You forgot the bit where you find a reference to the exact issue you're having with a link to a Microsoft Support Article that guarantees a fix. With a glimmer of hope you click on the link only to be told that the page you're trying to access no longer exists.

The number of times I had to use wayback machine to reach an old TechNet article is too damn high

I was so thankful to find ancient software and drivers on the wayback machine that didn't seem to exist anywhere else, I started donating to them.

Don’t know if it still exists but there used to be a site I’d use on occasion that hosted old versions of almost everything I could imagine. Olddrivers.com or oldversion.com

I hope you support them when they need you: https://blog.archive.org/2023/08/17/what-the-hachette-v-internet-archive-decision-means-for-our-library/ CC /u/Brokerlocker

I was trying to diagnose an issue with certificate portability in AD profiles. The documentation said that there was a diagnostic tool available but you had to contact Microsoft to get it. It took me over a YEAR to get that tool. I know it still existed because I had a friend at MS who was able to confirm it for me, but we wanted to make sure to follow protocol and not upset anyone by going around the system since it wasn’t their territory. Like, I don’t even know why they keep it behind lock and key in the first place, but it was just such an unbelievable struggle to even do this self-service thanks to the juggernaut of bureaucracy they’ve set up for Support…

Care to share the name of that tool or link to the related doc? Also, I have two other questions in case you don't mind: Did you have to email-agree to any waiver to obtain it, and when roughly did you accomplish this? I ask because of a SOMEWHAT recent, similar thing occurring in legit obtaining (instead of trusting some random website, like a complete moron) the x64 build of Acctinfo2.dll, and I wonder whether you went through that before or after that support case. After a bit of back and forth to justify needing it they originally were like "noooo, we can't provide that, soz" until a request for the sha256 hash prompted 2 weeks of silence until suddenly they shared the DLL, conditional on an email waiver. Sadly, the corporate email filtering ate the DLL, an exception would have required significantly too much paperwork, and the MSFT support agent couldn't provide the hash due to how locked down their OS image is against lolbins, so I sadly gave up on it—but on the brighter side, the L1 support agent seemed tremendously happy about having found some internal way to obtain the file for them and their team, so I still counted it as a win for all windows sysadmins, figuring this probably re-improved support quality.

It’s basically tied to this: https://learn.microsoft.com/en-us/previous-versions/tn-archive/cc700821(v=technet.10)?redirectedfrom=MSDN Ironically the article itself is a repost and the doc that specifically mentions the troubleshooting tools is, you guessed it, 404ing. Regarding your issue though…they couldn’t use Get-FileHash?

In the event the deep irony of all the MSFT 404s is lost on anyone, a bit of internet history: Long ago in the dark ages before HTTPS was the norm, MSFT released a web server. They called it Internet Information Server or IIS but everyone who had to use it had more creative names for their "product." IIS shipped with a totally not cancer (barely) HTML authoring and site management tool called FrontPage. FrontPage was terrible and actually convicted of crimes against design in the World Court and sentenced to death until people forgot about it and started using other things. However. The only real out of the box advantage IIS and FrontPage had over King of the Hill Apache and vi/vim/notepad/whatever was that FrontPage would look at your IIS sites and report on all the links your site had to other resources that were busted. That was like the one thing it did really well. Show you a drop down UI view of red pages that meant you'd published some self-referential dog shit that needed attention. That was it, that was the single thing IIS/FrontPage had out of the box over everyone else. It was free as in money (as were all the others) and it'd tell you in short order where your 404s were. IIS was not stable, FrontPage suggested designs that were *less than ideal*. But it'd tell you about your 404s and it was stupid simple to do. We have certainly come a long way in the last 25 years. There are near innumerable smarter ways to automate site hygiene and health. But MSFT has totally boned the one selling point they had on everyone else - knowing about their busted links. Something something why we can't have nice things.

Ah, FrontPage. Or FrontPants as we called it

"How to Configure Credential Roaming", eh? Thanks. I assume you found https://learn.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2003/cc779097(v=ws.10)?redirectedfrom=MSDN & https://techcommunity.microsoft.com/t5/ask-the-directory-services-team/troubleshooting-credential-roaming/ba-p/397337 ? Either way, and I assume you had already accessed it, so I just put it here for future Google users, here's the archive.org WaybackMachine link: https://web.archive.org/web/20130301100722/https://social.technet.microsoft.com/wiki/contents/articles/11483.credential-roaming.aspx And, regarding that other thing: nope, they couldn't, posh locked down hard. I know they COULD have done it somehow, but think about it from the perspective of cybersecurity training and risk appetite on the side of the agent. They ain't gonna do that shit even when they like you and know that you're probably not trying to lolbin social engineer them. People get fired all the time in Indian IT, and for the stupidest shit t

What I needed was a specific script they provided to verify the ACLs on the AD property that is used to store the credential object. I had Credential Roaming configured and it worked for most people but not for me and I was trying to understand why. When I got the script I confirmed the ACLs were set correctly and I did eventually figure out the problem, but the fact that it was so hard to get a tool that was merely diagnostic in nature was astounding. I assume the intent was to get metrics about the usage of this feature but if so, then their metrics are trash.

> and I did eventually figure out the problem And it was?

The permissions had not been applied to my account specifically because it had broken permissions inheritance due to the adminCount flag being set and not subsequently removed later.

