SysAdmin Weekly

Failover clustering is the part of Hyper-V that trips up the most people, especially anyone arriving from the VMware side. In this episode Andy Syrewicze and Eric Siron pick up directly where episode 043 left off: you have standalone Hyper-V running, now what does it actually take to make it highly available in 2026?The guys start with the "why bother" question: Azure Local versus a traditional Hyper-V failover cluster comes down mostly to billing and governance overhead, not capability. From there the conversation moves into prerequisites: shared storage options (Storage Spaces Direct, iSCSI, SMB shares, Fiber Channel), Active Directory integration, and the heartbeat NIC myth Eric has been fighting against since he started seeing outdated Microsoft docs still getting passed around. The bulk of the episode is quorum: what split-brain means, why a two-node cluster needs a third vote, and the practical tradeoffs between a file share witness, a disk witness, and a cloud witness in Azure. Dynamic quorum gets its own explanation, including how graceful node shutdowns allow a cluster to shrink without taking everything offline. They close on the creation experience (PowerShell over Windows Admin Center, period), the gotcha that catches every VMware migrant (creating the cluster and adding VMs as clustered roles are two separate steps), live migration and shared nothing live migration.In the news and nerd hour segments this week: the FCC ban on foreign-made consumer routers (with Netgear already approved as an exception before anyone finished reading the press release), 3D printing of circuitry using microwave-based manipulation now down to the width of a human hair, Tim Cook stepping down from Apple, Andy using Claude Code to build a master index of every topic covered across all 43 episodes and every newsletter edition, and Eric deep in research on a home routing setup built around a mini PC with a separate router component so the internet does not require an IT degree to reset when he is traveling.---## Episode ResourcesSysAdmin Weekly Website: https://www.sysadminweekly.comSysAdmin Weekly Companion Newsletter: https://newsletter.sysadminweekly.comCommunity Discussion Board: https://github.com/ProjectRunspace/sysadmin-weeklyShare Your Family/Friends IT Support Stories (community post): https://github.com/ProjectRunspace/sysadmin-weekly/discussions/15AndyOnTech: https://www.andyontech.comProject Runspace: https://www.projectrunspace.org**Previous episodes referenced in this episode:**- Episode 043: Getting Started with Hyper-V in 2026: https://open.spotify.com/episode/4J77iiMVDWvvf8fshSurAL?si=D1hPaG7eSKiX6uU7UPBL3g- Episode 042: Should SysAdmins Job Hop or Stay Put?: https://open.spotify.com/episode/0o7EMW8JTGDm8rJv7Xu6Pg?si=uv1KIDZwS-y4l0g6yIV8jA- Episode 13: Should Hyper-V Be Domain Joined?: https://open.spotify.com/episode/0KWjIe5xgqZV9XYHuV2UF3?si=oK6XKjJiQ_mvpEEDqY_vyg- Episode 017: Hyper-V Management Story episode: https://open.spotify.com/episode/0rHwIc4U297R7I6KFayhlm?si=oTB7nX3bTgG7xekebnIU5g**Articles referenced in this episode:**- FCC ban on foreign-made consumer routers: https://www.wired.com/story/us-government-foreign-made-router-ban-explained/- What's New with Hyper-V in Windows Server 2025 (Microsoft Docs): https://learn.microsoft.com/en-us/windows-server/get-started/whats-new-windows-server-2025#hyper-v-ai-and-performance---## Chapters03:30 - Tech News Highlights14:38 - Nerd Hour: Personal Projects and Innovations21:02 - Listener Feedback and Career Insights25:54 - Hyper-V Failover Clustering in 202632:56 - Automated Setup and Shared Storage Solutions35:03 - Active Directory Integration and Clustering Best Practices36:55 - Understanding Quorum in Failover Clustering46:15 - Establishing a Failover Cluster: Tools and Processes57:18 - Live Migration and Storage Migration in Hyper-V01:01:14 - Day Two Operations and Cluster Management

Hyper-V has been around since 2008, runs Azure, runs Xbox, and still gets overlooked by shops fleeing VMware/Broadcom pricing. In this episode Andy Syrewicze and Eric Siron go back to basics: what Hyper-V actually is under the hood, why it is still worth your attention in 2026, and everything you need to know to stand it up and run your first virtual machine without losing your mind in the process.They walk through licensing (Standard versus Data Center, OSEs, core-based math, and the very short answer: call your licensing rep), then peel back the architecture to explain why Hyper-V is a genuine Type 1 hypervisor even though it boots into Windows. From there the conversation covers hardware requirements, the virtual switch types that trip up every VMware migrant, storage options, Gen 1 versus Gen 2 VMs (short answer: go Gen 2), Integration Services, and Dynamic Memory. Checkpoints and clustering get flagged as topics that deserve their own full episodes.In the news and nerd hour segments this week: CPU component prices climbing again with Intel and AMD reportedly raising costs by 15% or more, Microsoft announcing plans to rebuild Windows apps natively instead of relying on WebView, the MacBook Neo stirring up comparisons to the original Surface, Eric's week spent patching NetScaler appliances through a critical CVE while fighting Citrix's new licensing model, and Andy's experience standing up a Forgejo self-hosted git forge and putting Claude Code to work as a local repository agent.---## Episode ResourcesSysAdmin Weekly Website: https://www.sysadminweekly.comSysAdmin Weekly Companion Newsletter: https://newsletter.sysadminweekly.comCommunity Discussion Board: https://github.com/ProjectRunspace/sysadmin-weekly/discussionsShare Your Family/Friends IT Support Stories (community post): https://github.com/ProjectRunspace/sysadmin-weekly/discussions/15AndyOnTech: https://www.andyontech.comProject Runspace: https://www.projectrunspace.orgForgejo (self-hosted git forge): https://forgejo.orgClaude Code: https://claude.ai/code**Previous episodes referenced in this episode:**- VMware/Broadcom coverage: https://open.spotify.com/episode/764MqlqHjNimkiAdoWNoRb?si=pLZoVGM9RCivR6iBOW7b0A- Hyper-V management tools episode: https://open.spotify.com/episode/0rHwIc4U297R7I6KFayhlm?si=X_lxLkBDTuejzC_NCsoo2w---## Chapters02:50 - Getting Started with Hyper-V in 202615:25 - Nerd Hour: Personal Projects and AI Tools27:47 - Main Segment: Hyper-V Fundamentals29:06 - The Evolution of Hyper-V31:33 - Understanding Hyper-V Licensing37:53 - Navigating Hyper-V Licensing Complexities41:44 - Hyper-V Architecture Explained56:40 - Getting Started with Hyper-V01:03:45 - Understanding Hyper-V Networking Challenges01:08:45 - Exploring Hyper-V Storage Options01:13:29 - Choosing Between Generation 1 and Generation 2 VMs01:18:34 - Key Features of Hyper-V: Integration Services and Dynamic Memory01:20:50 - Managing Hyper-V with System Center Virtual Machine Manager

Andy and Eric Siron tackle one of the most debated questions in IT careers: do you find a company and stay for the long haul, or do you job hop every few years to chase better pay and new challenges? With over four decades of combined industry experience between them, they've lived both sides of the equation and they make the case that the real answer is neither.In News React, Eric calls out Nvidia CEO Jensen Huang's proposal that engineers should burn through AI tokens worth half their salary as a productivity metric, and Andy flags Intel's announced 10% consumer CPU price hike as the compute consolidation squeeze continues to tighten. Nerd Hour covers Andy's maddening K3S node kernel lockup mystery and Eric's journey from WordPress to Hugo for the Project Runspace site.For our main segment the guys walk through the case for staying long term at a job bringing deep institutional knowledge, ownership of your environment, the satisfaction of building something to your standards along with the real downsides: skill calcification, salary stagnation, and the risk of becoming so embedded you can't leave. Then they flip to the case for hopping. This method typically lands meaningful pay jumps, escaping bad culture, and breadth of experience alongside the pitfalls of being labeled a flight risk, never building depth, and fueling the contract economy. The guys then end the episode with Secret Option C....---## Episode Resources- Nvidia CEO Jensen Huang: Engineers Should Spend 50% of Salary on AI Tokens (CNBC) - https://www.cnbc.com/2026/03/20/nvidia-ai-agents-tokens-human-workers-engineer-jobs-unemployment-jensen-huang.html- Intel (AND AMD!!!) Preparing 15% Consumer CPU Price Increase (PCMag) - https://www.pcmag.com/news/intel-amd-reportedly-set-to-raise-cpu-prices-by-up-to-15-percent- SysAdmin Weekly Website - https://www.sysadminweekly.com- SysAdmin Weekly Companion Newsletter - https://newsletter.sysadminweekly.com- AndyOnTech - https://www.andyontech.com- Project Runspace - https://www.projectrunspace.org- SysAdmin Weekly GitHub Community Discussions - https://github.com/ProjectRunspace/sysadmin-weekly/discussions- SysAdmin Weekly GitHub Discussion: Share Your Family & Friends IT Support Stories - https://github.com/ProjectRunspace/sysadmin-weekly/discussions/15## Episode Chapters00:00 - Introduction to Sysadmin Weekly03:02 - Navigating Career Choices in IT17:59 - The Case for Staying in One Organization34:13 - The Case for Job Hopping34:40 - The Job Hopping Dilemma42:42 - Navigating the Contract Economy47:47 - Finding Your Forever Home in IT58:22 - Advice for Sysadmins at Different Career Stages

