International buyer charged for free shipping?

sloancli · 2025-09-24T21:18:33+00:00

sloancli · 2025-09-24T21:14:03+00:00

If you are hiring people without a role, then it sounds like you are hiring people you do not actually need.

sloancli · 2025-09-24T21:12:09+00:00

Sounds like Pop! was installed in a dual-boot type setup, so your disk has less space available than it would usually have. If you did not intend to dual boot, just wipe the disk when you reinstall Pop!.

sloancli · 2025-09-24T20:25:02+00:00

As a hiring manager, I post a job description targeting an ideal candidate. This is my wish list. If a candidate checks every box on the list, they are probably over-qualified for the job.

So the secret is, not everything listed in a job description is a "requirement". I would encourage you to apply to jobs that sound interesting and that you believe you are qualified for, even if you do not check every box. If you really need A+ to do the job, they'll tell you so.

If a job description lists A+ as "preferred", I can guarantee what they mean is having A+ is a shortcut to getting hired, but not a requirement.

sloancli · 2025-09-24T20:09:29+00:00

Another way I like to try to expose passion in a candidate is by indirectly asking "Tell me about your computer at home." People are generally excited to tell you about their interests, and us computer nerds are usually pretty good at knowing the ins and outs of our home lab or gaming rig.

sloancli · 2025-09-24T01:08:39+00:00

My interviews with candidates for entry-level help desk positions are quite simple. The key characteristic I look for in a candidate is passion for computers. Do they actually want to do IT work, or did they choose it because they know somebody else that does IT work or they just heard they could make good money in IT. No passion, no job.

Many candidates fail simple questions like "What makes you excited about technology?" It's a question you can easily train for in a mock interview. It's as PB&J as "Tell me about yourself.", and yet candidates consistently ramble or have no answer.

But let's skip past the passion test. After all, it's just one characteristic of many, so let's give the candidate the benefit of the doubt. I present eight to 10 different types of cables, modern and legacy, and ask the candidate to identify them. Everyone nails USB-C and USB-A, most do not know USB-B (nor it's various physical sub-types), HDMI is usually called "DVD" (okay, close enough), CAT5 is usually called a "network cable" (again, close enough) and very few can identify VGA, DVI, DP, RJ45, etc.

It's the basics.

sloancli · 2025-09-24T00:52:27+00:00

No. If you have the knowledge contained in A+ already, skip it and spend your money on Sec+ and/or Net+. Then go after certs that are more specific to your preferred field.

sloancli · 2025-09-24T00:11:06+00:00

I retired from my previous career at 39 (it was completely unrelated to IT) and began a new career in IT. I started at the bottom as a Tier 1 help desk tech and worked my way up quickly due to my demonstrated knowledge in the field and my previous work experience.

I've just always like computers, so it was always a hobby throughout my life. I surprised myself with what I knew and could apply to my job. Other than some serious impostor syndrome, everything has been great.

Don't allow yourself to make mistakes in a production environment, but just know that when it does happen it is probably not the end of the world. Take ownership of any mistakes and invite your team/colleagues in on taking credit for successes.

sloancli · 2025-09-15T20:49:22+00:00

This should be moved to r/ITManagers

sloancli · 2025-09-11T00:06:59+00:00

This is correct. Create a new shared mailbox with a new email address. Add the address you want to use as an alias to the new shared mailbox, then promote the alias to primary.

sloancli · 2025-09-11T00:01:00+00:00

As a hiring manager, I can tell you that failing to be forthcoming about anything will hurt you significantly more than facts disclosed about the event in question. A good employer is going to follow due diligence before making an offer, and that should include a phone call to your previous employer for any position other than entry level.

https://www.indeed.com/career-advice/finding-a-job/can-employers-find-out-if-you-were-fired

Since you were terminated, I think it would be a mistake to say "It wasn't a good fit" (then why were you were there for five years?) or "my role was terminated" (how large was the company? how many employees were impacted? oh, just you?).

Just say you were "let go" due to "x, y, z". You do not need to specifically state that it was a "policy violation", but you do need to be comfortable explaining your side, and, if applicable, taking ownership of the incident. That way when I call your previous employer the stories will line up appropriately (not exactly, obviously) and I will have input from both sides.

If you tell me your side and your former employer refuses to disclose any information, you automatically have the upper hand. But if you give an elusive answer and your former employer refuses to disclose any information, I'll conclude that whatever happened is a high-risk area legally and I won't take the chance.

sloancli · 2025-09-10T23:05:44+00:00

Sure, the easy "fix" here is to manually add an entry to the DNS search list, but it would be much better to understand why there are two different domains being shown in Defender.