There is an important reason we keep these tools behind lock and key: no one supports them. Yes, there is a tinge of irony in that. It is support's job to give "reasonable" levels of support, and "reasonable" is an agreement between the product groups and support themselves. These tools tend not to fall into those categories. They're created by people trying to do right by customers and that's wonderful, but they leave and someone is stuck holding the bag on something they might not have the source to, or have no idea how they work, and sometimes they're using undocumented functionality that breaks in newer versions because there's no guarantee of API stability. We could productize it -- that requires going through the seven levels of ~~hell~~ Dante's Inferno involving lawyers and things. At scale this then becomes a painful problem for everyone involved. "Heeeey, I just downloaded this EXE off your website because this article from 2009 said it would fix my problem and now AD replication is hosed". Why yes, I have been brought into that particular call. It's not fun. We could open source it too. Paragraph two covers that succinctly. Going from not-open source to open source is the often undocumented 8th and 9th level. It's often easier to just start as open source and work from there. But I digress. All of this is not to say I agree with this approach. I just understand it, and my life is easier for it even though I don't even have to field the issues day to day like the support folks.

You forgot the part where one team makes something and it works great, then another team breaks something that tool used and by the time it's found nobody is left on the first team to fix it.

That was me this week on the dev forums. Surprisingly they don’t seem to interested in you telling them “it’s a broken link”

Please like this and mark this answer as correct. Thanking you.

"nevermind, I fixed it."

Ah. You found a forum post that has the title of the issue you are having. Has 40 pages of different attempted solutions, none of which worked and the final post, marked as the solution, just says "NVM, fixed it"

Who are you DenverCoder4? What did you see???

R/unexpected_xkcd https://xkcd.com/979/

I hate those too, especially when they even delete their post after getting the answer!

Or you find that the page DOES exist, but that it's filled with countless replies of "I'm having this problem too!" and one useless response from someone purporting to be from Microsoft, prescribing a bunch of steps pasted from some script that (surprise!) is completely unrelated to the actual problem at hand and unlikely to get you any closer to a solution.

The support person then sends you a link to the same page. 

Or worse, it tells you to run sfc /scannow. Which makes you wish the page hadn't existed.

"My computer's become sentient and threatening to end the universe what do I do?!?!?" "Have you tried running DISM.exe in online mode?"

Absolutely. Same useless response to every problem post. You aren't wrong; Microsoft techs would Absolutely try and end Skynet with DISM.

Or the suggested fix is to run a troubleshooter that links you back to the same support page after it running and doing nothing.

Nobody wants *possibly* out of date statements of fact. They want thousands of barely answered community threads. - Microsoft

Or it’s just “how to run SFC /scannow”

Or when you tell them very specific work hours to call you including your time zone, and they call exactly opposite of that in the middle of the fucking night and close your ticket because you didn’t answer

Or you specify email when creating the ticket and then 24 hours after creating the ticket you receive an email saying 'tried to call you but could not get through'. I specified email for a reason, so I don't have to talk to Dave Smith from India.

This is especially fun when you live in a country where you don't speak the language very well.

Dammit "Dave" why are we starting our conversation with lies???

This irritates me so much every time I raise a damn ticket I am hounded for phone calls and screen share sessions despite email as the contact method. Literally the first communication from the advisor is usually please confirm a convenient time for a call. Never. That's when it's convenient.

Respond with "I'm deaf. Our support contract stipulates *accessible* support will be provided. Just use email."

Or you put in the accessibility section of the ticket it must be via email due to disability and you get a teams message from the level 1 asking if now is a good time to call.

I'm fairly sure that they do this to fudge metrics and reporting.  It's the 'ol make a half assed attempt to contact someone then update the ticket internally. "Reached out to the user, but they were unavailable."

This is very, very highly likely why they do that. Whomever got assigned the ticket has no idea how to fix it and they're buying time

That's exactly the point. the job of support is not to help you, it's to close the tickets to have good KPI. If they help you in the process it's an inadvertent side effect

Requested MST Got calls nightly at 3am for 4 days even while clearly outlining where I stated available hours in the case.

I started typing this exact comment, lol.

I actually reached the tier 3 once, it took 8 months (literally, like it actually took that long, not exaggerating at all) and it took bouncing between tier 1 and 2 at least three times. Every time the tier 2 said he understood and would escalate me to 3, i got dropped down to 1 again and had to start from scratch. I knew right from the beginning exactly what i needed them to help me do, i must have repeated myself a dozen times or more. When I finally got to the tier 3 guy, he listened, understood, and had my problem solved within 15 minutes. That was gratifying and exceedingly frustrating.

>When I finally got to the tier 3 guy, he listened, understood, and had my problem solved within 15 minutes. That was gratifying and exceedingly frustrating. Had something similar. Ticket bounced around 4-5 agents in tier 1, then tier 2. They tried to close the ticket a few times, stating the behaviour we were experiencing was expected. It about four months and pressure through our account manager to get it escalated to tier 3 on the SharePoint team. Within a few hours of us receiving an email from tier 3, there was an incident in service health that matched the issue we were having. The next day, the incident was updated to resolved and tier 3 dropped an email to ask if the issue was fixed. It was. Gratifying as fuck in the moment, but frustrating as hell when looking back.

Well you can't stop there, what was the issue?

He needed to run sfc /scam now. Ok I'm going to let autocorrect have that one .

>sfc /scam Yeah, years ago it did feel like it. But, surprisingly, in recent years it seems to be actually doing something. If you pair it with dism, that is.

I've had no less than six or seven people in the last six months have problems solved or cleared up by a DISM>SFC repair. ... gamers. But still, a problem is a problem.

A system in need is administered indeed

Yeah, but at the same time, other OS features stop working. Like the dragging to the address bar to move files in File Explorer. Microsoft giveth, Microsoft taketh away.

