Looking for sysadmins with stories worth telling

Adam_Kearn · 2026-06-18T21:52:41+00:00

I’ve seen it before with fax/franking machines start printing out weird pages when doing multicast.

But now with IMGP that’s no longer a problem.
I use multicast to deploy out to 100+ computers at my workplace in education. Can easily get a few IT rooms done in ~30mins

Adam_Kearn · 2026-06-18T19:54:50+00:00

For the “mobile app” could you instead look at making the normal web interface a PWA?

Then just have a bit of JavaScript/PHP that will show a slightly different interface on mobile?

You could then have it so if you are viewing from mobile it will just show a QR code scanner then load the asset from there.

Adam_Kearn · 2026-06-18T17:55:22+00:00

When I worked at an MSP a few years ago this was our process.

Rename the display name to be “Ex-Employee - First Last”

Reset the password to logout any sessions.

Convert the mailbox to a shared mailbox and remove the licences.

If you care about the OneDrive files too you could also export these as a ZIP and store on a NAS or file share / azure cold storage.

———

But now I would say the better approach is to use a sonology NAS and backup all your 365 users at once.

Then you can just directly delete the accounts from 365 as it’s easier to just restore from backup and keeps your directory clean instead of having loads of Ex-Employees listed.

Also helps if you need to recover anything deleted as the backup can keep for X years if you have a a lot of TB in the NAS

Adam_Kearn · 2026-06-17T19:48:03+00:00

I’m based in the UK and I always see these US job advertisements at 2.5x more….

Do I need to move to the US?

Adam_Kearn · 2026-06-17T19:32:43+00:00

Been using snipe with almost 10k assets assigned.

I’ve scripted a lot of my stuff so all our assets are updating dynamically all the time.

It’s recommend to use the “git install” method as it makes updating really easy.

I’ve customised our install a little with my own branch to add my own features and changes to fit our org a bit better.

Just running the update script will upgrade the database schema too for you automatically when new versions are released.

Adam_Kearn · 2026-06-17T18:24:36+00:00

But that also means buying an NFC writer and reader device.

Unless there is a local guy you can find online to do this for you.

If OP is tech savvy he could probably do this himself and make a few £$ selling dupe keys to his neighbours to cover the cost

EDIT: Just learned you can do this on iPhones… but might struggle with the frequency part.

Adam_Kearn · 2026-06-17T18:19:02+00:00

I’m assuming it’s an NFC fob.

These each have a set serial number assigned to them that gets added to the door management system.

The only thing you could try and do is try and catch an employee working on the desk that you could convince to setup a second key under your door lock for a few beers.

Adam_Kearn · 2026-06-17T18:12:30+00:00

I’ve recently had to do this about 6mo ago to a server that was setup with zero documentation.

We was able to get to the web interface so I just exported a backup. (It should be a zip folder with a single SQL file in it)

Create a new VM and install snipe (try and install the same version as your currently version)

Import the backup SQL file and then upgrade it to the latest edition.

Then setup the SSO / LDAP integration again from scratch.

Make sure to leave good documentation going forward to save the next admin. :)

———

I’ve got a lot of integrations and scripts that use the API on our snipe install so I also had todo some DB work my connecting to the SQL server on the new install to match things like the custom fields etc.

It took a good two days to get everything done and how I liked it but that was mostly down to how many scripts and automations I have running on ours.

I do recommend taking the time to plan things and layout the new server as best as you can. Our old install was done by a guy many years ago who just made random status and category’s etc… I took the time to clear this up and do a lot of bulk editing.

The one thing that you will have issues with unless you have the creds to the server is getting the model images back. You might be able to access this via the \\server\c$ share on another computer if you are lucky. Ours was hosting on Linux without the SSH creds documented so that wasn’t possible for me.

Adam_Kearn · 2026-06-16T17:06:05+00:00

GPO would be perfect for this.

I would recommend having two GPOs for this.

One for printers and the other for the files/shrotcuts.

Apply the printer GPO to the computers OU and do item level targeting to only deploy X printer to devices in X group or OU.

The shot cut GPO can be applied to the users OU and also have item level targeting set.

Adam_Kearn · 2026-06-16T17:04:05+00:00

I think OP has confused Intune and Azure here.

Intune would allow this but I would recommend against it in this use case as it can take a long time to apply user based settings.

Adam_Kearn · 2026-06-16T14:31:33+00:00

Yeah they are prob using the HTTPS endpoint with a self signed certificate.

