software on the computer, I refuse to take any risk on the computer you spent your evening resetting... $CEO BARTH DO YOUR F****ING JOB INSTALL OPENVPN NOW.
$ME Ok boss

I download the installer on my computer and store it on a shared drive, so I can install it without playing russian roulette with the links on sourceforge.

I hope she won't break anything during her time here.

And goddamn when these interactions happens I just want to quit.

submitted by /u/barthvonries
[link] [comments]

Were we breached? (Exchange/O365 access from odd locations)

1 hour 58 min ago

Started tracking down a spoofed email to a customer today and it's led me down a rabbit hole I don't know if I can come back from ...

We're an office 365 shop with about 300 E5 licensed users, Dynamics CRM, sharepoint in O365 and hybrid Exchange.

What I know so far: Starting in mid March every account I've investigated suddenly started seeing odd logins for almost everything O365 related, but the vast majority of them are Exchange Online logins.

Prior to mid march all the logins for users were either completely from our business IP or their home IP, the occasional cell carrier or a starbucks etc.

Now I've got hundreds and even thousands of logins from not only our expected public IPs/platforms but things that look like this:

  • 199.239.183.169 ;Windows 10;Chrome 67.0; Akamai Technologies
  • 72.249.198.132 Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.79 Safari/537.36 Akamai Technologies
  • 204.237.168.70 Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.79 Safari/537.36 Akamai Technologies
  • 204.2.158.76 ;Windows 10;Microsoft Office 16.0;Microsoft Outlook 16.0.4639 NTT America
  • 209.107.194.220 ;Windows 8;Microsoft Office 16.0;Microsoft Outlook 16.0.4639 Bandcon
  • 63.218.5.207 ;Windows 10;Microsoft Office 16.0;Microsoft Outlook 16.0.4639 PCCW Global

There's no correlation to times people are in the office, and there will be up to 40 logins in a row. I'm worried our userbase has been compromised. Even the login platforms vary wildly, tablet, mobile, windows 8, windows 10, different versions of Edge and Chrome.

I'm still waiting for a call back from Microsoft, but is there any way this is a red herring? Did Microsoft make changes to how O365 works in terms of logins being distributed?

Feels like a long shot at this point, but I'd like to hear from others. I've been out of the security game for too long so I'm playing catch up with O365.

submitted by /u/DigitalMocking
[link] [comments]

Resume help

2 hours 35 min ago

Anyone on to let me see an example of there's so that I can make mine as professional as possible? I would really appreciate it.

submitted by /u/cd_root
[link] [comments]

Microsoft phone activation servers down

3 hours 27 min ago

Hey guys,

Was trying to offline activate a copy windows 7 pro. Automated phone system took forever to get through and ask for installation ID. Waited 10 minutes on hold. Automated error. Spoke to support rep and their internal tools for activating software will be down for the next couple of hours. Was advised to call back later on this afternoon (Brisbane, AU Time)

Anyone else experienced any issues with phone activation's today?

submitted by /u/dooperdave
[link] [comments]

Is it wrong of me to be pissy about co-workers being too lax about permissions after I spent weeks cleaning up

3 hours 47 min ago

So just as the title says. I’ve spent a good 3 weeks or so migrating data between servers and in the process cleaning up file permissions. The permissions on the old server were disgusting to say the least. Individual users added left and right, deleted accounts and groups were never changed, some folders were had inherited permissions, others didn’t. All in all it was a shit show.

The new server however has been spun up and given some good old fashion TLC. As I mentioned above I spent a lot of time doing cleanup and have already found some co-workers recreating the shit show with their nasty/ lax permissions and to be honest it’s kinda getting under my skin and time to time I notice myself getting a little pissy.

Maybe it’s the OCD kicking in or maybe it’s because of the fact that I’ve spent time and owned it or maybe because I simply just want to see the job done right.

So I ask you as my fellow peers, is it wrong for me to get pissy about this?

submitted by /u/gabyred884
[link] [comments]

The informant’s story: I bust my boss to the BSA/The Software Alliance

Tue, 06/19/2018 - 23:46

What it's like to be an whistleblower to the BSA - The Software Alliance.

From CIO Australia

https://www.cio.com.au/article/642699/informant-story-bust-my-boss-bsa/?fp=16&fpid=1

submitted by /u/GtothePtotheN
[link] [comments]

how many are using Server Core 2016?

Tue, 06/19/2018 - 23:15

I'm curious how many people/companies out there are really using Windows Server Core 2016. For those using it, what are you using it for?

