SysAdmin Weekly

Microsoft reportedly handed over BitLocker recovery keys to the FBI as part of a criminal investigation and that raises some uncomfortable questions.In this episode of SysAdmin Weekly, Andy and Eric unpack what actually happened, how BitLocker key escrow works, and why the default behavior in Windows 11 matters more than most users realize.We dig into:- How BitLocker recovery keys get stored in Microsoft accounts without end users knowing - What “key escrow” really means in practice - The difference between consumer and enterprise configurations - The privacy vs. law enforcement debate - Why encryption is meaningless if someone else controls the key - The broader implications for trust in cloud vendors We also discuss the “tyranny of the default,” the quiet shift toward mandatory Microsoft accounts in Windows 11, and what this means for SysAdmins responsible for protecting executive devices and sensitive data.If you manage endpoints, run M365, or care about privacy, this one’s worth your time.And yes… we also manage to cover frozen beach vacations, AI replacing CEOs, SMTP auth drama, and why abstraction always comes back to bite you eventually.## Episode Resources- SysAdmin Weekly Website - https://www.sysadminweekly.com- SysAdmin Weekly Companion Newsletter - https://newsletter.sysadminweekly.com- New SysAdmin Weekly Discussion Boards - https://github.com/ProjectRunspace/sysadmin-weekly/discussions- AndyOnTech - https://www.andyontech.com- Project Runspace - https://www.projectrunspace.org- Forbes Article - Microsoft hands over BitLocker encrypted data keys to FBI - https://www.forbes.com/sites/thomasbrewster/2026/01/22/microsoft-gave-fbi-keys-to-unlock-bitlocker-encrypted-data/- Office 365 for IT Pros article on SMTP AUTH Basic Authentication retirement delay - https://office365itpros.com/2026/01/29/smtp-auth-basic-retirement/- SysAdmin Weekly - 036 - The Hidden Cost of Abstraction in Modern IT - https://open.spotify.com/episode/0B4SfPgTbUlXTzSuJyfiby?si=OOehzhGTSnyda-zTKoW4tA - SysAdmin Weekly - 035 - AI Browser, Chromium Monoculture, and the Future of Browser Security - https://open.spotify.com/episode/0zZDUAtcCJQ74d6zQdKV6N?si=R286nY4UTmaBIULFvArAcg

This week on SysAdmin Weekly, we push back hard on one of the most damaging patterns in modern IT security: making decisions based on fear instead of facts.Security headlines love absolutes: “everything is broken,” “encryption is useless,” “the cloud can’t be trusted.” But in the real world, those claims often fall apart the moment you slow down and examine the actual mechanics behind them. In this episode, we walk through why responsible security decisions must be grounded in verifiable data, not outrage-driven interpretations or half-read articles.We break down how encryption, key access, and lawful access actually work, where trust boundaries truly exist, and why conflating possibility with probability leads to bad architecture, bad policy, and unnecessary panic. Just because something can happen does not mean it is happening and SysAdmins are expected to know the difference.This isn’t an episode about dismissing risk. It’s about measuring it correctly. Understanding threat models. Asking “what evidence do we have?” before rewriting policies, re-architecting systems, or blowing up trust relationships that were never the real problem.If you’re tired of security discourse driven by vibes, doomscrolling, and worst-case hypotheticals and you still believe SysAdmins should be the adults in the room, this episode is for you.## Episode Resources- New SysAdmin Weekly GitHub Discussions Board - https://www.github.com/ProjectRunspace/sysadmin-weekly- SysAdmin Weekly Companion Newsletter - https://newsletter.sysadminweekly.com- Paul's Article About Making Security Decisions Based on Data - https://virtualizationreview.com/articles/2025/12/03/refining-your-cybersecurity-strategy-based-on-data.aspx- YouTube Video From Lars Klint about Australian Bushfires - https://www.youtube.com/watch?v=mNEPSWcOheY- Paul and Amy's Defender + InTune Monthly Training Course - https://www.thirdtier.net/product/defender-intune-continued-learning/- Decipher Podcast Episode on Vulnerability Management - https://www.buzzsprout.com/228511/episodes/18495360-the-future-of-vulnerability-management-with-jeremiah-grossman-and-robert-rsnake-hansen- SysAdmin Weekly - 036 - The Hidden Cost of Abstraction in Modern IT - https://open.spotify.com/episode/0B4SfPgTbUlXTzSuJyfiby?si=OuycyiFISKeKm9HmiimpKw- Project Runspace - https://www.projectrunspace.org- AndyOnTech - https://www.andyontech.com