Andy and Paul Schnackenburg dig into a leadership change at Microsoft that has the security community raising eyebrows. Charlie Bell, the executive vice president of security who championed the Secure Future Initiative, is out and being replaced by a go-to-market sales executive from the Google Cloud. Satya Nadella's announcement focused on selling more security products, with no mention of continuing the SFI's mission. That omission says a lot.In News React, the crew covers the new Microsoft 365 E7 SKU (Copilot, Agent 365, and a $99/user/month price tag aimed squarely at mega-enterprises), and the Iran-linked Stryker wiper attack where hackers compromised an Intune admin account and remotely wiped devices across 79 countries (no malware required). Nerd Hour features Andy's Forgejo self-hosted Git setup and Paul's new electric vehicle.From there Andy and Paul trace the arc from Microsoft's repeated security breaches, to the scathing CSRB report that seemingly forced the creation of the SFI, to what now looks like the initiative quietly losing steam. Included is discussion on Microsoft's pattern of treating security as a profit center, the ethical tension of selling security add-ons for your own platform's vulnerabilities, and what SysAdmins should be watching for as this plays out. SysAdmin Weekly Website - https://www.sysadminweekly.comSysAdmin Weekly Companion Newsletter - https://newsletter.sysadminweekly.com SysAdmin Weekly GitHub Community Discussions - ⁠https://github.com/ProjectRunspace/sysadmin-weeklyAndyOnTech - https://www.andyontech.comProject Runspace - https://www.projectrunspace.orgKrebsOnSecurity: Iran-Backed Hackers Claim Wiper Attack on Stryker - https://krebsonsecurity.com/2026/03/iran-backed-hackers-claim-wiper-attack-on-medtech-firm-stryker/CSRB Report: Review of the Summer 2023 Microsoft Exchange Online Intrusion (PDF) - https://www.cisa.gov/sites/default/files/2025-03/CSRBReviewOfTheSummer2023MEOIntrusion508.pdfRisky Business Podcast (Recommended by Paul) - https://risky.biz

After a brief hiatus, the crew is back! Andy is joined by both Paul Schnackenburg and Eric Siron to tackle a big question: what happens when access to compute becomes a subscription privilege instead of an owned capability?This week's topic goes deep! Big tech bankrolling elections, Bezos pushing rented cloud PCs over owned hardware, a global RAM shortage driven by AI demand. All the ingredients for a dangerous consolidation of compute seem to be in place. The crew explores the erosion of trust in cloud providers, geopolitical implications for non-US businesses, how consolidated AI models could subtly shape reality, the environmental cost of AI data centers, and the growing movement toward cloud repatriation and on-prem infrastructure. There's no silver bullet, but awareness and intentional choices about where we place our trust and spend our money are the first steps.## Episode Resources ##SysAdmin Weekly Website - https://www.sysadminweekly.comSysAdmin Weekly Companion Newsletter - https://newsletter.sysadminweekly.comSysAdmin Weekly GitHub Community Discussions - ⁠https://github.com/ProjectRunspace/sysadmin-weekly⁠VoidLink AI-Generated Malware Framework (The Hacker News) - https://thehackernews.com/2026/01/voidlink-linux-malware-framework-built.htmlGoogle Quietly Removes Net-Zero Carbon Goal Amid AI Data Center Buildout (Tom's Hardware) -https://www.tomshardware.com/tech-industry/google-quietly-removes-net-zero-carbon-goal-from-website-amid-rapid-power-hungry-ai-data-center-buildout-industry-first-sustainability-pledge-moved-to-background-amidst-ai-energy-crisisGoogle Plans to Power Data Center with Fossil Fuels and Carbon Capture - https://theconversation.com/google-plans-to-power-a-new-data-center-with-fossil-fuels-yet-release-almost-no-emissions-heres-how-its-carbon-capture-tech-works-270425Why a Carbon Capture Breakthrough Will/Won't Save Us (PBS Reactions) - https://www.pbs.org/video/why-a-carbon-capture-breakthrough-willwont-save-us-9cmmk0/

Microsoft reportedly handed over BitLocker recovery keys to the FBI as part of a criminal investigation and that raises some uncomfortable questions.In this episode of SysAdmin Weekly, Andy and Eric unpack what actually happened, how BitLocker key escrow works, and why the default behavior in Windows 11 matters more than most users realize.We dig into:- How BitLocker recovery keys get stored in Microsoft accounts without end users knowing - What “key escrow” really means in practice - The difference between consumer and enterprise configurations - The privacy vs. law enforcement debate - Why encryption is meaningless if someone else controls the key - The broader implications for trust in cloud vendors We also discuss the “tyranny of the default,” the quiet shift toward mandatory Microsoft accounts in Windows 11, and what this means for SysAdmins responsible for protecting executive devices and sensitive data.If you manage endpoints, run M365, or care about privacy, this one’s worth your time.And yes… we also manage to cover frozen beach vacations, AI replacing CEOs, SMTP auth drama, and why abstraction always comes back to bite you eventually.## Episode Resources- SysAdmin Weekly Website - https://www.sysadminweekly.com- SysAdmin Weekly Companion Newsletter - https://newsletter.sysadminweekly.com- New SysAdmin Weekly Discussion Boards - https://github.com/ProjectRunspace/sysadmin-weekly/discussions- AndyOnTech - https://www.andyontech.com- Project Runspace - https://www.projectrunspace.org- Forbes Article - Microsoft hands over BitLocker encrypted data keys to FBI - https://www.forbes.com/sites/thomasbrewster/2026/01/22/microsoft-gave-fbi-keys-to-unlock-bitlocker-encrypted-data/- Office 365 for IT Pros article on SMTP AUTH Basic Authentication retirement delay - https://office365itpros.com/2026/01/29/smtp-auth-basic-retirement/- SysAdmin Weekly - 036 - The Hidden Cost of Abstraction in Modern IT - https://open.spotify.com/episode/0B4SfPgTbUlXTzSuJyfiby?si=OOehzhGTSnyda-zTKoW4tA - SysAdmin Weekly - 035 - AI Browser, Chromium Monoculture, and the Future of Browser Security - https://open.spotify.com/episode/0zZDUAtcCJQ74d6zQdKV6N?si=R286nY4UTmaBIULFvArAcg

This week on SysAdmin Weekly, we push back hard on one of the most damaging patterns in modern IT security: making decisions based on fear instead of facts.Security headlines love absolutes: “everything is broken,” “encryption is useless,” “the cloud can’t be trusted.” But in the real world, those claims often fall apart the moment you slow down and examine the actual mechanics behind them. In this episode, we walk through why responsible security decisions must be grounded in verifiable data, not outrage-driven interpretations or half-read articles.We break down how encryption, key access, and lawful access actually work, where trust boundaries truly exist, and why conflating possibility with probability leads to bad architecture, bad policy, and unnecessary panic. Just because something can happen does not mean it is happening and SysAdmins are expected to know the difference.This isn’t an episode about dismissing risk. It’s about measuring it correctly. Understanding threat models. Asking “what evidence do we have?” before rewriting policies, re-architecting systems, or blowing up trust relationships that were never the real problem.If you’re tired of security discourse driven by vibes, doomscrolling, and worst-case hypotheticals and you still believe SysAdmins should be the adults in the room, this episode is for you.## Episode Resources- New SysAdmin Weekly GitHub Discussions Board - https://www.github.com/ProjectRunspace/sysadmin-weekly- SysAdmin Weekly Companion Newsletter - https://newsletter.sysadminweekly.com- Paul's Article About Making Security Decisions Based on Data - https://virtualizationreview.com/articles/2025/12/03/refining-your-cybersecurity-strategy-based-on-data.aspx- YouTube Video From Lars Klint about Australian Bushfires - https://www.youtube.com/watch?v=mNEPSWcOheY- Paul and Amy's Defender + InTune Monthly Training Course - https://www.thirdtier.net/product/defender-intune-continued-learning/- Decipher Podcast Episode on Vulnerability Management - https://www.buzzsprout.com/228511/episodes/18495360-the-future-of-vulnerability-management-with-jeremiah-grossman-and-robert-rsnake-hansen- SysAdmin Weekly - 036 - The Hidden Cost of Abstraction in Modern IT - https://open.spotify.com/episode/0B4SfPgTbUlXTzSuJyfiby?si=OuycyiFISKeKm9HmiimpKw- Project Runspace - https://www.projectrunspace.org- AndyOnTech - https://www.andyontech.com

