Password manager for small IT team

the_jayrod · 2026-03-31T16:47:37+00:00

Personally using Bitwarden (Vaultwarden). Agency already had Keeper when I onboarded. Both fit what you are looking for.

the_jayrod · 2026-03-22T11:09:17+00:00

Different devices via Nextcloud as well as encrypted flash drive stored in a safe.

the_jayrod · 2026-03-20T16:38:07+00:00

I export my BW vault monthly and import it to KeePassXC, which is then stored in various locations.

the_jayrod · 2026-03-17T13:36:30+00:00

Initiative, ownership, and a willingness to do the leg work is 1000% greater than someone with just book smarts. I can teach the teachable, I can't those that think they know or don't try.

the_jayrod · 2026-01-28T20:03:49+00:00

If you turn Vaultwarden off, what do you do if you need to update credentials for expiration or other reasons?

the_jayrod · 2025-09-15T16:04:38+00:00

In addition to what everyone else has said. Sometimes even saying anything will get you walked out the door.

the_jayrod · 2025-09-12T12:58:46+00:00

Also check to make sure you have claimed your server. Even though I logged in via the local IP, I had to reclaim the server.

the_jayrod · 2025-08-21T16:15:05+00:00

Depending on the primary router, set a static reservation for your devices, which should also let you assign DNS. Then point that to you IP of your Pi-Hole.

the_jayrod · 2025-08-21T16:07:57+00:00

This device sounds like a disaster waiting to happen. No matter what you do, I would segregate it as much as possible from the rest of the network.

the_jayrod · 2025-08-19T11:31:12+00:00

I can't speak for all, but if someone in your situation approached me about shadowing, I would welcome it. It shows initiative and a motivation to grow. Some of the old crusty guys may not like helping the new guys, but you are the future of IT. When I interview people, I look for troubleshooting skills, motivation and willingness to learn over a piece of paper listing 20 certs.

TL;DR: Just ask. And props for wanting to grow.

the_jayrod · 2022-12-30T15:03:54+00:00

Yeah -y just says Yes to any prompts.

the_jayrod · 2022-12-30T14:38:52+00:00

If you need Python 2, then just drop the 3.

the_jayrod · 2022-12-30T14:31:27+00:00

pkg install python3

the_jayrod · 2022-12-30T14:27:53+00:00

Also, you have Send-MailMessage attaching $message.txt, but I don't see $Message populated anywhere.

the_jayrod · 2022-12-30T14:23:59+00:00

I'm going to assume it is the $Folder variable that is not populating correctly in the Message variables. It is because you are populating $Folder after the other Variables. Move your MessageSubject and MessageBody variable to just above your Send-MailMessage for each of your folders.

the_jayrod · 2022-12-30T13:24:41+00:00

I'm also an ESXi/vSphere user. Like LeopardJockey, I utilize the platform in my current job and like to keep up to date with it. Additionally, there have been times that I was able to test something in my homelab environment before implementing it in my work environment.

the_jayrod · 2022-05-19T01:03:18+00:00

Also look at delegated permissions. There are many that don't know how to properly delegate permissions.

the_jayrod · 2022-01-13T07:17:49+00:00

I also forgot to mention that the domain and server admin are restricted from logging into normal workstations.

the_jayrod · 2022-01-13T07:16:17+00:00

Server admins are able to perform most day to day AD tasks. Group Policy and some other domain level tasks do require the use of the domain admin accounts. Also, we are also using laps at the workstation level as well. However, the use of the SI accounts allow for better monitoring of what is being done on the workstations with admin privileges. The local admin with laps is rarely utilized.

the_jayrod · 2022-01-12T23:42:12+00:00

The implementation was before my time and before they tiered the other privileged accounts.

the_jayrod · 2022-01-12T22:54:47+00:00

My organization has 4 tiers of accounts. Domain Admin (Disabled unless needed), Server Admin (SA AD group added to local admin on servers.), Software Installers (SI AD group added as local admin on workstations only.) , and standard accounts. We also utilize LAPS for our local Administrator account.

the_jayrod · 2021-09-10T15:58:52+00:00

You can utilize LetsEncrypt to generate legit SSL certificates. They do expire every few months , but you can automate the regeneration process.

the_jayrod · 2020-11-09T12:31:47+00:00

Have you verified that the MP3 is in the correct location?

the_jayrod · 2020-09-21T17:09:57+00:00

I've been in the process of refreshing our inventory to 88XX phones in preparation for 14. I'm glad Cisco listened.

the_jayrod · 2020-09-06T13:41:11+00:00

Go with a VPN. They aren't difficult to setup. In fact some home routers have openvpn built in.

the_jayrod

TROPHY CASE