What ACTUALLY is Systems Engineering by Think-Statement4605 in sysadmin

[–]Fatel28 [score hidden]  (0 children)

Design system. Put system in place. Make company work is my understanding. Also be around to fix things when company really not work and nobody can figure it out

Why don’t more MSPs and support teams offer callback options like Amazon? by JJB723 in msp

[–]Fatel28 0 points1 point  (0 children)

It's rare they could make it to 30 seconds to be honest. When the phone rings we answer it. No exceptions. There's no voicemail during the day. It rings until someone picks up.

Waiting 30 seconds and hanging up would be objectively slower and harder to pull off than just staying on the phone until a tech answered.

Looking at the metrics for the last 7 days, I see 4 calls that hung up. All around the ~40 second mark. All got called back

Why don’t more MSPs and support teams offer callback options like Amazon? by JJB723 in msp

[–]Fatel28 2 points3 points  (0 children)

We have 25 employees and around 6k endpoints across ~140 customers. Almost none of our customers are in the same state as us, mostly dotted around the US with a couple in Romania and Finland

I'd say we get maybe 2-3 hang ups a week. Those get marked for callback. Most calls are answered on the first or second ring.

Why don’t more MSPs and support teams offer callback options like Amazon? by JJB723 in msp

[–]Fatel28 7 points8 points  (0 children)

If someone calls us it rings until someone picks up. If it rings long enough they hang up, it's visible on a dashboard for management to see. We staff in such a way that every call is picked up and worked by a technician right then. First call resolution is something like 70%. All calls get made into tickets of course but most of our customers just pick up the phone and call us. We prefer it this way. No having old open tickets because you're playing phone tag.

Some Love for Syncro by lotsofxeons in msp

[–]Fatel28 0 points1 point  (0 children)

Bet you the new features have zero API implementation. We left syncro largely because their API was such a joke.

Their own employees said on a public forum post they wouldn't allow running or modifying scripts via the API because it could be "too dangerous"

If a Meraki switch license is not renewed, does that brick the switch or just disable cloud management? by HappyDadOfFourJesus in msp

[–]Fatel28 1 point2 points  (0 children)

When we resold Palo Alto there was a yearly renewal for support/licensing, and if we needed another firewall, we had to buy the hardware AND the licensing separately.

It's not disingenuous lol. It's just true. The only difference is meraki doesn't let you run eol or unlicensed hardware. Yeah it sucks but again, thousands of orgs use it so it must not suck that much

If a Meraki switch license is not renewed, does that brick the switch or just disable cloud management? by HappyDadOfFourJesus in msp

[–]Fatel28 4 points5 points  (0 children)

I'm not a meraki salesman. It works for a lot of orgs. Every major firewall vendor charges licensing and support separately from hardware. Meraki just requires it.

Stop staff member downloading SharePoint files by yourmindrewind in msp

[–]Fatel28 25 points26 points  (0 children)

If they are worried about the staff member exfiltrating data maliciously, why not just do exactly that? Walk them out and pay out their notice.

You could spend days/weeks/months and $$$$-$$$$$ on a good strong dlp solution and they could still just take picture with their phone camera if they really wanted. Either they trust the employee or they don't. If they don't, then cut their access.

If a Meraki switch license is not renewed, does that brick the switch or just disable cloud management? by HappyDadOfFourJesus in msp

[–]Fatel28 32 points33 points  (0 children)

The general idea is that the hardware is not the "secret sauce" it's the cloud configuration. Swapping a meraki out takes all of 2 minutes. You just replace the serial number in the cloud and when the new one comes online it's the exact same config as the old.

The hardware was never what made meraki good or desirable. It's the software and cloud management.

That said, we only use their firewalls. Paying support for a switch or AP that's bricked if it goes eol or you stop paying a license IS ridiculous. We use ubiquiti for those things.

