Press J to jump to the feed. Press question mark to learn the rest of the keyboard shortcuts
Posted by
Master of All Trades
15 hours ago
Stickied postModerator of r/sysadmin

Thickheaded Thursday - July 19, 2018

Howdy, /r/sysadmin!

It's that time of the week, Thickheaded Thursday! This is a safe (mostly) judgement-free environment for all of your questions and stories, no matter how silly you think they are. Anybody can answer questions! My name is AutoModerator and I've taken over responsibility for posting these weekly threads so you don't have to worry about anything except your comments!

Posted by
Moderator | Bravely using
9 days ago
Stickied postModerator of r/sysadmin

Patch Tuesday Megathread (2018-07-10)

Hello r/sysadmin, I'm AutoModerator u/Highlord_Fox, and welcome to this month's Patch Megathread!

This is the (mostly) safe location to talk about the latest patches, updates, and releases. We put this thread into place to help gather all the information about this month's updates: What is fixed, what broke, what got released and should have been caught in QA, etc. We do this both to keep clutter out of the subreddit, and provide you, the dear reader, a singular resource to read.

For those of you who wish to review prior Megathreads, you can do so here.

While this thread is timed to coincide with Microsoft's Patch Tuesday, feel free to discuss any patches, updates, and releases, regardless of the company or product.

Remember the rules of safe patching:

  • Deploy to a test/dev environment before prod.
  • Deploy to a pilot/test group before the whole org.
  • Have a plan to roll back if something doesn't work.
  • Test, test, and test!

1.5 years ago r/sysadmin helped create the Free MailFlow Monitor. What should we build next (to offer for free)?

Hi r/sysadmin,

1.5 years ago, you helped create the idea for our free MailFlow Monitor for SysAdmins ( a free solution to observe an organizations mail flow 24/7 and alert the SysAdmin to problems via text message etc), which is now on it’s second version ( and monitoring over 500k mailboxes each 5 mins.

We’re now turning our attention to what we should include next (for Free) to add more value. We’re interested in creating a wider free platform, that incorporates a number of free tools / services for SysAdmins. Our initial idea is to add daily free domain blacklist monitoring / alerts within the platform, but after a team discussion we thought, why the heck haven’t we asked r/sysadmin yet?!


a) What do you think of free regular (ideally every 1-3 days) blacklist monitoring?

and b) What else would you like to see included that would make your day better? What is typically a paid service that shouldn’t be? What would be unique / better / different? 

For background:

Edit: Grammer.


Detailed OS Deployment Reporting from Configuration Manager with Callisto

Callisto is the HTML 5 dashboard and reporting solution for System Center.

In the latest Callisto release we've added interactive reporting of live Task Sequence statistics to the capabilities Callisto already has around inventory, compliance and status.

The OS Deployment dashboards give you a detailed view of the performance of Configuration Manager OS deployment at a glance, with filtering by Task Sequence, date range and collection.

We display the completion statistics for all Task Sequence executions, show the maximum, minimum and average completion times by day, allow you to filter and view any errors live and show the most common task sequence errors.

Our customers love these features for technical staff, project managers and departmental managers to keep on top of the Windows 10 OS refresh work.

Please register for a fully-featured free trial at pricing as low as $0.50 per seat per year .

Posted by
Professional Looker up of Things
10 hours agoGilded2

[RANT] Flat Design and WebUIs are a cancer on the industry and need to die

Ok first of all if you aren't familiar with the concept of Flat Design or Swiss design:

You've definitely used something made with flat design, be it Windows, and iPhone, or a website, there is no escaping it. It's the current bandwagon design trend of a minimized interface, 2D or flat objects, and limited color that everyone seems to be jumping on lately. This design trend has been influencing websites and application design for years now but all it's doing is ruining the internet and making our lives worse.