One of our developers has asked me to spin up a Server Core 2016 and this is my first exposure to it. I enjoy command-line stuff, *where it makes sense.* I'm ok with Powershell, and its great for scipting/automating specific tasks, but it feels too verbose for daily tasks, and seems less than ideal for actual troubleshooting. And I'm comfortable with Linux, so it's not command-line phobia. Just for background, our environment is comprised of 700+ VMs in VMWare.

submitted by /u/JustAnotherSunnyDave
[link] [comments]

AD Certificate server not issuing certificates.....for 2 years

Tue, 06/19/2018 - 22:01

About 3 months ago I started at a company where the previous sysadmin started his cruise to retirement 5 years before he was actually going to retire. I've been enjoying the hell out of this job because I literally get to rebuild the environment from the ground up and bring it up to a level that is currently supported by Microsoft. Almost all of the Server 2000's and 2003's are gone!

One thing that I stumbled upon was the certification authority hadn't issued a certificate since May of 2016 and all certificates expired around this time last year.

I'll admit that certificates are not my strong point... So this begs the question....if the certificate authority hasn't been issuing certificates for over 2 years and the issued certificates have expired over a year ago what is actually going on in my environment? If I wanted to nuke the current certificate server and create a new one (current one is running 2008 R2) what would be the implications of that?

I'm just looking for any direction at this point.

EDIT: Formatting

submitted by /u/master_major
[link] [comments]

Printer installs

Tue, 06/19/2018 - 20:00

We have a print server and we are manually installing the printers. It’s one of our most troubled tickets. The reason is every new user needs to have the printer installed. How do I script this to install per computer instead of user. Please advise thanks

submitted by /u/mighty_13k
[link] [comments]

Meraki vs Aerohive

Tue, 06/19/2018 - 19:41

Has anybody used both Acess points? What are your thoughts? Who’s better? Cheaper thanks

submitted by /u/mighty_13k
[link] [comments]

Windows 10 Enterprise 1803 App Store off for everyone, but admin

Tue, 06/19/2018 - 19:38

I am looking at configuring Windows 10 Enterprise 1803 App Store for a corporate environment. I am building some images and in the current build that is out there, I locked every setting I could find in an effort to get rid of the store, but this has caused some issues.

The ideal configuration would allow administrators to download and install new apps, but allow users to update the existing UWP apps (calc, sticky notes, etc).

Does anybody have any ideas?

submitted by /u/maddogxx5
[link] [comments]

What is the best way of doing o365 deployment?

Tue, 06/19/2018 - 19:14

We have F5, onprem AD, and need to get o365 out the door.

From my understanding, we can have F5's do federated sign in via SAML to o365. but don't we need to do a sync to Azure AD?

I see the idea is we spin up ADFS inside then use proxy adfs proxy servers on dmz to do saml requests. I see F5 can also use LTM to do all this though we don't have that setup just yet I believe... Not sure on the specifics of our F5 set up as I'm not the admin of it but I am the "office guy" at my company. I just need to help direct my F5 guy on the best course of action because we do not want to be syncing passwords up to azure ad if we don't need to, but we need to make sure it's all SSO thru SAML so people aren't needing to login ever (except maybe initial sign in)?

I think the idea is that we can have 2 new servers, one dmz, one internal, then those process SAML requests via onprem AD and that goes out to o365... thereby skipping azure ad completely?

Sorry, just getting my head into this now so my terminology may be totally off. Was just reading this article about it: https://f5.com/resources/use-cases/securing-identity-for-office-365 and microsoft's documentation about o365 deployments on their site.

submitted by /u/PM_ME_YOUR_THINKPADS
[link] [comments]

Employer trying to force me to use unlicensed Software

Tue, 06/19/2018 - 18:05

Hello all,

My current manager is expecting me to make images for windows 10 machines the problem is he wants me to use a crack to fix the licensing issue....he has also forced me in the past to install cracked versions of Adobe Pro.... the bigger problem is that our COO who is a lawyer is turning a blind eye to this...she is aware of what is going on as im sure he's passed it by her previously..I believe even the CEO might be aware.

What should I do? The reason i'm doing this is because he wrote me up today and I feel like being petty meanwhile I look for a new job. Can he force me to? What if he fires me for it? How can I hold my ground if the CEO and COO try to come down on me for refusing?

submitted by /u/kmoran1
[link] [comments]

Help desk/service ticket software, what do you guys use/prefer?

Tue, 06/19/2018 - 17:55

Recently got a new client who has a lot of users, and I realized that I have no good options for end users to submit tickets or to track them. Anybody have some good, non-self hosted options?

submitted by /u/SageLukahn
[link] [comments]

Exchange vulnerability. Solved only by installation of Cumulative Update.

Tue, 06/19/2018 - 17:43

According to:

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180010

Microsoft Exchange Server contains some elements of the Oracle Outside In libraries. The June 19, 2018 releases of Microsoft Exchange Server contain fixes to the following vulnerabilities, which are described in:

Oracle Critical Patch Update Advisory - April 2018: CVE-2018-2768, CVE-2018-2806, CVE-2018-2801.

