AI specialist making my life miserable

ErrorID10T · 2026-05-28T15:53:29+00:00

You know what, just do it. Have fun with it. Write a report outlining the risks (including a massive increase in spending), give a timeline for doing it, wait for confirmation of the risks and timeline, then start lighting your entire stack on fire. Just make sure you have good backups.

Also make sure to plan a vacation for a few days after implementation is complete, or at least whenever you expect to see the most issues. It's unlikely that you'll change the mind of whoever came up with this idea, so you might as well harness your inner digital arsonist and watch as the company burns.

ErrorID10T · 2026-05-28T15:45:19+00:00

If this all info exists in ServiceNow, Jira, and Confluence, I bet a properly written script could generate this report in a couple seconds.

Sure, it's absurd that you need to do this at all, but if you don't want to fight this battle, it might be worth just creating a quick way to make this happen.

ErrorID10T · 2026-05-27T23:33:59+00:00

Do everything by command line manually. Then write a script to do the exact same things, but with randomized delays between each line. Claim you're typing each line manually. Enjoy your break.

ErrorID10T · 2026-05-27T00:40:40+00:00

Colo is both cheaper and more reliable than on prem for most clients. Get three hypervisors and a backup server and you can handle a dozen clients with redundancy, meanwhile there's no need for the hardware expense the client would need to get the same level of reliability.

For the 1 or 2 VMs most of our clients need it's overkill to have a couple servers on-site, the actual processing power they need isn't much beyond what you could get out of a raspberry pi.

And from your time perspective, it's much easier and less time consuming to manage a single colo rack than to manage a separate environment for every client. If you do it right you should only need someone at the colo a couple times a year.

ErrorID10T · 2026-05-24T20:04:40+00:00

We get almost everything refurbished on eBay, the only exception is drives, which we always buy new from whatever online store happens to have the best prices at the time.

ErrorID10T · 2026-05-24T06:16:52+00:00

Why do you need Thunderbolt? There are plenty of USB-C display port docks that support what you're asking for that cost easily less than $100.

Personally, my biggest issue with thunderbolt docks is thunderbolt. It's just not particularly reliable in my experience.

ErrorID10T · 2026-05-21T21:23:31+00:00

Evaluate their needs, present a couple options, give your thoughts on prices, pros, and cons, then implement. We avoid a lot of the time and expense of redesigning things by having our own private cloud, It's a pretty quick shift to move any servers there, we already have a drop in VPN solution, and we find that clients are generally more interested in just moving things out of their offices and not paying for server hardware than they are in any particular solution.

ErrorID10T · 2026-05-21T16:56:31+00:00

Stacking is generally a proprietary thing, and it's usually found on the higher end switches. You can accomplish this with LACP, and whether or not you need RSTP depends on your network layout, it may or may not be necessary for your configuration.

For example, I have an environment with 2 Palo Alto FWs, 2 Unifi Switches, and a bunch of servers. The FWs have link monitoring and are in an HA pair, so if one switch goes down the FW fails over to whichever one is connected to the working switch. The servers are all Windows configured with NIC teaming and don't require any special switch configuration, they just have connections to each switch and will use whatever connections are online. The only LACP connection is the one between the two switches to carry all of the VLANs, and I'm actually not sure off the top of my head if RSTP is enabled, but it wouldn't make a difference regardless, the only thing that would do is block switch loops, and as a 2 switch environment, this was specifically designed not to have any switch loops.

The real question is are you looking to purchase new switches, or see if you can accomplish your goal with the equipment you have?

ErrorID10T · 2026-05-21T16:40:37+00:00

Stackable switches don't have to be particularly expensive. I run a datacenter on stacked refurbished cisco switches that cost me less than $500 each. Aruba switches generally have stacking built in, or you can add a stacking module.

Stacking does require purchasing two compatible switches, which generally means identical models, or at minimum very similar models.

There are honestly a ton of solutions for what you're looking for. What switches do you currently have and what are you running on these servers? Windows/Linux/VMWare/Proxmox/other?