The majority of websites have started to design based on philosophies originating from Windows 8 in order to give the same experience over all devices. But when that experience is awful to begin with it spreads to other sites like a disease. Reddit included, I almost forget since I have my preferences set to display 'old' Reddit.

Flat design leads to uninteresting and difficult to use websites and applications.

Grey text you can't read, and can't tell if it's a link or not

Bland Icons that often you can't tell if it's actually an icon

So you might be thinking at this point "Is this really that bad? Or this guy just complaining because he thinks it's ugly?"

Well yes... but there's more!

Flat Design has actually be proven to make the day-to-day experience worse for users.

While there is a noticeably improved learning curve for younger people using an application for the first time, flat design makes things worse for experienced users. Experts have referred to this as the lab rat phenomenon where rats will do the same action over and over again if they receive food. It's not that younger users are more likely to 'get' a flat interface, it's that they are more likely keep clicking randomly on things until they can make it work. That's not good UI design, it's stupidity.

Real world tests have shown that users on average spend 22% more time using applications and sites that use flat UI designs. That means that each site and program that switches to a Flat Design philosophy averages a 22% productivity loss because the interface isn't intuitive enough. 22%! How is this an improvement?

Apply this to Windows, MS Office or your in house ERP system and something interesting happens... If everyone in your company has a 22% productivity loss because of a bad UI on a desktop that's pretty bad!

Given that much of my own expertise in industry is related to hardware + application performance this fact REALLY offends me. Designers are practically shooting guys like me in the foot by doing this. How can I be expected to optimize a system to its most efficient state when you insist on using a design philosophy who's greatest advantage is based on the fact that young kids are prone to randomly clicking on shit until something happens?

But Flat Design is only part of the rant... the other half of this is the industries push to using WebUI's for everything. This trend of making everything web-based and operating system agnostic at the price of performance and usability.

All these interfaces that I use on a day-to-day basis, 2012 Server manager, VMware, Exchange, Azure, O365, you name it are basically webUIs built on top of a scripting language, so everything we do is mirrored in PowerShell. So what we get are tools that take forever to load, can't manipulate half the settings, and run like shit. This just encourages us to use PowerShell directly.

Which brings me to my next point...

When your interface only serves to encourage users to learn your command-line, then you have utterly failed at designing your interface.

And for what? So my network admin with a Mac can manage exchange with Safari? WHO CARES!?

VMware immediately comes to mind with that terrible WebUI of there's. I love VMware as a platform, but as a consultant I have different perspective on this because I have to use obsolete versions like ESX 3.5 + 4 side-by-side with Vsphere 5+6 all the time. And you know what? Even with all the improvements with HTML5 in v6 (what the heck were they thinking using flash!?) The WebGUI still SUCKS. It takes me twice as long to perform even basic tasks in the WebGUI and for what? So my boss can open the Vsphere console on his iPad once a month? F*** him, I have work to do.

And the industry just turns a blind eye to these issues. It feels like their solution is to ignore the problem until people forget what interfaces used to feel like. At a previous VMworld the CEO talked about depreciating the C# client and asked the crowd who among them was using the webgui and only a handful of people in a room filled to capacity put their hands up. Hello Mr CEO something is not right here! To this day the #1 largest forum thread in the VMware community is a constantly rolling set of complaints about the webUI. They've had years to get it right but realistically they won't be able too because a webUI built over a scripting language is a fundamentally flawed concept. But no sign at all that VMware will capitulate and just release a new version of the old C# client...

How did the industry as a whole make such a cataclysmic wrong turn on UI design?

When and how did we decide that all this was a good idea?

Being curious I researched this a tad... back in 2006 Microsoft started developing the idea of minimalist 'Swiss Design' into what eventually became the Metro design language that started on the Zune and soon infected the XBox and Windows 8.

Yes, this thing, this stupid thing has ruined everything. Its claws reach back from the grave with un-intended consequences that stretch over the past decade.

