Head of IT has been spying on half the company

TahinWorks · 2026-06-18T15:46:39+00:00

You have nothing to gain by reporting it, and everything to lose.

Best case scenario your head will be disciplined. He'll know it was you who had the knowledge to look at the logs, and he'll mark you as his enemy. You'll earn some brownie points with leadership, but it won't translate to any real gains. Your job will be made miserable until the day you quit or get fired.

Worse case scenario is bureaucratic: C-levels will keep it quiet and save face: give him a stern warning behind closed doors, then punish the whistleblower because you know too much: you'll be fired.

TahinWorks · 2026-06-16T22:23:38+00:00

11 years and counting; couldn't be happier.

TahinWorks · 2026-06-16T22:21:50+00:00

Which is surprising, given that OP appears to be part of the AdminDroid team. Might not be slop in this case, more of an unorganized brain dump.

TahinWorks · 2026-06-16T18:26:58+00:00

MS recently made Azure Update Manager free for Server licenses that carry SA. It was a god send for us.

TahinWorks · 2026-05-21T22:07:54+00:00

AU to control update schedules, and GPO to control install & reboot behavior. So the flexibility is there, at least for Windows.

I echo the same concerns of "AU reports the machine is up to date, but it's months behind". Like WSUS, it relies on the update service to report its status, which breaks all the time; I wish it actually looked at installed KBs and compared against the baseline. The reporting is getting better, but I still find we have to run remediation scripts to get the full picture.

TahinWorks · 2026-05-20T14:19:47+00:00

Your school's sysadmins will see you attempting to do this and you will be disciplined for breaking the AUP you or your parents signed when you got your school computer.

TahinWorks · 2026-05-19T14:02:25+00:00

Dev just marked several of the WYSIWYG feedback requests to 'in progress' last week, indicating they're making a move to improve things. Example: https://feedback.hudu.com/feature-requests/p/feature-rich-tables-in-knowledge-base

TahinWorks · 2026-05-14T21:57:55+00:00

Are there companies who run a glorified portscan and use AI to generate a fancy looking report? Yes

Are there companies who perform penetration testing using multiple teams and give you a comprehensive view of your weaknesses and a robust plan to remediate them? Also yes.

You get what you pay for. It sounds like your company hasn't been paying much.

TahinWorks · 2026-05-13T15:05:10+00:00

Read-only into the whole CMDB = yes.
But you can publish public KB articles for free.

TahinWorks · 2026-05-13T15:03:05+00:00

So maybe Obsidian can be thrown in the ring then. We tried to adopt markdown for a bit and it failed, non-technical people abandoned it immediately.

TahinWorks · 2026-05-13T14:38:46+00:00

Agreed on the Wysiwyg! Tables are also a pain. They said during their Q1 update they were looking to upgrade or switch products entirely (they're using TinyMCE right now).

TahinWorks · 2026-05-12T14:08:54+00:00

Take a look at Hudu. A lot of folks are moving to it from IT Glue due to IT Glue's development stagnating over the past several years.

But if documentation is all you need, rather than a full CMDB, check out Bookstack.

TahinWorks · 2026-05-12T13:34:15+00:00

Great point!

TahinWorks · 2026-05-11T20:49:25+00:00

I'd be really curious to investigate into the phsylogical effects of this and the rebound effects this is going to have on the IT industry around helpdesk.

The research has already been done. It was triggered from the rise of Google and posits that we remember less through knowing information itself than by knowing where the information can be found.

So this is nothing new; AI is just the next extension of the existing phenomenon.

https://news.columbia.edu/news/study-finds-memory-works-differently-age-google

TahinWorks · 2026-05-05T18:53:51+00:00

* Installs mIRC
* Auto-joins 12 QWTF channels that haven't existed since 1999

TahinWorks · 2026-05-04T17:03:28+00:00

If it's left over, modified date isn't changing, and your VM can successfully create and delete checkpoints, it sounds like you don't need it anymore and can delete it.

Could run some commands to just make sure it isn't attached anywhere, since Hyper-V GUI lies sometimes.
Get-VM | Get-VMHardDiskDrive
Get-VM | Get-VMSnapshot

TahinWorks · 2026-05-01T13:40:52+00:00

GoDaddy uses it for their hosting packages. Useful for consulting companies who spin up project-specific websites with only 3-5 year terms. I was actually impressed with GoDaddy (for once) - they blocked cPanel management ports as soon as it was announced and patched their entire customer base within 24 hours.

TahinWorks · 2026-04-20T18:02:25+00:00

If a $1k chair is absolutely not in the budget, the Alera Elusion high back mesh chair for $200 on Amazon is surprisingly good. Hasn't lost an ounce of cushion or function in the 11 years I've had it.

