FlickKnocker

Worried for the future due to AI

Posted by DeniedNetwork@reddit | sysadmin | View on Reddit | 119 comments

FlickKnocker@reddit

Have you actually used AI to do anything remotely challenging? If so, you’ll know why you shouldn’t be concerned. It’s just parroting out of context fodder it picked up from stack overflow/server fault/ reddit, and if you’ve been doing this long enough, you’ll know that those sources are only a small part of the process, and context is king, always.

Snapped in a postmortem this morning and now nobody's putting me on the followup invites

Posted by Prize-Mycologist4340@reddit | sysadmin | View on Reddit | 242 comments

Intune is not fit for purpose.

Posted by Hobbit_Hardcase@reddit | sysadmin | View on Reddit | 445 comments

SMB stopped working mid-day

Posted by Illustrious-Bug-8015@reddit | sysadmin | View on Reddit | 55 comments

Considering of pivoting to an MSP from Internal IT

Posted by Majestic-Home2021@reddit | sysadmin | View on Reddit | 77 comments

FlickKnocker@reddit

The narrative on here is that MSPs are prison planets where you're whipped by Ferengis all day mining dilithium crystals, but that's not always true. There are good MSPs and bad MSPs, just as there are good companies and bad companies to work for. Since you're a specialist and presumably you want to keep it that way, you'll have a great opportunity to be exposed to many different clients and industry verticals, all with different business goals, constraints, and challenges, which translates to new and interesting opportunities for you and the MSP. But you'll also get a chance to do *other* things, like networking, server builds/workloads, security, and so on, because unless it's a really large MSP, many hands make light work, so you'll come out of it more well-rounded. I would say that it really helps if you're well-socialized and enjoy personal interactions to work at an MSP. You don't have to be the life of the party, but being comfortable with small talk, having empathy and wanting to understand the business and where they're coming from will go a long way to helping your career.

Looking for a free, simple self-hosted, ideally scalable ticketing solution to use by myself

Posted by tylerderped@reddit | sysadmin | View on Reddit | 62 comments

FlickKnocker@reddit

We used Request Tracker years ago, been around for decades. Open source/community edition still. [https://github.com/bestpractical/rt](https://github.com/bestpractical/rt) We had some custom email actions so you could take tickets by simply forwarding to taketicket@ and it was an alias for the ticketing system, which would assign it to you. closeticket@ would close the ticket, etc. Handy in Blackberry days, but still a nice feature.

Legit Microsoft Contractor or MSP trying to sneak in?

Posted by Adventurous-View-108@reddit | sysadmin | View on Reddit | 53 comments

Looking for a free, simple self-hosted, ideally scalable ticketing solution to use by myself

Posted by tylerderped@reddit | sysadmin | View on Reddit | 62 comments

FlickKnocker@reddit

your boss is a myopic dumbass. Pretty much every ticket system can slide in and support email right away, so if you're using a helpdesk@ email address already, you can slot in the ticket system and they won't even notice it, other than the subject line now has a ticket # in it. Makes life better for everyone, including the end-users, for when you can search on an issue and find out the history behind it, without having to waste time reinventing the wheel or repeating steps that have already been tried.

Legit Microsoft Contractor or MSP trying to sneak in?

Posted by Adventurous-View-108@reddit | sysadmin | View on Reddit | 53 comments

Legit Microsoft Contractor or MSP trying to sneak in?

Posted by Adventurous-View-108@reddit | sysadmin | View on Reddit | 53 comments

FlickKnocker@reddit

The V- signifies they are a 3rd-party vendor on contract from Microsoft to solicit business from you, usually to cross-sell/up-sell you on 365 licenses, and typically disguised as a "voluntary audit". Microsoft used to do real involuntary audits years ago, but they softened their approach, and now hire out. You can safely ignore. We put in spam filter rules to automatically punt v-\*@microsoft.com to quarantine.

Small business running SQL Server 2016 on EverRun (EOL July 13, 2026). Need to upgrade software ASAP. Planning a hardware upgrade later. Looking for advice on the best path forward.