It’s a new year, which means it’s time for every SysAdmin’s favorite activity...... dusting off the incident response and disaster recovery plans that haven’t been touched since the Apollo moon landing.In this episode of SysAdmin Weekly, Andy and Eric dig into why incident response, disaster recovery, and business continuity plans so often exist… but completely fall apart when something actually goes wrong. They talk through what makes a response plan useful versus useless, why roles and decision-making matter more than tools, and how slow human processes can undo even the fastest detection systems.The conversation spans real-world tabletop exercises, ransomware scenarios, MFA bombing, on-call failures, and the uncomfortable reality that many organizations still don’t empower anyone to make business-impacting decisions during an incident. Eric even shares fresh lessons learned from a recent tabletop exercise, including what happens when critical people are unavailable, how communication can fail under pressure, and why “solo warrior” response patterns collapse fast.Along the way, Andy and Eric also touch on Broadcom’s ongoing VMware licensing chaos, cease-and-desist letters, the continued enshittification of enterprise software, and why supply-chain dependency should make every IT pro a little nervous.If you’ve ever wondered whether your incident response plan would actually survive first contact with reality or if you’ve never tested one at all this episode is your wake-up call.### Episode Resources- New SysAdmin Weekly GitHub Discussion Boards! - https://www.github.com/ProjectRunspace/sysadmin-weekly- SysAdmin Weekly Companion Newsletter - https://newsletter.sysadminweekly.com- SysAdmin Weekly Website - https://www.sysadminweekly.com- AndyOnTech - https://www.andyontech.com- Project Runspace - https://www.projectrunspace.org- Bastard Operator From Hell - https://bofh.bjash.com- Continued VMware / Broadcom Drama - https://www.reddit.com/r/sysadmin/comments/1pzp3eo/vmware_now_threatening_outages_to_perpetual/- SysAdmin Weekly - 029 - When Good Tech Goes Corporate - https://open.spotify.com/episode/6tDkgEmzjJQgmBSxCRcDeR?si=31S2s8ATTCuRnach82MUHw- WMI Documentation - https://learn.microsoft.com/en-us/windows/win32/wmisdk/wmi-start-page

Abstraction has made modern IT faster, easier, and more scalable but it’s also quietly eroding the deep technical understanding that SysAdmins used to rely on.In the first SysAdmin Weekly episode of 2026, Andy and Eric dig into how layers of abstraction stretching from cloud platforms and managed services to Kubernetes and modern software design are changing what it means to be a SysAdmin.The guys explore where abstraction helps, where it actively hurts, and why losing visibility into how systems actually work becomes a serious problem the moment something breaks underneath the hood.Along the way, they connect abstraction to real-world examples: cloud VMs, Microsoft 365, Kubernetes misconfigurations, browser monocultures, Rust’s “memory safe” reputation, and even how modern generations interact with technology differently than those who lived through the pre-cloud era.The episode wraps with practical advice for SysAdmins who want to stay sharp in an increasingly abstracted world while focusing on curiosity, home labs, documentation, and rebuilding deep product knowledge before the defaults fail you.If you’ve ever felt like IT is turning into a collection of black boxes, this episode is for you.Episode Resources- SysAdmin Weekly Website - https://www.sysadminweekly.com- SysAdmin Weekly Companion Newsletter - https://newsletter.sysadminweekly.com- Github Discussions is Coming Soon! - I Promise!- AndyOnTech - https://www.andyontech.com- Project Runspace - https://www.projectrunspace.org- What are IRQs? - https://en.wikipedia.org/wiki/Interrupt_request- Code: The Hidden Language of Computer Hardware and Software - https://www.amazon.com/Code-Language-Computer-Hardware-Software/dp/0137909101- From Mathematics to Generic Programming - https://www.amazon.com/Mathematics-Generic-Programming-Alexander-Stepanov/dp/0321942043

This week on SysAdmin Weekly, Andy goes on a (fully justified) rant about the current state of browsers and why it feels like there are no good options left for sysadmins. From Chromium monoculture and browser bloat, to AI creeping into the most trusted piece of software we use every day, this episode breaks down what’s changing, why it matters, and why “just turn it off” isn’t a real security strategy.Along the way, Andy digs into:Firefox’s push toward becoming an “AI browser”Why agentic AI inside browsers introduces serious, unresolved threat modelsReal-world examples of prompt injection and AI-assisted data exfiltrationWhy browser forks are a stopgap, not a long-term escape hatchAnd the question: would a "boring" and "security-first" browser have a place in the market?This is less about tools and more about trust, threat boundaries, and the slow erosion of choice in the browser ecosystem.If you use a browser to manage infrastructure, security, or SaaS platforms (so… all of us), this one’s for you.Episode Resources- Firefox News from Windows Central - https://www.windowscentral.com/software-apps/mozilla-says-firefox-will-evolve-into-an-ai-browser-and-nobody-is-happy-about-it-ive-never-seen-a-company-so-astoundingly-out-of-touch- Browser Market Share Data - https://www.tech2geek.net/most-used-web-browsers-in-july-2025-market-share-statistics/- SysAdmin Weekly: "Good Enough" Software is Ruining IT - https://open.spotify.com/episode/6uUdRBvUHpo15x6h2dXpEO?si=ItOqAFpaT8eS11wHIkBa9w- SysAdmin Weekly: The Importance of Documentation - https://open.spotify.com/episode/6OWL5VPiGx08QMIhpGMFsT?si=z3legxgwQXuehPxT4ix_yA- DNS over HTTPS resources - https://en.wikipedia.org/wiki/DNS_over_HTTPS- Encrypted Client Hello resources - https://blog.cloudflare.com/announcing-encrypted-client-hello/- Comet-Jacking Article - https://thehackernews.com/2025/10/cometjacking-one-click-can-turn.html- SysAdmin Weekly Website - https://www.sysadminweekly.com- SysAdmin Weekly Companion Newsletter - https://newsletter.sysadminweekly.com- Project Runspace - https://www.projectrunspace.org- AndyOnTech - https://www.andyontech.com

Modern IT feels stuck in a vicious cycle: software ships faster than ever, quality keeps slipping, and SysAdmins are left cleaning up the mess. In this episode of SysAdmin Weekly, Andy Syrewicze and Eric Siron dig into the growing disconnect between developers and operations teams and why “good enough” software has become dangerously normalized across the industry.We talk about brittle releases, missing error handling, forced beta testing in production, and how operational debt quietly drains time, money, and morale. From real-world outages and monoculture risks to AI hype, “vibe coding,” and the slow disappearance of software testing roles, this episode breaks down how we got here and why it’s not sustainable.To be clear, this isn’t a developer-bashing session. It’s a reality check.If software is going to keep the world running, it needs to be treated as a craft again, NOT a content pipeline. And that means shared accountability, better defaults, meaningful error messages, and respecting the people who have to run this stuff after it ships.Episode Resources- Cloudflare Outage - https://www.bleepingcomputer.com/news/security/cloudflare-blames-todays-outage-on-emergency-react2shell-patch/- Satya Nadella Copilot skills challenge - https://www.youtube.com/watch?v=gBcwQaNoP5A- SysAdmin Weekly Website - https://www.sysadminweekly.com- SysAdmin Weekly Companion Newsletter - https://newsletter.sysadminweekly.com- AndyOnTech - https://www.andyontech.com- Project Runspace - https://www.projectrunspace.org

