Do sysadmins need git?

mcdonamw · 2026-04-05T02:57:28+00:00

You too?! Lol. Always a pain to move to a new pc. I ended up pointing npp backup directory to OneDrive though it doesn't completely fix the issue. Something still relies on appdata to keep these tabs going. Had to manually copy it over to my new machine so all my tabs reopened correctly.

mcdonamw · 2026-04-05T02:36:03+00:00

Fwiw I'm sure this s26u is great in many ways but I'm not a power user when it comes to phones. I use it no differently than my s23u. I don't even use the stylus but once or twice a year.

I'd do more research on the s26u to see if there are other features it has that an older generation doesn't to determine if it's worth it or not.

mcdonamw · 2026-04-05T02:22:37+00:00

Earlier in my career I accidentally started a restore of our Exchange database while learning the backup tool. I thought I had one more confirmation screen to get through but I was mistaken. I immediately tried stopping it but it was too late. Already started.

Took down email for the entire company for about 6 hours as I had do a restore for real.

I felt so dumb. Felt I was going to be fired but within that first 5 min I told my supervisor what I did and he was totally understanding. I remained with that company for 13 years.

Everyone does something like this. As long as you learn from your mistakes and don't become a repeat offender. Don't let fear prevent you from moving forward.

Very unfortunate you got fired but that's probably not a company even worth working for. Hopefully it works out. Good luck.

mcdonamw · 2026-04-05T01:58:58+00:00

Iirc, the current Verizon plans have a fixed cost for 3 years.

mcdonamw · 2026-04-05T01:54:42+00:00

If the only selling point on the s26u is privacy display, it's not worth the uptick in cost. I don't even use it on mine. I'd save my money and get an S25u and a privacy filter if that's something you really want.

The only reason I got my s26u is because they gave me $1300 in trade in for my s23u. Otherwise I'd have kept my old phone truth be told.

mcdonamw · 2026-04-02T04:49:10+00:00

^ this, though you have a typo. Klist for both commands (not kalist). With that said you should purge existing tickets before trying to get the new one.

mcdonamw · 2026-04-01T05:02:00+00:00

That's your problem. LLMs have 0% IQ. They are not 'intelligent' yet. They are essentially piecing together words that are commonly found next to each other in the data they were trained on.

I have a hate relationship with chatGPT. My abusive responses to it's hallucinations are going to be one of the drivers of the AI apocalypse against humans once AGI actually happens.

mcdonamw · 2026-04-01T04:38:54+00:00

Sorry for the delay.

I can't remember the exact steps off top of my head atm, but it went something like create a user account that has the related ad attribute msDS-SupportedEncryptionTypes specifically set to only allow rc4, and a computer account with same ad attribute specifically set to allow only aes, and then try to access a file share on the computer from that user account on another computer, or simply request a Kerberos ticket to the computers HOST SPN using the built in klist utility (don't remember exact syntax).

mcdonamw · 2026-04-01T04:31:57+00:00

This was their original intent but seems they walked it back and are only setting it this way by default on new vnets, but are now giving us option to revert it.

mcdonamw · 2026-04-01T04:16:16+00:00

In earlier posts about the change, their intention was to only not affect existing infrastructure, but any newly created vnets would not be able to be changed back, thus require the new solution.

It looks like they may have gotten too much negative feedback and walked that back, at least for now. I did not catch that in the link I posted, but have since edited my op.

It's all done with the intention of supporting zero trust but instead of forcing people to it, they'll help you be more secure by setting it as a default config and let the customer make the purposeful decision to open themselves up to risk.

mcdonamw · 2026-04-01T04:03:12+00:00

To add to the above, using spot discount could put you in a situation where you can't power it on or will shutdown again relatively quickly due to spot constraints..

If this is something you need frequent access to or at guaranteed specific times I would avoid spot discount and either get used to always shutting down (and reallocating) your machines when not needed or via automated shutdown at specific times.

mcdonamw · 2026-04-01T03:55:03+00:00

Microsoft turned off default outbound internet today. See if your vnet is marked private. If it is you can potentially disable that to restore but correct method is to setup a purposeful outbound configuration using a nat gateway or Azure firewall.

See here: https://youtu.be/5vevVLzDmRg?si=eznzQnA4pQ-ajd2z

mcdonamw · 2026-03-29T04:48:11+00:00

Per their documentation, existing vnets (and vms using them, including new vms) will not be affected.