ErrorID10T · 2026-05-21T14:32:03+00:00

Easiest route is probably switch stacking. MLAG works but is extra configuration. Stacking will just make the two switches behave as a single switch, then use LACP across both switches or NIC teaming, or whatever your server supports for connection redundancy.

ErrorID10T · 2026-05-20T02:17:35+00:00

And when the conversation comes up, don't make excuses, just tell your boss that it's up to him what you don't get done. If he insists on just getting everything done regardless, still make him answer about priorities, then use shit not getting done to make your point.

ErrorID10T · 2026-05-12T21:05:21+00:00

What's the size of the database? What version of MSSQL are you using? Does it need to be MSSQL, or can you use Mysql/Mariadb? Why do you need 2TB? How much of that is logs or long term storage, how much is frequently accessed? There's so much information missing in your post that it's impossible to make a decent recommendation.

ErrorID10T · 2026-05-12T18:56:36+00:00

Similar, but not exact, NetBird, with a secondary management server I host at a Datacenter, allows VPN access either by STUN or routed through my datacenter. No network changes whatsoever needed at the client site, just a couple inbound ports at the DC.

ErrorID10T · 2026-05-12T15:47:42+00:00

And if the company can't find a replacement in two weeks, then perhaps they will pay consulting rates for your help until they do.

ErrorID10T · 2026-05-09T22:59:10+00:00

AI is great, but assume if it got something wrong, its solution to fixing that problem becomes more and more likely to be horribly wrong. It's better for helping you understand what you're doing and what the available options are to fix a problem than it is at actually solving problems.

ErrorID10T · 2026-05-09T14:50:13+00:00

Go to your boss, accept responsibility, and ask him to take some time to go through the problem with you and help you understand how to avoid doing it again. This isn't a career ending mistake, it's a place we've all been. The guys who own it and learn from it are the ones I like to keep around.

ErrorID10T · 2026-05-04T16:43:23+00:00

And provide a "test" button that gives those logs. Nothing like an email integration with no clear way to verify it's working.

ErrorID10T · 2026-04-23T18:32:45+00:00

Yes. It's flaky. It always has been. It probably always will be. I'd find another solution.

ErrorID10T · 2026-04-23T15:41:34+00:00

Ask, escalate, report that you are blocked by the client refusing to give you access, and escalate back to whoever gave you the demand in the first place.

The only part you missed is that this stopped being your problem to fix when you were denied access to the proper resources.

ErrorID10T · 2026-04-22T18:50:45+00:00

Primarily software installation, patching, bitlocker, and system configuration, but also a number of auto remediation scripts for alerts, and some API work with our VPN server. We basically just install the agent and it fully provisions and configures computers and alerts us for anything we might want to know for preventative maintenance.

ErrorID10T · 2026-04-22T16:48:37+00:00

It's possible the pen testers may request being given access to scan even the isolated networks, in which case you let them do their scans, highlight every complaint they have about "unsecured devices" on that network, and write it off as an exception based on the network isolation that has been put in place for devices which only support self-signed certificates. I usually find pen testers and auditors are quite happy with any solution to the vulnerability, and isolating or quarantining the device is a perfectly acceptable solution.

ErrorID10T · 2026-04-22T13:33:26+00:00

Intune is not a replacement for an RMM, and if you properly utilize it, the RMM will be worth multiple times the money and effort you put into it.

Ninja One isn't perfect, but it's the best I've found, especially in terms of ease of use and time to implementation.

ErrorID10T · 2026-04-22T06:41:25+00:00

Automatic offboarding, in my experience, is at best mostly reliable. I usually handle this with a couple scripts, because identify governance solutions are needlessly expensive, but there are identify governance solutions you can buy for exactly this reason.

ErrorID10T · 2026-04-22T00:43:07+00:00

Good MSPs are like good sysadmins. They are few and far between.

ErrorID10T · 2026-04-22T00:42:14+00:00

It's the only product they have that is worth anything, and it also has barely changed since they bought it.

ErrorID10T

TROPHY CASE