So there you have it, all of our modern UI design woes can and the ruination of website design can be traced back to a failed MP3 player. Which begs the question, why the hell are UI design decisions made for an MP3 player influencing desktops and servers?

Well it's simple, Microsoft jumped on the mobile device bandwagon. The problem is they went too damn far. Instead of developing something just for mobile devices they jumped ahead and decided that all desktops, Tablets, Xboxes and even Servers would use mobile platform design ideas in their UI's. A forward thinking idea based on this idea of platform independence. But you know what? After 10 years of living in this reality I've decided that I don't give a shit that I can load VMware on my iPad, because the price we've had too pay for that flexibility is too damn high.

If I'm running a Windows server, I'm going to manage it from a Windows machine.

Why should my Desktop experience have to suffer due to the inadequacies of your tablet? Shouldn't we be spending our time making tablets better instead?

Desktop users want a desktop experience. I don't give a shit that I can now manage your platform on my iPhone, I want an efficient and fully functional UI!

I accept the fact that the mobile app version of your software won't have as many features as the desktop version, I know that mobile hardware has its limits. But why does my PC experience have to suffer so that you can make the app look like the mobile version? I DON'T CARE!

When Windows 8 came out I was told I would get used to it and start to like the interface. Well it's been 6 years since Windows 8 came out and I still hate it. That insipid Metro interface has influenced everything that has come since. And as if being useless and ugly to look at wasn't bad enough, they won't stop pushing web-based UI concepts down our throats.

I could rant about Windows 8 specifically for hours but instead I'll just point out the Elephant in the room:

This is a terrible interface And everything that has come since has not significantly improved on it.


I remember joking at the time that Microsoft already had a great tablet interface, Windows 3.1. Now bear with me for a sec, look at this and tell me this doesn't look like an 8-bit iPad?

Why the hell didn't they develop something like that instead of the crap that we got? And why did that have to ruin my experience on a server?

If only we could have a clever interface where all our applications could be listed alphabetically and be sorted into groups automatically when they are installed. All the applications installed on your machine would be organized and listed accessible by a single click. To open this hypothetical menu we could have a single button that you 'start' with. We could call it a <start menu>.

No more typing the name of the app to pull it up, assuming the search function works at all and doesn't pull up some random app like RDP when you want cmd, or a Bing search instead of what you are looking for. Or how about not having to hunt through Add Remove Programs or the Program Files directory to see applications are installed on the machine, then hunting down the relevant exe's to make a shortcut.

For the record I just install on my personal PCs, that way I can use my computer like a human being again.

and then there was server 2012...


Once again an experienced Admin might argue that you can use powershell, or the remote utilities to manage a server instead. But once again I'll point out that if your interface encourages your users to use other methods to manage a server, they you have utterly failed at UI design.

All these powershell overlay utilities we get nowadays drive me up the wall. For all the new features and improvements that came with Server 2012, they sure did a number on completely ruining the interface. What's worse is that's it's only a half-measure. So many of the built-in management tools still use the old consoles and haven't been integrated with Server Manager so you still have to flip between the two constantly and most of them aren't tuned to work with the UI. Every time I open server manager it's click > wait for the hidden powershell instance to query stuff. It's 2018 and our server interfaces run slower than they did 10 years ago.

Microsoft are the worst offenders, but they are by no means the only ones...

VMware, Apple, Adobe, Amazon AWS,, they've all jumped on the flat design bandwagon and taken perfectly good (sometimes only reasonable) interfaces and completely ruined them.

Skype v8 is the latest major casualty of this design philosophy. Of course they got bought by Microsoft so now the application has to jump on the Flat Design / Metro bandwagon as well. What was once a nice GUI is now a terribly over simplified UI reduced to a shell of it's previous existence. Unintuitive, unimaginative, missing a ton of features, and completely redesigning the interface for no good reason other than make it look like everything else that Microsoft squeezes out.