It’s a new year, which means it’s time for every SysAdmin’s favorite activity...... dusting off the incident response and disaster recovery plans that haven’t been touched since the Apollo moon landing.In this episode of SysAdmin Weekly, Andy and Eric dig into why incident response, disaster recovery, and business continuity plans so often exist… but completely fall apart when something actually goes wrong. They talk through what makes a response plan useful versus useless, why roles and decision-making matter more than tools, and how slow human processes can undo even the fastest detection systems.The conversation spans real-world tabletop exercises, ransomware scenarios, MFA bombing, on-call failures, and the uncomfortable reality that many organizations still don’t empower anyone to make business-impacting decisions during an incident. Eric even shares fresh lessons learned from a recent tabletop exercise, including what happens when critical people are unavailable, how communication can fail under pressure, and why “solo warrior” response patterns collapse fast.Along the way, Andy and Eric also touch on Broadcom’s ongoing VMware licensing chaos, cease-and-desist letters, the continued enshittification of enterprise software, and why supply-chain dependency should make every IT pro a little nervous.If you’ve ever wondered whether your incident response plan would actually survive first contact with reality or if you’ve never tested one at all this episode is your wake-up call.### Episode Resources- New SysAdmin Weekly GitHub Discussion Boards! - https://www.github.com/ProjectRunspace/sysadmin-weekly- SysAdmin Weekly Companion Newsletter - https://newsletter.sysadminweekly.com- SysAdmin Weekly Website - https://www.sysadminweekly.com- AndyOnTech - https://www.andyontech.com- Project Runspace - https://www.projectrunspace.org- Bastard Operator From Hell - https://bofh.bjash.com- Continued VMware / Broadcom Drama - https://www.reddit.com/r/sysadmin/comments/1pzp3eo/vmware_now_threatening_outages_to_perpetual/- SysAdmin Weekly - 029 - When Good Tech Goes Corporate - https://open.spotify.com/episode/6tDkgEmzjJQgmBSxCRcDeR?si=31S2s8ATTCuRnach82MUHw- WMI Documentation - https://learn.microsoft.com/en-us/windows/win32/wmisdk/wmi-start-page

Abstraction has made modern IT faster, easier, and more scalable but it’s also quietly eroding the deep technical understanding that SysAdmins used to rely on.In the first SysAdmin Weekly episode of 2026, Andy and Eric dig into how layers of abstraction stretching from cloud platforms and managed services to Kubernetes and modern software design are changing what it means to be a SysAdmin.The guys explore where abstraction helps, where it actively hurts, and why losing visibility into how systems actually work becomes a serious problem the moment something breaks underneath the hood.Along the way, they connect abstraction to real-world examples: cloud VMs, Microsoft 365, Kubernetes misconfigurations, browser monocultures, Rust’s “memory safe” reputation, and even how modern generations interact with technology differently than those who lived through the pre-cloud era.The episode wraps with practical advice for SysAdmins who want to stay sharp in an increasingly abstracted world while focusing on curiosity, home labs, documentation, and rebuilding deep product knowledge before the defaults fail you.If you’ve ever felt like IT is turning into a collection of black boxes, this episode is for you.Episode Resources- SysAdmin Weekly Website - https://www.sysadminweekly.com- SysAdmin Weekly Companion Newsletter - https://newsletter.sysadminweekly.com- Github Discussions is Coming Soon! - I Promise!- AndyOnTech - https://www.andyontech.com- Project Runspace - https://www.projectrunspace.org- What are IRQs? - https://en.wikipedia.org/wiki/Interrupt_request- Code: The Hidden Language of Computer Hardware and Software - https://www.amazon.com/Code-Language-Computer-Hardware-Software/dp/0137909101- From Mathematics to Generic Programming - https://www.amazon.com/Mathematics-Generic-Programming-Alexander-Stepanov/dp/0321942043

