Welcome to the Halloween special of SysAdmin Weekly, where Andy, Eric, Paul, and Mike gather ‘round the flickering glow of their monitors to share true tales from the trenches, the ones that still haunt their uptime dreams.
From flooded data centers and cursed SAN swaps to Novell nightmares, rogue backup tapes, and the eternal terror of “it’s always DNS,” this episode dives into the real-life horror stories that only SysAdmins could survive.
Expect nostalgia, gallows humor, and a reminder that in IT, every scream has a log entry.
Grab your candy corn, dim the lights, and join us as we celebrate the season of outages, late-night restores, and phantom pings.
Because sometimes… the scariest thing in tech isn’t ransomware, it’s the guy who forgot to check the backups....
#####Episode Resources
- SysAdmin Weekly Companion Newsletters
- Azure 15-Year Anniversary News – Microsoft vs AWS Revenue Comparison
- KQLBench – Test LLMs on Microsoft Kusto Query Language
- Novell NetWare (for the brave and nostalgic)
In this episode of SysAdmin Weekly, the crew tackles one of the most debated questions in IT: Is university still worth it for aspiring SysAdmins in 2025?
Joining Andy is a friend of the show, Clay, a newly graduated IT professional from the Netherlands who shares his journey from tinkering with PCs as a kid to landing his first SysAdmin role. Together, they unpack how well higher education prepares students for real-world IT and where it still falls short.
Listeners can expect an honest, grounded look at the difference between theory and practice in modern IT. The conversation covers:
- Whether university programs keep pace with the speed of tech.
- What parts of formal education still provide lasting value.
- How certifications, home labs, and real-world experience stack up against degrees.
- Clay’s early-career lessons, including his first big outage (spoiler: it *wasn’t* DNS this time).
- The timeless SysAdmin truths about troubleshooting, documentation, and learning by breaking things.
This episode bridges the gap between the classroom and the server room with a mix of humor, career wisdom, and a few painful flashbacks to subnet calculations. Whether you’re a student, a career-switcher, or a long-time admin wondering how the next generation is being trained, this one’s worth your time.
Episode Resources
- SysAdmin Weekly Companion Newsletter
Burnout in IT is not just “being tired”, it’s a silent crisis affecting countless tech professionals, SysAdmins, engineers, and ops folks who are running on empty. In this episode of SysAdmin Weekly, we dig into the mental health stressors built into the tech industry: constant change, imposter syndrome, “always-on” culture, notification overload, and more.
Co-host Eric Siron and Andy share real stories, data, and actionable tactics from boundary-setting to seeking help that can make the difference between surviving and thriving.
Whether you’re feeling burnt out, concerned about a teammate, or just want to build a healthier tech culture, this episode is for you.
Covered in this episode:
- The mental health “baseline” in tech: diagnosis rates, productivity loss, burnout prevalence
- Why imposter syndrome is especially tough in IT
- The role of organizational culture, remote work, and tool overload
- Practical practices: micro-breaks, peer support, therapy / coaching, building psychological safety
- What leaders and managers can do to make tech workplaces more sustainable
Tune in and pass it on to anyone in tech who needs a reminder they’re not alone.
Episode Resources:
- SysAdmin Weekly Companion Newsletter
- Perplexity CometJacking Attack
- Satya Nadella Microsoft AI Interview
- Slack: Mental Health in Tech (2020)
- TechUK - Addressing Mental Health in the Tech Industry (Burnout Index 2022)
In this episode, Andy teams up with Microsoft expert and Aussie tech legend Paul Schnackenburg to break down the buzzword that’s haunting every IT strategy deck: Cloud-Native. Together, they unpack what it really means in a Microsoft ecosystem from ditching on-prem Active Directory and ConfigMgr to embracing Entra ID, Intune, and Autopilot.
Along the way, they hit on real-world migrations, the trade-offs of control vs. convenience, and why hybrid identity might actually make you less secure. Expect analogies about Death Stars, cruise ships, and even the Magic School Bus, because of course they did.
Whether you’re an MSP plotting your clients’ next move or an IT pro trying to future-proof your environment, this episode’s your field guide to surviving (and thriving) in a Cloud-Native world.
NOTE: As a reminder, be sure to share your IT Horror stories with us! We’d love to share as many as we can during an upcoming Halloween episode!