IT job postings have gotten… weird.In this episode of SysAdmin Weekly, Andy flies solo to take a realistic look at modern IT job listings amongst historic industry layoffs and why so many of them feel disconnected from the actual work SysAdmins do every day.We scroll through real-world postings, talk about unrealistic expectations, role creep, and “unicorn” requirements, and break down how vague or overloaded job descriptions contribute to burnout, churn, and impostor syndrome across the industry.This isn’t a recruiter or HR dunk session. It’s a candid discussion about how job postings act as signals, why those signals are often confusing, and how both candidates and companies can do better by asking the right questions and setting clearer expectations.Whether you’re actively job hunting, passively browsing, or just wondering who exactly these postings are written for, this episode is for you.Episode Resources- Anthropic Report on AI-Enabled Cyber Espionage- IT Specialist Simulator- SysAdmin Weekly - What Makes a Great SysAdmin?- SysAdmin Weekly - Is University Worth it for Aspiring SysAdmins?- Microsoft Learn - Discrete Device Assignment- What are DMARC, DKIM, and SPF?- SysAdmin Weekly Website- SysAdmin Weekly Companion Newsletter- AndyOnTech- Project Runspace

Microsoft Ignite just wrapped and shockingly, it wasn’t only about AI.(Okay, it was mostly about AI.)In this episode of SysAdmin Weekly, Andy and Paul cut through the marketing noise and walk through what actually matters to SysAdmins from Microsoft Ignite’s Book of News. From AI agents showing up everywhere, to Azure resiliency, security posture management, and why massive cloud outages are still very much a thing. This is the practical, admin-focused breakdown you didn’t get from the keynote.We dig into:What Microsoft’s push toward AI agents really means for control, governance, and securityNew Copilot and Azure features that might actually help… and a few that should make you cautiousWhy resiliency keeps failing at scale (and what Ignite quietly admitted about it)How Microsoft is trying to simplify security and management and where the complexity is just shifting insteadThe ongoing reality of cloud dependencies, outages, and shared responsibilityNo hype. No sales pitch. Just two SysAdmins reacting honestly to what Ignite announced and what it means when the slides become production.If you manage Microsoft environments, cloud workloads, or security policies, this one’s for you!Episode Resources- SysAdmin Weekly Website- SysAdmin Weekly Companion Newsletter- AndyOnTech- Project Runspace- Microsoft Ignite Book of News- Paul Schnackenburg on LinkedIn

This week, Andy and Eric dive into one of the most underrated superpowers in IT: community. Not the cringe corporate “community,” but the real stuff. Think mentors, friends, people who help you level up, and the shared hive-mind that keeps SysAdmins alive during outages, zero-days, and career pivots.From basements full of beige boxes to global open-source conferences, the IT world has evolved into something way more connected and way more essential than ever before. Andy and Eric share personal stories from Microsoft MVP circles, KubeCon 2025, early career mentors, and the weird ways community quietly shapes your entire trajectory in tech.In this episode you’ll learn:- Why community is an actual career accelerator- How mentors and advocates appear when you least expect them- Why open-source communities operate differently than vendor ones- Why contributing (even small stuff) builds reputation and opportunity- Why community-first companies thrive.....and community-hostile ones declineIf you’ve ever wondered whether getting involved is worth it (spoiler: it absolutely is), this episode brings the stories, lessons, and laughs to prove it.Episode Resources- SysAdmin Weekly Website- SysAdmin Weekly Companion Newsletter- AndyOnTech- Project Runspace- Bank hit by audio deepfake scam- Earlier SysAdmin Weekly episode on “enshittification”

Ready to leave password chaos behind? In this episode of SysAdmin Weekly, Andy and Eric break down the latest National Institute of Standards and Technology (NIST) password and identity-guideline updates and what they mean for you as a SysAdmin.We cover:- What changed and why (goodbye “special characters just because”)- How to align your org with SP 800-63’s new structure and expectations- Real-world tactics: from passkeys and token theft to legacy systems refusing to dieAlso in this episode: bonus snark, smart home horror stories, PKI headaches, and identity as the new firewallWhether you’re revamping your password policy or finally ready to ditch the “rotate every 90 days” mindset, this one’s for you.Episode Resources- SysAdmin Weekly website- SysAdmin Weekly companion newsletter- AndyOnTech- Project Runspace- NIST Digital Identity Guidelines (SP 800-63 suite)- NIST SP 800-63B “Authentication & Authenticator Management”- Evilginx2 (GitHub repo for the MITM/phishing framework)

In this episode, Andy and Eric dive deep into one of tech’s ugliest trends, the ULTRA-Corporatization of once-great vendors all for the sake of excessive profit at the expense of the company and customers. From Intel’s fall from grace to Dell’s support horror stories and VMware’s Broadcom-induced meltdown, the guys unpack how innovation-driven companies lose their soul chasing shareholder dollars.They trace the full "life-cycle" of this process, from scrappy startup to bloated monopoly and look at how these same behaviors are infecting SaaS and the MSP world. Along the way, expect a few spicy rants about Microsoft’s licensing labyrinth, ARM vs. x86, 47-day certificate rotations, and why SysAdmins now spend more time managing vendors than managing servers.If you’ve ever screamed at an E5 SKU, cursed a firmware update, or watched your favorite tech brand go corporate zombie, this one’s for you.Episode Resources- SysAdmin Weekly Website- SysAdmin Weekly Companion Newsletter- AndyOnTech- Project RunspaceReferenced in this episode:- WSUS Remote Code Execution Patch (CVE-2025-59287)- What Is Cloud Native? (Episode 25)- Microsoft Learn: SharePoint Limits and Boundaries- VMware Episode (Referenced)- GitHub Copilot Episode

Welcome to the Halloween special of SysAdmin Weekly, where Andy, Eric, Paul, and Mike gather ‘round the flickering glow of their monitors to share true tales from the trenches, the ones that still haunt their uptime dreams. From flooded data centers and cursed SAN swaps to Novell nightmares, rogue backup tapes, and the eternal terror of “it’s always DNS,” this episode dives into the real-life horror stories that only SysAdmins could survive. Expect nostalgia, gallows humor, and a reminder that in IT, every scream has a log entry. Grab your candy corn, dim the lights, and join us as we celebrate the season of outages, late-night restores, and phantom pings. Because sometimes… the scariest thing in tech isn’t ransomware, it’s the guy who forgot to check the backups.... #####Episode Resources- SysAdmin Weekly Website- SysAdmin Weekly Companion Newsletters- AndyOnTech- Project Runspace- Azure 15-Year Anniversary News – Microsoft vs AWS Revenue Comparison- OpenAI Atlas Browser- KQLBench – Test LLMs on Microsoft Kusto Query Language- Novell NetWare (for the brave and nostalgic)- OS/2 Warp (IBM Historical Reference)- SharePoint Online Storage and Retention Best Practices

In this episode of SysAdmin Weekly, the crew tackles one of the most debated questions in IT: Is university still worth it for aspiring SysAdmins in 2025?Joining Andy is a friend of the show, Clay, a newly graduated IT professional from the Netherlands who shares his journey from tinkering with PCs as a kid to landing his first SysAdmin role. Together, they unpack how well higher education prepares students for real-world IT and where it still falls short. Listeners can expect an honest, grounded look at the difference between theory and practice in modern IT. The conversation covers: - Whether university programs keep pace with the speed of tech. - What parts of formal education still provide lasting value. - How certifications, home labs, and real-world experience stack up against degrees. - Clay’s early-career lessons, including his first big outage (spoiler: it *wasn’t* DNS this time). - The timeless SysAdmin truths about troubleshooting, documentation, and learning by breaking things. This episode bridges the gap between the classroom and the server room with a mix of humor, career wisdom, and a few painful flashbacks to subnet calculations. Whether you’re a student, a career-switcher, or a long-time admin wondering how the next generation is being trained, this one’s worth your time.Episode Resources - SysAdmin Weekly Website- SysAdmin Weekly Companion Newsletter- Email the show- AndyOnTech- Project Runspace- Clay’s LinkedIn- F5 Networks breach news article- SolarWinds Supply Chain Breach