This week on SysAdmin Weekly, Andy goes on a (fully justified) rant about the current state of browsers and why it feels like there are no good options left for sysadmins. From Chromium monoculture and browser bloat, to AI creeping into the most trusted piece of software we use every day, this episode breaks down what’s changing, why it matters, and why “just turn it off” isn’t a real security strategy.Along the way, Andy digs into:Firefox’s push toward becoming an “AI browser”Why agentic AI inside browsers introduces serious, unresolved threat modelsReal-world examples of prompt injection and AI-assisted data exfiltrationWhy browser forks are a stopgap, not a long-term escape hatchAnd the question: would a "boring" and "security-first" browser have a place in the market?This is less about tools and more about trust, threat boundaries, and the slow erosion of choice in the browser ecosystem.If you use a browser to manage infrastructure, security, or SaaS platforms (so… all of us), this one’s for you.Episode Resources- Firefox News from Windows Central - https://www.windowscentral.com/software-apps/mozilla-says-firefox-will-evolve-into-an-ai-browser-and-nobody-is-happy-about-it-ive-never-seen-a-company-so-astoundingly-out-of-touch- Browser Market Share Data - https://www.tech2geek.net/most-used-web-browsers-in-july-2025-market-share-statistics/- SysAdmin Weekly: "Good Enough" Software is Ruining IT - https://open.spotify.com/episode/6uUdRBvUHpo15x6h2dXpEO?si=ItOqAFpaT8eS11wHIkBa9w- SysAdmin Weekly: The Importance of Documentation - https://open.spotify.com/episode/6OWL5VPiGx08QMIhpGMFsT?si=z3legxgwQXuehPxT4ix_yA- DNS over HTTPS resources - https://en.wikipedia.org/wiki/DNS_over_HTTPS- Encrypted Client Hello resources - https://blog.cloudflare.com/announcing-encrypted-client-hello/- Comet-Jacking Article - https://thehackernews.com/2025/10/cometjacking-one-click-can-turn.html- SysAdmin Weekly Website - https://www.sysadminweekly.com- SysAdmin Weekly Companion Newsletter - https://newsletter.sysadminweekly.com- Project Runspace - https://www.projectrunspace.org- AndyOnTech - https://www.andyontech.com

Modern IT feels stuck in a vicious cycle: software ships faster than ever, quality keeps slipping, and SysAdmins are left cleaning up the mess. In this episode of SysAdmin Weekly, Andy Syrewicze and Eric Siron dig into the growing disconnect between developers and operations teams and why “good enough” software has become dangerously normalized across the industry.We talk about brittle releases, missing error handling, forced beta testing in production, and how operational debt quietly drains time, money, and morale. From real-world outages and monoculture risks to AI hype, “vibe coding,” and the slow disappearance of software testing roles, this episode breaks down how we got here and why it’s not sustainable.To be clear, this isn’t a developer-bashing session. It’s a reality check.If software is going to keep the world running, it needs to be treated as a craft again, NOT a content pipeline. And that means shared accountability, better defaults, meaningful error messages, and respecting the people who have to run this stuff after it ships.Episode Resources- Cloudflare Outage - https://www.bleepingcomputer.com/news/security/cloudflare-blames-todays-outage-on-emergency-react2shell-patch/- Satya Nadella Copilot skills challenge - https://www.youtube.com/watch?v=gBcwQaNoP5A- SysAdmin Weekly Website - https://www.sysadminweekly.com- SysAdmin Weekly Companion Newsletter - https://newsletter.sysadminweekly.com- AndyOnTech - https://www.andyontech.com- Project Runspace - https://www.projectrunspace.org