Posted by Desperate_Struggle18@reddit | sysadmin | View on Reddit | 11 comments

FlickKnocker@reddit

No idea what EverRun is, never heard of it. Make sure backups are successful. I'd do another full backup in SQL Management Studio. I'd personally pick a fully-dark maintenance weekend and scale down resources on the current production environment to give you enough room to restore to your new VM running SQL 2022. You should be able to power down old production VM, re-assign resources to new VM, power it up, test it thoroughly (also keep in mind that the connection string will have a new hostname to contend with on each of the workstations; not sure how that's handled, but I'd have a ticket open with your ERP vendor already).

we restored on a server with no backup; we lost everything between 2023 and 2026. Ducking help, please.

Posted by Shoddy-Calendar-4319@reddit | sysadmin | View on Reddit | 181 comments

FlickKnocker@reddit

Tell them to cease working on it immediately, call a data recovery expert and your lawyer, because this could be an extinction event for the firm. I would start a salvage op of everyone's desktop, email (attachments), Documents folders, OneDrive, whatever you can.

Consumer tablets are driving me insane in warehouse environments.

Posted by TheDryShaving94@reddit | sysadmin | View on Reddit | 54 comments

FlickKnocker@reddit

Most of the major tier 1 guys make a ruggedized tablet with solid warranty options. Tell management you want to buy one and give it to your heaviest hitters and see how it fares. If it survives a lifecycle, it's worth it.

Venting about vendors who don't want to give any info without dragging me in to hours of meetings...

Posted by computerlove87@reddit | sysadmin | View on Reddit | 48 comments

Most SMB environments I see don’t actually lack security tools, they lack visibility

Posted by ExcellentSector3561@reddit | sysadmin | View on Reddit | 7 comments

Replicating on prem to Cloud based

Posted by Lonecoon@reddit | sysadmin | View on Reddit | 7 comments

FlickKnocker@reddit

It may make more sense in the short to mid term for Company B to purchase Company A's IT assets, and they're using them now successfully. Once the dust is settled (and you've decommissioned/archived what isn't necessary anymore), you can then plan to modernize Company B with Microsoft cloud services.

Our cybersec team are getting onto us about all our servers having web browsers installed.

Posted by stone500@reddit | sysadmin | View on Reddit | 594 comments

FlickKnocker@reddit

How you could read a log file and not be technical... I'd even go as far as say technical with dev experience for a lot of logs as raw output can sometimes just be whatever the native logging facilities are for whatever it is that's generating the logs.

Left MSP for Internal IT - Early Thoughts

Posted by tdiz009@reddit | sysadmin | View on Reddit | 87 comments

We invested in automation… so why does it still feel like manual work?

Posted by Such_Rhubarb8095@reddit | sysadmin | View on Reddit | 89 comments

FlickKnocker@reddit

Since the dawn of time, humans have tried to automate away mundane tasks, but it always requires maintenance/refactoring. Think of the first dudes that hooked a plow to an oxen. It probably worked 80% of the time, but then the plow would break, the ox would kick the guy and kill him, a wolf would eat the baby oxen...

Situation I am currently in as a Sysadmin with 10+ years experience.

Posted by SpecialistTeach9302@reddit | sysadmin | View on Reddit | 70 comments

FlickKnocker@reddit

How much security hardening/baselining are you doing? If you start digging into CIS Controls/NIST for hardening, that should keep you plenty busy. What about on the identity side? Is your MBS (you mean MSP?) also managing 365 threats or are they just coasting along with add/move/changes? Have you created a DR/continuity plan and are you actually testing it? It's easy to slide into firehall mentality where you're sitting around waiting for somebody to bring up an issue, but that's not enough nowadays.

why do clients wait until everything is literally on fire before calling

Posted by cmitsolutions123@reddit | sysadmin | View on Reddit | 83 comments

FlickKnocker@reddit

For a what looks to be a large multi-location MSP... you guys are really making us look bad, and I'm sure your boss isn't happy you posting this either. How did you not have any monitoring setup? All the major server vendors have out-of-band management that can be configured for SNMP/SMTP monitoring/alerting on all physical health components of the server, including thermal. Why is the server accumulating so much dust? Even our agro business clients, we've always made sure that the server was in a climate-controlled room, and rule of thumb is "if you wouldn't want to work in here all day, neither does the server". If the server has been dusty like that 3 times, why aren't you arranging a maintenance window to clean it out with compressed air?

Windows 11 Bitlocker and HP BIOS/UEFI Firmware Updates via Windows Update

Posted by americanconstitution@reddit | sysadmin | View on Reddit | 28 comments

FlickKnocker@reddit

Are you trying to pull from direct link to dell.com? That always crapped out with 403 Forbidden eventually/sometimes/often, so we just store the exe as a package ourselves.