Burnout in IT is not just “being tired”, it’s a silent crisis affecting countless tech professionals, SysAdmins, engineers, and ops folks who are running on empty. In this episode of SysAdmin Weekly, we dig into the mental health stressors built into the tech industry: constant change, imposter syndrome, “always-on” culture, notification overload, and more.Co-host Eric Siron and Andy share real stories, data, and actionable tactics from boundary-setting to seeking help that can make the difference between surviving and thriving. Whether you’re feeling burnt out, concerned about a teammate, or just want to build a healthier tech culture, this episode is for you.Covered in this episode: - The mental health “baseline” in tech: diagnosis rates, productivity loss, burnout prevalence- Why imposter syndrome is especially tough in IT- The role of organizational culture, remote work, and tool overload- Practical practices: micro-breaks, peer support, therapy / coaching, building psychological safety- What leaders and managers can do to make tech workplaces more sustainableTune in and pass it on to anyone in tech who needs a reminder they’re not alone.Episode Resources: - SysAdmin Weekly Companion Newsletter- AndyOnTech- Project Runspace- Perplexity CometJacking Attack- Satya Nadella Microsoft AI Interview- Slack: Mental Health in Tech (2020)- TechUK - Addressing Mental Health in the Tech Industry (Burnout Index 2022)

In this episode, Andy teams up with Microsoft expert and Aussie tech legend Paul Schnackenburg to break down the buzzword that’s haunting every IT strategy deck: Cloud-Native. Together, they unpack what it really means in a Microsoft ecosystem from ditching on-prem Active Directory and ConfigMgr to embracing Entra ID, Intune, and Autopilot.Along the way, they hit on real-world migrations, the trade-offs of control vs. convenience, and why hybrid identity might actually make you less secure. Expect analogies about Death Stars, cruise ships, and even the Magic School Bus, because of course they did.Whether you’re an MSP plotting your clients’ next move or an IT pro trying to future-proof your environment, this episode’s your field guide to surviving (and thriving) in a Cloud-Native world.NOTE: As a reminder, be sure to share your IT Horror stories with us! We’d love to share as many as we can during an upcoming Halloween episode!Episode Resources:- CVE-2025-32463 (Sudo vulnerability details)- CISA KEV Catalog (Known Exploited Vulnerabilities)- SysAdmin Weekly Episode 22 – IT Documentation (Referenced in comments segment)- SysAdmin Weekly Episode 3 – WSUS Deprecation Discussion- Azure Files Overview- Microsoft Intune Autopilot Device Preparation (v2)- Microsoft Universal Print- Windows Autopatch Overview- Azure Arc for Servers- PowerShell Summit Session: Secure Management of Secrets with Azure Arc (Referenced by Andy)- SysAdmin Weekly Companion Newsletter- Contact the show

This week on SysAdmin Weekly, Andy is joined once again by Mike Nelson for a deep dive into the world of local AI. Together, they unpack Ollama and Open WebUI, exploring how SysAdmins can run large language models on-prem to unlock powerful workflows while keeping sensitive data in-house.From hardware setups (yes, even that dusty old GPU in your basement), to why privacy-conscious SysAdmins are moving workloads local, Andy and Mike cover it all. Along the way, they swap stories on home labs, Ubiquiti gear, Ghost CMS, Hugging Face models, and where open-source AI really shines.If you’ve ever wondered why you’d bother with local AI when ChatGPT is just a browser tab away, this episode lays out the practical sysadmin use cases, security considerations, and future of AI in the trenches.Episode Resources:- SysAdmin Weekly Companion Newsletter- AndyOnTech- Project Runspace- Ollama Models Directory- BookStack Wiki Software- Confluence Free Instance (Atlassian)- Hugging Face Model Hub- Awesome MCP Servers (GitHub curated list)- Previous SysAdmin Weekly Episode: “The Importance of IT Documentation”- Previous SysAdmin Weekly Episode: “Building a Home Lab on the Cheap”

In this episode of SysAdmin Weekly, Andy and Eric dig deep into how to build a fully functional home lab without selling a kidney. We cover picking hardware on the cheap, virtualization (Proxmox, Hyper-V, etc.), managing storage, navigating Microsoft licensing, layering in free cloud tiers, network tricks, and the kind of “what if I push this button?” experiments that keep us awake at 2 a.m.Whether you’re starting from a pile of old PCs or trying to mix in cloud credits, this show gives you the blueprint, the trade-offs, and, most importantly, the sanity checks.In this episode:- How to stretch every dollar on lab hardware- When to go physical vs. virtual (or hybrid)- Proxmox tips, license workarounds, and pitfalls- Cloud free/low-cost tiers you can use for testing- Network, storage & routing hacks we swear by- Real talk about maintenance, scaling, and failuresEpisode Resources- SysAdmin Weekly Companion Newsletter- AndyOnTech- Project Runspace- Windows Server Eval- Proxmox Installation Guide- Azure Free Services / Free Tier- Azure Free Account / $200 Credit- Azure Free Services Documentation

Hey folks! Andy here, and in this episode of SysAdmin Weekly Eric and I answer the hard questions regarding the documentation we all put off, but secretly depend on.... whether we like it or not.In this episode we cover:- Why poor (or missing) documentation is the root of so many SysAdmin nightmares- War stories where “future you” had to clean up past you’s mess- Tools, templates, and mindset shifts to make living documentation actually .....live- Change control, accuracy, and how to trust what your docs sayWhether you're flying solo or managing teams, this episode will give you ideas to start building docs you’ll thank yourself for later.Hit subscribe, ring the bell, and share this with someone whose servers are mysterious even to them. Let’s make documentation less boring, more usable, and fearless.Episode Resources:- SysAdmin Weekly Companion Newsletter- AndyOnTech Blog- Project Runspace- Incident Response Markdown Template- Greenshot Screenshot Tool

This week on SysAdmin Weekly, Andy is joined by regular co-host Paul Schnackenburg for a deep dive into Conditional Access, the cloud-era identity firewall you could say? and a cornerstone of Zero Trust security in Microsoft 365 and the Microsoft Cloud.We cover everything from the basics of conditional access policies to the nuances of break-glass accounts, layered policies, and how to avoid locking yourself (and your entire org) out of Entra ID. Along the way, we touch on Microsoft’s security defaults, authentication strengths, and the role of risky sign-ins and user risk detection in identity protection.Paul and Andy also share war stories from the trenches: configuring fresh tenants, wrangling MFA requirements, and learning why documentation and backups of your conditional access policies matter more than ever. Plus, there’s plenty of SysAdmin banter on Intel’s decline, ARM’s dominance, and even foldable phones!If you’ve ever wondered how to design policies without creating chaos or how to modernize your security controls without overwhelming your users, this is the episode is for you.Episode Resources- SysAdmin Weekly Companion Newsletter- AndyOnTech- Project Runspace- Microsoft Security Defaults Overview- Microsoft Entra Conditional Access Documentation- Microsoft Identity Protection (Risky Sign-ins & Users)- Authentication Strengths in Entra ID- Meister.dev – Conditional Access Testing Tool- Meryl Fernando’s Conditional Access Documentation Tool- Podcast with Tarek Dawoud on Entra ID Architecture

Andy and Eric break down the actual Microsoft skills that move the needle with no fluff, and no buzzword salad. We hit the core Windows/AD fundamentals, the PowerShell magic you’ll use every day, and the cloud/M365 bits that keep modern shops sane. If you’re trying to level up without wasting cycles, this is your roadmap.What we cover (at a glance):- Identity & Directory - AD/Entra basics, Group Policy that won’t bite you later, hybrid gotchas- Automation - PowerShell patterns you’ll use forever (loops, pipeline, remoting, “please don’t run that in prod”)- Networking for Windows admins: DNS/DHCP sanity checks, practical troubleshooting, knowing when it’s actually the firewall- Microsoft 365 - mail flow triage, Teams/SharePoint survival skills- Security stack - Defender realities, Conditional Access guardrails, least privilege that people will actually follow, Just in time administration.- Azure orientation - VMs, storage, networking, Arc and what’s worth learning first- Career path - what to learn now vs. what to park for later, and which certs are signal vs. noiseBring coffee. Leave with a plan. And yes, a little snark, because ticket queues were meant to be mocked.Episode Resources- SysAdmin Weekly Companion Newsletter- AndyOnTech- Project Runspace- SysAdmin Weekly - 018 - What did Broadcom do to VMware?- SysAdmin Weekly - 014 - How SysAdmins can Showcase Value- SysAdmin Weekly - 008 - Getting Started with GitHub Copilot

