-
Reddit SystemAdmin. Thanks @reddit2telegram and @r_channels.
FYI: the recent update for Greenshot includes an Imgur plugin by default
For some strange reason, despite it having had an unpatched 7.8 CVE for several years, we use Greenshot at our company. They recently released an update that patches that old CVE, which I guess is good, and computers in our environment started updating to this new version via Patch My PC this week.
However, one thing we have noticed is that it installs and activates the Imgur plugin by default.
This plugin adds an 'Upload to Imgur' option after taking a screenshot. The screenshot is immediately uploaded to Imgur, and a link to the image copied to the clipboard. By default, the upload is anonymous, so there is no way to delete uploaded images from Imgur. This is clearly an information security risk.
It looks like there is a way to apply a custom configuration to disable the Imgur plugin when you install Greenshot,, and I'm sure there are ways to skip the installation of the plugin through command-line parameters. But, if not (I haven't really done any client stuff in 3-4 years, so I'm kinda behind), you can modify the config file to disable it.
1. Go to C:\\Users%USERNAME%\\AppData\\Roaming\\Greenshot\\
2. Edit 'Greenshot.ini'
3. Add 'Imgur Plugin' after 'ExcludePlugins='
4. Add 'Imgur' after 'ExcludeDestinations='Comma separated list of Plugins which are NOT allowed. ExcludePlugins=Imgur Plugin Comma separated list of destinations which should be disabled. ExcludeDestinations=Imgur
Though I'm sure the more security conscious people here will have already moved onto other tools already...
https://redd.it/1m90opi
@r_systemadmin
Happy Sysadmin Day, y'all.
May your tickets be few, your phones quiet, and your users grateful.
https://redd.it/1m8x0vd
@r_systemadmin
Weekly 'I made a useful thing' Thread - July 25, 2025
There is a great deal of user-generated content out there, from scripts and software to tutorials and videos, but we've generally tried to keep that off of the front page due to the volume and as a result of community feedback. There's also a great deal of content out there that violates our advertising/promotion rule, from scripts and software to tutorials and videos.
We have received a number of requests for exemptions to the rule, and rather than allowing the front page to get consumed, we thought we'd try a weekly thread that allows for that kind of content. We don't have a catchy name for it yet, so please let us know if you have any ideas!
In this thread, feel free to show us your pet project, YouTube videos, blog posts, or whatever else you may have and share it with the community. Commercial advertisements, affiliate links, or links that appear to be monetization-grabs will still be removed.
https://redd.it/1m8v5ey
@r_systemadmin
Happy SysAdmin Day!
A big shoutout to all the admins who work tirelessly to keep systems running smoothly and secure. Your hard work behind the scenes powers everything.
https://redd.it/1m8pkus
@r_systemadmin
The quintessential Microsoft ticket experience
Raise ticket
'Engineer' asks for logs.
Gives logs
'Engineers' fuck around and pass the ticket around for around a month.
Constantly requests for an update
'Product team' needs fresh logs.
Asks what happened to the first set of logs.
"Oh, they're already stale. We need fresh logs to start investigation"
Asks what they did for an entire month
Random escalation manager replies to thread assuring everything is being worked on correctly.
Gives fresh logs. Somehow finds a solution or issue fixes itself or people just give up.
Email from MS: "Tell us about your Microsoft support experience"
I'm tired, boss.
https://redd.it/1m8lyiu
@r_systemadmin
Suddenly the Only IT Person — No Raise, No Title Change, No Bonus Eligibility?
Has anyone here ever been hired as a regular IT employee, only to end up becoming the only IT person after your supervisor leaves without a title change, raise, or extra compensation?
That’s what happened to me.
I was hired to do standard IT support and project work, but once my manager left, I was informed I’m now on call 24/7. I’m expected to handle:
• All helpdesk tickets
• Infrastructure/system admin
• Product procurement
• Emergency calls even on weekends, overnights, and while I was in the hospital
According to our employee handbook, employees working extra hours outside their standard duties are eligible for bonus pay as long as they aren’t supervisors or execs. I’m not a supervisor, yet was told I don’t qualify because I’m salaried.