IT job postings have gotten… weird.In this episode of SysAdmin Weekly, Andy flies solo to take a realistic look at modern IT job listings amongst historic industry layoffs and why so many of them feel disconnected from the actual work SysAdmins do every day.We scroll through real-world postings, talk about unrealistic expectations, role creep, and “unicorn” requirements, and break down how vague or overloaded job descriptions contribute to burnout, churn, and impostor syndrome across the industry.This isn’t a recruiter or HR dunk session. It’s a candid discussion about how job postings act as signals, why those signals are often confusing, and how both candidates and companies can do better by asking the right questions and setting clearer expectations.Whether you’re actively job hunting, passively browsing, or just wondering who exactly these postings are written for, this episode is for you.Episode Resources- Anthropic Report on AI-Enabled Cyber Espionage- IT Specialist Simulator- SysAdmin Weekly - What Makes a Great SysAdmin?- SysAdmin Weekly - Is University Worth it for Aspiring SysAdmins?- Microsoft Learn - Discrete Device Assignment- What are DMARC, DKIM, and SPF?- SysAdmin Weekly Website- SysAdmin Weekly Companion Newsletter- AndyOnTech- Project Runspace

Microsoft Ignite just wrapped and shockingly, it wasn’t only about AI.(Okay, it was mostly about AI.)In this episode of SysAdmin Weekly, Andy and Paul cut through the marketing noise and walk through what actually matters to SysAdmins from Microsoft Ignite’s Book of News. From AI agents showing up everywhere, to Azure resiliency, security posture management, and why massive cloud outages are still very much a thing. This is the practical, admin-focused breakdown you didn’t get from the keynote.We dig into:What Microsoft’s push toward AI agents really means for control, governance, and securityNew Copilot and Azure features that might actually help… and a few that should make you cautiousWhy resiliency keeps failing at scale (and what Ignite quietly admitted about it)How Microsoft is trying to simplify security and management and where the complexity is just shifting insteadThe ongoing reality of cloud dependencies, outages, and shared responsibilityNo hype. No sales pitch. Just two SysAdmins reacting honestly to what Ignite announced and what it means when the slides become production.If you manage Microsoft environments, cloud workloads, or security policies, this one’s for you!Episode Resources- SysAdmin Weekly Website- SysAdmin Weekly Companion Newsletter- AndyOnTech- Project Runspace- Microsoft Ignite Book of News- Paul Schnackenburg on LinkedIn

This week, Andy and Eric dive into one of the most underrated superpowers in IT: community. Not the cringe corporate “community,” but the real stuff. Think mentors, friends, people who help you level up, and the shared hive-mind that keeps SysAdmins alive during outages, zero-days, and career pivots.From basements full of beige boxes to global open-source conferences, the IT world has evolved into something way more connected and way more essential than ever before. Andy and Eric share personal stories from Microsoft MVP circles, KubeCon 2025, early career mentors, and the weird ways community quietly shapes your entire trajectory in tech.In this episode you’ll learn:- Why community is an actual career accelerator- How mentors and advocates appear when you least expect them- Why open-source communities operate differently than vendor ones- Why contributing (even small stuff) builds reputation and opportunity- Why community-first companies thrive.....and community-hostile ones declineIf you’ve ever wondered whether getting involved is worth it (spoiler: it absolutely is), this episode brings the stories, lessons, and laughs to prove it.Episode Resources- SysAdmin Weekly Website- SysAdmin Weekly Companion Newsletter- AndyOnTech- Project Runspace- Bank hit by audio deepfake scam- Earlier SysAdmin Weekly episode on “enshittification”

Ready to leave password chaos behind? In this episode of SysAdmin Weekly, Andy and Eric break down the latest National Institute of Standards and Technology (NIST) password and identity-guideline updates and what they mean for you as a SysAdmin.We cover:- What changed and why (goodbye “special characters just because”)- How to align your org with SP 800-63’s new structure and expectations- Real-world tactics: from passkeys and token theft to legacy systems refusing to dieAlso in this episode: bonus snark, smart home horror stories, PKI headaches, and identity as the new firewallWhether you’re revamping your password policy or finally ready to ditch the “rotate every 90 days” mindset, this one’s for you.Episode Resources- SysAdmin Weekly website- SysAdmin Weekly companion newsletter- AndyOnTech- Project Runspace- NIST Digital Identity Guidelines (SP 800-63 suite)- NIST SP 800-63B “Authentication & Authenticator Management”- Evilginx2 (GitHub repo for the MITM/phishing framework)