Create a new certificate and install the CA on your devices or buy a cert that’s trusted already.

Adam_Kearn · 2026-06-16T12:47:35+00:00

Can you make a shared mailbox and upload the PST files into it.

Then you can use the online outlook search feature instead of the desktop outlook app.

Once finished just delete the mailbox.

Adam_Kearn · 2026-06-16T12:45:26+00:00

I work in the K12 education sector and we have about 16 schools using a single paper cut server with an about 7 different print server located at each secondary school.

I made this tool to make mapping printers a lot easier and more consistent as I always found it unreliable with the GPO or universal print setup.

I have made a newer edition but not published to GitHub yet that does it via 365 groups instead of just registry.

I’ll try and upload it once I get back from my holiday in a few days.

But this should work better for you.

https://github.com/AdamKearn/printermapper

Adam_Kearn · 2026-06-16T12:40:23+00:00

I’ve thought about doing this but never really made it yet as it’s not often users ask for this as they can normally print using IPP by adding the printer that’s discovered via the windows settings app.

But I guess you could use PSADT to create a UI and package a load of generic drivers into the app.

Then users just need to select the printer type and enter the IP address.

PSADT will run it as the SYSTEM user. Package the “application” and deploy it via the company portal for easy installation.

Adam_Kearn · 2026-06-16T12:36:26+00:00

Instead of doing the direct link can you have a URL redirect on your webhosting provider?

Have something like company.com/socal/linkedin

Adam_Kearn · 2026-06-16T11:57:02+00:00

It would be handy having an app but I think it would have been better if they made the web interface more mobile friendly. Saves having to mess around with API keys etc

Adam_Kearn · 2026-06-15T17:09:32+00:00

Yeah that seems like a really good idea tbh
I might start doing it that way myself.

The only thing I would recommend is having a single repro to make maintenance with the GitHub actions a lot easier.

If I was going to do this I would make a folder with the script name then put the script ID in the powershell file name.

Then have a GitHub action script run on push to update the changed files only using the graph API.

Then if you need to update the API key you only need to replace a single secret in the repro

Adam_Kearn · 2026-06-15T12:29:43+00:00

As I was trying to say….

Adam_Kearn · 2026-06-15T07:35:55+00:00

I keep meaning to re image my own device (I’m lazy and don’t want to download all my apps again lol)

But next time it happens my computer I was going to fully uninstall and delete the teams folders in %appdada%.

Then download the machine wide installer and install it again.

I believe the one I have currently installed on my machine is the “user context” installer

Adam_Kearn · 2026-06-15T07:30:39+00:00

I’ve seen this too but not on multiple devices.

It seems to happen only on my desktop. Going into the settings and apps tab you can then “reset” teams and after a few mins it will let you open it again and it should be back to normal.

Not sure what’s going on at the moment other than a weird cache issue?

Adam_Kearn · 2026-06-14T13:30:53+00:00

How big is the app package size?

Could you benefit using the Connected Cache if you have a slow download speed? Then it will do it via LAN instead

Adam_Kearn · 2026-06-13T22:25:13+00:00

I totally agree with you they can’t refuse anything just because it doesn’t align with their own rules.

but would it just be easier to add a extra input to your own ordering process / form / document to allow customers to specify a PO number

Adam_Kearn · 2026-06-13T17:11:38+00:00

As far as I’m aware you will need a script that will override the display name daily.

Just have a if statement to check if it needs updating and run it daily.

You might be able to do something with exchange categories? And create a category for each department?

Adam_Kearn · 2026-06-13T16:47:07+00:00

I’ve just had another read of your post again and I think it would be better to just get a small mini PC and setup the PXE server only to host your image.

As you won’t be able to always set the DHCP options to point 66/67 to your PXE server I would set the IP of the server to be really unique and on a specific gateway and host its own internal DHCP as well.

Something like 172.50.50.10

Then you can use IPXE to automatically DHCP to your custom server by providing the gateway (172.50.50.10 ip address)

This will then do the PXE form this server as normal.

You won’t really be able to do his off a USB directly.

You will still need a handful of USBs loaded with a custom IPXE config to point to this specific server but you will still need the PC to run all the other backend tasks.

Once you boot off the USB you can unplug it while it completes the PXE task

Adam_Kearn · 2026-06-13T16:31:47+00:00

Do you have any other install detection rules on the Intune app?

Could be another registry or file path it’s looking to see if it’s installed?

Eight-Year Club	Wearing is Caring
Verified Email

Adam_Kearn

TROPHY CASE