To top it off, my predecessor made $100K more than I currently do, and I was told that I’m not eligible for a raise until the annual review period at year’s end.
Just wondering has anyone else had their role quietly change like this without any proper recognition? How did you handle it?
https://redd.it/1m8idga
@r_systemadmin
Thanks for making licensing for 365 confusing Microsoft.
Long story short - I'm migrating licenses from Microsoft 365 E5 to Microsoft Business Premium. However, some users utilize Planner and Project Plan 3 so when I try to assign the license I get the following error:
"To assign a license that contains Project Online Service, you must also assign one of the following service plans: SharePoint (Plan 2)".
I went into apps and unchecked Project Online Service for now - but what exactly is it for? Is it just the web version of Project? We do not have SharePoint P2 licenses - and aren't really looking to buy any.
The constant renaming of licenses and changing of dependencies has me frazzled.
https://redd.it/1m8fjnn
@r_systemadmin
How did KnowBe4 get so much of the market?
KnowBe4 have something like 85% of the SAT market, and their product is a B. Yes, they have a ton of modules and offer great pricing, but they are just no longer relevant. Their UI/UX feels like its from 2010, they dont do any deepfake or voice phishing, and their customer success (with smaller orgs especially) sucks. People are stuck in long contracts with them and it has become the norm, but is that really still necessary? People need to start rethinking this whole SAT thing.
https://redd.it/1m8ca7u
@r_systemadmin
End User wants me to be CIO now
I'm a sysadmin.
Not a product owner. Not a help desk. Not the C-suite (I don't even want that, but GOAT title - for me - is Security Engineer).
Word around the office is that "He is so good with tech,” I’m now expected to make C-suite-level business decisions… like whether our completely private, in-house-lead-based company needs a public-facing website. (Spoiler: we don’t, and I'm uncomfortable with this conversation already.)
But guess who keeps floating the idea? Yep.
Her.
The one with the biggest ideas and no context.
Latest development?
While refilling my coffee, the office admin casually mentions, “Hey, have you thought about setting up an on-call rotation for the help desk?”
Me, blinking in confusion: “We’re not a help desk.”
Her: “I know, but… people forget their passwords at home. Or they write them on a sticky note and accidentally use it as a coaster. It’s just a lot, you know?”
Yeah... No thanks. Not signing up for 24/7 ‘I-forgot-my-password’ duty because Brenda can’t be bothered to remember where her cat tossed her coffee cup, let alone her credentials.
Let’s be clear:
This isn’t a managed services shop.
We don’t do tier 1 support.
We already have self-service reset tools and MFA. (Thanks Microsoft for a healthy and wonderful marriage. Live. Laugh. Love.)
I’m just here trying to maintain uptime, push policy, and maybe get through a patch cycle in peace on Intune.
Anyone else constantly being volunteered for things you didn’t sign up for? That horror story I read a few weeks back about some sysadmin working help desk overtime on-call $60k really set me off, and I just had to stand my ground here.
https://redd.it/1m85yin
@r_systemadmin
Thickheaded Thursday - July 24, 2025
Howdy, /r/sysadmin!
It's that time of the week, Thickheaded Thursday! This is a safe (mostly) judgement-free environment for all of your questions and stories, no matter how silly you think they are. Anybody can answer questions! My name is AutoModerator and I've taken over responsibility for posting these weekly threads so you don't have to worry about anything except your comments!
https://redd.it/1m80azy
@r_systemadmin
How many of you don’t actually interact with end-users?
The last company I worked for, the Enterprise Infrastructure and SysAdmin positions were one and the same, and those guys literally never talked to end-users. Desktop support was always the go between, and I was just curious if that was the case for any of you guys as well? Also, is this why people become SysAdmins, so they don’t have to interact nearly as much with end-users as Helpdesk or desktop support?
https://redd.it/1m7skju
@r_systemadmin
Security team keeps breaking our CI/CD
Every time we try to deploy, security team has added 47 new scanning tools that take forever and fail on random shit.