NinjaOne/SentinelOne Replacement for small biz

Posted by jflint@reddit | sysadmin | View on Reddit | 99 comments

NinjaOne/SentinelOne Replacement for small biz

Posted by jflint@reddit | sysadmin | View on Reddit | 99 comments

FlickKnocker@reddit

If you're a 365 shop, I would highly recommend Business Premium, as you get Defender for Business endpoint, Intune/P2, for management/conditional access, which is baseline security for 365 nowadays. For $75 a device, we would typically include all labor (tech support, add/move/change, maintenance) for that price, remote or on-site, under most circumstances, so I think they're probably pricing you out intentionally, as personally, I find dev shops a tough go as there are a lot of power users who just want to do their own thing, right or wrong.

Ideas for a very old crappy software

Posted by phantitox@reddit | sysadmin | View on Reddit | 46 comments

We're Moving To The Cloud, And Already We're Spending 500k A Month... I Can't Help But Wonder What We Could Have Got For On-Prem For 6+ Mil A Year...

Posted by Photo-Josh@reddit | sysadmin | View on Reddit | 396 comments

We're Moving To The Cloud, And Already We're Spending 500k A Month... I Can't Help But Wonder What We Could Have Got For On-Prem For 6+ Mil A Year...

Posted by Photo-Josh@reddit | sysadmin | View on Reddit | 396 comments

FlickKnocker@reddit

Cloud was cheaper when they offered flexibility with terms and commitment, but now it's just like old school software contracts all over again with 1-3 year lock-in, oversubscribing services, everything's an identity/user, with no flexibility.

Another day, another story of shocking price increases.

Posted by cantstandmyownfeed@reddit | sysadmin | View on Reddit | 61 comments

FlickKnocker@reddit

COVID and the "supply chain issues" paved the way for the inhumane, ruthless corporate dysfunctional behavior we see today, and it is only going to get worse as more and more people are replaced with sycophantic agents attempting to placate you at every step of the way.

where are the l1 / l2 techs + generalists going?

Posted by cbl_lbc@reddit | sysadmin | View on Reddit | 89 comments

FlickKnocker@reddit

MSPs, we're still hiring. AI will never replace what we do, but you need to have the right temperament and personality, which is not always easy to come by for those seeking roles in IT.

Ran DR failover test and realized our entire recovery plan assumes Entra ID is still available

Posted by Firm-Goose447@reddit | sysadmin | View on Reddit | 61 comments

FlickKnocker@reddit

If you have RMM, or some kind of endpoint management that's out of band from Entra, you could push local creds and even run ProWiz command line to flip their profile to a local profile. I don't know if that gets you what you need, but at least at that point they're logged into their laptops.

Patching challenges when users turn their computers off every night

Posted by Frequent_Rate9918@reddit | sysadmin | View on Reddit | 172 comments

Is Tailscale a vulnerability to you/org

Posted by FourtyMichaelMichael@reddit | sysadmin | View on Reddit | 32 comments

FlickKnocker@reddit

My concern that nobody seems to talk about, particularly if self-hosting, is what are people doing to harden the control plane from threats? It seems like the ZTNA, at the network layer of the control plane, is just pushing the perimeter somewhere else, so instead of VPN services running on your VPN appliance/firewall at the corporate edge, it's now running on some other box.

Is Tailscale a vulnerability to you/org

Posted by FourtyMichaelMichael@reddit | sysadmin | View on Reddit | 32 comments

Patching challenges when users turn their computers off every night

Posted by Frequent_Rate9918@reddit | sysadmin | View on Reddit | 172 comments

Patching challenges when users turn their computers off every night

Posted by Frequent_Rate9918@reddit | sysadmin | View on Reddit | 172 comments

FlickKnocker@reddit

I know laptops are here to stay, I'm just old and griping about the good ol' days, when at 5pm, you could comfortably do maintenance across the entire fleet and know they were all powered on and ready. Now, it's wack a mole trying to do updates/remediation, and who knows where that laptop is (hint: it's in a bag somewhere).