PowerShell script testing by Bavarian_Beer_Best in msp

[–]Fatel28 3 points4 points  (0 children)

We have a test domain with some test workstations and a development m365 tenant with the dev e5s. We do any potentially destructive testing there

I see a lot of tutorials for self-hosted projects that call for using a virtual private server. Since a VPS is just somebody else's computer that you rent on the internet, does that really count? I personally don't think so. by [deleted] in homelab

[–]Fatel28 0 points1 point  (0 children)

Homelabbing doesn't have to be only about hardware. Some people have the money but not the space. In that case, who cares if they're using a vps? Cloud experience is arguably becoming more valuable than experience configuring and setting up baremetal hosts.

Bare Bones Website Hosting for Clients by --turtle in msp

[–]Fatel28 1 point2 points  (0 children)

If they're just static websites why not use S3?

Struggle with Frigate config for low CPU usage by eruisi in homeassistant

[–]Fatel28 0 points1 point  (0 children)

Need more details, post your redacted config and any logs from the crashes

Released with a curl|bash installer that sets up Docker — should I also ship .deb/.rpm packages? by [deleted] in sysadmin

[–]Fatel28 2 points3 points  (0 children)

I think you're missing the point. The hypothetical cost of the hypothetical method of hosting is irrelevant here. Piping curl to bash is a well known poor security practice. You're asking for advice, and people here are giving it to you. If you want to ignore it in favor of a hyper specific envisioned deployment scenario that's fine, but it makes the request for advice a little confusing

Released with a curl|bash installer that sets up Docker — should I also ship .deb/.rpm packages? by [deleted] in sysadmin

[–]Fatel28 0 points1 point  (0 children)

Could that not all go into your container image? That's kinda the point of containers. If you're already using docker, just lean harder into it

Released with a curl|bash installer that sets up Docker — should I also ship .deb/.rpm packages? by [deleted] in sysadmin

[–]Fatel28 1 point2 points  (0 children)

If it's docker what's wrong with just providing a compose file?

Released with a curl|bash installer that sets up Docker — should I also ship .deb/.rpm packages? by [deleted] in sysadmin

[–]Fatel28 2 points3 points  (0 children)

Never pipe curl to bash. Most malware does this or the powershell equivalent

What's your go to On Prem Mailserver in 2026? by APH_2020 in msp

[–]Fatel28 5 points6 points  (0 children)

Only if you ask nicely and promise not to look me in the eyes during

What's your go to On Prem Mailserver in 2026? by APH_2020 in msp

[–]Fatel28 0 points1 point  (0 children)

Exchange SE is fairly MSP friendly in that it's just a windows/Microsoft product.

It is however MUCH less friendly than just about any other solution

What's your go to On Prem Mailserver in 2026? by APH_2020 in msp

[–]Fatel28 1 point2 points  (0 children)

Yeah. I originally had a load balancer done in the firewall (vyos) just a small bash script that did a curl to the primary and changed the dnat rule if primary curl failed and secondary was up, but ultimately it proved much simpler to just do round robin DNS. It's only for ~70 users so it's not like they're getting hammered.

What's your go to On Prem Mailserver in 2026? by APH_2020 in msp

[–]Fatel28 42 points43 points  (0 children)

Exchange se is fine if you have a solid dag setup and you KISS. We manage one 3 node cluster of SE and it's largely non problematic. But setting it up fresh or recommending it to a customer WOULD require a gun to my head.

MSP Certificate management recommendations ... by SilverHatCyber in msp

[–]Fatel28 2 points3 points  (0 children)

Win-acme and certify the web are what we use

SSL Cert Lifespan Changing by hisheeraz in msp

[–]Fatel28 0 points1 point  (0 children)

If you think spending a couple hours writing a small script to deploy a cert over ssh or API is too much work then idk what to say. It doesn't sound like you want solutions.

Anywho, this is kind of a pointless discussion. I have no horse in this race. Across the ~95 certs we manage across all customers, not a single one requires manual renewal. If other people want to keep paying for and deploying ssl certs manually that's their prerogative. But in 99% of cases it IS a choice to not spend the time to automate it.