But at least they used a lot of color in Skype 8, hence the unofficial version code-name 'Clown Vomit'

This whole experiment has devolved into a self perpetuating sunk costs fallacy where the industry has become so invested in developing these fundamentally flawed concepts that now they feel they can't dig themselves out.

How long are we expected as admins and power users to have to suffer through bad UI design decisions because Microsoft and other vendors hire holier than thou designers that care more about looks and trends than performance and functionality all the while insisting on staying the course and saving face instead of admiting that this whole experiment has been a miserable failure and is so fundamentally flawed that there just isn't any way to save it.

Where’s the creativity and performance gone, and when will it return?



You guys probably already know about "ping -a" and "ping -A"

But if you don't, use it like this:

This will beep every time it gets a ping back:

ping -a 

This will beep if it misses a ping:

ping -A    

This is very useful when you're monitoring a node and waiting for it to come back online or to be able to hear when a packet is dropped.

(tested on some Linux and MacOS)

Posted by
12 hours ago

Microsoft now inserting ads into Windows 10 Mail App

Microsoft's now inserting ads into the Windows 10 Mail App. This apparently is in versions, Home, Pro and Enterprise. I'm not sure about education.

I highly doubt anyone is using Windows 10 Mail in their work environments but I had been using it at home. I'm not too sure if I will anymore.


Awesome Sysadmin

A curated list of amazingly awesome open source sysadmin resources.


Dell RAID error message: Foreign configuration found on adapter

See screenshot Dell PowerEdge R720

This message appears every time the server boots and the server won't continue until I press any key to continue.

"Foreign configuration(s) found on adapter Press any key to continue or 'C' to load the configuration utility, or 'F' to import foreign configuration(s) and continue.

Some configured disks have been removed from your system, or aree no longer accessible. Please check your cables and also ensure all disks are present, Press any key to continue, or 'C' to load the configuration utility."

How do I stop this message from stopping the boot process?

I had a failed disk in the RAID that I replaced with exactly the same one and this message still appears after I replaced the disk.

Should I press C or F or do something else to stop this message?

Thank you


Find and Kill Skype


I am still a 1st/2nd Line helpdesk person with a special intrest in Powershell. I have been asked by our IT Infastructure manager to find a way to hunt down and delete/uninstall every installation of Skype excluding Skype for Buissness.

We do not have a deployment system like SCCM, and there are various versions of skype installed that have been put in ad-hoc over the years over a number of types of devices. I think at one point they may have been on our laptop image.

What is the best way to do this? GPO? Logon script? WMIC?

EDIT: We have ~150 devices which are running windows 7


Career Progression - sysadmin

I have a problem and I need advice. A little bit of context to start; I work in ITServices and this team is split between service desk (the team I'm on) and infrastructure (the team I want to move to).The issue is that I work in a remote office and away from the rest of the infrastructure team. I have spoken to the infrastructure manager and showed interest in picking up simple pieces of infrastructure work, to just help grow my knowledge. The manager was totally on board with this and was excited that I was showing interest. Now the problem is, when I ask members of the infrastructure team if I can help with anything, they essentially ignore me and there is nothing I can really do about it. At the end of the day I just want to learn so that I can move on but due to being away and in a remote office, it's difficult trying to actually get any work thrown my way. Does anyone have some sort of advice?


Symantec Client MAnagement Suite

I moved jobs and left behind Symantecs Client Management Suite about 3 years ago and hadn't touched it since. I just downloaded the latest version to have a look and play, and to my horror its still just a bad/clunky. How can this ever compete with SCCM.

Posted by
Jack of All Trades
2 hours ago

A little statistic: Sysadmin Vs Programmer

I must be honest, I like doing Sysadmin things: resolve issues, monitor my network, implement new things, resolve issues, get in touch with new technologies, resolve issues, learn new things, resolve issues and so on.

I do not like programming. At all.

I have learned and forgotted C++. I can script in powershell but, if I can, I still use "windows" of Windows... main reason cause I had choose the MS path 20 years ago. Ok now Windows is becoming Linux so I will script more ... not that this make me very happy, but I can live with it (must).