Episode Resources:
- CVE-2025-32463 (Sudo vulnerability details)
- CISA KEV Catalog (Known Exploited Vulnerabilities)
- SysAdmin Weekly Episode 22 – IT Documentation (Referenced in comments segment)
- SysAdmin Weekly Episode 3 – WSUS Deprecation Discussion
- Microsoft Intune Autopilot Device Preparation (v2)
- PowerShell Summit Session: Secure Management of Secrets with Azure Arc (Referenced by Andy)
This week on SysAdmin Weekly, Andy is joined once again by Mike Nelson for a deep dive into the world of local AI. Together, they unpack Ollama and Open WebUI, exploring how SysAdmins can run large language models on-prem to unlock powerful workflows while keeping sensitive data in-house.
From hardware setups (yes, even that dusty old GPU in your basement), to why privacy-conscious SysAdmins are moving workloads local, Andy and Mike cover it all. Along the way, they swap stories on home labs, Ubiquiti gear, Ghost CMS, Hugging Face models, and where open-source AI really shines.
If you’ve ever wondered why you’d bother with local AI when ChatGPT is just a browser tab away, this episode lays out the practical sysadmin use cases, security considerations, and future of AI in the trenches.
Episode Resources:
- SysAdmin Weekly Companion Newsletter
- Confluence Free Instance (Atlassian)
- Awesome MCP Servers (GitHub curated list)
- Previous SysAdmin Weekly Episode: “The Importance of IT Documentation”
- Previous SysAdmin Weekly Episode: “Building a Home Lab on the Cheap”
In this episode of SysAdmin Weekly, Andy and Eric dig deep into how to build a fully functional home lab without selling a kidney. We cover picking hardware on the cheap, virtualization (Proxmox, Hyper-V, etc.), managing storage, navigating Microsoft licensing, layering in free cloud tiers, network tricks, and the kind of “what if I push this button?” experiments that keep us awake at 2 a.m.
Whether you’re starting from a pile of old PCs or trying to mix in cloud credits, this show gives you the blueprint, the trade-offs, and, most importantly, the sanity checks.
In this episode:
- How to stretch every dollar on lab hardware
- When to go physical vs. virtual (or hybrid)
- Proxmox tips, license workarounds, and pitfalls
- Cloud free/low-cost tiers you can use for testing
- Network, storage & routing hacks we swear by
- Real talk about maintenance, scaling, and failures
Episode Resources
- SysAdmin Weekly Companion Newsletter
- Azure Free Services / Free Tier
Hey folks! Andy here, and in this episode of SysAdmin Weekly Eric and I answer the hard questions regarding the documentation we all put off, but secretly depend on.... whether we like it or not.
In this episode we cover:
- Why poor (or missing) documentation is the root of so many SysAdmin nightmares
- War stories where “future you” had to clean up past you’s mess
- Tools, templates, and mindset shifts to make living documentation actually .....live
- Change control, accuracy, and how to trust what your docs say
Whether you're flying solo or managing teams, this episode will give you ideas to start building docs you’ll thank yourself for later.
Hit subscribe, ring the bell, and share this with someone whose servers are mysterious even to them. Let’s make documentation less boring, more usable, and fearless.
Episode Resources:
- SysAdmin Weekly Companion Newsletter
- Incident Response Markdown Template
This week on SysAdmin Weekly, Andy is joined by regular co-host Paul Schnackenburg for a deep dive into Conditional Access, the cloud-era identity firewall you could say? and a cornerstone of Zero Trust security in Microsoft 365 and the Microsoft Cloud.
We cover everything from the basics of conditional access policies to the nuances of break-glass accounts, layered policies, and how to avoid locking yourself (and your entire org) out of Entra ID. Along the way, we touch on Microsoft’s security defaults, authentication strengths, and the role of risky sign-ins and user risk detection in identity protection.
Paul and Andy also share war stories from the trenches: configuring fresh tenants, wrangling MFA requirements, and learning why documentation and backups of your conditional access policies matter more than ever. Plus, there’s plenty of SysAdmin banter on Intel’s decline, ARM’s dominance, and even foldable phones!
If you’ve ever wondered how to design policies without creating chaos or how to modernize your security controls without overwhelming your users, this is the episode is for you.
Episode Resources
- SysAdmin Weekly Companion Newsletter
- Microsoft Security Defaults Overview
- Microsoft Entra Conditional Access Documentation
- Microsoft Identity Protection (Risky Sign-ins & Users)
- Authentication Strengths in Entra ID
- Meister.dev – Conditional Access Testing Tool
Andy and Eric break down the actual Microsoft skills that move the needle with no fluff, and no buzzword salad. We hit the core Windows/AD fundamentals, the PowerShell magic you’ll use every day, and the cloud/M365 bits that keep modern shops sane.