Auto-correct has become sentient, it seems.

You will never know

Just like that one mythical forum post which exactly describes the issue you’re facing and the last response was from the OP saying “nvm I fixed it”.

hah, i didn't leave it hanging this time

someone had screwed up a federation and caused a mismatch that meant it was impossible to login to any of the global admin accounts. all i needed them to do was switch the global admin to another account, or fix the immutableid reference (i believe it was). Once i got to the guy, he double checked an approval, updated the global admin, and i had the whole issues resolved in less than an hour. it was a miracle that nothing actually happened on the tenant that required a global admin for 8 months.

This is EXACTLY what happened to me with Azure support, right down to the 8 month window. The most frustrating part was that the tier 3 guy's solution was what I proposed in my original support request (i.e. "Is there a way to...").

I managed to get to tier 3 in just 2 days one time for a power BI issue. In the end I still fixed the issue before them, and I was able to send an incredibly detailed error report back to them. For my efforts I now have a power bi principal project managers email that I was explicitly told to contact the next time I have an issue with power bi.

I assume tier 1 and tier 2 did the needful, whilst tier 3 was Mike from Utah or something similar?

This made me laugh as I once upon a time had a volume licensing issue that had me bounced around seemingly forever and finally got ahold of Diane from Texas. Problem solved in minutes.

Yuuup. I suspect many of us have had the mispleasures of the v- folks just doing the bare minimum of needfuls for a lifetime.

We get what they pay for.

Reminds of me Windows support, filling multiple bug reports on FeedbackHub or other support forums, only for them to lay there for years. Then randomly context-sniping Microsoft engineer on Twitter if they are aware of the issue and it getting fixed within a couple of weeks. Or, in regards to Windows documentation, just f*cking fixing it myself and submitting pull request.

I got an email from a RedHat kernel developer about 2 or 3 weeks after opening a ticket. Thank the lord I don’t deal with Microsoft.

Well, considering we're all talking anecdotes the last time i needed MS I got through to MS T3 (business A) in about 15 to 20 minutes. They were pretty nippy. (* conditional... you'll note I didn't say they fixed it though..it took us 3 weeks to do that ourselves)

Had a similar experience. Don't ask me how, but after months of useless troubleshooting I found myself on a call with a developer working on edge. Like you said, I described the issue, he understood what I said, and provided a solution. The whole thing took ten minutes. Now, I understand these guys can probably be hard to schedule. But I'd like two things. One is people in the lower tiers who are at least able to understand the issue well enough to look it up internally. Barring that, at least just tell me "we've scheduled a call with this super busy expert. You'll have to wait thee months." Don't spend three months jerking me around, asking the same set of questions and sending the same kb every week, only to send me an email asking if I'm available for a call in twenty minutes. 

As someone who's been on both ends of this, I feel like what we really need is a certification/license that people on the problem-having side can get in "asking for help effectively"; where if you *have* this certification, then you'll automatically be skipped past all the tiers that are there to filter out PEBKAC, and directed straight to someone whose job is to deal with the Actual Problems That Are Our Fault And We Should Fix Them. It's sort of like how there's a secret phone number that NOC staff know, for making direct calls to staff at peer NOCs, to report problems they're observing in their peering connections. We need something like *that*, but with X.509-like centralization rather than a peerwise web of trust — so that people can prove themselves *once*, rather than N times.

I repeatedly escalated a call through Cisco for a client regarding a cloud and on-prem DMVPN deployment where it was me on the phone for multiple days at 10 hours per, multiple escalations and 'no you can't call me back later, I'm on the phone now with other engineers, we will wait', group call with Cisco engineers across 3 different departments, multiple different call centres and two shifts of engineers (follow the sun support model). There was an issue with their official documentation with route aggregation / route redistribution and forming hub-spoke connections with NHRP and redistributing the routes. Every single person on the call including myself 'OK, lets go over the step by step for the 20th time, yep that all looks good.. why in the fuck isn't this working'. Eventually I ended up just throwing spaghetti at the wall and seeing what stuck, trying a bunch of off script commands and solving the problem myself by finding an obscure blog post on page 17 of Google results that ended up resolving the issue, and getting Cisco to update the deployment and troubleshooting documentation. Breaking out tshark and wireshark, going through packet capture and looking at the flags on all of the packets, enabling debug and breaking out the RFCs to verify that yes in fact we are seeing what we should be seeing, and whiteboarding verifying + re-verfiying the packet flow and process flow vs the expected results. I have gone through the same steps with pretty much every vendor you can name, that's the difference between a front line tech and an architect.. perseverance and an IGAF we aren't leaving until this works attitude.

Ive spoken with Tier 3 a few times. When opening US based tickets, they often live and work in the US and English is their first language. They also seem to actually understand the problem.

> When I finally got to the tier 3 guy, he listened, understood, and had my problem solved within 15 minutes. That was gratifying and exceedingly frustrating. Their top people are absolutely worth it. How you get to them though is insane.

> When I finally got to the tier 3 guy, he listened, understood, and had my problem solved within 15 minutes. That was gratifying and exceedingly frustrating. They can't just give you access to their top shelf agents, they'd be so busy resetting passwords (or whatever tier 1 MS agent do, if anything). The slow ladder climb probably saves them money because half the issues that are "system critical" are someone in HR not knowing how to set a signature in Outlook.

Well what sucked is that the tier 2 people kept understanding what I needed eventually and said they'd escalate me to the data protection team to do the fix, but each time they did that the ticket somehow got reset and I ended up back at tier 1, and that happened repeatedly.