I'm the only one that not like programming here ?


Must-read books for unix sysadmins

Im a young sysadmin and mostly administrating rhel and centOS machines. Are there any books you guys can recommend? I consider myself as not a newbie anymore, so the Book should apply to advanced or professionals admins. Thanks in advance guys


Logon Script to set Inheritable Permissions


I'm looking for a script or a tool that will take a group of folders and take ownership of everything inside, enable inheritance on everything, and then set ownership of the folder back to the original owner. Preferably a login script of some sort which would be fairly "easy" since you don't need to take ownership of the files. But I don't want to cause any issues for the currently logged in user - especially if the permissions are good to go. But the issue where our folder structure is default not set to inherit permissions is a pain.

I originally tried to do something like the below, but it didn't really have the effect I wanted if I remember correctly as a login script. I'm not 100% sure. Not super great with icacls.

icacls \\Server\UserDir\EID /q /c /t /reset
icacls \\Server\UserDir\EID /grant:r "CREATOR OWNER":(OI)(CI)F /grant:r "Security Group":(OI)(CI)F
icacls \\Server\UserDir\EID /inheritance:e

echo 2 > "C:\Temp\I RAN.txt"

Thank you.


Deploying Unlicensed Windows VMs?

I am working on getting WDS/MDT set up. I have a volume license, and all of my PCs have an OEM license, so I know that everything is fine there.

In addition to doing it all legitimate as above, is there any issue if I have another option to deploy Windows without a license? The idea would be for developers to be able to PXE boot a virtual machine to get a temporary copy of Windows for application testing. This wouldn't be for real everyday use, and the Windows installs would self-destruct after a period of time (90 days I think?), just to be able to test our application against different versions of Windows.


Physical Security

From time to time, friends of mine forget their windows password. They ask me to do a format. I tell them that I can do something better. I use an offline registry editor to reset the password in less than 10 minutes.

What is stopping employees from doing this to their work computers? Is it just security through obscurity? Is it just that they don't know how to do this?



Anybody else having users who cannot open Outlook 2016? Only seems to be happening on Win 7 computers. All the usual repairs, new profiles, channel change/force update/downgrade, etc. Does not seem to be working...

Posted by
Windows Admin
7 hours ago

Zebra printer recall

Looks like a batch of Zebra power supplies are bad.

[bleep] printers.

Posted by
Squirrel Herder
14 hours ago

Google has posted the post-mortem of the GCP service interruption yesterday [2018-07-17]

TL;DR: A bug in a config change they were working on caused the devices in one of their LB layers to repeatedly reboot.


What was your "F$!k this, I'm done." moment?

The straw that broke the camels back, so to speak. The one ticket too many, the user that just asked for too much that made you say "I'm done".


Getting a 403 on an ErrorDocument supposed to handle the 403

Hey guys,

So I am trying to get apache to display a custom 403 page, I need it to do this because there is white listing and the 403 is regularly encountered and I would like it to look nice. The only problem is is that I am also getting a 403 on the ErrorDocument that is meant to handle it. Now just for reference I have tried adding it before and after the white listing but to no evail any info would be much appreciated.


Wifi Management for Residential Property

I'm looking for some general feedback on being able to implement Free WiFi for a residential property, where the users are able to connect and receive a certain allotment of traffic per month for free - after which point the service is severely throttled or they are asked to upgrade. It is also (obviously) imperative that each user/suite receives a separate VLAN segregation to keep things secure.

I have heard that there are appliances or other methods of accomplishing this?

NOTE: I am NOT looking for WiFi hardware, Ubiquity hardware, or any WiFi manufacturer recommendations... just the back-end side of things for management of such a network.



Has anyone used ZixProtext and/or ZixArchive for email security?

