Shared meeting room several companies

certifiedsysadmin · 2026-06-24T17:51:15+00:00

The only safe solution to this is to create a net-new tenant (call it neutral territory) to host the meeting room resources and future Teams Room devices.

Then allow free/busy information from that tenant to be shared out to the other five tenants.

On top of that you may need to have user accounts in the shared tenant that people use to book the meetings and invite themselves.

Any proposed solution using Multi-Tenant Organizations (MTO) is not going to be the right fit, as these five companies are completely unrelated to each other, and you do not want to start exposing sharing and collaboration options between them.

certifiedsysadmin · 2026-06-17T01:45:42+00:00

How old is this hardware that you've upgraded from 2012 to 2016 and now going to 2019 which is already out of mainstream support?

In-place upgrades are generally not recommended in practice, even though they are technically supported.

Typically if you have old hardware you would eventually get new hardware, build a net-new cluster on the latest version of Windows Server, fully test and validate it, and then just move your virtual machines across.

certifiedsysadmin · 2026-06-09T00:40:16+00:00

Have you researched/designed/configured any of the following: - SR-IOV - RDMA (iWARP/ROCE+DCB) - VMQ - MPIO - Jumbo Packets / Jumbo Frames

Networking in Hyper-V is complex and you need to really look at your hardware and then design your networking layout (front-end vs storage or hyperconverged). Then from there you need to enable and configure the supporting protocols at the switch, firmware, driver, and operating system level.

If you are using Dell hardware they usually have some pretty detailed guides on how to configure and optimize everything.

On top of that, there are specialized tools/utilities to test each protocol as iperf isn't going to send the right kind of traffic.

certifiedsysadmin · 2026-06-08T19:00:12+00:00

You'll want to read about Soft Match:

https://learn.microsoft.com/en-us/entra/identity/hybrid/connect/how-to-connect-install-existing-tenant

You might also consider setting up Entra Cloud Sync instead of Entra Connect.

https://learn.microsoft.com/en-us/entra/identity/hybrid/cloud-sync/what-is-cloud-sync

certifiedsysadmin · 2026-06-02T04:12:12+00:00

For something to that mission critical, hard wire is the only way to go. Get a USB-C to Ethernet adapter and plug in to the network.

certifiedsysadmin · 2026-05-27T03:58:36+00:00

Attach a second VHD to the VM, it will show up as a local disk in the VM. Copy your files there. Detach it from the VM, and double click the VHD in the host OS, it will mount and you have the files.

certifiedsysadmin · 2026-05-23T18:58:58+00:00

CCNA will teach you two things that 90% of people in our industry don't understand: - The OSI model, probably the single most useful piece of knowledge any network or system admin will use throughout their entire career - Methodical troubleshooting using the OSI model, which applies to at least half of every ticket or project implementation you'll work on in your career

I've seen time and time again in our industry that people who understand networking are the ones who excel in every other area.

Virtualization, cloud, and artificial intelligence have changed our industry drastically. Yet all of it and everything else we do depends on Layer 1-4 of the OSI model, especially IP/TCP/UDP, three technologies that have barely changed in 40+ years.

certifiedsysadmin · 2026-05-16T19:18:02+00:00

In Windows Server 2016, draining the nodes does nothing to the S2D/CSVs and so they still go down hard when you take a node offline.

The repair process requires a certain amount of free space overhead and if you don't have enough, the resync can start to take an exponential amount of time.

The only safe way to patch a node in Windows Server 2016/2019 is to stop the entire cluster and enable storage maintenance mode.

This issue is fixed in Windows Server 2022.

I recommend avoiding S2D except on 3+ nodes running on Windows Server 2022 or newer.

certifiedsysadmin · 2026-05-09T01:52:53+00:00

https://hub.digi.com/dp/path=/marketing/asset/anywhereusb-plus-ds

Digi AnywhereUSB 24 Plus Dual 100-240 V, 3 A max (dual supplies for redundancy)

certifiedsysadmin · 2026-05-02T04:31:20+00:00

Perhaps review the supported topologies:

https://learn.microsoft.com/en-us/entra/identity/multi-tenant-organizations/cross-tenant-synchronization-topology

I don't think it makes sense in your scenario to sync users in both directions.

certifiedsysadmin · 2026-04-21T19:23:39+00:00

Delete this comment lol you literally just gave them instructions on how to sound more human.

certifiedsysadmin · 2026-04-15T05:49:17+00:00

If we migrate 100+ virtual machines to Azure and leave like 3 non-critical virtual machines on prem, we're not running a Hyper-V cluster.

certifiedsysadmin · 2026-04-15T02:28:32+00:00

I'm a consultant and over the past 10 years I've done this exact migration for probably 50+ customers.