So it's a "critical" level patch, which presumably means the dreaded "execute code of the attacker's choice"-level vulnerability that it's mitigating.

But the only mitigation in Exchange is to install a CU that was released a week ago. I don't know about you guys, but my experience with the latest Exchange CU has been pretty spotty.

This seems like a lot for Microsoft to ask of us to address this, especially without giving us any information (that I've seen at least?) about how it can be exploited so that we can do a proper risk assessment.

What's your strategy on this one?

submitted by /u/CFFEPTK
[link] [comments]

using SHSetKnownFolderPath

Tue, 06/19/2018 - 17:32

So i'm using powershell to create a folder in a share, set the proper permissions and then redirect "My Documents" to this folder.

Issue: I can redirect the folder perfectly and it updates to that folder name but the folder will not display as "My Documents". It is displayed as "testfolder" under the Documents library. if I rename that folder inside the share, it immediately changes to "My Documents" being displayed. How can I force the Documents library to display "testfolder" as "My Documents" while maintaining the actual name of "testfolder" in the share.

submitted by /u/DopestDope42069
[link] [comments]

Graylog vs ELK Stack

Tue, 06/19/2018 - 17:22

For those that have used or evaluated both, when does it make sense to pick one over another? Volume of data? Types of data? They both seem flexible and use things like grok patterns. I read on this subreddit that ELK is much more involved to get going vs Graylog. Simply put, what would push you to use one over the other for pure technical reasons?

submitted by /u/simpleadmin
[link] [comments]

Windows 2016 / IIS 10 Help and Advice for Developer in Admin Role

Tue, 06/19/2018 - 17:22

I have been winging this for years but want to do a better job this time around, so looking for advice and wisdom.

I am setting up several new clusters of IIS 10 servers (some new, some will be to migrate from 2008R2) for my team to use. Usually we have done this one by one and hoped for the best. But that's been painful and hard to manage. I am looking to see if you fine folks can maybe give me some advice and best practices that I should be looking at when doing this.

My clusters are load balanced behind a F5, so not using windows clustering. I am looking into using IIS shared configuration (unless there is a great reason not to use it) and my content will be local to each server (I could put it on a file share but syncing of servers isn't generally an issue)

Any advice on application pools (many vs. few)? Anything helps! Thanks!

submitted by /u/boobka
[link] [comments]

Don't mess by best guess

Tue, 06/19/2018 - 17:09

A terrible title, I know, but I have a small story to share.

As I've mentioned in other threads previously, I work in a one-man IT department, with some cover from an external company when I'm off. When I first started where I work now, it was a 2.6 FTE department. Now, it's basically me.

Anyone, the last two people who ran the department both had a terrible habit of unbinding the IPv6 adaptor on all new servers. They always did this because "IPv6 conflicts with IPv4". That's something many people say, but let's be honest – a lot of people don't understand how IPv6 works.

But plenty of people have read somewhere on the Internet that disabling IPv6 solved their networking issues, so they try that themselves by unbinding the IPv6 adaptor, thinking that will help.

It doesn't. Because not everything written on the Internet is true 😮

Anyway, my predecessors – who were both very good in general – both religiously unbound the IPv6 adaptor on all server builds. I did occasionally challenge the notion, but I wasn't going to win the argument, so I left it be.

Now, I am in charge of the infrastructure. Over the last few years, I've noticed a few niggling issues every now and again:

  • Group Policy management hangs for no reason at all, particularly when updating file-related policies.
  • Sometimes users lose drive mappings in the middle of the day, or at login, but no network disconnects are noticed.
  • Replicated DFS shares occasionally behave erratically.

It's always DNS, right? No. DNS is fine. Sometimes it would look like the switches were playing up, but I knew that wasn't it. I always suspected it was all to do with unbinding IPv6.

I'd filed this away somewhere in the back of my head, but I noticed the issues with file shares dropping were much more pronounced on Windows 10 clients, which I was rolling out recently. So, having a slightly quieter day a couple of weeks ago (few and far between when you're working on your own), and just before I was due to go on holiday for a week, I jumped on file server, the DCs and a few of the other important servers and bound the IPv6 adaptors on them. Then I completely forgot about it.

And then today, I suddenly realised, all those issues had disappeared.

The moral of the story: if you're going to change default configuration, do your homework first. Don't read any old guy's post on the Internet and take it as gospel (least of all, mine!)

That's the main reason I post that story here. Of course, there is one other – it's one of those occasions when it's satisfying to find out your instinct is right, but it's not something any of my users will ever realise (or care about).

submitted by /u/NoelSlevin
[link] [comments]

Pages