Seems like these are new advanced threat and archiving solutions from Zix, which is known for their email encryption. Has anyone had experiences or heard about these solutions (I think ZixProtect is also known as SpamStopsHere) ? How does the functionality compare with that of Proofpoints, Mimecast, Microsoft etc.? What about price? Any weaknesses/negatives?


It's probably been said before, but F Windows 10

I'm so sick of this f'ing OS bricking laptops with updates and just being a general pile of sh!t to support. So much potential to be great, but so many reasons why it isn't. Wouldn't be so bad if vendors still made W7 drivers, but no. I'm forced to hand out and support this dumpster fire of an OS.



VOIP in Belarus

Recently I've been asked to help setup one of our Support agents who is located in Belarus. The idea would be that this agent would help promote our 24x7 support. I went to our current phone provider and got a virtual number to forward to a phone for the agent. However, after sending the phone, I was informed that all VOIP devices or software with a dedicated phone number and the possibility of international calls (incoming or outgoing) are outlawed in Belarus. I don't necessarily want to skirt the rules, but is there any way around something like this? My thought was to drop a landline in, or give the agent a cell phone and forward our virtual number to that, but I think international calling via landline can get pricey as well as with a cell phone.

Any ideas on how to work around this?


Anyone else using BBB on Dell Data Domain with Networker and know how to tweak settings for quicker recovery times?

So, we recently forked over a ridiculous sum of cash for Dell EMC's backup solution, the Data Domain with Networker suite, after we were promised the moon for features. After slowly realizing that we were oversold and over-promised (and after a nearly 6 month long implementation process just to get things actually working), we are attempting our first test recovery to a staging space. It is going terribly...

We have a windows SMB share with ~250 TB of data compressed onto a 30 TB volume with Windows Dedup. We are taking block based snapshots of the volume with Networker, so recovery should re-write the entire volume as it presently is, chunk store and file references in place. This option was selected to prevent having to re-hydrate files, restore them back to the original location, and let Windows re-dedup them back down again. It was supposed to be a much quicker option according to the sales engineers I worked with when originally considering the purchase.

I am attempting a restore to a staging location and the speed the restore is running at will take probably 6+ weeks to restore. This is obviously not going to be an option if we are restoring a vital component of our network. I could mount the volume and use a robocopy script, pausing and waiting for Windows to dedup the volume in between sessions, with faster results. Dell support and engineering just kind of shrugs at me and says that's the way it is. I'm not sure how anyone can think this is an acceptable recovery solution.

Has anyone else implemented a similar backup and recovery scenario and found any handy tweaks or settings to speed up recovery time?


So today I explained my manager what a VMWare Datastore is

We have this so-called "Win" project tracking system, so when you go to a meeting, you set your "Win" for that day and you are commited to finish it by tomorrow. For me, this is a way for us saying: Hey management, you think we do nothing, here is the proof, we are doing something. Long story short, I put this: Datastore strategy planning for new system. The manager then asks me: What is a datastore? And then I told him: Virtual machine is like beer bottle, datastore is like a six-pack, or could be larger, and there are many sizes of beer bottles and many sizes of packs as well. Storage is like a warehouse full of beer packs. So we would have to plan how big of a pack we need, because we have too many different bottles. He was delighted to hear such a metaphore. And everyone was laughing. I was laughing as well, and crying inside a little bit.

Community Details





A reddit dedicated to the profession of Computer System Administration.

Create Post
r/sysadmin Rules
Your account must be 24 hours old in order to post
Be professional in conduct.
Do not expressly advertise your product.
No Low-quality content.
Associated Subreddits

41,217 subscribers


4,072 subscribers


11,459 subscribers

Useful Links

A collection of useful references

Permanently Banned
Master of All Trades
Standalone SysAdmin
Moderator | Bravely using
Moderator | Infrastructure Architect
Systems Architect
It is always DNS
Trusted VAR
Cookies help us deliver our Services. By using our Services or clicking I agree, you agree to our use of cookies. Learn More.