I'm a generalist SysAdmin. I use Linux when necessary or convenient. I find that when I need to upgrade a specific solution it's often easier to just spin up an entirely new instance and start from scratch. Is this normal or am I doing it wrong? For instance, this morning I'm looking at a Linux VM whose only task is to run Acme.sh to update an SSL cert. I'm currently upgrading the release. When this is done I'll need to upgrade acme.sh. I expect some kind of failure that will require several hours to troubleshoot, at which point I'll give up and start from scratch. I'm wondering if this is my ignorance of Linux or common practice?

If I create a VM role, I can assign it's networking to a VLAN, however I can't do the same to a file server role. Does anyone know if it's somehow possible?

The email: Hi this is Scammy McScamface and I'd like to scam you please click the scam link below.

Designate a place in every room as, "the place I put things." Use positive reinforcement to train yourself to put things down in that space. Every time you use a drop zone, give yourself an attaboy/girl. It needs to be big enough that it can hold a few things, keys wallet, cell phone, but not so large that things can get lost in it. You don't want too many drop zones, but you need to have one always handy. Keep them uncluttered when possible so that they're always available. Dissuade the people in your life from "cleaning up" these spaces. Now, when you lose something, you've got a good chance of finding it by checking all your drop zones.

They hired a new hotshot engineering manager (the kind that makes physical things). He hates the engineering software we run. I don't blame him, it's crap software. He constantly complains about how slow it its. He's right again. Crap Software Vendor says it's my platform that makes their software slow and buggy. I'm willing to make any changes they recommend, but they've got nothing. They're like, "it runs fine in our test env." So hotshot goes rogue and signs contracts to move engineering to a cloud platform that he used at his old job. I wasn't brought in until after the ink dried.

New vendor sends me a link, login, and password via email. I go to the link. It's fucking remote desktop gateway. Open to the internet. The password isn't a temp, that's my permanent unchangeable password. This is how they handle user access control. No MFA. Nothing between the screaming void and our data but IIS and an AD password.

So I start pissing in the tent. I tell everyone this is unacceptable security for our IP. Vendor acknowledges that their security is insufficient and lays out their roadmap to fix it, hopefully by the end of year(I'm holding my breath). I ask if we can just run the software ourselves.

I have a convo with our CEO who usually listens to my advice. He asks if we can just host the new software on our platform (the one that already has MFA and a whole lot of other security measures). I say, "That's exactly what I was thinking." So, CEO email in hand I go back to the group and tell them to make preparations to move the implementation to our platform.

Hotshot starts bitching and moaning about how he doesn't want another slow app. A data analyst chimes in with her two cents out of fucking nowhere. I'm not even sure why she's on the email chain. I'm about two seconds away from going Joe Pesci on these goombas.

What the fuck guys? Who cares if the app is slower on our platform (not that it necessarily will be)? What good is a fast app that's insecure? How fast is it gonna be when it's ransomwared to hell? It'll be nice that the app is fast when BianLian is downloading all our designs so they can extort us.

"Well they're a big company and they haven't gotten hacked yet?" Thanks for that Captain Smith, but I know a fucking iceberg when I see one.

When I was a kid they told me, "If you care about something and work hard you'll succeed." I failed, a lot, and so I figured, "I must be lazy and apathetic."

Eventually I found my ikigai and success. I thought, "now I care and now I'm working hard, I'm a different person, this is why I'm successful now."

I always knew I had ADHD, but strangely nobody seemed to acknowledge it outright. My parents just laughed when the neighbor called me space-cadet. I was diagnosed with dysgraphia, which was all my mom wanted to talk about.

Recently I've been reading about ADHD and I came to a realization. I was never lazy or apathetic. I'm not a different person now, I just found something where the bulk of my work provides me the dopamine I need to stay engaged. I've also got some masking strategies, which took me 30 years to develop because I had to do it on my own.

Nobody looks at a paraplegic and says, "boy are you lazy."

Please don't let other people define you. Don't mistake your ADHD for a character flaw. Find your ikigai. It won't fix your ADHD, but it will make you a whole lot happier.

Ikigai:

A motivating force; something or someone that gives a person a sense of purpose or a reason for living. The feeling of accomplishment and fulfillment that follows when people pursue their passions. Activities that generate the feeling of ikigai are not forced on an individual; they are perceived as being spontaneous and undertaken willingly, and thus are personal and depend on a person's inner self.

My company is about to shift a large workload to a vendor that uses an RD Gateway hosted at Amazon to serve access to the front-end application. It's open to the internet at 443. There's no MFA. How worried should I be?

Since usernames are only unique to the instance it's created on, what's to stop someone from creating a copycat username in order to impersonate another user?

We're installing a new app on a secure network. The vendor has requested we allow access to gstatic.com. That seems overly broad to me and unsafe. Thoughts?

I thought I could make a 90° left turn, took it too wide and clipped my wheel on the curb. I ate it hard. Face and shoulder hit asphalt. Wrecked a 25 year old Hawaiian shirt. Also wrecked my arms. Pretty sure nothing broke, but my tendons are sore as hell. I can't lift my arms. Thus endeth my downhill ambitions. Cruising only from now on. I'm 45 and I can't take a fall like that.

When offboarding a user, the option to retain that user's mailbox and give other people access is, convert to a shared mailbox. When you do this it doesn't delete the user account. It still shows up as an active, unlicensed user. This can be sort of troubling as reporting of active user counts still includes those users. I'm not 100% sure that this is different, but many of our users are hybrid with an on-prem AD. When we try to delete the user and convert to a shared mailbox, the deletion fails, but the convert to shared succeeds. If we subsequently move to on-prem account to an un-synchronized OU, the user account and it's associated share mailbox also get deleted. The way I've found to fix this is to restore the AAD user account after we move the on-prem account. It's all a bit of a hassle and I wonder if there's a better way. How do you handle offboarding hybrid accounts?