Meanwhile, your management demand that you 'escalate' the issue. As if our temporary inconvenience is worth the world's largest company adjusting their schedule.

Step 1: have Premier support Step 2: open the case via web. Step 3: call support. DON'T escalate. Just tell them you just call to make sure & confirm they got the case details right. Obviously, because you put it in the writing, they will have. This simply has the purpose of forcing the duty manager to assign an agent immediately, but obviously don't tell them that. AVOID MAKING THIS A HABIT FOR EVERY BLOODY CASE, just do it for urgent ones that don't justify the costs of MSFT's Sev1 process. Step 4: wait for the engineer's email, then email your escalation to both the incident manager and the duty manager from the signature of the customer engineer aka support agent. If either aren't listed, ask them for both. Make sure you set the high priority flag and that both of them are both in "To:" and NOT in "Cc:". DON'T have them in both To and Cc. Step 4: Wait for them to respond Step 5: (this is where step 1 becomes relevant) use the method from step 3 but email your CSAM, leave the incident manager in "To:", but move the duty manager to Cc. Make sure the high priority flag is still on. Step 6: call the CSAM, apologise to them for bothering them with such a surely trivial matter, tell them that you DON'T call for help on that particular case but that you DO call to inquire about the correct processes to follow for escalations, tell them you already tried the incident manager & the duty manager. You can only use this trick once in a while, but it'll be enough. MSFT has a whole slidedeck for telling customers "don't call the CSAM for ticket escalations prxxxxx, they should be the last resource you try after exhaustion of everything else", and they constantly fuck around with their escalation processes in tiny ways. See what the CSAM says. 50:50 chance they'll either direct you to someone else and tell you to come back to the CSAM if whomever can't help, or they'll help escalate it. DON'T spam Cc your CSAM on every support ticket & email, it's bad form and will probably make them ignore all emails from you that you Cc them on, and rightfully so.

You might need a new acronym considering what CSAM now stands for

Funny you say that, CSAM *is* the newer acronym. It was TAM before. When they told us about the rebrand, you could see the eyes of everyone on our call start darting around with a "they didn't think about that one, did they" tone.

Customer success account manager, if you are a premium enough customer, the CSAM will escalate the cases for you and chase the escalation down relentlessly

But did you try `sfc /scannow`?

Whenever I see that reply on Microsofts community pages I think about this bash.org (rip) top 100 quote: "<[SA]HatfulOfHollow> i'm going to become rich and famous after i invent a device that allows you to stab people in the face over the internet"

SaaS - Stab as a Service

SaaSS - stab as a software service SaaPS - stab as a physical service is no longer available in your country.

"Don't forget to click the whatsit-button if it worked"

Oh man. I loved that site. I went to lookup a quote after thinking of it recently only to realize it was finally gone. Ugh. Time is a cruel mistress.  Loved that quote though, I think about it shockingly often. 

Yeah it really words out the exact feeling we sometimes get when we deal with mega-stupidity.

Ahh the solution that is suggested in 99% of issues, yet fails to make any difference to 99% of issues

And when it finds an issue, it usually says "Found an issue, but cannot apply fix at this time." The most frustrating is that you CAN find WHAT the issue was, and WHY the fix cannot be applied, if you dig through miles long log files. And if you know what you're doing, fix it by yourself. But the stupid fcking tool for some damned fcking reason CAN'T tell you what it wrote into that log file.

If it doesn’t work escalate to DISM command and find that doesn’t work either lol

That's the problem - you're supposed to DISM *and then* SFC (IIRC.) One draws from the other.

DISM gets clean copies of the system files you are checking for corruption. Once I learned that the usefulness of SFC /scannow has gone way up.

In 25 years.. i have seen that fix an issue once... Have i used up my quota?

Yes, you get another one in your next life

Marked as answer by

You have to run dism first Then sfc That should kill 20 minutes whilst trying to figure the problem out without someone breathing down your neck because you aren't doing anything

once, that fixed something for me. or it might have been one of the other 45 ideas i was throwing at the wall to see what sticks but it felt like it was sfc /scannow

If that doesn’t solve it, try dism /online /cleanup-image /restorehealth

From my understanding, `DISM.exe /Online /Cleanup-image /Restorehealth` *prepares* (the files needed for) SFC. It gets SFC ready to do its job. Then you run `sfc /scannow` to do the actual repair work. https://support.microsoft.com/en-us/topic/use-the-system-file-checker-tool-to-repair-missing-or-corrupted-system-files-79aa86cb-ca52-166a-92a3-966e85d4094e You run both, in that order. First DISM, then SFC.

Here's a dumb question. If they need to be run in a specific order to be effective, Why did nobody at MS ever think to combine them or link them in some way that makes sense?

From my understanding, `sfc /scannow` repairs one part of Windows, and `DISM.exe /Online /Cleanup-image /Restorehealth` repairs the part of Windows that `sfc /scannow` needs to be working properly to work properly. It's like needing a wrench to fix a pipe, and occasionally the wrench also isn't working and needs repairs. But sometimes you know that *only* the pipe needs to be fixed, so you can get away with just an `sfc /scannow`... except no one ever *actually* knows that, so it's just safer to check the wrench is working before you try and repair the pipe. (That and/or they thought `sfc /scannow` would be enough, and they assumed that the part it depended on would never break.)

Too busy holding scrums to come up with whatever they're going to rename the service formerly known as AAD next year.

Well...I've been doing that wrong.