"Compromised." We throw the word around like everyone agrees what it means, but do we? This week, Andy and Eric dig into the many faces of compromise in a security context and why it’s not a simple definitionIn this episode:- What actually counts as a security compromise (and why the answer is “it depends”)- Full breach vs. partial breach: Does it even matter?- Why lateral movement should keep you up at night- Session token hijacking in M365 and why MFA isn’t a silver bullet- The Myth of the Green Matrix Terminal Hacker (aka Hollywood hacking nonsense)- How risk profiling and layered defenses can contain the blast radius- Real-world detection failures and the “10,000 alert problem”- Practical steps to tune logs, outsource monitoring, and avoid burnout📬 Reminder! - You can subscribe to the SysAdmin Weekly Companion Newsletter (link below) or email your own security horror story to [email protected]!Episode Resources:- SysAdmin Weekly Companion Newsletter- AndyOnTech- Project Runspace- SysAdmin Weekly 012 - Identity is the New Firewall- Evilginx (Reverse Proxy Phishing Toolkit)- Debian 13 “Trixie” Release Notes- Ghost CMS Overview

Broadcom’s acquisition of VMware has left the sysadmin community reeling. From gutting VMware’s workforce to skyrocketing license costs (1000+ percent increases in some cases), cease-and-desist letters for perpetual licenses (really?), and a collapse in customer support, the VMware we once knew is gone.In this episode of SysAdmin Weekly, Andy Syrewicze and Eric Siron dig into:- How Broadcom’s handling of VMware triggered massive customer backlash- Why small and mid-sized businesses (SMBs) are being pushed away- The licensing and pricing nightmare (including lawsuits from giants like AT&T and UnitedHealthcare)- Declining customer experience and security patch transparency- Alternatives on the rise: Hyper-V, Proxmox, Nutanix- And even a spicy debate: will SysAdmins return to physical servers?If you’ve ever managed a VMware environment, are considering your virtualization options, OR you just need to share in VMware Grief, this one’s for you.Episode Resources:SysAdmin Weekly Companion NewsletterAndyOnTechProject RunspaceJen Easterly Joins Huntress Advisory Board

In this episode of SysAdmin Weekly, Andy and Eric wade through the sometimes mess that is managing Hyper-V. From MMC snap-ins to Azure Arc and everything in between, we’re talking about the confusing pile of tools Microsoft throws at you when you just want to manage some virtual machines.Topics include:- The evolution (and stagnation) of Hyper‑V Manager- Why Failover Cluster Manager feels like an insider secret- SCVMM: A tool that should be great… but isn’t- Windows Admin Center and its 80-inch monitor problem- Azure Arc: Is it helpful or just cloud cosplay?- PowerShell, Live Migration, CSVs, and sysadmin war storiesIf you've ever screamed at a clustered VM that just *won’t* move, this episode’s for you.---EPISODE RESOURCES - AndyOnTech- Project Runspace- Create a Failover Cluster- System Center Virtual Machine Manager Overview- Manage Hyper‑V Integration Services- Cluster Shared Volumes- Microsoft 365 Direct Send Abuse---Subscribe to the companion newsletter: https://newsletter.sysadminweekly.comGot a Hyper‑V horror story? Share it with us in the comments!

In this episode of SysAdmin Weekly, Andy sits down with Mike Nelson to talk about how SysAdmins can harness the power of Generative AI to make their day-to-day lives easier. From writing PowerShell scripts to reducing cognitive load during incidents, Andy and Mike break down real-world use cases that go beyond hype.They dive into what AI agents really are, how large language models (LLMs) fit in, and introduce the concept of Model Context Protocol (MCP), a game-changer for future infrastructure automation. Mike shares his home automation experiments, Andy nerds out about running open-source models locally with Ollama, and together they discuss where tools like Microsoft Copilot and Azure MCP might take SysAdmins next.If you’ve ever wondered how AI can move from buzzword to genuine productivity tool in IT operations, this episode is for you!---Episode Resources---- SysAdmin Weekly Companion Newsletter- AndyOnTech- Project Runspace- ProPublica article on Microsoft support risk- Ollama GitHub Repository- Open WebUI for Ollama- Azure Model Context Protocol (MCP) Overview- GitHub MCP Servers Repository (Awesome MCP)

If you've ever stared at a blinking cursor at 2 a.m. whispering, "please just work…", this episode’s for you. Andy Syrewicze and Paul Schnackenburg roll up their sleeves and wade into the messy, glorious world of troubleshooting. From stopping junior techs from “chaotic clicking” themselves into a production outage, to real-world stories of SQL process murder and Comcast cables zapped by neighborly air conditioners, this one’s packed with hard-earned wisdom.You’ll learn how to scope problems without panicking, why you should onlychange one thing at a time (seriously, ONE), and how to use logs, diagrams, and even your own voice (rubber-duck style) to untangle gnarly IT messes. We talk when to escalate, how to survive vendor support roulette, and why sometimes the best fix is simply tossing the old PC in the bin and giving the user a shiny new one.Plus, in news this week, the guys discuss:- SK Telecom’s “3-year breach”- CitrixBleed 2 makes NetScaler owners sweat- Push Security drops a free MFA-verification tool for help desks- Notepad finally speaks Markdown (YAY!)- And Andy debates whether Hugo or a “Swiss-cheese WordPress” should power his next projectThis is SysAdmin troubleshooting in its purest, funniest, most caffeinated form. Bring your ticket queue and a strong coffee. --------Episode Resources- SysAdmin Weekly Companion Newsletter- AndyOnTech- Project Runspace- SK Telecom breach- CitrixBleed 2 (CVE‑2025‑5777)- Push Security browser extension- Notepad Markdown support- Hugo static site generator

Let’s be real, the better you are at your job in IT, the less anyone notices. Welcome to the Visibility Paradox, where success means silence, and failure? Oh, that gets EVERYONES attention!In this week’s episode, we break down how SysAdmins can fight back against being invisible by quantifying wins, showcasing strategic value, and learning to speak fluent exec (without falling asleep doing it).We talk dashboards, automation ROI, watercooler politics, and the underrated power move of asking: “Who’s in the room?” before every meeting.Because if you want to survive the next round of budget cuts....or better yet, get that promotion, you're going to need more than technical skills. You're going to need career armor.---Topics Covered Include:- The Visibility Paradox: Why good IT flies under the radar (and why that’s a problem)- Making leadership *see* your impact....and care- Turning boring automation into juicy ROI metrics- Getting a seat at the table (without being *that* guy)- Translating Geek Speak into Exec Speak™- Real-world sysadmin stories from the trenches---Don’t forget to check out the companion newsletter at https://newsletter.sysadminweekly.com ! Every week we include commentary, curated tools, security headlines, and all the sysadmin goodness that didn’t fit in the mic..... which is kind of a lot it turns out!A reminder! The show is available on Apple Podcasts, Spotify, Amazon Music, and soon… Substack Podcasts (hopefully)!---Episode ResourcesProject RunspaceAndyOnTechIranian-Linked PLC Breach:CISA Advisory (AA23-335A)CISA Fact Sheet PDFMinecraft Modpack Setup (For those interested!):CurseForge Install Guide

This week on SysAdmin Weekly, Andy and Eric finally settle one of the most persistent questions in the Hyper-V world: Should your Hyper-V hosts be domain joined or live outside the domain? Spoiler: we have strong feelings.Before the main event, we hit a few hot headlines:- Microsoft is booting AV vendors out of the kernel (finally)- CrowdStrike’s recent disaster knocked out 8.5 million devices- Notepad++ had a nasty privilege escalation flaw in its installer- And no, China did NOT break RSA encryption (at least, not the kind that matters)Then, in Nerd Hour, Andy talks Debian 13 upgrade best practices, and Eric explores scripting virtual TPM keys in Hyper-V without going full-HGS.In the main segment, we compare the tradeoffs of domain-joined vs workgroup-mode Hyper-V hosts, from security implications (Kerberos, pass-the-hash, curb roasting) to the operational challenges of backups, automation, and monitoring.Got a spicy opinion? Want to challenge our take? Email us at [email protected] Resources:- Newsletter signup- Project Runspace- AndyOnTech- Kerberoasting (MITRE ATT&CK technique T1558.003)- Workgroup vs Domain- Active Directory Security Best Practices- Microsoft is moving antivirus providers out of the Windows kernel- CrowdStrike’s faulty update crashed 8.5 million Windows devices- CVE‑2025‑49144 – DLL planting privilege escalation in Notepad++ installer- Chinese researchers break RSA encryption with a quantum computer (22‑bit only)- Debian 13 (Trixie) release notes