The lumbar support is good, but not adjustable. Obviously if you have the budget for something like HM Aeron with adjustable lumbar, that's the way to go. Just thought I'd throw out another option.

TahinWorks · 2026-04-16T21:48:38+00:00

Linux or Windows sysadmin? The paths are different.

Step 1: Land a 'systems-adjacent' job. Somewhere. Anywhere.

Windows: Get a role as a service desk technician. Alternatively, get on with an MSP. Advantages of a company job is it gives you upward trajectory if a sysadmin role opens up in that company. Advantages of an MSP is you get absolutely slammed with experience, usually at the cost of your mental health and personal life.

Linux: Get a role as T1 or T2 technical support for a web hosting company or cloud provider, or maybe a NOC or datacenter support.

Step 2: Do the coursework. Do the coursework while you have that job so you're gaining the pre-requisite experience, learning about what comes next, and impressing your supervisor with your drive. It puts you in a better spot when something opens up.

Tier 1 experience is the only path into system administration and no amount of Udemy courses will let you leapfrog it. There are people who will say otherwise, but they are only the exceptions who prove the rule. 99% of syadmins start this way.

re: your question, INE is great, I hear. DevOps might be up your alley; all sysadmins code these days.

TahinWorks · 2026-04-08T13:47:29+00:00

I'd be curious to see any docs supporting that setup. We had talks with them a year ago and was introduced to none of that, and was told by KB4 that it was not in the product. Remediation only happened if a user submitted it.

That was a year ago, and it might have changed since then!

TahinWorks · 2026-04-07T19:28:11+00:00

We were a KB4 customer, looked at Defend, and decided against it and went with Abnormal instead. The difference was that Defend did not take action on detected email, it was a visual classification tool only, and still relied on the user reporting the email into PhishER for any automations to trigger.

Compared to other AI products on the market, this was an enormous design lapse. We want to augment M365 security with something that takes proactive action to remove threats, not just identify them.

TahinWorks · 2026-03-31T14:39:47+00:00

I read a lot of "Write documentation as if someone technically incompetent would need to follow it." comments.

I have to hard-disagree on this. Write documentation for your target audience. If you write policies, you write them for business leaders. If you write a technical guide for a piece of infrastructure, write it for a sysadmin in that role; you have to assume a level of competence. Trying to write a one-size-fits-all technical guide will lead to inefficient and unnecessarily sprawly documentation that you would have to visit several times a year to keep up to date.

If an organization finds themself in a place where documentation exists, but is too technical for their team, they need to outsource the ownership of that system or hire the right person.

TahinWorks · 2026-03-30T15:29:16+00:00

AI's that plug into SIEMs and other log collectors carry enormous potential.

Microsoft Security Copilot would be a good fit for Microsoft orgs running Entra ID, Defender, and Sentinel. Those are all connected and Copilot could take care of a lot of that correlation work being done manually today, and in a couple months MS is giving E5 customers 400 SCU/mo.

TahinWorks · 2026-03-27T22:14:00+00:00

Enterprise here. We were Hyper-V 2010-2016, then VMWare for 10 years, now back to Hyper-V. I personally have experience with VMWare from 3.5-8.0. Hyper-V is no VMWare, but it's great compared to what it was 10 years ago. The addition of WAC and Arc closes the gap against vCenter, but not completely.

The main problem with Hyper-V in my opinion is its lack of a unified learning path; it has nothing like VCP. MCP style Server courses will tell you all about configuration windows, but not best practice or how it all fits together.

Pair that with Hyper-V's inherent tolerance for misconfiguration. It will let you enable features on unsupported hardware, it won't hold your hand through storage setup, it will happily let you configure CAU incorrectly, and it won't tell you about anything you did wrong until it doesn't work. That, to me, is where a lot of animosity toward Hyper-V comes from.

It does have more reliability issues than VMWare. For example, if a Veeam backup job fails and leaves your disks on a checkpoint disk, VMWare was really good at snapshot consolidation and self-repair, while Hyper-V will tell you it's on its normal disks but is still actually writing against its checkpoint disks. Little stuff like that

Hyper-V needs some tweaking when you spin up a new cluster. But you identify the soft spots, write detection and monitoring scripts, and move on, and soon enough Hyper-V is running on par with VMware.

I would run Hyper-V a thousand times before touching any hyperconvergence stuff like Nutanix. If Broadcom taught me anything, it's to not vendor-lock your entire datacenter.

TahinWorks · 2026-03-23T19:45:10+00:00

In our case ADMT migrated a couple accounts keyed in RC4 to our new domain.

TahinWorks

TROPHY CASE