So I’ve been working professionally with Linux-based systems for a few years, and while I’m not the expert I would like to be, I have got a pretty good feeling for the way those systems work. You have the bootloader, the initramfs, the boot procedure, systemd, PID 1, you can check the logs, you have all those little things that make the system work. Everything is a file, you have file permissions and selinux contexts, you have networkmanager, systemd units, you have (system) users, some just for some services, it’s all dandy… if I have a problem with a program I can usually debug it, check its logs, and get it to run.

Now for work I suddenly need to do lots of administration of Windows systems, Win11 and server, and troubleshoot deep, weird issues…

And I’ve started reading up on it, trying to use PowerShell as much as I can, but I’m just not getting the same high level overview feeling of understanding of how the system works, of how the parts work together. Or even what parts there are, and what they do.

(Especially within an Azure context.)

Books on Windows tend to be very surface level, just instructions on what menus to click through to get a working configuration.

But what’s going on underneath the hood? What do I do when I get a weird VPN issue? I mean, there’s Get-EventLog to check for things in the logs, but… nothing feels connected.

Do you know what I mean?

(Also, how cumbersome is PowerShell? No proper paging like with less in bash, I mean, you can’t go back a page, not with windows more or that powershell pager command, and you have to type sooo many words… and yeah, everything is an object, and I see how that can be a nice idea, but man, does that force you to select properties of those objects like crazy. Is this really a good thing, once you have it figured out?)

Are there one-to-one equivalents between Windows and Linux distros that could help me understand? Or is there a really good book that spells it all out, that sets me on a path where I can someday debug ANY issue and understand what I am seeing and doing?

…and I mean, where do I even start out debugging and understanding things like Entra ID issues in Windows365 machines, and hybrid Azure domains… the Microsoft help usually just seems to be steps on how to configure the stuff, but not understanding how it works…

Sorry, this is all over the place, but I’m just lost right now 🤷‍♂️ maybe someone has felt those same things before and has something wise to tell me?

  • prof@infosec.pub
    link
    fedilink
    arrow-up
    9
    ·
    edit-2
    6 months ago

    That’s a tough question and I don’t really have am answer.

    But if it’s work related I’d look into finding a Windows SysAdmin course somewhere and ask my employer to pay for it, since it helps with your work.

    A cheaper alternative would be online courses. I found Udemy quite helpful in that regard.

    Another possibility is Microsoft Learn, which offers basic to professional “Learning paths” you can do on your own time. There’s also a SysAdmin certification available if I recall correctly.

    Edit, since I just reread your post: Microsoft Learn is almost completely about Azure. So you should really take a look at it.