In this episode, Andy and Eric dive deep into one of tech’s ugliest trends, the ULTRA-Corporatization of once-great vendors all for the sake of excessive profit at the expense of the company and customers. From Intel’s fall from grace to Dell’s support horror stories and VMware’s Broadcom-induced meltdown, the guys unpack how innovation-driven companies lose their soul chasing shareholder dollars.They trace the full "life-cycle" of this process, from scrappy startup to bloated monopoly and look at how these same behaviors are infecting SaaS and the MSP world. Along the way, expect a few spicy rants about Microsoft’s licensing labyrinth, ARM vs. x86, 47-day certificate rotations, and why SysAdmins now spend more time managing vendors than managing servers.If you’ve ever screamed at an E5 SKU, cursed a firmware update, or watched your favorite tech brand go corporate zombie, this one’s for you.Episode Resources- SysAdmin Weekly Website- SysAdmin Weekly Companion Newsletter- AndyOnTech- Project RunspaceReferenced in this episode:- WSUS Remote Code Execution Patch (CVE-2025-59287)- What Is Cloud Native? (Episode 25)- Microsoft Learn: SharePoint Limits and Boundaries- VMware Episode (Referenced)- GitHub Copilot Episode

Welcome to the Halloween special of SysAdmin Weekly, where Andy, Eric, Paul, and Mike gather ‘round the flickering glow of their monitors to share true tales from the trenches, the ones that still haunt their uptime dreams. From flooded data centers and cursed SAN swaps to Novell nightmares, rogue backup tapes, and the eternal terror of “it’s always DNS,” this episode dives into the real-life horror stories that only SysAdmins could survive. Expect nostalgia, gallows humor, and a reminder that in IT, every scream has a log entry. Grab your candy corn, dim the lights, and join us as we celebrate the season of outages, late-night restores, and phantom pings. Because sometimes… the scariest thing in tech isn’t ransomware, it’s the guy who forgot to check the backups.... #####Episode Resources- SysAdmin Weekly Website- SysAdmin Weekly Companion Newsletters- AndyOnTech- Project Runspace- Azure 15-Year Anniversary News – Microsoft vs AWS Revenue Comparison- OpenAI Atlas Browser- KQLBench – Test LLMs on Microsoft Kusto Query Language- Novell NetWare (for the brave and nostalgic)- OS/2 Warp (IBM Historical Reference)- SharePoint Online Storage and Retention Best Practices

In this episode of SysAdmin Weekly, the crew tackles one of the most debated questions in IT: Is university still worth it for aspiring SysAdmins in 2025?Joining Andy is a friend of the show, Clay, a newly graduated IT professional from the Netherlands who shares his journey from tinkering with PCs as a kid to landing his first SysAdmin role. Together, they unpack how well higher education prepares students for real-world IT and where it still falls short. Listeners can expect an honest, grounded look at the difference between theory and practice in modern IT. The conversation covers: - Whether university programs keep pace with the speed of tech. - What parts of formal education still provide lasting value. - How certifications, home labs, and real-world experience stack up against degrees. - Clay’s early-career lessons, including his first big outage (spoiler: it *wasn’t* DNS this time). - The timeless SysAdmin truths about troubleshooting, documentation, and learning by breaking things. This episode bridges the gap between the classroom and the server room with a mix of humor, career wisdom, and a few painful flashbacks to subnet calculations. Whether you’re a student, a career-switcher, or a long-time admin wondering how the next generation is being trained, this one’s worth your time.Episode Resources - SysAdmin Weekly Website- SysAdmin Weekly Companion Newsletter- Email the show- AndyOnTech- Project Runspace- Clay’s LinkedIn- F5 Networks breach news article- SolarWinds Supply Chain Breach