Latest: they want us to scan every container image for vulnerabilities. Cool, except it takes 20 minutes per scan and fails if there's a 3-year-old openssl version that's not even exposed.
Meanwhile devs are pushing to prod directly because "the pipeline is broken again."
How do you balance security requirements with actually shipping code? Feel like we're optimizing for compliance BS instead of real security.
https://redd.it/1m7oeof
@r_systemadmin
Clorox outsources IT to incompetent company then sues them for incompetence
https://www.bleepingcomputer.com/news/security/hackers-fooled-cognizant-help-desk-says-clorox-in-380m-cyberattack-lawsuit/
In addition to this, Clorox described Cognizant's response and recovery support as overly incompetent, resulting in delays in the application of containment measures, failure to shut down compromised accounts, and sending underqualified personnel on premises.
weeeeiiiiiiiiiirrrrrd...... </s>
https://redd.it/1m7fq7s
@r_systemadmin
Does anyone else have like ZERO patience for developers that don't know how to computer?
I'll spend all goddamn day helping Barbathy in accounting figure out how to open Excel, but fuck me if I have to help someone figure out how to get a compiler that THEY USE ALL THE TIME TO WORK ON THEIR NEW SYSTEM for 5 seconds I'm immediately done with it. /rant over.
https://redd.it/1m7dgl0
@r_systemadmin
Defender for Cloud Apps Policies: Governance Actions
Hey /r/sysadmin,
Leadership wants us to configure alerts in Defender for Cloud Apps to notify us that a new and/or risky Generative AI app is being used. We **do not** want the apps to be blocked. I created a policy:
* If the risk score = 0-5 and the category is Generative AI
* Create an alert for each matching event with the policy's severity
* Trigger a policy match if all of the following occur on the same day: # of users > 1 and daily traffic > 50 MB
* Send alert as email
* Tag app as monitored
Well, a couple of hours after turning this on, our users started receiving warnings when trying to access certain sites.
I'm assuming I went wrong by selecting *Tag app as monitored* under **Governance actions,** but I'm unsure; I see no way to test this. Can someone confirm?
https://redd.it/1m7a4d9
@r_systemadmin
Happy SysAdmin Day to me with a dead XP machine in manufacturing
Power outage last night caused a bunch of issues, even with battery backups and a back-up generator. This morning one of the techs tells me that the XP computer that runs specialized software for a large manufacturing machine in production won't power on and gave a blue screen "KERNAL_STACK_INPAGE_ERROR" and after a reboot, nothing. Black screen.
So now I'm reaching out to the database admin who is still in touch with the person who had my role before me who supposedly used to make clones of this hard drive in an effort to figure out where he might have kept these backup drives. Meanwhile production is stalled. Happy Friday! Happy Sysadmin Day!
There were no notes about this when I started six months ago and I'm just learning about it now. And I'm supposed to leave early for a friend's wedding this weekend. Sheesh.
https://redd.it/1m8zatu
@r_systemadmin
26th System Administrator Appreciation Day. Let's thank them from the industry itself this year.
Today is the 26th System Administrator Appreciation Day!
Let's thank them from the industry itself this year. Many have been working in the midst of a digital war for years and, as a result of the "move fast and break things" mentality, are confronted daily with problems they didn't cause. Do you hear CrowdStrike, Microsoft (SharePoint), Citrix (Netscaler), and Cisco (ISE)?
Oh, and also a "thank you" from Microsoft to all system administrators for providing mental support to users transitioning to the New Outlook. Perhaps (if it's not too much to ask) a more friendly pricing model from Broadcom, TeamViewer, and the other companies on the IT-naughty step.
Have a great day, colleagues ;-)
https://redd.it/1m8rt39
@r_systemadmin
Outsourcing IT
I am a Network Administrator and I recently learned our CRM provider secretly flew in and had a meeting about outsourcing our department. My manager said in management's mind they are looking to outsource parts of it to save money, but to me I see the writing on the wall.