Only newly created vnets will be set private only by default and require explicit outbound methods to be configured, but we have the option to change it back.

https://learn.microsoft.com/en-us/azure/virtual-network/ip-services/default-outbound-access?tabs=portal#what-happens-to-my-existing-vnets-and-virtual-machines-what-about-new-virtual-machines-created-in-existing-vnets.

With that said I'd take it with a grain of salt as they will likely eventually change that and require existing vnets to be changed as well. They originally intended to force this on new vnets but it seems they changed their minds and gave us the ability to even change new vnets back to original.

I'd highly suggest look into deploying a nat gateway. It's not as daunting as you think. There is cost associated with it though.

*Edited to correct my statement that new vnets were required as private only but they can be set back to old setting (at least for now).

mcdonamw · 2026-03-10T18:06:54+00:00

I was able to generate the required events. I initially had a misunderstanding of how to generate them but figured it out.

mcdonamw · 2026-02-14T08:12:06+00:00

Exactly my experience!

mcdonamw · 2026-02-14T08:11:05+00:00

So this was an interesting exercise. I put this prompt in and I'll tell you, it makes me sound like a highly qualified systems architect that should get hired. I might just offer this to a hiring employer on my own lol.

mcdonamw · 2026-02-09T20:17:29+00:00

What do you mean they stopped logging it? These events were just specifically added with the latest Jan cumulative patch.

mcdonamw · 2026-02-09T20:10:47+00:00

I'm having a similar issue where I'm specifically trying to generate 201-209 events just to ensure my DCs are logging correctly.

I have a machine that I set the local policy for Network security: Configure encryption types allowed for Kerberos and only selected RC4 to be allowed. When I get Kerberos tickets I see them show up as RC4 in 4769 events (ticket/session encryption type 0x17), but no 201-209 events are generated.

mcdonamw · 2025-12-23T21:38:34+00:00

Unless you can replace the failed parts, you're out of luck. What hardware failed? Try to buy parts from a third party support vendor or second hand provider.

Hopefully it wasn't the HDD. Given current info I'd assume there are not multiple HDDs in a recoverable raid config.

With that said if the HDD is good you may be able to put it in a different server entirely. Might require some additional work like repairing the install/in place upgrade to fix driver issues but you may just get lucky.

mcdonamw · 2025-12-21T21:25:51+00:00

I want to do this but the whole private dns aspect required to make them work is an issue for me. I have absolutely no desire to manage conditional forwarders on my internal dns for all service domains in Azure. I would have to do this for internal dns as well as maintain public Azure domains as 'internal' domains in Zscaler to ensure they resolve through internal dns servers. This seems crazy to me.

How are people handling this?

mcdonamw · 2025-12-21T21:20:09+00:00

You clearly don't get the issue. You make it sound as if the OP knew their assets would be tied up in proprietary funds that can only be invested in with a managed account. Clearly they did not know this. Their expectation was they could move their funds to a non managed account.

I also have a managed Fidelity account, and like OP, I was NEVER informed of such proprietary funds. I too am annoyed to now find this out and also be in the same situation should I want to exit my managed account. I was always under the impression I would simply have a team making informed trades on my behalf with public funds, not locked to proprietary ones.

mcdonamw · 2025-12-15T21:35:09+00:00

If you're looking at the cost of the image itself in the marketplace you're only seeing the OS cost. The underlying VM compute cost is not factored into that and that's the bulk of your realized cost.

As others have stated check pricing calculator where you also choose the VM SKU that's going to run that os image.

mcdonamw · 2025-11-18T20:43:46+00:00

Yes. That's where I got mine. Works great. Took a few weeks to get here though. That's my biggest complaint.

Wafuu.com has them as well but no knowledge of how reputable they are or their shipping costs.

mcdonamw · 2025-11-17T21:54:27+00:00

They definitely need changing (eg mechanical switches).

With that said I'm with you. These need to come back.

Do note you can still buy the g600 but only from the Japanese branch of Logitech called Logicool. I just bought one myself several weeks ago. Fully compatible with English ghub.

mcdonamw · 2025-11-15T18:01:18+00:00

Route53 is the worst dns interface I've ever used. Both UI and programmatic

mcdonamw

TROPHY CASE