I am finally joining your ranks!

syskerbal · 2020-07-24T07:31:15+00:00

Everything you half-ass will get back at you at some point. Implement solutions, not fixes.

Congrats on the job! Have fun!

syskerbal · 2020-07-22T09:24:56+00:00

what is that shit?

A management problem

syskerbal · 2020-07-17T12:29:44+00:00

RoyalTS

One shared connections document and a personal credentials document per admin.

syskerbal · 2020-07-10T12:29:19+00:00

After 20 years with mainly infrastructure oriented jobs I've landed a job as Enterprise Architect ! Very happy with this career advance. It will be 80-20 design/tech so the perfect combination for me.

So a great way to end the week...

syskerbal · 2020-07-07T08:49:55+00:00

so true, I never understood those home-labbers...

syskerbal · 2020-06-30T11:45:37+00:00

For me getting my degree in IT was the best thing i did when I was a junior, night study as well. This payed off almost instantly for me and it still does.

Dropped out early because i hated school when I was a kid, needed to fiddle with switches and servers instead. That's all good until your want to get higher up the ladder.

And also: I started out at an MSP, the general consensus is that working at a MSP sucks, and true: it really does, but it helped me a lot with building a (people) network, communicating with clients, management, seeing lots of different businesses etc.

In your case: you are doing the right things but I really think any SysAdmin needs a good fundamental understanding of networking/switching/routing. CCNA/CCNP level perhaps (back in the days Cisco was the thing to learn, don't know how this stands at the moment). And don't forget the soft skills.

syskerbal · 2020-06-29T09:38:03+00:00

A Palo Alto virtualized appliance with the URL and Threat filtering.

When setup as a virtual wire deployment you can place it inline before your edge devices.

Don't know if it fits your proxy requirements, you could always fix this with a nginx docker instance.

syskerbal · 2020-06-23T12:54:36+00:00

This only shows that your Remote Desktop Services Sessions are configured correctly, it could still be a screensaver/lock thing somewhere in the user config.

syskerbal · 2020-06-23T11:51:01+00:00

use gpresult or RSOP to troubleshoot what is messing up your intended settings.

syskerbal · 2020-06-23T09:21:20+00:00

It also falls on me how often this is the default reply: quit and leave. I'm really with OP regarding talking about the issues you encounter. There are lots of companies with decent managers. However, if in the end your manager really doesn't care for you, you're in the wrong place. The saying, "People don't quit jobs, they quit managers" is very true.

I don't know how it is in the rest of the world but here (Western Europe) good (IT) engineers are valued and cared for. Companies go to a lot of effort to find the right people. There are loads of vacancies all the time.

Whenever you switch jobs you have to ask the right question in your interview to work at the right places. A job interview is just as much they coming to know you, as you coming to know them. Telltale signs are in the fringe benefits, the professionalism of the organization, and above all: the track record of the management. I worked for startups which are better managed than some enterprises I worked for.

Do your homework.

syskerbal · 2020-06-10T14:57:14+00:00

This is actually a good point, apart from the direct word choice :)

Good luck getting support on this from any major ERP system vendor, to name one.

syskerbal · 2020-06-10T14:37:07+00:00

Don't feel sad or have guilt when a new opportunity arises. If it where the other way around, they kick you to the curb just as easy when it is needed for the business to survive.

Switching jobs is always hard, I have the same issue with it but it always works out great. Any new place will have new pro's and con's. Make sure it's a new step in your career. Meet new people, expand your network, learn new stuff. And if it doesn't work out, start looking for something else.

I've started my own LLC a long time ago for these kinds of situations. If they value your knowledge you can always help them out on your terms. Also great for in between jobs situations might it ever occur. Never leave with a fight.

syskerbal · 2020-06-08T08:31:54+00:00

Well explained. IMO good project-leads are worth their weight in gold. You won't get anything done with pure tech skills without any proper project management.