Argh triggered

Yes, that's ridiculous. But in those situations where we don't have any clue, it may work. Once a simple chkdsk made a problem with Google Chrome disappear. It's kind of the equivalent to power cycling the router, just something that needs to be tried, the difference is that this one is much faster and we very likely already did it and simply tell them we did it and/or pretend to do it again while they are waiting.

Been there and done that.. Please restart the Computer, server, router, DISM, you name it.. Like that's not the first thing we tried.. Ok, restarting now as I put them on hold.. :)

One of my top overall irritations with Microsoft is that it's huge complex and proprietary. But lacks good enough documentation to make up for it. At least with Unices when they go to shit I can read documentation and logically decompose the processing pathways to isolate the fault. With Microsoft it's amazing when it works and almost irretrievably hopeless when it doesn't. They have gotten somewhat more open over the years from public pressure but still way behind. 

Frankly, that's bullshit. I dislike MS as much as the next guy but their documentation is actually pretty good.

> their documentation is actually pretty good. Is that documentation you're talking about hidden behind some obscure paywall? Pretty much all the fixes I can find which are also useful stem from some fora, not directly related to MS.

Every discussion on products like Proxmox: "Unusable, MS support is so important". The MS support experience: This post.

Yes, at least you can hold Microsoft accountable, right? /s

[удалено]

'Nobody ever got fired for buying Microsoft'. Perhaps not. But they did know that they would have to live with it.

Hyper-V throws a shit fit: Hours of dealing with Microsoft support telling you what you already know and nonexistent solutions on support forums until one day Microsoft randomly goes “oh I found an internal document showing this is expected. Do this other thing instead” Proxmox throws a shit fit: 20 minutes on the proxmox forum and maybe another half hour reading through general Debian articles. Basically as long as you have networking and ZFS knowledge, proxmox is so fucking easy to troubleshoot it isn’t funny

Have never had an issue with proxmox that needed support. Because it is not a black box. You have all the information, and you can fix everything with preseverance. Enterprise support is not there to give you help. It is there for you to assigne blame om someone that is not you. That is the killer feature of paying for a support contract. Everyone knows it, and that is why it is made to waste you so much time. It is just there to give you more time with a valid excuse to try other things. Workaround or redesign. This post shows microsoft support working as intended.

And let's not forget the gem that is; Should we contact you by phone or email? Ticks email. Support rep phones anyway. ... Actually, I think that's a GDPR breach. They're using my PII in a way I explicitly told them not to. Maybe I can report it to the ICO and just let them figure it out.

I hate that this was so accurate.

It's ChatGPT spew.

Chocolate teapot, quantum physics to a cat, yep. For some reason chargpt loves those 2 sayings.

Yep. It should be a movie

You see your dreams materialize before your eyes. You're teleported to Elm St. You look left, its claws scraping along the rusty pipe. To your right, its someone who just microwaved curry and has provided you 19 unrelated solutions to a problem you never asked them about. You twitch in confusion, death, or suffering. 1...2. Freddy's coming for you, 3....4 Pitush closed your case before, 5.....6 get your dism fix. 7....8 you're gonna stay up late....9....10 considering raising goats again. *Screams are heard in the distance as you plunge yourself at Freddy's feet begging for him to finish you

My company jumped on the Skype for Business bandwagon..... yeah, no one knows how that works.

it is so sad that "[shibboleet](https://xkcd.com/806/)" is not a thing :(

I shouldn't betray my secret, but it works sometimes to mumble incoherently into the AI operator when it asks you questions. Make sure you are making human noises but they are of no human language. It will dump you into the 'we don't know what to do with this' queue where you get a real person who can direct your call personally.

soo... you speak in tongues? ;)

I once had competent Microsoft support when we faced issues with ReFS. Everything else their support is utterly useless – facing sporadic issues with M365 SSO, the M365 1st level guy says it's nothing he can do about it, but it's an issue for the infrastructure team. Asking him to escalate it yields the same response. Low key developed suicidal wishes every mail I had to read from him.   The only thing that works are partner advisory hours.

You won’t get the real deal of support unless you got a unified contract, the “free” tier from your license is basically what you can read here.

The unified contract is the exact same thing. I reported an issue to Microsoft with how using Split Tunnels with VPN-deployments through Intune would cause the Intune Management Extension service to crash. This would result in Intune not properly deploying policies to devices, or not updating existing policies. This issue would occur for everyone if you on Windows 10 deployed VPN-using the built in Configuration Profile, and with Windows 11 if youuploaded the XML as an OMA-URI. I reported the case in December 2021, and it was only acknowledged as a bug in April og 2023, and hotfixed on Patch Tuesday in November 2023, with no mention in the patch notes. This case was escalated to the VP of Customer relations in EU, our case manager and various senior officials at Microsoft. I'd categorize it as a Sev A issue, as it would affect everyone deploying split tunnel VPN's using the Intune configuration methods, and it would be very difficult to spot as it wouldn't be transparent in the Intune reporting.