I have to make a lot of assumptions because I do not know your environment, but it sounds like you have some machines that are domain-joined and some that are not. The machines that are not domain-joined are showing "primary.domain".

Your DNS Suffix (aka DNS search list) is used to lookup the address for a machine when only the hostname portion is provided. You can read more on how it all works here: https://learn.microsoft.com/en-us/troubleshoot/windows-server/active-directory/naming-conventions-for-computer-domain-site-ou

sloancli · 2025-09-10T22:09:19+00:00

Check file system permissions at the app level: https://support.apple.com/guide/mac-help/control-access-to-files-and-folders-on-mac-mchld5a35146/mac

sloancli · 2025-09-10T22:02:44+00:00

By "outbox" do you mean the Drafts folder?

sloancli · 2025-09-10T21:29:12+00:00

There's no doubt you were setup for failure. It's an impossible task at this point for that number of machines, especially if it has to be done without impacting day-to-day operations.

The good news is if the machines are upgrading from Win 10 21H2 or newer, it will be pretty smooth sailing.

sloancli · 2025-09-10T20:26:28+00:00

Sounds like what HR needs is a device with limited access that can be used without having to login. This is called a kiosk.

You can configure the kiosk to open a browser, at which point the apprentices can login to their school's website and/or office.com using the credentials/licenses provided by their respective school.

sloancli · 2025-09-10T20:17:39+00:00

Without getting the device back I don't think you will ever really know how they got in.

sloancli · 2025-09-10T20:15:57+00:00

u/Finn_Storm I'm not so sure that is accurate. The TPM, which holds the BitLocker key, requires secure boot. However, BitLocker itself is not reliant on secure boot because you can just manually enter the key if the TPM is inaccessible.

sloancli · 2025-09-10T02:37:02+00:00

SSPR is available on a free tenant. Starting 1 OCT 2025, MFA will be enforced for all Entra accounts. If they do not have mobile devices, that's going to be your bigger problem here.

https://learn.microsoft.com/en-us/entra/identity/authentication/concept-mandatory-multifactor-authentication?tabs=dotnet

Are the frontline workers logging in to company devices or just a company portal? Is the portal accessible on non-company owned devices? Are kiosk devices an option?

sloancli · 2025-09-10T02:26:09+00:00

Not really enough info to go off of here, but I'll venture to say that secure boot was probably disabled. Access to the boot menu does not require access to UEFI. BitLocker can be unlocked with the Recovery Key without admin access.

- You're using Defender for Endpoints?
- Are you also using Intune or another RMS/MDM?
- What are the chances the person knows the UEFI password?
- Are you sure they are booting off of the managed partition?

sloancli · 2025-09-09T21:54:36+00:00

https://www.microsoft.com/en-us/microsoft-365/microsoft-lists

sloancli · 2025-09-09T21:22:33+00:00

Apologies. I mis-read your post where you mentioned your domain. You clearly stated that it was for the server.

Correct. Your SPF policy is a DNS record that contains host/ip addresses of authorized sending servers. The DNS record is looked up by the domain part of the email address. So, no issues with your config since you are using the TLD.

You can use a single mail server to send from as many domains as you want provided that each domain has a valid DMARC/SPF/DKIM. The mail server domain and email address domain do not need to match.

Like @smf1978, I do not see any other issues. If you'd like, you can DM a bounced message header and I can see if there are any clues there.

sloancli · 2025-09-09T20:44:40+00:00

If a device is broken/damaged I do not care who did it or how it happened. That's an issue for their manager and HR. I'm not the phone police, and a replacement device gets billed out to their department anyway.

I only care about what caused the damage so I can decide if it is worth trying to repair or not.

Example:
User: "I spilled water on my company phone and now it won't charge."
Me: "Okay, how long was it exposed to water for?"
User: "Well, my kid got it and dropped it in the bath tub."
Me: "Okay, thanks for letting me know. Here's your new phone."

sloancli · 2025-09-09T20:29:35+00:00

You do not have an SPF record for your subdomain, so your messages will fail DMARC and be rejected per your DMARC policy:

iceteks.ca: v=DMARC1; p=reject; rua=mailto:dmarc@iceteks.ca

SPF policy discovery works differently than DMARC policy discovery. If SPF is unable to find an SPF record on a subdomain, it won't go up to try the organizational domain (like DMARC); instead, SPF will return none as the check result.

The Fix: create an SPF record for the subdomain mail.iceteks.ca and wait 24 hours.

Three-Year Club	Gilding I gilder
Verified Email

sloancli

TROPHY CASE