This week on SysAdmin Weekly, Andy is joined by returning guest Paul Schnackenburg to dive headfirst into one of the most important (and overlooked) topics in modern IT: SaaS Security.From token theft and malicious OAuth apps to adversary-in-the-middle attacks and the harsh truth about identity becoming the new firewall, we unpack how attackers are adapting to the cloud-first world, and why most orgs are woefully unprepared.We explore:- The SaaS cyber kill chain from recon to persistence- Other real-world security incidents like CitrixBleed2 and the Fortinet hardcoded credentials fiasco- The dark art of malicious OAuth apps and shadow IT exploitation- Why EDR and XDR fall short in a SaaS world- What you can do *right now* to harden your defenses (Hint: MFA is not enough)This one’s loaded with insights and practical tips, don’t miss it!## Episode Resources ##- SysAdmin Weekly Companion Newsletter - AndyOnTech- Project Runspace- CitrixBleed 2- X Post re: Fortinet Hard-Coded Credentials- Paul's SaaS Cyber Kill Chain Article

This week on SysAdmin Weekly, Andy is joined by Luke Orellana, a fellow IT war buddy from the MSP trenches who's now a Senior Engineering Manager at Microsoft (yes, that Microsoft) working with AI Agents on a daily basis!In this episode we unpack the good, the bad, and the "seriously, who thought YAML was a good idea"? parts of Infra-as-Code from Terraform and Pulumi to PowerShell DSC and Packer pipelines. Luke drops wisdom on platform engineering, the rise of AI agents with their impact on DevOps, and how he rewrote entire Terraform libraries because apparently, sleep is optional.Also in this episode:- Why password resets are a scam (Forrester says $70 a pop — no thanks).- The glorious chaos of auditors asking for 30-day resets in 2025 (because security theater must go on).- Andy’s obsession with Linux Mint Debian Edition and the Tux shrine on his desk.- The legendary Domino’s Pizza Terraform provider. Yes. That’s real. We also answer critical questions like:- Can an AI agent wreck your entire Git repo?- Should sysadmins fear change or just automate it?- And what’s more powerful: Terraform CDK or the sheer willpower of a sysadmin trying to avoid YAML?Grab your favorite caffeine source, commit to main (regrets optional), and get ready to laugh, learn, and question your life choices. This one’s got code, chaos, and caffeine-fueled commentary.Episode Resources Below!- SysAdmin Weekly Companion Newsletter- All Available Podcast Platforms- AndyOnTech- ProjectRunspace- Luke Orellana on LinkedIn- Terraform CDK Constructs

This week, Andy is back from InfoSecurity Europe (and yes, still fighting off a conference cold), so naturally, we’re talking all about IT conferences. The big, the small, the budget-busting, and the badge-scanning bonanzas that are IT Events. Paul Schnackenburg returns to help unpack the real value of these events: learning (but not just in sessions), community (a.k.a. the hallway track), and how to dodge aggressive booth folks without pretending to answer a fake phone call. Also covered:- A news react segment on Trend Micro vulnerabilities and the Coinbase supply chain scare- The reality of conference session overload (triple-booked? Same.)- Why the expo hall isn’t just a capitalist trap (spoiler: you might stumble on tools that blow your mind)- Why speaking at events could be your career’s best power-upOh! And don’t skip the outro. We tease a future episode on “what’s in your conference bag” (nerd edition). BTW, you can subscribe to the companion newsletter at https://newsletter.sysadminweekly.com!-- Episode Resources --- AndyOnTech- Project Runspace- SysAdmin Weekly Companion Newsletter- Trend Micro Vulnerabilities- Coinbase Insider Threat- Ookla Speedtest PS Script

What makes a great SysAdmin? Is it scripting sorcery? The ability to debug DHCP before coffee? Or maybe it's just not rage-quitting when someone says, “Have you tried turning it off and on again?”This week, Paul Schnackenburg returns to help Andy tackle the age-old question: What makes a great SysAdmin?We dig into:The technical skills that separate the pro SysAdmins from the PowerShell copy-pasters The soft skills that matter more than you think (spoiler: communication is better than compiling) The mindset traits that keep us sane in the chaos Why curiosity, not caffeine, is the true fuel of the trade And yes... we even talk about empathy. You’ve been warned =DWhether you’re a grizzled server-room veteran or a newcomer wondering if your Wi-Fi troubleshooting skills qualify as “IT support,” this episode's got something for you.Bonus: Hear Paul and I rant (gently) about gatekeeping, burnout, and why the best SysAdmins never stop learning—even when they really want to.Episode Resources:SysAdmin Weekly Companion NewsletterAndyOnTechProject RunspacePaul Schnackenburg on LinkedIn#sysadmin #softskills #itpro #careergrowth

In this episode of SysAdmin Weekly, Andy and Eric dive headfirst into the world of GitHub Copilot, the AI-powered coding assistant everyone’s either cautiously testing or quietly ignoring. But should you be paying attention?Originally designed for developers, GitHub Copilot is quickly becoming a SysAdmin’s Swiss Army knife, helping with everything from PowerShell scripting to deciphering cursed regex one-liners. But it's not all sunshine and sudo.In this episode we cover:How sysadmins are using Copilot to write scripts, generate configs, and troubleshoot faster.The hidden risks: hallucinated commands, AI security pitfalls, and Shadow IT vibes.Why context matters (and why Copilot doesn’t know your environment).Practical advice for testing, adoption, and rolling it out safely across your team.Is GitHub Copilot the productivity boost you've been waiting for… or a compliance time bomb with autocomplete? Tune in and find out!Episode Resources:SysAdmin Weekly Companion NewsletterAndyOnTech⁠Project RunspaceWindows Update with 3rd Party Apps#SysAdmin #ITPro #GithubCopilot

Are companies really looking the migrate off the cloud? You may be surprised! In this episode of SysAdmin Weekly, we’re diving headfirst into the growing trend of cloud repatriation and why some orgs are saying “thanks, but no thanks” to AWS, Azure, and Google Cloud. From skyrocketing costs to performance surprises and compliance headaches, we’re breaking down the real-world reasons behind this shift back to on-prem and hybrid infrastructure.- What’s triggering the move?- Who’s doing it, and is it working?- Should you be considering repatriation?If you’re a sysadmin, IT leader, or just a curious cloud-watcher, this one’s for you.Buckle up! we’re demystifying the hype and serving up hard truths with a side of occasional snark.Subscribe, comment, and tell us if YOU would bring workloads back from the cloud!Episode Resources:SysAdmin Weekly Companion NewsletterAndyOnTechProject RunspaceBarclays CIO Survey 2024 – Enterprise CIO repatriation intentionsDropbox S-1 Filing GeekWire – Dropbox saved $75M moving off AWS37signals Blog DataCenterDynamics – $2M/year saved post-cloudFlexera State of the Cloud Report 2024 – 21% of workloads repatriatedGEICO Interview Infrastructure VP – Cloud cost and latency issuesIDC Repatriation Study 2024 – 80% expect repatriation of workloadsUptime Institute Survey 2022–2023 – Only 6% abandon public cloud entirelyGartner Cloud Cost Analysis 2024 – Cloud economics and repatriation triggersGartner “Cloud Missteps” Report 2023 – Cloud project failure as a repatriation reasonCitrix Hybrid Cloud Study 2023 – UK: 25% moved more than 50% of workloads back#CloudRepatriation #SysAdmin #HybridCloud #CloudComputing #ITStrategy #InfrastructureOps #CloudCosts #TechTrends

In this episode of *SysAdmin Weekly*, we bid farewell to an old friend: WSUS (Windows Server Update Services). Microsoft is phasing it out and hosts Andy and Eric here to talk about why, what it means for SysAdmins, and how you can prep for what’s next.In This Episode:A quick trip down memory lane: the story of WSUS and its role in traditional patch management Why WSUS is being deprecated and how it affects on-prem systems What replaces WSUS? (Hint: think Intune, Azure Update Manager, and cloud-first strategies) Deep dive into Hot Patch? No reboot updates? Yes please. How Azure Arc extends Hot Patch to hybrid and multi-cloud environments What SysAdmins should be doing NOW to stay ahead of the curveWhether you're managing legacy infrastructure or moving toward a cloud-native model, this episode is packed with practical guidance, snarky insights, and a little bit of nostalgia.Episode Resources:SysAdmin Weekly - The NewsletterAndyOnTechProject RunspaceWindows STS GuidanceAzure Arc Pricing#WSUS #AzureArc #HotPatch #SysAdminLife #Intune #PatchManagement #CloudFirst #MicrosoftUpdate #ITPodcast