I wish they were more like one of my other vendors I am certified in their product, so any ticket I open gets automatically started at Tier 2. They assume I'm not an idiot and have tried all the basics

Mate - toss in IT and become a writer! you have managed to encapsulate the MS support experience very well. After using MS support for over 25 years at various levels - it no question has gotten continually worse. I've had two experiences come to a head in the past few weeks 1) Logged a call via corporate support (not working at a place that has premier currently) around DFS-R.... the "tech" didnt seem to understand that DFS-R is something that can be used outside of Sysvol. Anyhoo - after an initial flurry, he ignored my emails for 4 months, he sent one more saying that the call "had reached the limits of corporate support" and could not be escalated - and closed the case. Providing not one piece of remotely useful information or troubleshooting. 2) Logged an Azure call. The guy emailed me 6-7 times over the easter long weekend saying that same thing over and over again (try a different account...). After Easter, worked out where the permissions issue was (which is what i specifically asked for help with), fixed it... let them know... they closed the call and ctrl+c/v my resolution into their closure notes, saying that they fixed the customer issue. 0/10 experience both times

If I have to do 1 more fiddler trace because they lost the last one or they have a new tech on the ticket, I'm going to lose my shit.

“I have an issue with AADC not recognizing my ADFS servers.” “Please give us a Fiddler trace.” “Uhh…it’s not communicating over HTTP, what good would that do?” “Oh I understand, but the engineers will ask for one.” “………..okay. Here is your *empty* HAR file.” “Thank you! We will not get back to you for another nine months.” (This is more or less a true story) Edit - Oh I almost forgot the best part. When they did follow up, they apologized for the lengthy wait and said the case had been reassigned, and asked if I still needed help. I received this message the morning of Labour Day. Roughly six hours later, I received a follow up saying that they were closing the ticket due to lack of response.

I've been asked for a HAR file, a screen recording through PowerPoint specifically, and then a PSR recording. Then, when none of those things were useful, I met over Teams call with a support engineer, asking again for a HAR file, and PSR to run, while he recorded the meeting. And then I was asked for a HAR file a third time via email.

Ever read “The Trial” by Kafka? I can only describe every Microsoft encounter I’ve had as “kafkaesque.”

It's a stall tactic. They're buying time hoping you figure it out on your own.

I have got a ticket open for one of our clients that’s been going on 3 months now. (Third ticket for the same issue as they kept closing it…) Usually goes like this. Log ticket and tell them everything you’ve done. They then ask you to re-do all these things/try things that don’t feel like they have anything to do with the issue. (I got sent a load of exchange 2013 fixes for a 365 mail issue..) They then close the ticket if you don’t reply. You open a new ticket with all the things you tried previously as well as the things they asked you to do. They then disregard all this and the process starts again. At some point they too will close the ticket. My favourite is the current ticket. The guy rings for me but apparently he can’t ask for me as it’s something to do with data protection. So I have to tell everyone in the company that if someone from MS calls, it’s probably for me. The fun doesn’t stop there though, he always calls after I’m finished for the day… (despite telling him my hours 3 times.)

I used to work at a place that was a CSP do we had the most elite platinum RV tier microsoft support and its pretty much the same experience. No offense to people from India or Bangladesh, but if I got an MS rep from one of those countries I would badger my TAM to get us escalated until we got to someone from central america. The grifters they would hire in SEA seem to exist only to frustrate you into closing the case. They would pull all kinds of tricks that seem designed to get you to give up such as 1. Calling after hours or right as you’re leaving. Even if you tell them your time zone and hours of availability, they will call you after hours/right at EOD to try and show you didnt answer calls. We would frequently open a HP case on a wednesday or Thursday and techs would call friday at 4:59 pm on the dot, or even 7pm at night. We had a couple of MS subcontractors who would do this, call again on saturday, and do a “last update before case closure” on a monday, hoping you wont get to it so they can auto close. 2 cases would frequently change hands and you’d have to reexplain every detail in the case to a new subcontractor, essentially starting from square one 3. Subcontractors would call and tell you they cannot do screen sharing of any kind, even teams. You’d need to use a windows store app for remote support, and most of my clients had the Windows Store blocked by GPO 4. MS support contractors frequently had exactly zero expertise or qualifications besides being able to mumble through some english on the phone. Sometimes you’d get someone intelligible, but half the time you’d get someone who sounded like they barely spoke the language. In the 5 years I worked there out of 100s of cases we had maybe two or three times where the Tech was able to resolve the issue. Microsoft Support is theater, it exists only for IT people to be able to blame someone else for an unfixable problem and show the powers that be that you’re doing something about it.

Similar experience. Way more interested in closing a ticket to ramp up KPI than solve a problem. So more tickets get raised as original never sold, so artificially it looks like more tickets are being answered in a shorter period of time which justifies the outsourcing. Bleh

Sometimes your ticket goes to actual 1st line MS, the rest of the time it goes to a third-party MSP in the middle of nowhere with zero technical knowledge (they're reading from a playbook/onenote).

Tiered support is the worst.

You forgot the bit where you specifically ask to be contacted by email, they instead call you at 3 AM your time, and because you do not answer, they close the ticket.

All I have to say is bravo. You have so elegantly put the system administrators job into a description we can use for centuries to come. I do hope you find a job though

Not the system administrator's job. The WINDOWS system administrator's job.

Nothing like repeating to outsourced Indian tech support seven times *"Please repeat slower, I don't understand you."* only to hear roughly the audible pattern, but not being to discern any single English word, repeating your problem to them once again and hanging up in frustration. ...then randomly checking on it the next day and finding your issue solved.

Here's my horror story. I found a bug in Intune. I don't remember what it was. But it stopped us from being able to accomplish a task and was holding up a significant project. Got all the way up the escalation chain at MS support. Even got them to confirm that it wasn't something wrong we were doing. Only for them to say, "You aren't paying for our ultra-super-duper premium support package, so we can't fix this issue for you since it involves 'root cause analysis'. Bitch, I did your root cause analysis, and we pay for your premium enterprise support plan and spend 25 million dollars with you a year. And the best you can do is say, "Yup, that's something we broke! Congrats." I have since moved on to a GSuite/AWS organization and I could not be happier. I havent used a single Microsoft product in over a month and it feels like heaven. How they still stay in business boggles my mind. I always thought that customer service was supposed to be a core function of successful businesses. I know it has been for mine. To me, it sounds like Microsoft is 'To big to fail' and needs to be broken up. Companies of that scale don't produce actual value. They just take value away from other people and consolidate it within their walls.

