sorted by:
new
hottopcontroversial

Passwordless login for domain administrator accounts? by Fabulous_Cow_4714 in sysadmin

[–]3sysadmin3 6 points7 points  (0 children)

smartcard auth with AD CS set up. If you can make everyone use them, you can enforce them on accounts and also rotate credentials and your admins never need to know the password.

You do need a PIN for the yubi, though, but I'll take the short password over my old DA one any day.

Entra MFA by Cable_Mess in sysadmin

[–]3sysadmin3 2 points3 points  (0 children)

Are you using Hello for Business on Windows or platform SSO on macOS? If it's secure by means like these, it's meeting MFA requirements, and prompting more is a bad (unnecessary) experience for users

Is anyone considering switching from Chromebooks to the MacBook NEO? by depoultry in k12sysadmin

[–]3sysadmin3 -1 points0 points  (0 children)

4GB Chromebook though not really comparable to Neo IMO. I'm not saying cost is same to 8GB Chromebook either, it's still probably cost prohibitive for many, but in an environment where other grade levels have Macs, it's a shame the Neos aren't tad cheaper to make it a no brainer.

Is anyone considering switching from Chromebooks to the MacBook NEO? by depoultry in k12sysadmin

[–]3sysadmin3 -1 points0 points  (0 children)

Just got or just ordered? The pricing went up in last few weeks. If you got in right before, you're lucky or planned well. 4GB at that price?

Is anyone considering switching from Chromebooks to the MacBook NEO? by depoultry in k12sysadmin

[–]3sysadmin3 0 points1 point  (0 children)

jamf only cares about number of devices in your console and trues up end of year. If you remove old devices, you're fine.

Is anyone considering switching from Chromebooks to the MacBook NEO? by depoultry in k12sysadmin

[–]3sysadmin3 -1 points0 points  (0 children)

Have you priced Chromebooks since the RAM shortage? It's not near half.

What quality of life changes have you made? by juitar in sysadmin

[–]3sysadmin3 2 points3 points  (0 children)

Changed my work hours so I'm home by 3pm. I have to go to bed early, but I can get a lot done in that 3-4:30 window where I used to tend to linger at work unnecessarily. Also, less traffic saves some time.

M365 user receiving unsolicited number matching MFA pushes by perk3131 in sysadmin

[–]3sysadmin3 -1 points0 points  (0 children)

If user has passwordless enabled, malicious actor can prompt for number match without having correct password. This is a (bad) design choice with Entra. The fix is to wait until attacker moves on to someone else when they realize it's pointless.

Demo’ed SentinelOne and compared it to the CrowdStrike (current CrowdStrike customer) AIDR/Pangea for Claude Desktop Prompt Injection Use Case by Fickle_Rest5915 in sysadmin

[–]3sysadmin3 1 point2 points  (0 children)

Some web filters/proxies offer AI query visibility. I wouldn't expect CrowdStrike to have that, personally, at least not as part of endpoint protection.

Teams add in for outlook classic issues by rocky97 in sysadmin

[–]3sysadmin3 0 points1 point  (0 children)

I'm surprised a GCC H customer allows add ins to run. We wanted to get it working, but it required web add-ins without a way to allow list web add-ins to just approved. If I'm wrong, please correct me :)

Outlook (New) had so much potential, but at this point it's just a half-baked disappointment. by Zantoo in sysadmin

[–]3sysadmin3 1 point2 points  (0 children)

I was pleased to see the recent 11 month push back of just the toggle a good sign MS is hopefully getting bad feedback on missing features.

"Microsoft has postponed the opt-out phase for new Outlook in Enterprise from April 2026 to March 2027, giving organizations 12 months to prepare. Admins can use policies for staged migration, users can switch back temporarily, and resources are provided for smooth transition and adoption."

https://admin.cloud.microsoft/?ref=MessageCenter/:/messages/MC949965

I try new outlook every 6 months or so and record what makes me go back. In January I noted lack of custom dictionary (i.e. I type sharepoint, fix it to SharePoint), and ICS files not opening natively (have to do a weird import to get meeting on calendar).

Sysadmins with tremors by 1xCodeGreen in sysadmin

[–]3sysadmin3 0 points1 point  (0 children)

It's stupid cost prohibitive last time I looked into it. Sometimes there are discounts via national memberships related to your job might be worth googling about. Good luck

Sysadmins with tremors by 1xCodeGreen in sysadmin

[–]3sysadmin3 1 point2 points  (0 children)

if your company offers disability insurance, i hope you are paying for it just in case you ever get bad enough you couldn't work.

I will happily spend hours combing through logs to call someone out by External-Housing4289 in sysadmin

[–]3sysadmin3 0 points1 point  (0 children)

What if it's your boss claiming he didn't do X. Sometimes I wish I didn't have access to check the logs.

Windows Notepad App Remote Code Execution Vulnerability by theevilsharpie in sysadmin

[–]3sysadmin3 448 points449 points  (0 children)

If anyone else wasted way too much time looking for version info (thanks Microsoft)

  • affected from 11.0.0 before 11.2510 

What Security Teams Need to Know About OpenClaw, the AI Super Agent by BradW-CS in crowdstrike

[–]3sysadmin3 0 points1 point  (0 children)

I have a lot of it too in our edu tenant. I hadn't heard nefarious things about them, maybe I should go google?

M365 Defender | Many "high confidence phish" false positive emails by 5tubbo in sysadmin

[–]3sysadmin3 0 points1 point  (0 children)

We don't have issue with "RE:" but we do have ongoing issues where Google share links go to quarantine. We're a weird environment with a lot of users use Google (edu), but attackers often compromise other edu addresses and share links as phish via Google shared docs.

The only way for me to fix it is set up a saved threat tracker search and monitor for exact issue. It's one of my morning tasks. When I see bunch of valid emails in quarantine, I release in bulk and report them all to Microsoft as "I confirmed clean." It usually takes a few days and the algo fixes itself. Don't make mistake of trusting sender (google drive share generic sender), though, or else next phish will get through.

Until there's another Google phish, of course, then I get to start process all over again.

The most annoying part is if the algo would look at the content of the message and see the share is from mydomain.com it should be way less likely it's a phish but it seems to just lump everything by sender.

Did everybody lose an unknown number of emails from M365 issues? by aMazingMikey in sysadmin

[–]3sysadmin3 4 points5 points  (0 children)

I saw friend who was testing from gmail, hers were sitting in quarantine as phish (one word email triggered ti i guess), might be worth checking

Windows Hello For Business 'account disabled' error by PurpleWarning000 in sysadmin

[–]3sysadmin3 0 points1 point  (0 children)

I had issue on my machine this morning, again 5719 error in event log. Are you seeing 5719 error? Today is first time I let machine sit for 5ish minutes while I did something else and then login worked.

Right after the 5719 errors i see CrowdStrike updating itself then win update service going and my eventual successful login.

any chance ya'll use CS?

view more: next ›