In this episode Andy sits down with Microsoft Certified Trainer Paul Schnackenburg to discuss the current state of Microsoft Certification. They explore the evolving role of Microsoft Certified Trainers (MCTs), the significance of certification in validating technical skills, and the shift from product-focused to role-based certifications. Also included in this episode: confusing exam names, the importance of applied skills, the shift to online proctored exams, the need for hands-on lab experiences, the annual renewal process for certifications, the value of exam pricing, and the role of trainers in preparing for certification exams.If you're looking to get your Microsoft certification in 2025 you won't want to miss this episode!Episode Resources:Hackers Abuse OAuth 2 Workflows - https://www.bleepingcomputer.com/news/security/hackers-abuse-oauth-20-workflows-to-hijack-microsoft-365-accounts/Telemessage Hack - https://www.wired.com/story/how-the-signal-knock-off-app-telemessage-got-hacked-in-20-minutes/M365 and Azure Exam Guides - https://intunedin.net/Project Runspace - https://www.projectrunspace.orgAndy On Tech - https://www.andyontech.com#SysAdminWeekly #microsoftcertification #sysadmin #itprofessionals

In this episode of SysAdmin Weekly, host Andy Syrewicze and guest Paul Schnackenburg discuss Microsoft's Secure Future Initiative (SFI) - a new initiative created a year or two back in response to multiple security incidents at Microsoft. In this conversation, Andy and Paul expand on various aspects of Microsoft's progress on the plans outlined in the Secure Future Initiative, focusing on the integration of security best practices in development, the implementation of hardware security modules, and the enhancement of Red Team capabilities.Other key points of the SFI discussed include the role of AI in Microsoft's internal security operations, cultural shifts towards security awareness among Microsoft employees, and Microsoft's plans for management of identities and access control. Finally the guys wrap up with why all this is important for SysAdmins!Key Points:- Microsoft's Secure Future Initiative aims to improve security practices.- The CSRB report highlighted significant security failings at Microsoft.- Microsoft is focusing on integrating security best practices into development.- The introduction of hardware security modules is a significant step for Microsoft.- Red Team capabilities are being enhanced to identify vulnerabilities more effectively internally at Microsoft.- AI is being integrated into security operations to improve efficiency of MS internal security.- Cultural shifts are occurring at Microsoft to prioritize security across all employees.Episode Resources:Microsoft April 2025 SFI Progress Report - https://www.microsoft.com/en-us/security/blog/2025/04/21/securing-our-future-april-2025-progress-report-on-microsofts-secure-future-initiative/CSRB Report - https://www.cisa.gov/resources-tools/resources/CSRB-Review-Summer-2023-MEO-IntrusionGoogle on 97 Zero-Days in 2024 - https://www.bleepingcomputer.com/news/security/google-97-zero-days-exploited-in-2024-over-50-percent-in-spyware-attacks/Paul Schnackenburg - https://www.expertitsolutions.com.au/aboutus.htmlPaul's Blog - https://tellitasitis.com.au/Project Runspace - https://www.projectrunspace.orgAndy on Tech - https://www.andyontech.com#sysadmin #securefuture #cybersecurity #microsoft

In this episode of SysAdmin Weekly, hosts Andy Syrewicze and Eric Siron take a look at everyone's FAVORITE subject: licensing! And they're particularly focusing on Hyper-V and VMware. Andy and Eric's conversation includes the highlights and the differences between Microsoft and VMware licensing philosophies, the implications of WindowsServer Standard versus Data Center licensing, and the challenges sysadmins face during audits. Also discussed are the complexities of licensing for virtual machines. They discuss the implications of VM mobility, and the challenges of high availability beyond traditional clustering. Finally Andy and Eric cover new licensing options, includingpay-as-you-go and virtual instance licensing, and provides insights for organizations considering migration from VMware to Hyper-V. Throughout the discussion, the importance of consulting with licensing experts is emphasized to ensure compliance and cost-effectiveness.Key Takeaways:- Licensing is a necessary evil in IT.- Microsoft and VMware have fundamentally different licensing philosophies.- Hyper-V is included with Windows Server licensing.- Understanding VM mobility is crucial for compliance.- Nonprofits can access better software pricing through TechSoup.- Audits can consume significant time and resources. Make sure you're getting the cheapest pricing you're eligible for.- Windows containers do not count towards licensing.- Desktop licensing can be complex and risky.- VM mobility can complicate licensing agreements.- Data center licensing allows for unlimited virtual instances.- Pay as you go licensing is often not cost-effective.- SQL licensing can be affected by VM mobility.- Always consult with licensing experts before making changes.- Migration from VMware to Hyper-V requires careful planning.- The cost of migration can be more significant than licensing fees.Episode Resources:- Episode on Azure Local - https://youtu.be/YpEG-u_A9Qs?si=S10VdgHYX3GcNmFn- Project Runspace - https://www.projectrunspace.org- Andy On Tech - https://www.andyontech.com#HyperV #SysAdmin #ITPro #VMware

In this episode of SysAdmin Weekly, hosts Andy Syrewicze and Eric Siron discuss the litany of new features for Hyper-V in Windows Server 2025. They discuss enhancements in networking, including accelerated networking, Network ATC, and the upcoming Network HUD. The conversation emphasizes the importance of these features for sysadmins and how they simplify network management and configuration. Also In this episode, Andy and Eric discuss the changes in Hyper-V Manager, new security features, and dynamic processor compatibility. Finally the duo highlights the revolutionary GPU partitioning capabilities in Windows Server 2025 Hyper-V, which enables more flexible GPU resource allocation for virtual machines, especially for AI workloads.Episode Resources:Project Runspace - https://www.projectrunspace.orgAndy On Tech - https://www.andyontech.comLink to episode about Hyper-V NOT being dead - https://youtu.be/w_A7amIzZtAWindows Server 2025 Networking Enhancements - https://techcommunity.microsoft.com/blog/networkingblog/revolutionizing-network-management-and-performance-with-atc-hud-and-accelnet-on-/4284889#windowsserver #sysadmin #itpro

In this episode of the Sysadmin Weekly Podcast, hosts Andy Syrewicze and Eric Siron discuss Azure Local, a rebranding and enhancement of Azure Stack HCI. They explore the benefits, key use cases, and why SysAdmin should take a look at it. The conversation covers the features of Azure Local, including its integration with Azure Cloud management tools, virtualization capabilities, as well as potential applications in disconnected environments. The guys also emphasize the significance of communities and resources available for sysadmins getting started with Azure Local.Want to contact the hosts? Email us at [email protected]!Episode ResourcesProject RunspaceAndy on TechAMD / Lenovo System Running Azure Local at MS IgniteAKS on Azure LocalAVD on Azure LocalAzure Arc OverviewAzure Local Hardware CatalogAzure Local System RequirementsKey TakeawaysAzure Local is a rebranding of Azure Stack HCI.The name Azure Local is clearer and more descriptive.Hyper-V and Storage Spaces Direct are included in Azure Local.Azure Local allows for unified management through Azure Arc.There are no urgent reasons to switch to Azure Local immediately.Azure Local supports Kubernetes and Azure Virtual Desktop.Azure Local can be beneficial in disconnected environments.Linux VMs work seamlessly in a Microsoft environment.Resources for getting started with Azure Local are available.

In the premiere episode of the SysAdmin Weekly Podcast, your hosts Andy Syrewicze and Eric Siron kick things off with a warm introduction, sharing their backgrounds as longtime System Administrators and Microsoft MVPs. They dive into the purpose of the show, unveiling their mission to support IT Pros with relevant insights and practical advice. Andy and Eric also introduce their online hub for aspiring SysAdmins, "Project Runspace," a valuable resource for the IT community. The episode’s main topic? Busting the myth and setting the record straight with: "No! Hyper-V is NOT Dead!" Tune in as they explore the truth about Hyper-V, its future, and why it remains a vital tool in the System Administrator's toolkit.Relevant Links from this episode below!Project Runspace > https://www.projectrunspace.orgAndy On Tech > https://www.andyontech.comMicrosoft Learn > https://learn.microsoft.comMicrosoft Learn Article on Cluster Shared Volumes > https://learn.microsoft.com/en-us/windows-server/failover-clustering/failover-cluster-csvs