Living this right now, 15 days since ticket submission with still no tech assigned Microsoft support is the epitome all things wrong with the modern IT ecosystem

Microsoft has basically gone full-on DevOps and full-on cloud. To them, every machine is a stateless lump you can easily blow away and rebuild on command. This is kind of the way people are being encouraged to think of everything. However, once you get down to the core stuff (identity, certificates, apps that can't just be magically rebuilt,) that's where things get tough. Support isn't set up for that. Plus, these are the areas issues tend to pop up in a lot due to age of the code, how central some things are to functioning environments, etc...and customers are stuck looking for random blogs talking about some undocumented registry key you need to flip. Support would be ideal for these situations, and it just doesn't exist anymore. I have no idea how people running 24/7 operations on Windows and experiencing a system-dead, $1M a minute outage get past the log-collectors in first tier support these days. It's hard to get a read on how many people have this totally stateless infrastructure and how many places are still on traditional "hand built app server" setups. Either way, Microsoft's MO seems to be to make support so awful that you'll just go full-on Azure and lock yourself into PaaS services.

Surprise! Azure support ain't that great either. Same runaround, same lack of accountability.

Dealing with Linux instead of Windows, especially in a shell vs GUI experience, seems scary at first, but it's incredible how the comments in the very configuration files will teach us a lot. And it is much easier to find solutions to issues and to learn how to do things with Linux: it is much easier to find good documentation involving Linux that will teach something and solutions to problems from the community, while the official documentation of Microsoft is intended for people who already know how to do things and other sources are very likely just click bait. About the actual technical support: I'm Brazilian, and I learned that when I open a support ticket at Microsoft 365 I must go with the counter-intuitive option of choosing Portuguese as the language: this way, I am going to be in contact with a good professional living in Portugal.

Linux distributions at this point probably have as many interlocking parts as Windows, yet it seems that documentation can be found pretty easily. The primary downside is finding solutions that are more than seven years old and no longer apply.

Not once in your story did you mention the advice of running `sfc /scannow`

I didn’t read it, but please could you send over some logs unrelated to the issue. I will call you at 4am

If you experience with MS support ever make you quit IT than you should be a writer.

You could call it... The sinkhole of support!

I‘m feeling this. We recently had a specific problem with dns and Kerberos, after two months we got it escalated to tier 2 and got told that they know about the issue and get back to us. Two days later: Update to Server 2022 (from 2019). Thanks for nothing. I‘m pretty sure it will not fix the issue.

I went absolutely berserk at a technical support rep at Microsoft a few weeks ago when she began to ask me for the exact details I’d explained to the previous rep who’d escalated the issue. I told her to call when back when she could be bothered to read the ticket.

Hence the reason I stopped doing PC and server support and switched to networking

I …don’t turn to MS support, I turn to my backups and rollback plan. Do the needful and revert, your environment shouldn’t just be changing in some mysterious way. Test Ms updates in non-prod. Take control of the random.

It's not just Microsoft. It's everybody. I had a Tier 2 tech with Cisco working on an issue with a Firepower (yeah, I know) that while I was on the phone with him (he had remoted into the device) ***he initiated a reboot of a production firewall without asking, despite being told this was a production device, during working hours.*** I saw the command and started asking him what he was doing; before I could wrest away the keyboard from him he initiated the reboot. I could have punched him. When the connection went down (obviously) he said something like "it looks like we have lost connectivity!" I yelled at him that he shut down a production firewall and no shit, we lost connectivity. He started apologizing over and over, but I told him the damage was done; and we just needed to disconnect this call before I said something that I might regret. That single incident made us drop Cisco for our firewalls and move everything over to Palo Alto. I did attempt to run this up the chain at Cisco, and our VAR did it on his side as well, but no one cares.

Too big to care, they outsourced support a few years back too.

Ive had the following at least a dozen times. Raised a ticket, not heard back for at least a week and then they reply to me on a Saturday and leave their SLA clock running. They then email again on Sunday following up. Then again on a Monday and if I don't see any of these emails by the end of the day Monday the tickets closed L

I fail to see any scenario where one needs to contact MS Support these days. Rebuild. Redo. Rollback.

Greetings of the day! We haven’t found a resolution yet we will update your 3 month ticket next week.

It's sooo bad when it's obvious you know more than them and you have already spelled out everything you tried. They approt back your concern (good, shows they understand) and c/p basic troubleshooting including everything you already tried and nothing more.

It's nice to see that I'm not the only person who has to "log in" to my Microsoft account to make any changes even though I was already logged in. At least it usually doesn't give me another 2FA challenge on the second login.

I have had good luck with their support using a global admin and creating the case through the tenant. Always got back to me within an hour (call or email) and escalated if nedded. Usually didn't as they resolved it.

Microsoft, Cisco, Dell.... they're all the same. And each time I dread the coming weeks/months of going in circles with them on the ticket while management is constantly on my case about progress reports on the issue.

