SysAdmin Weekly #12: Tools, Prompts, and AI Gremlins in the Machine
Where your prompts become attack vectors and your AI agent needs supervision
⏩ TL;DR — This Week in SysAdmin Land
Andy and Mike Nelson unpack how AI agents can assist IT admins in real-world environments.
Missed our episode on GitHub Copilot? Eric and Andy had thoughts and tangible use-cases!
Eric dives into switching Windows Server activation methods via Project Runspace.
Azure sizing made easier with a visual sizer tool for Azure Local solutions.
GPT‑5 is now in Azure AI Foundry, say hello to smarter agents……. hopefully
Learn to cloud the right way with some great fundamentals from Microsoft Learn and a sweet video from Curtis Milne.
Reminder: shared ChatGPT links had a privacy slip, but only for people who used "Share Chat".
Prompt injection attacks are evolving, don’t let your tools turn against you.
Rust vibe coding in VSCode with GitHub Copilot.
Leadership tip: You're not the hero. Your team is, by Michael Cassar
🧠 This Week’s Insight(s) from Andy
This week’s edition rides the edge of a bigger shift: when the abstractions we use (AI copilots, cloud management layers, prompt-based automations) stop being just tools and start becoming the primary way we interact with infrastructure. It's no longer command-line first or docs-first, it’s assistants-first, UI-driven, suggested-code-by-default…. I guess that’s what i’m calling it =P
And that’s not always a good thing.
So this week’s theme isn’t just about new tools, it’s about how our mental models of IT work are being reshaped by the tools themselves. When you start trusting the AI to write your code, manage your permissions, or summarize your risks, you better have a backup plan and a mentality of “trust, but verify.”
We’re not just managing infrastructure anymore. We’re managing the interface to the infrastructure. And sometimes, it lies to us.
What stands out to me about this shift is how much it reminds me of the early days of virtualization. Back then, we were moving away from the world of physical servers where every workload had its own metal. Virtualization was the first major abstraction layer in my career and it took some getting used to. Suddenly, we weren’t configuring workloads directly on hardware anymore, and that broke a lot of long-held assumptions.
But with that shift came huge upsides: high availability became easier, VM mobility unlocked faster recoveries, and templating changed how we deploy systems. The industry hasn’t looked back, and we've kept adding abstraction layers on top of that ever since.
Take Microsoft Azure, for example. Hyper-V still powers the VMs, but you never interact with it directly. The infrastructure has gotten smarter, and now it’s not just abstracting the hardware…….it’s interpreting admin intent. And with AI in the mix, that intent-parsing is only going to get more nuanced.
But here’s the thing: while this will absolutely make some parts of our lives easier, more abstraction means more layers that can break. The more you delegate, the more you need to trust and verify. Otherwise, you’re just flying blind at 30,000 feet in an autopilot you didn’t program.
And now…. back to our regularly scheduled programming.
🎹 Latest on the SysAdmin Weekly Podcast
🎙 AI Agents for IT Admins – with Mike Nelson
Mike Nelson and I had an unfiltered chat about AI Agents. This included, what they are, how they differ from traditional scripts or tools, and where they might actually replace vs. augment SysAdmin workflows. Think: context-aware ticket triage, real-time remediation, and possibly fewer 2 AM wake-up calls. No marketing fluff, just real-world "what ifs" and “what the hecks?”
🎧 In Case You Missed It on SysAdmin Weekly
🧑💻 GitHub Copilot: Friend or Foe for SysAdmins?
Eric and I revisited the age-old debate: should SysAdmins learn to code? And if AI writes the code for us… do we still need to? We look at GitHub Copilot not as magic, but as a tool that, when wielded well, makes scripting faster and learning more accessible. And not to mention, when wielded poorly, it generates dangerously plausible nonsense.
🎧 Sneak Peek of the Next Episode
Coming up in our next episode later in the week: Eric and I are entering the haunted maze of Hyper-V management. Between SCVMM, Failover Cluster Manager, Admin Center, PowerShell, and Azure Arc — it’s starting to feel like Microsoft’s version of a choose-your-own-disaster adventure. We’ll try to bring some clarity to what should be your go-to management path for Hyper-V.
🔍 From AndyOnTech and Project Runspace
How to Change the Windows Server Activation Mechanism
Whether you’re in a lab environment or you just inherited a server with the wrong activation type (OEM, KMS, MAK…….yay acronyms!), Eric’s write-up walks through changing the activation mechanism on Windows Server. No fluff, just the PowerShell code and commands you’ll actually use. Useful if you're prepping golden images or cleaning up after a sloppy deployment.