If you’re trying to level up without wasting cycles, this is your roadmap.
What we cover (at a glance):
- Identity & Directory - AD/Entra basics, Group Policy that won’t bite you later, hybrid gotchas
- Automation - PowerShell patterns you’ll use forever (loops, pipeline, remoting, “please don’t run that in prod”)
- Networking for Windows admins: DNS/DHCP sanity checks, practical troubleshooting, knowing when it’s actually the firewall
- Microsoft 365 - mail flow triage, Teams/SharePoint survival skills
- Security stack - Defender realities, Conditional Access guardrails, least privilege that people will actually follow, Just in time administration.
- Azure orientation - VMs, storage, networking, Arc and what’s worth learning first
- Career path - what to learn now vs. what to park for later, and which certs are signal vs. noise
Bring coffee. Leave with a plan. And yes, a little snark, because ticket queues were meant to be mocked.
Episode Resources
- SysAdmin Weekly Companion Newsletter
- SysAdmin Weekly - 018 - What did Broadcom do to VMware?
- SysAdmin Weekly - 014 - How SysAdmins can Showcase Value
- SysAdmin Weekly - 008 - Getting Started with GitHub Copilot
"Compromised." We throw the word around like everyone agrees what it means, but do we?
This week, Andy and Eric dig into the many faces of compromise in a security context and why it’s not a simple definition
In this episode:
- What actually counts as a security compromise (and why the answer is “it depends”)
- Full breach vs. partial breach: Does it even matter?
- Why lateral movement should keep you up at night
- Session token hijacking in M365 and why MFA isn’t a silver bullet
- The Myth of the Green Matrix Terminal Hacker (aka Hollywood hacking nonsense)
- How risk profiling and layered defenses can contain the blast radius
- Real-world detection failures and the “10,000 alert problem”
- Practical steps to tune logs, outsource monitoring, and avoid burnout
📬 Reminder! - You can subscribe to the SysAdmin Weekly Companion Newsletter (link below) or email your own security horror story to contact@sysadminweekly.com!
Episode Resources:
- SysAdmin Weekly Companion Newsletter
- SysAdmin Weekly 012 - Identity is the New Firewall
- Evilginx (Reverse Proxy Phishing Toolkit)
Broadcom’s acquisition of VMware has left the sysadmin community reeling. From gutting VMware’s workforce to skyrocketing license costs (1000+ percent increases in some cases), cease-and-desist letters for perpetual licenses (really?), and a collapse in customer support, the VMware we once knew is gone.
In this episode of SysAdmin Weekly, Andy Syrewicze and Eric Siron dig into:
- How Broadcom’s handling of VMware triggered massive customer backlash
- Why small and mid-sized businesses (SMBs) are being pushed away
- The licensing and pricing nightmare (including lawsuits from giants like AT&T and UnitedHealthcare)
- Declining customer experience and security patch transparency
- Alternatives on the rise: Hyper-V, Proxmox, Nutanix
- And even a spicy debate: will SysAdmins return to physical servers?
If you’ve ever managed a VMware environment, are considering your virtualization options, OR you just need to share in VMware Grief, this one’s for you.
Episode Resources:
In this episode of SysAdmin Weekly, Andy and Eric wade through the sometimes mess that is managing Hyper-V. From MMC snap-ins to Azure Arc and everything in between, we’re talking about the confusing pile of tools Microsoft throws at you when you just want to manage some virtual machines.
Topics include:
- The evolution (and stagnation) of Hyper‑V Manager
- Why Failover Cluster Manager feels like an insider secret
- SCVMM: A tool that should be great… but isn’t
- Windows Admin Center and its 80-inch monitor problem
- Azure Arc: Is it helpful or just cloud cosplay?
- PowerShell, Live Migration, CSVs, and sysadmin war stories
If you've ever screamed at a clustered VM that just *won’t* move, this episode’s for you.
---
EPISODE RESOURCES
- System Center Virtual Machine Manager Overview
- Manage Hyper‑V Integration Services
- Microsoft 365 Direct Send Abuse
---
Subscribe to the companion newsletter: https://newsletter.sysadminweekly.com
Got a Hyper‑V horror story? Share it with us in the comments!
In this episode of SysAdmin Weekly, Andy sits down with Mike Nelson to talk about how SysAdmins can harness the power of Generative AI to make their day-to-day lives easier. From writing PowerShell scripts to reducing cognitive load during incidents, Andy and Mike break down real-world use cases that go beyond hype.