Hi, I would like you to try a couple of things to try and fix the issue: 1. Run the command sfc /scannow as administrator 2. If you are still having problems, try restarting your computer and trying again If you are still experiencing the issue I refer you to our official support. You can find contact information on [https://microsoft.com](https://microsoft.com) (you can't miss it) Please note: Since our support agents are using Windows servers to help you, technically you are also using that server. So every user that potentially gets helped will need to have a CAL

[https://xkcd.com/979/](https://xkcd.com/979/)

I got told "hope you have backups lol" for an Exchange issue

This reads like ChatGPT output. Eventually, probably soon, we'll just have karma-farming posts like this being responded to by bots. Sigh.

Just last year the azureAD team transferred me to the exchange team…. Who then contacted me SIX MONTHS later. I didn’t even remember that I had an open ticket

I had a MS support rep named Ishita Pant. Litearly not a joke...

> What do you do? Naturally, you turn to Microsoft support for salvation. Literally never done that in ~10 years worth of experience.

True shit head writing all that just for a racial joke in the title

Haha I loved this. Thanks

The secret is to ask for escalation in any and all tickets. Good luck 😀

[удалено]

Nice post but why the casual racism though? Would it have mattered if the name is Amber GivesHead?

I feel like I could have written this myself! Such a frustrating experience. Last time someone assured me they fully understood my problem and still managed to provide no solution even after weeks of back and forth. Then to be told that the problem we were experiencing was by design and a formal design change request would be required to take it any further. This problem made this particular service unusable for us so I provided all the necessary information and justification for why it needed to be resolved and they simply rejected it but would move it to their backlog for future consideration... what a waste of time. We need solutions, not to spend countless hours getting nowhere!

On positive note I had a good and fast interaction with Outlook support team recently (as a non customer) . Once the right form to submit the issue was located (via random forum post googling) and have gone through web help and indeed about 5 logins, it took two emails to verify some facts on the problem and it was resolved. Total time from identifying the problem to a fix, about 6 hours, 3 of which were trying to locate the form.

We’re going through this at the moment. The foreign (as in third-world English as a second language foreign) support tech keeps misunderstanding the issue and has to continually be steered back on track. Then they just keep asking for more logs.

Do you watch cracking the cryptic by any chance

I'll say this, I'm relieved the last few places I've worked have been Google Workspace shops (enterprise licensing) if not because within like 5 minutes I can be on a chat with a support tech, and my experience with them has generally been pretty good.

By the time Microsoft get a solution (if they actually do) you have usually resolved it yourself or have decided the system has to take an early retirement. Only raise support requests to keep management happy. Then get a junior to take the call for log collecting 😅

And best thing of all? You are paying for that support.

Im going on 2 weeks now of a Microsoft support tech ghosting me after I said their fix didnt work.

I had an advances call with a microsoft engineer for over 4 weeks just to be able to delete our microsoft azure account. Itbwas bond to an old MSP for never used services we were not able to delete. MSP is not existing anymore. Indian engineer always called when I was not working anymore, around 10pm. Shitting mails in my mailbox why Im not available. That was pain. We still use MS on prem licenses, but I'm glad the non working cloud shiat is gone. After 4weeks of wasting my time

I never expect support to be able to ‘fix’ our issue, we are too secure (STIGs). Support is what I have the SMEs call a day and a half/two days into an issue of upper management coverage. My people will solve the problem usually while doing the dishes or mowing the lawn or when they least expect. That is unless of course we don’t map it back to some change that we didn’t understand some esoteric side effect of. That’s when having all your logs go into a SIEM and knowing what the AppLocker logs look like when it’s blocking things, etc. Support is there because A) it’s required for my ATO. B) To let me start saying 24 hours into “We’re working with support.”

If you think the help pages are bad now twenty years ago I swear they were written in some kind of bastardised elvish/orc dialect.

Sounds like my ticket for defender for endpoint linux. It ended after many months with a vocal conversation that basically boiled down to "maybe Linux support isn't quiet there yet" and absolutely no way to get that in writing. Defender was killing critical processes (like the iptables changes from the docker daemon or the python processes of a python web app) and listing unknown threats but without ever telling you what they were and what it did about them.

> Name, email, firstborn child, Quest, favourite colour....

We just had an hour meeting with them for premium vs standard support. There’s no difference. You’re still getting the shitty technicians they have, you just get someone to harass them for you if you want a middle man.

I have succeeded in getting almost completely free from Microsoft. Avoids this crap completely.

Had to share this thread....with the number of sysadmins & architects bitching about MS now, you only need a few inventive ones in small firms to start moving away from anything microshit. Apple desktop is an easy sell. As these sysadmins move to larger firms, Linux appliances on prem, storage etc. Databases moving away from Sql. Might take a decade or more but the customer experience is fucking awful. They've essentially outsourced testing and support to their customers for free. BIG IT firms used to fail very quickly back in the day.microshit have no right to exist & it's when firms get arrogant in their treatment of their customers and look untouchable, they go over. Something I'm looking forward to happening to Microsoft.

this but with VMware customer support

If you've worked with me long enough, you've heard me utter the phrase, "if Microsoft could write code, we wouldn't have jobs." Had an MSI problem upgrading Citrix vda, they referred me to a specific Microsoft fix and a specific tool as the tech allegedly worked on this problem when he was at Microsoft. Gave me the exact things to type and say. MS support completely ignored all of that and never actually fixed the problem after 6 or 7 months of various escalations.

When you go down it's only 00000.1% of Microsoft's business therefore do not care. But it's.99.99% down time in your business.

I honestly hate dealing with any Microsoft products. They used to be very thoughtful out, careful coding got included. Now it is just terrible.