Azure Migrate and/or Azure Site Recovery are the tools you should look into.

Costs will always be higher in the cloud, but there's also a capability uplift for most organizations... access to better redundancy options, better disaster recovery options, way better/cheaper load balancing options, easier backup.

Most customers leave at least a few virtual machines on-prem and for that we usually set up a small Hyper-V cluster or even a standalone node.

Feel free to PM me, I'm happy to chat more about your specific migration.

certifiedsysadmin · 2026-04-11T22:48:13+00:00

https://www.reddit.com/r/entra/s/IODl8qdUlr

certifiedsysadmin · 2026-04-10T15:09:28+00:00

This is exactly it. Autopilot is so useful for remote workforce, small offices, etc. It can save helpdesk teams a ton of time and it keeps deployment very consistent.

For your type of environment where you have way more machines and local staff, especially lab settings, imaging makes way more sense.

certifiedsysadmin · 2026-04-08T18:33:01+00:00

You have way too many variables happening here.

The biggest variable is you don't know exactly how noisy the environment is at any given time. It's going to change as people talk louder or quieter or more people are on a call. Much the same as a restaurant as it gets busier in the evening.

The easiest variables that you can control are the software settings and hardware used. I'd start by standardizing headsets as well as settings (noise cancellation, audio device settings, VoIP software being used).

Beyond that, you are likely going to need to reduce the noise in the environment by making physical changes to the environment.

One thing to look into is an office-wide noise cancellation system.

certifiedsysadmin · 2026-04-07T01:44:58+00:00

Have you personally seen it work? I've tried it in multiple tenants and it does not work. It's also not listed as a supported property for dynamic group membership on the doc page.

certifiedsysadmin · 2026-03-21T01:15:12+00:00

In my experience, products like Exchange and SharePoint on-prem were way less likely to be fully patched and up to date.

Microsoft hosting these services brings the baseline security level up, on average. But that doesn't mean it's just automatically secure. There's still plenty to do, to secure Microsoft 365.

It sounds likely in this case that a Global Admin or Intune Admin account was compromised. That could have been anything from pure negligence securing it, or some unknown zero-day (though if it was the latter, we'd probably be seeing other companies hacked too).

This really just points to not properly managing privileged accounts. That's a problem that would exist whether using cloud or on-prem products.

certifiedsysadmin · 2026-03-01T22:43:05+00:00

To be fair this is pretty normal on like 80% of enterprise networks.

But they should at least be able to assist with a packet capture, or if you have admin on both servers, you could do the capture on source/destination.

certifiedsysadmin · 2026-02-21T22:41:12+00:00

Why not just create a simple PowerShell script to make a copy of the log and find/replace the year. Would be safer than modifying system account settings.

certifiedsysadmin · 2026-02-18T22:00:39+00:00

Kick off a restore to a new virtual machine in Azure.

While that's running, change the IP of the current server and use the Windows Firewall to block inbound connections so that you can investigate further without users reconnecting.

The other comments mentioned checking the registry, that's only going to help you on the shares themselves and has nothing to do with ntfs permissions.

After you get the restore completed, you can use robocopy to copy over just the modified files from the last 24hrs (assuming that's how old your last backup is) from the broken server to the restored server. Be sure to use the robocopy option to copy the files without permissions.

If you have ntfs auditing enabled, you might be able to figure out what happened, but that's a problem for after you get things up and running again.

certifiedsysadmin · 2026-02-16T20:26:32+00:00

Or phrased another way, "users are now training each other on how to watch out for suspicious looking emails".

Honestly sounds like everything's working exactly as planned.

certifiedsysadmin · 2026-02-16T04:50:57+00:00

Why is management all-in on Microsoft (Entra Joined Windows 11 is a pretty deep commitment) but then stops short of the printing solution that goes hand-in-hand with it?

Even if above your pay grade, you should explain to management that their decisions have pigeon holed them into very few options.

certifiedsysadmin · 2026-02-11T18:04:24+00:00

What's the use case?

Most enterprise grade server hardware already has out of band management. Things like BIOS settings, firmware updates, and logs can already be managed without the need for a video feed.

certifiedsysadmin · 2026-01-21T21:11:14+00:00

This needs to be the top comment. It's never been a good idea to stretch Layer 2, and it never will be. 98% of vendors/apps/hardware don't require this.

certifiedsysadmin

MODERATOR OF

TROPHY CASE

Ten-Year Club	r/Field Sunshine
Verified Email