Before I dust off my resume does anyone have any suggestions or past experiences with this? Anything that may help me? Nothing has been decided yet (according to my manager).
https://redd.it/1m8qhky
@r_systemadmin
How do you train new hires on cybersecurity without overwhelming them?
We’ve had new staff click suspicious links or use weak passwords.
We want to include security in onboarding, but without drowning them in policies.
Any formats or services that make this easier to roll out?
https://redd.it/1m8gzfk
@r_systemadmin
Why can’t Microsoft just build SCCM in the cloud?
I don’t get why Microsoft insists on pushing everyone to Intune when SCCM already does everything better — faster deployments, real-time policy pushes, detailed logs, solid control. Why not just build a cloud version of SCCM? Put the DC and SCCM server in Azure, tunnel traffic through a connector like AD Connect, and call it a day.
Intune is painfully slow — app and policy changes can take 30–90 minutes to apply, even with a manual sync. That’s just not acceptable in an enterprise, especially during emergencies. SCCM can push changes instantly.
Microsoft already supports hybrid stuff like Azure AD DS and Azure Arc, so why not offer SCCM-as-a-Service for those of us who still need real control?
Feels like we’re being forced into a tool that’s still not ready for prime time, just because it fits Microsoft’s cloud strategy better.
Anyone else frustrated by this?
https://redd.it/1m8bw2g
@r_systemadmin
"We'll clean it up in post" but it's enterprise software
I, for one, welcome our new LLM overlords
https://redd.it/1m8hcsj
@r_systemadmin
How are you handling printers in 2025?
We are hybrid but slowly moving resources to the cloud. What's the recommended replacement for traditional print servers?
https://redd.it/1m85e0n
@r_systemadmin
The upcoming audit has me stressed
Our external ISO audit is in six weeks and I'm already stressed out. The evidence collection process is an absolute nightmare. I spend weeks just chasing people down for documents, training records, meeting minutes... it's all buried in emails and a dozen different shared drives. It's a horrible, manual process.
https://redd.it/1m7ynzt
@r_systemadmin
Customer is able to resume RDS session without knowing the password
Maybe it's by design but I was surprised that this is possible.
Customer uses a Remote Desktop farm with Server 2025 RDS Gateway/Loadbalancer with multiple 2025 RDS session hosts.
The .RDP file is on the local pc's desktop.
User A doubleclicks the .RDP file and enters username/password. There is no option to save credentials, this has been disabled by reg file on the pc.
When User A is going on a lunchbreak, user locks the RDS session itself, not the local pc. The local pc currently has a password that everyone knows. All pc's are for common use, the pc's are not domain joined.
If User B walks up to this pc and finds a locked RDS session. Password is unknown to User B..
Now when you minimize the RDS session (not close it with the X up top) and you doubleclick the .RDP file again on the desktop the session is logged in again without having to enter a password. User B now has access to User A's RDS session.. Without knowing the password. User A never saved credentials.
Is this by design or a bug? I can reproduce this only with a RDS gateway/load balancer farm. Not with a single RDS host.
https://redd.it/1m809bq
@r_systemadmin
Looks like Microsoft have made Token Protection available for Entra P1
https://ourcloudnetwork.com/microsoft-makes-token-protection-available-for-entra-id-p1-licenses/ can't see any official announcement from Microsoft, but according to changes in the Microsoft Entra, Token Protection either is or is soon to be available for Entra P1 customers. Previously paywalled behind P2..
https://redd.it/1m7wx11
@r_systemadmin
So we're just leaving DCs unpatched in 2025??? 😵
Just started a new gig & learned immediately that the DCs are missing 2 years worth of patches. this a normal thing in the IT realm? Are IT Pros just not patching their DCs? Rhetorically this has to be a NO!