They dive into what AI agents really are, how large language models (LLMs) fit in, and introduce the concept of Model Context Protocol (MCP), a game-changer for future infrastructure automation. Mike shares his home automation experiments, Andy nerds out about running open-source models locally with Ollama, and together they discuss where tools like Microsoft Copilot and Azure MCP might take SysAdmins next.
If you’ve ever wondered how AI can move from buzzword to genuine productivity tool in IT operations, this episode is for you!
---Episode Resources---
- SysAdmin Weekly Companion Newsletter
- ProPublica article on Microsoft support risk
If you've ever stared at a blinking cursor at 2 a.m. whispering, "please just work…", this episode’s for you. Andy Syrewicze and Paul Schnackenburg roll up their sleeves and wade into the messy, glorious world of troubleshooting. From stopping junior techs from “chaotic clicking” themselves into a production outage, to real-world stories of SQL process murder and Comcast cables zapped by neighborly air conditioners, this one’s packed with hard-earned wisdom.
You’ll learn how to scope problems without panicking, why you should onlychange one thing at a time (seriously, ONE), and how to use logs, diagrams, and even your own voice (rubber-duck style) to untangle gnarly IT messes. We talk when to escalate, how to survive vendor support roulette, and why sometimes the best fix is simply tossing the old PC in the bin and giving the user a shiny new one.
Plus, in news this week, the guys discuss:
- SK Telecom’s “3-year breach”
- CitrixBleed 2 makes NetScaler owners sweat
- Push Security drops a free MFA-verification tool for help desks
- Notepad finally speaks Markdown (YAY!)
- And Andy debates whether Hugo or a “Swiss-cheese WordPress” should power his next project
This is SysAdmin troubleshooting in its purest, funniest, most caffeinated form. Bring your ticket queue and a strong coffee.
--------
Episode Resources
- SysAdmin Weekly Companion Newsletter
- CitrixBleed 2 (CVE‑2025‑5777)
- Push Security browser extension
Let’s be real, the better you are at your job in IT, the less anyone notices. Welcome to the Visibility Paradox, where success means silence, and failure? Oh, that gets EVERYONES attention!
In this week’s episode, we break down how SysAdmins can fight back against being invisible by quantifying wins, showcasing strategic value, and learning to speak fluent exec (without falling asleep doing it).
We talk dashboards, automation ROI, watercooler politics, and the underrated power move of asking: “Who’s in the room?” before every meeting.
Because if you want to survive the next round of budget cuts....or better yet, get that promotion, you're going to need more than technical skills. You're going to need career armor.
---
Topics Covered Include:
- The Visibility Paradox: Why good IT flies under the radar (and why that’s a problem)
- Making leadership *see* your impact....and care
- Turning boring automation into juicy ROI metrics
- Getting a seat at the table (without being *that* guy)
- Translating Geek Speak into Exec Speak™
- Real-world sysadmin stories from the trenches
---
Don’t forget to check out the companion newsletter at https://newsletter.sysadminweekly.com ! Every week we include commentary, curated tools, security headlines, and all the sysadmin goodness that didn’t fit in the mic..... which is kind of a lot it turns out!
A reminder! The show is available on Apple Podcasts, Spotify, Amazon Music, and soon… Substack Podcasts (hopefully)!
---
Episode Resources
Iranian-Linked PLC Breach:
Minecraft Modpack Setup (For those interested!):
This week on SysAdmin Weekly, Andy and Eric finally settle one of the most persistent questions in the Hyper-V world: Should your Hyper-V hosts be domain joined or live outside the domain? Spoiler: we have strong feelings.
Before the main event, we hit a few hot headlines:
- Microsoft is booting AV vendors out of the kernel (finally)
- CrowdStrike’s recent disaster knocked out 8.5 million devices
- Notepad++ had a nasty privilege escalation flaw in its installer
- And no, China did NOT break RSA encryption (at least, not the kind that matters)
Then, in Nerd Hour, Andy talks Debian 13 upgrade best practices, and Eric explores scripting virtual TPM keys in Hyper-V without going full-HGS.
In the main segment, we compare the tradeoffs of domain-joined vs workgroup-mode Hyper-V hosts, from security implications (Kerberos, pass-the-hash, curb roasting) to the operational challenges of backups, automation, and monitoring.