Burnout in IT is not just “being tired”, it’s a silent crisis affecting countless tech professionals, SysAdmins, engineers, and ops folks who are running on empty. In this episode of SysAdmin Weekly, we dig into the mental health stressors built into the tech industry: constant change, imposter syndrome, “always-on” culture, notification overload, and more.Co-host Eric Siron and Andy share real stories, data, and actionable tactics from boundary-setting to seeking help that can make the difference between surviving and thriving. Whether you’re feeling burnt out, concerned about a teammate, or just want to build a healthier tech culture, this episode is for you.Covered in this episode: - The mental health “baseline” in tech: diagnosis rates, productivity loss, burnout prevalence- Why imposter syndrome is especially tough in IT- The role of organizational culture, remote work, and tool overload- Practical practices: micro-breaks, peer support, therapy / coaching, building psychological safety- What leaders and managers can do to make tech workplaces more sustainableTune in and pass it on to anyone in tech who needs a reminder they’re not alone.Episode Resources: - SysAdmin Weekly Companion Newsletter- AndyOnTech- Project Runspace- Perplexity CometJacking Attack- Satya Nadella Microsoft AI Interview- Slack: Mental Health in Tech (2020)- TechUK - Addressing Mental Health in the Tech Industry (Burnout Index 2022)

In this episode, Andy teams up with Microsoft expert and Aussie tech legend Paul Schnackenburg to break down the buzzword that’s haunting every IT strategy deck: Cloud-Native. Together, they unpack what it really means in a Microsoft ecosystem from ditching on-prem Active Directory and ConfigMgr to embracing Entra ID, Intune, and Autopilot.Along the way, they hit on real-world migrations, the trade-offs of control vs. convenience, and why hybrid identity might actually make you less secure. Expect analogies about Death Stars, cruise ships, and even the Magic School Bus, because of course they did.Whether you’re an MSP plotting your clients’ next move or an IT pro trying to future-proof your environment, this episode’s your field guide to surviving (and thriving) in a Cloud-Native world.NOTE: As a reminder, be sure to share your IT Horror stories with us! We’d love to share as many as we can during an upcoming Halloween episode!Episode Resources:- CVE-2025-32463 (Sudo vulnerability details)- CISA KEV Catalog (Known Exploited Vulnerabilities)- SysAdmin Weekly Episode 22 – IT Documentation (Referenced in comments segment)- SysAdmin Weekly Episode 3 – WSUS Deprecation Discussion- Azure Files Overview- Microsoft Intune Autopilot Device Preparation (v2)- Microsoft Universal Print- Windows Autopatch Overview- Azure Arc for Servers- PowerShell Summit Session: Secure Management of Secrets with Azure Arc (Referenced by Andy)- SysAdmin Weekly Companion Newsletter- Contact the show

This week on SysAdmin Weekly, Andy is joined once again by Mike Nelson for a deep dive into the world of local AI. Together, they unpack Ollama and Open WebUI, exploring how SysAdmins can run large language models on-prem to unlock powerful workflows while keeping sensitive data in-house.From hardware setups (yes, even that dusty old GPU in your basement), to why privacy-conscious SysAdmins are moving workloads local, Andy and Mike cover it all. Along the way, they swap stories on home labs, Ubiquiti gear, Ghost CMS, Hugging Face models, and where open-source AI really shines.If you’ve ever wondered why you’d bother with local AI when ChatGPT is just a browser tab away, this episode lays out the practical sysadmin use cases, security considerations, and future of AI in the trenches.Episode Resources:- SysAdmin Weekly Companion Newsletter- AndyOnTech- Project Runspace- Ollama Models Directory- BookStack Wiki Software- Confluence Free Instance (Atlassian)- Hugging Face Model Hub- Awesome MCP Servers (GitHub curated list)- Previous SysAdmin Weekly Episode: “The Importance of IT Documentation”- Previous SysAdmin Weekly Episode: “Building a Home Lab on the Cheap”

In this episode of SysAdmin Weekly, Andy and Eric dig deep into how to build a fully functional home lab without selling a kidney. We cover picking hardware on the cheap, virtualization (Proxmox, Hyper-V, etc.), managing storage, navigating Microsoft licensing, layering in free cloud tiers, network tricks, and the kind of “what if I push this button?” experiments that keep us awake at 2 a.m.Whether you’re starting from a pile of old PCs or trying to mix in cloud credits, this show gives you the blueprint, the trade-offs, and, most importantly, the sanity checks.In this episode:- How to stretch every dollar on lab hardware- When to go physical vs. virtual (or hybrid)- Proxmox tips, license workarounds, and pitfalls- Cloud free/low-cost tiers you can use for testing- Network, storage & routing hacks we swear by- Real talk about maintenance, scaling, and failuresEpisode Resources- SysAdmin Weekly Companion Newsletter- AndyOnTech- Project Runspace- Windows Server Eval- Proxmox Installation Guide- Azure Free Services / Free Tier- Azure Free Account / $200 Credit- Azure Free Services Documentation