Anyway, in a 1 forest environment with 2 or more DCs are you splitting your FSMO roles by Forest/ Domain between the DCs like Microsoft tells you? or Do you transfer them when you patch your system or just leave them on the primary DC since downtime shouldn't be long? Just aiming for best practice/ approach at this point.
I know.. so many questions for such an inquisitive concerned IT dude. Pass me my snifter & pour me some Bourbon will ya?!!
https://redd.it/1m7kvui
@r_systemadmin
Really hate troubleshooting with people who dont follow directions
So this morning someone from the office messaged me saying the office internet wasn't working and so i login to our network dashboard and see everything is green so good to go. I have them check the IP phones and those are good to go and i check our security cameras and those are live so internet isnt the problem.
We use docks at work and i thought ok, maybe the dock went bad so i have them use the one at the spare desk to see if that works and thats where i get radio silence for ten minutes. I ask again after a while so is there internet and they send me a photo of the laptop back on their desk, i can tell cause of the items around the desk and im like so did it work at the spare desk and again radio silence.
So i go get some coffee from the fridge and come back to a call and another unrelated picture of the user trying to do something else without internet and then they connect to a separate network and at that point i already wasted a bunch of time with no feedback or results so i just ignore this person. Users like this just annoy me to no end. Cant follow directions and expect you to work magic or something.
https://redd.it/1m7fk20
@r_systemadmin
Fired for gambling
Saw someone talk about the sudden growth of gambling sites over the past year and it reminded me of something that happened last year but we still have to deal with on occasion.
We have a pretty lax system of moderating websites at my office where if you don’t do something stupid we don’t stop you from listening to Spotify or sharing YouTube videos in company messages. We do have a banned web list that’s basically anything XXX related or anything black listed by corporate like 4chan or piracy websites.
One day we get notified that someone has been spending a ton of time on this website that’s been flagged but not blocked on their work computer and when I checked it out it was a crypto gambling website with a bunch of weird games. We look into the user and it’s an intern who just started and has spent a solid chunk of their day gambling on this and several other websites. We don’t know for sure how much this person won or lost but once the people in charge found out the intern was let go near immediately for being a security risk. This kid basically threw away an internship at a fairly large company because he couldn’t stop gambling.
https://redd.it/1m7f17g
@r_systemadmin
Are all security consultants useless?
I can't be the only SysAdmin getting increasingly more and more fed up with having to deal with security consultants who don't have a clue what they're doing can I?
It probably doesn't help that their standard pay seems to be much higher and yet their ability to apply knowledge sensibly is completely lacking.
I have to deal with several NHS trusts and so granted they're probably bottom of the barrel security consultants be even so, it's infuriating.
Last week one of them wrote to us as they'd pentested the service we host for them and found several security headers were missing. I knew they were there so that was odd and also there should have been a number of other low scoring vulnerabilities that were missing.
First off I speak to the other admin, we've had no request to turn off or bypass their WAF so that would have hidden pretty much all the vulnerabilities but even more impressive I realised he had run the pentest using an external tool. As part of his initial security requirements for our product we blocked connectivity to the portal from everywhere other than 3 public IP addresses. So essentially he has pentested absolutely nothing...
I pointed this out to him and his response was that he will mark it as a false positive... And that we've passed the pentest....WTF!
As the SysAdmin I'm happy to get it off my plate but as a member of the UK public a part of me feels the need to raise this ineptitude within the trust because god knows what else this guy has signed off without having a clue what he is doing...
Please restore my faith and let me know there are some good ones somewhere....
https://redd.it/1m7cg21
@r_systemadmin
Microsoft! Stop using upper i and lower L in LAPS passwords! Or at least use a font that shows a difference.
If one of those characters is used probably 90% of the time the guess is wrong. And of course you can't copy and paste, which would also solve the issue. Getting UI artists who never have to use the interfaces in production to find the right aesthetics may make the SCP who signed off proud of himself and feel like such bold leadership and decision-making justifies tens of millions in salary, perks, benefits, and stock options. It doesn't.
https://redd.it/1m7a9lx
@r_systemadmin