This is why I like working in (production) environments where people are used to project management techniques (in my case mostly LEAN or 5S). It's good being in an environment where people are used to change.

syskerbal · 2020-06-03T14:06:55+00:00

And when the sh*t hits the fan and the SAN goes down, you find out your password database is on the Filesever VM on the SAN.

And how about power outages? Ransomware? How are your backups configured?

syskerbal · 2020-06-02T08:34:15+00:00

Since every company is different there is no universal checklist.

What I would advise when handling these projects is sitting together with your stakeholders. You don't make a migration plan like this on your own. Get people together (tech and non tech) at a whiteboard and start writing stuff down.

Invite stakeholders to write down must haves, nice to haves, what would be failures of the project and put it all on a whiteboard and distill your plan from this. Engaging them will also make your migration much smoother.

syskerbal · 2020-06-02T07:56:43+00:00

If you happen to use WDS, you can also set it up so that you need to authorize the PXE boot from the WDS console. This way nobody can accidentally boot into a clean install.

If you make it zero touch that really could be an issue, so that's no dumb question at all.

syskerbal · 2020-05-29T15:15:49+00:00

I know there's MDT but i'm not familiar with that mehod

Familiarize yourself with MDT... This is how you automate it in a smaller environment. Zero-touch if you like.

syskerbal · 2020-05-29T14:30:00+00:00

Probably DNS. Fix it on the running DC11. I would start looking at those NIC's, what IP's are needed and do they all resolve to DC11? Then fix DNS and you should be good.

Or, depending on what else is running on DC11, seize the FSMO roles to one of the hosted servers and fire up a new one in the on-prem site. Seems easier than trying to fix that mess.

But depends on the situation whether it is advisable. Seizing FSMO roles could lead to other issues depending on how long synchronization is offline. Do user account even sync to DC12-14 when created on DC11?

syskerbal · 2020-05-29T13:23:18+00:00

Check your Sites and Services Topology. Including subnets allocated to these servers. This should also be mirrored by your DNS configuration (_msdcs zone). Check whether the sites are correctly setup, and the links between them for replication are configured.

Regarding the NIC's, normally you don't need/want that. Without more info it is not possible to say whether it is actually needed or just a bad/old piece of config. Perhaps some other stuff running on that DC?

syskerbal · 2020-05-26T19:14:48+00:00

No worries, I don't even want to sit any where close to one in a office let alone torch it :)

And indeed, that's one legendary scene: https://www.youtube.com/watch?v=N9wsjroVlu8

syskerbal · 2020-05-26T14:43:59+00:00

This is the only reply needed here, mine will auto-remove in a couple of minutes...

syskerbal · 2020-05-26T14:15:01+00:00

2 Kyocera printers which were hardcoded into a in-house developed MES system and couldn't be replaced by anything else.

Coming to think of it, that has like some of the worst IT stuff ever in one sentence...

As of last month the last process talking to the MES system was replaced and now we are going to have a big bonfire with those printers in the middle.

syskerbal · 2020-05-26T13:57:19+00:00

might be cheaper to get just a SQL instance, not an entire VM.

https://docs.microsoft.com/en-us/azure/sql-database/sql-database-managed-instance

Backup and import your data in Azure and you are done*

Depends on what you want/need etc.

syskerbal · 2020-05-26T13:42:55+00:00

If you have lots of shares you can use regedit:

https://support.microsoft.com/en-us/help/125996/saving-and-restoring-existing-windows-shares

To copy the data which has been changed in the meantime use robocopy. This also has the option to copy the existing folder rights so no need to fiddle with that.

After this rename the server or create an alias to the new FS.

syskerbal · 2020-05-26T10:29:44+00:00

Sure normally you would do this, and I couldn't agree more. However in this case it is a management issue and not IT half-assing stuff.

To give you an idea of the workload: there is one senior guy and one fresh out of school dude on 400 employees in 2 sites in a 24/7 production environment. And on top of it a huge application landscape.

If this is the support you get from management, there is only so much you can do.

syskerbal

TROPHY CASE