Hey folks! Andy here, and in this episode of SysAdmin Weekly Eric and I answer the hard questions regarding the documentation we all put off, but secretly depend on.... whether we like it or not.In this episode we cover:- Why poor (or missing) documentation is the root of so many SysAdmin nightmares- War stories where “future you” had to clean up past you’s mess- Tools, templates, and mindset shifts to make living documentation actually .....live- Change control, accuracy, and how to trust what your docs sayWhether you're flying solo or managing teams, this episode will give you ideas to start building docs you’ll thank yourself for later.Hit subscribe, ring the bell, and share this with someone whose servers are mysterious even to them. Let’s make documentation less boring, more usable, and fearless.Episode Resources:- SysAdmin Weekly Companion Newsletter- AndyOnTech Blog- Project Runspace- Incident Response Markdown Template- Greenshot Screenshot Tool

This week on SysAdmin Weekly, Andy is joined by regular co-host Paul Schnackenburg for a deep dive into Conditional Access, the cloud-era identity firewall you could say? and a cornerstone of Zero Trust security in Microsoft 365 and the Microsoft Cloud.We cover everything from the basics of conditional access policies to the nuances of break-glass accounts, layered policies, and how to avoid locking yourself (and your entire org) out of Entra ID. Along the way, we touch on Microsoft’s security defaults, authentication strengths, and the role of risky sign-ins and user risk detection in identity protection.Paul and Andy also share war stories from the trenches: configuring fresh tenants, wrangling MFA requirements, and learning why documentation and backups of your conditional access policies matter more than ever. Plus, there’s plenty of SysAdmin banter on Intel’s decline, ARM’s dominance, and even foldable phones!If you’ve ever wondered how to design policies without creating chaos or how to modernize your security controls without overwhelming your users, this is the episode is for you.Episode Resources- SysAdmin Weekly Companion Newsletter- AndyOnTech- Project Runspace- Microsoft Security Defaults Overview- Microsoft Entra Conditional Access Documentation- Microsoft Identity Protection (Risky Sign-ins & Users)- Authentication Strengths in Entra ID- Meister.dev – Conditional Access Testing Tool- Meryl Fernando’s Conditional Access Documentation Tool- Podcast with Tarek Dawoud on Entra ID Architecture

Andy and Eric break down the actual Microsoft skills that move the needle with no fluff, and no buzzword salad. We hit the core Windows/AD fundamentals, the PowerShell magic you’ll use every day, and the cloud/M365 bits that keep modern shops sane. If you’re trying to level up without wasting cycles, this is your roadmap.What we cover (at a glance):- Identity & Directory - AD/Entra basics, Group Policy that won’t bite you later, hybrid gotchas- Automation - PowerShell patterns you’ll use forever (loops, pipeline, remoting, “please don’t run that in prod”)- Networking for Windows admins: DNS/DHCP sanity checks, practical troubleshooting, knowing when it’s actually the firewall- Microsoft 365 - mail flow triage, Teams/SharePoint survival skills- Security stack - Defender realities, Conditional Access guardrails, least privilege that people will actually follow, Just in time administration.- Azure orientation - VMs, storage, networking, Arc and what’s worth learning first- Career path - what to learn now vs. what to park for later, and which certs are signal vs. noiseBring coffee. Leave with a plan. And yes, a little snark, because ticket queues were meant to be mocked.Episode Resources- SysAdmin Weekly Companion Newsletter- AndyOnTech- Project Runspace- SysAdmin Weekly - 018 - What did Broadcom do to VMware?- SysAdmin Weekly - 014 - How SysAdmins can Showcase Value- SysAdmin Weekly - 008 - Getting Started with GitHub Copilot