Patching challenges when users turn their computers off every night

Posted by Frequent_Rate9918@reddit | sysadmin | View on Reddit | 172 comments

FlickKnocker@reddit

I just think as a tool, which is what they are, they're oversubscribed, which leads to higher costs, more downtime, more warranty claims, more accidents, more compliance issues with patching, getting lost/stolen... do I need to continue? For a road warrior, sure, absolutely, have a laptop. For everybody else? Why? You're just siting at a desk all day with it with a dock (that are another cost and are problematic).

Patching challenges when users turn their computers off every night

Posted by Frequent_Rate9918@reddit | sysadmin | View on Reddit | 172 comments

FlickKnocker@reddit

Yup. Loath laptops: everything is one big compromise on them (power/heat/weight/battery life), and 90% of the staff don't need them. Now with costs going through the roof, I'm hoping for more sensible deployments of them in the future. The real kicker is that these people take them home, leave them in the bag overnight, and when you say, "just leave them at the office on the dock" it's "oh, but I might work from home tomorrow.".

I am the only woman in the room

Posted by Terrible_Working_899@reddit | sysadmin | View on Reddit | 1056 comments

HELP: Dell Docking Station Issues

Posted by stasis351@reddit | sysadmin | View on Reddit | 123 comments

FlickKnocker@reddit

It's almost as if laptops and the whole shitty ecosystem they trudge around with them sucks, costs too much, for a big giant dripping sack of compromises... and this old timer misses the days when only 5% of the fleet had laptops and they were road warriors with just had a laptop.

How To Make A Comeback From Software Engineering To IT?

Posted by NoTapGonnaSnap@reddit | sysadmin | View on Reddit | 19 comments

Anyone actually using Entra Domain Services?

Posted by Carefu68@reddit | sysadmin | View on Reddit | 131 comments

FlickKnocker@reddit

Nn on-prem DC can run on half a potato as the core services haven't really changed in decades, particularly if you're just managing file shares/permissions and basic GPO to map drives and what not. You could promote that file server to a DC and toss Windows Server Standard 20xx on an Intel NUC, make it a secondary DC for redundancy, and put it somewhere else in your building for a little bit of physical separation in case of fire/water damage/flooding, etc.

Windows Server just lost all file share permissions

Posted by Clear_Bedroom_4266@reddit | sysadmin | View on Reddit | 46 comments

Windows Server just lost all file share permissions

Posted by Clear_Bedroom_4266@reddit | sysadmin | View on Reddit | 46 comments

Windows Server just lost all file share permissions

Posted by Clear_Bedroom_4266@reddit | sysadmin | View on Reddit | 46 comments

Windows Server just lost all file share permissions

Posted by Clear_Bedroom_4266@reddit | sysadmin | View on Reddit | 46 comments

FlickKnocker@reddit

Yeah, that's all he said he lost. I'm assuming the NTFS permissions (and the files/folders themselves) are intact. I've actually exported those reg keys out and imported into a new file server once when a server died on us.

Windows Server just lost all file share permissions

Posted by Clear_Bedroom_4266@reddit | sysadmin | View on Reddit | 46 comments

FlickKnocker@reddit

Pretty pretty sure they're all stored in the registry here: `HKLM\SYSTEM\CurrentControlSet\Services\LanmanServer\Shares` `I'm assuming you have a systemstate backup somewhere?`

Using DNS split brain for dual homed DC

Posted by FallujahFireAlarm@reddit | sysadmin | View on Reddit | 7 comments

FlickKnocker@reddit

What is typically common is to use a different VLAN/subnet for management IP range, and then in your switch(es), you configure a DHCP relay agent (your DC), which is configured to distribute those IPs. You can create whatever DNS zone your want on your DC, and create A records for those management IPs. None of this requires that DC be multi-homed, but does require that the subnet where your DC (DNS) server is listening, be accessible to the management subnet, at least on UDP/TCP 53, for DNS resolution.

IT support services advice needed (I am small company owner).

Posted by PastorNoFaith@reddit | sysadmin | View on Reddit | 205 comments

FlickKnocker@reddit

Find an MSP who specializes in compliance in your field (HIPAA I imagine). They don't necessarily have to be local either, as boots on the ground is more of a concern when you have a full office and on-prem infrastructure (rack of servers/switches, etc.).

Getting into IT before everything as a service

Posted by saltyschnauzer27@reddit | sysadmin | View on Reddit | 304 comments

After 10+ years in network security, here's the audit checklist I actually use

Posted by Arch0ne@reddit | sysadmin | View on Reddit | 210 comments