Got a spicy opinion? Want to challenge our take? Email us at contact@sysadminweekly.com
Episode Resources:
- Kerberoasting (MITRE ATT&CK technique T1558.003)
- Active Directory Security Best Practices
- Microsoft is moving antivirus providers out of the Windows kernel
- CrowdStrike’s faulty update crashed 8.5 million Windows devices
- CVE‑2025‑49144 – DLL planting privilege escalation in Notepad++ installer
- Chinese researchers break RSA encryption with a quantum computer (22‑bit only)
This week on SysAdmin Weekly, Andy is joined by returning guest Paul Schnackenburg to dive headfirst into one of the most important (and overlooked) topics in modern IT: SaaS Security.
From token theft and malicious OAuth apps to adversary-in-the-middle attacks and the harsh truth about identity becoming the new firewall, we unpack how attackers are adapting to the cloud-first world, and why most orgs are woefully unprepared.
We explore:
- The SaaS cyber kill chain from recon to persistence
- Other real-world security incidents like CitrixBleed2 and the Fortinet hardcoded credentials fiasco
- The dark art of malicious OAuth apps and shadow IT exploitation
- Why EDR and XDR fall short in a SaaS world
- What you can do *right now* to harden your defenses (Hint: MFA is not enough)
This one’s loaded with insights and practical tips, don’t miss it!
## Episode Resources ##
- SysAdmin Weekly Companion Newsletter
- X Post re: Fortinet Hard-Coded Credentials
- Paul's SaaS Cyber Kill Chain Article
This week on SysAdmin Weekly, Andy is joined by Luke Orellana, a fellow IT war buddy from the MSP trenches who's now a Senior Engineering Manager at Microsoft (yes, that Microsoft) working with AI Agents on a daily basis!
In this episode we unpack the good, the bad, and the "seriously, who thought YAML was a good idea"? parts of Infra-as-Code from Terraform and Pulumi to PowerShell DSC and Packer pipelines. Luke drops wisdom on platform engineering, the rise of AI agents with their impact on DevOps, and how he rewrote entire Terraform libraries because apparently, sleep is optional.
Also in this episode:
- Why password resets are a scam (Forrester says $70 a pop — no thanks).
- The glorious chaos of auditors asking for 30-day resets in 2025 (because security theater must go on).
- Andy’s obsession with Linux Mint Debian Edition and the Tux shrine on his desk.
- The legendary Domino’s Pizza Terraform provider. Yes. That’s real.
We also answer critical questions like:
- Can an AI agent wreck your entire Git repo?
- Should sysadmins fear change or just automate it?
- And what’s more powerful: Terraform CDK or the sheer willpower of a sysadmin trying to avoid YAML?
Grab your favorite caffeine source, commit to main (regrets optional), and get ready to laugh, learn, and question your life choices. This one’s got code, chaos, and caffeine-fueled commentary.
Episode Resources Below!
- SysAdmin Weekly Companion Newsletter
This week, Andy is back from InfoSecurity Europe (and yes, still fighting off a conference cold), so naturally, we’re talking all about IT conferences. The big, the small, the budget-busting, and the badge-scanning bonanzas that are IT Events.
Paul Schnackenburg returns to help unpack the real value of these events: learning (but not just in sessions), community (a.k.a. the hallway track), and how to dodge aggressive booth folks without pretending to answer a fake phone call. Also covered:
- A news react segment on Trend Micro vulnerabilities and the Coinbase supply chain scare
- The reality of conference session overload (triple-booked? Same.)
- Why the expo hall isn’t just a capitalist trap (spoiler: you might stumble on tools that blow your mind)
- Why speaking at events could be your career’s best power-up
Oh! And don’t skip the outro. We tease a future episode on “what’s in your conference bag” (nerd edition). BTW, you can subscribe to the companion newsletter at https://newsletter.sysadminweekly.com!
-- Episode Resources --
What makes a great SysAdmin? Is it scripting sorcery? The ability to debug DHCP before coffee? Or maybe it's just not rage-quitting when someone says, “Have you tried turning it off and on again?”This week, Paul Schnackenburg returns to help Andy tackle the age-old question: What makes a great SysAdmin?We dig into:
Whether you’re a grizzled server-room veteran or a newcomer wondering if your Wi-Fi troubleshooting skills qualify as “IT support,” this episode's got something for you.
Bonus: Hear Paul and I rant (gently) about gatekeeping, burnout, and why the best SysAdmins never stop learning—even when they really want to.
Episode Resources:SysAdmin Weekly Companion NewsletterAndyOnTechProject RunspacePaul Schnackenburg on LinkedIn
#sysadmin #softskills #itpro #careergrowth