🧱 Core Fundamentals
Get Started with Microsoft Azure (Microsoft Learn)
New to Azure or just need a structured place to send your junior admin who keeps asking how the cloud “actually works”? Microsoft Learn’s Azure Fundamentals path covers cloud concepts, service models, pricing, and core services. It’s vendor-produced, but surprisingly readable and full of free interactive sandboxes that are GREAT for those SysAdmins that are still learning!
🩵 Helpful Community Content
Vibe Coding a Rust MCP Proxy in VSCode with Copilot
Marc-André Moreau documents his experimental journey building a Model Context Protocol (MCP) proxy in Rust using Copilot. If you’ve been listening to our recent episodes on AI-assisted coding and wondering what that actually looks like in practice, this is a fascinating, nerdy, and completely worthwhile read.
How to Get Into Cloud Engineering
This is a solid walkthrough of roles, skills, and steps to launch your career in cloud engineering by Curtis Milne. It’s a bit dated in terms of specific tooling, but the mindset guidance and roadmap still hold up. Great resource for the up-and-comers on your team.
Don’t Let AI Write Your Code Blindly
With great Copilot comes great responsibility. Adam Bertram breaks down how AI-generated code can go sideways fast, especially when you assume it will be awesome at refactoring code!
You’re Not the Hero. Your Team Is. (Michael Cassar)
A refreshing take on leadership in IT by Michael Cassar. This isn’t another “be the change” fluff piece. It’s about understanding when to take the lead and when to get out of the way. A must-read for tech leads, senior sysadmins, and aspiring IT managers.
🎟 Other SysAdmin Content from Vendors and Official Publications
GPT‑5 in Azure AI Foundry: The Future of AI Apps and Agents
Microsoft’s Azure AI Foundry is now packing GPT‑5, complete with multimodal capabilities, deeper reasoning, and improved context handling. If you’ve been considering building an internal agent to assist with IT support, documentation lookup, or internal ticket triage… this may be the moment. The future’s not just here, it’s packaged in a consumption-based billing model.
🔊 Security Headlines for SysAdmins
ChatGPT Shared Links Leaked Private Data
Heads up: a recent privacy slip with ChatGPT impacted users who shared chats using the “Share Chat” feature. If you never hit that share button, you’re in the clear. But if you did, know that links could have exposed more than just the visible content. OpenAI says the bug is fixed, but it’s a strong reminder that even share links can be a soft target.
“Man-in-the-Prompt” Attacks Target GenAI Tools via Browser Extensions
A new attack vector dubbed “Man-in-the-Prompt” exposes ChatGPT, Gemini, and other GenAI platforms to serious prompt injection risks, all via seemingly harmless browser extensions. These attacks exploit the DOM (Document Object Model) in your browser to silently insert, read, or manipulate prompts in real time, no special permissions needed.
The kicker? Most enterprise environments are already exposed. 99% of orgs run at least one browser extension, and half have more than 10. Security tools like CASBs and DLPs don’t even see this behavior, making detection a nightmare. One proof-of-concept showed a rogue extension pulling ChatGPT prompt history and deleting it afterward like a digital ninja.
🛠 Tool of the Week
Azure Local Solutions Sizer Tool
Planning an Azure Stack HCI, Azure Stack Hub, or local deployment? This visual sizing tool helps you spec out the right hardware, licensing, and footprint for your deployment. Think of it as a pre-migration reality check. It's not perfect, but it’s a great way to ground your architecture in what’s actually supportable.
🧠 Quick Win of the Week
A Useful Command to Grab Local Admin Group Membership
One-liner of the week:
Get-LocalGroupMember -Group "Administrators" | Export-Csv "$env:USERPROFILE\Desktop\Admins.csv" -NoTypeInformation
Set it, forget it (and maybe diff it weekly). You could even throw it into a script to alert when the CSV differs from the previous run! Too many surprise local admins? Now you’ll know.
🧠 Fun Retro SysAdmin Fact
Windows NT 3.1 came boxed with a printed Hardware Compatibility List (HCL).
Back in 1993, getting NT to talk to your NIC, SCSI drive, or graphics card wasn’t a quick web search away, you cracked open the box for a printed HCL binder (or at least a physical document) that spelled out exactly which hardware was supported. If your gear wasn’t on the list, you were likely in for a world of frustration.
☕ Wrap-Up
Whether you’re tuning in for insights, tools, or just here for the snark, thanks for reading another issue of SysAdmin Weekly. We’ll be back next week with more AI misadventures, practical fixes, and the occasional “how did Microsoft expect us to manage this?” rant.
Got a resource or rant of your own? Drop it here > or find me on LinkedIn. You bring the ideas, I’ll bring the coffee.
Fun read, but makes me wonder… are we letting AI become the boss without even noticing?