Roadmap

System Administrator

The engineer who keeps servers, operating systems, and core infrastructure services running. Manages Windows Server and Linux environments, Active Directory, virtualization, patch management, backups, and monitoring while users and applications depend on these systems being available.

OPTIMISTIC 18–24 monthsREALISTIC 2–3 years

Stage 00

Computer Hardware & IT Fundamentals

Sysadmins rack servers, replace drives, and troubleshoot hardware failures. Physical infrastructure knowledge is required.

Server Hardware

Rack servers — 1U, 2U, blade chassis — form factors and deployment contexts
Tower servers — SMB environments, physical office spaces
Server components — CPU sockets (dual-socket configurations), ECC RAM, RAID controllers, hot-swap bays
iDRAC / iLO / IPMI — out-of-band management (manage a server remotely even when OS is unresponsive)
UPS (Uninterruptible Power Supply) — runtime protection, graceful shutdown scripting
Server room basics — cable management, airflow, environmental monitoring

Storage Systems

RAID levels: RAID 0 — striping, no redundancy, maximum performance and capacity; RAID 1 — mirroring, 50% capacity, survives one drive failure; RAID 5 — striping with parity, minimum 3 drives, survives one drive failure; RAID 6 — striping with double parity, survives two drive failures; RAID 10 — stripe of mirrors, survives one drive per mirror set
SAN (Storage Area Network) — block-level storage over Fibre Channel or iSCSI
NAS (Network-Attached Storage) — file-level storage over SMB/NFS
DAS (Direct-Attached Storage) — storage directly connected to server
Storage protocols — iSCSI, Fibre Channel, SMB, NFS, NVMe-oF

Networking Hardware

Switches — managed vs unmanaged, VLAN configuration, 1G vs 10G uplinks
Firewalls — appliance-based (Palo Alto, Fortinet, pfSense), rule management basics
Load balancers — distributing traffic across servers, health checks
DNS and DHCP appliances — dedicated network infrastructure services

Resources

Professor Messer CompTIA A+ (free YouTube)
CompTIA Server+ study materials
Dell/HPE server documentation (free)

Stage 01

Windows Server Administration — Deep

Windows Server is the backbone of most enterprise environments. Active Directory depth is the single most tested sysadmin skill in interviews.

Windows Server Fundamentals

Windows Server versions — Server 2016, 2019, 2022, 2025 — key feature differences
Server Core vs Desktop Experience — headless vs GUI, PowerShell management focus in Core
Server roles and features — installation via Server Manager or PowerShell
Key roles: Active Directory Domain Services (AD DS); Active Directory Certificate Services (AD CS); DNS Server; DHCP Server; File and Storage Services; Web Server (IIS); Hyper-V; Print and Document Services; Windows Server Update Services (WSUS); Remote Desktop Services (RDS)

Active Directory — Deep Administration

AD DS installation — dcpromo (legacy), Add-WindowsFeature AD-Domain-Services, Promote to Domain Controller
Forest and domain design — root domain, child domains, trusts
Domain Controller promotion — PDC emulator, RID master, infrastructure master, schema master, domain naming master (FSMO roles)
Sites and site links — controlling AD replication between geographic locations
AD replication — KCC (Knowledge Consistency Checker), replication troubleshooting (repadmin /showrepl, dcdiag)
Active Directory Users and Computers (ADUC) — advanced administration
Active Directory Administrative Center (ADAC) — modern GUI, PowerShell history pane
Bulk user management — CSV import, PowerShell scripting
Service accounts — managed service accounts (MSA), group managed service accounts (gMSA)
Organizational Unit (OU) design — departmental, functional, geographic — GPO application implications
Delegation of control — granting specific AD permissions to non-admin users (e.g., help desk password resets)
AD Recycle Bin — enabling, recovering deleted objects
Fine-grained password policies — different password policies for different users/groups
Protected Users security group — mitigating pass-the-hash and credential theft

Group Policy — Deep

GPO processing order — Local → Site → Domain → OU (LSDOU), last writer wins
WMI filters — targeting GPOs to specific hardware or software configurations
Loopback processing — applying user policies based on computer location
GPO templates — ADMX/ADML files, central store configuration
Common GPO settings: Software deployment — assigning or publishing MSI packages; Login/logoff/startup/shutdown scripts; Drive mapping — Group Policy Preferences; Printer deployment; Power management; Windows Firewall rules; Desktop restrictions — locking down user environments; Windows Update policies — WSUS configuration, ring deployment; AppLocker — application whitelisting
GPO troubleshooting — gpresult /h, RSoP, GPMC modeling, Event Viewer GP operational log
Starter GPOs — templates for consistent baseline GPO creation

DNS — Server Administration

Forward lookup zones — hostname to IP resolution
Reverse lookup zones — IP to hostname (PTR records), required for some applications
Record types — A, AAAA, CNAME, MX, SRV, NS, SOA, TXT, PTR
Conditional forwarders — directing resolution for specific domains to specific DNS servers
DNS delegation — splitting DNS authority between servers
Dynamic DNS — automatic record updates from DHCP clients
DNS scavenging — automatically removing stale records
DNS debug logging — troubleshooting resolution failures
Split-brain DNS — serving different answers internally vs externally for the same domain

DHCP — Server Administration

Scope creation — address range, subnet mask, exclusions, reservations
Scope options — default gateway (003), DNS servers (006), DNS domain (015)
DHCP reservations — binding MAC address to always receive same IP
DHCP failover — high availability between two DHCP servers
DHCP authorization in AD — security requirement for AD-integrated DHCP
DHCP audit logging — tracking lease assignments
IP address management (IPAM) — Windows IPAM feature for centralized IP tracking

File Services

NTFS permissions — basic (Full Control, Modify, Read & Execute, Read, Write, List Folder Contents) and advanced
Share permissions — Everyone Full Control vs restrict at NTFS level (best practice)
Effective permissions — combining share and NTFS permissions (most restrictive wins)
Distributed File System (DFS) — namespace consolidation, DFS Replication (DFSR) for branch offices
File Server Resource Manager (FSRM) — disk quotas, file screening, storage reports
Access-Based Enumeration (ABE) — hiding folders users cannot access
Volume Shadow Copy Service (VSS) — previous versions for user-level restore
Shares troubleshooting — net share, net use, \\servername\sharename access testing

Print Services

Print server — centralized driver management, queue management
Print Management console — managing all printers and queues from one location
GPO printer deployment — deploying printers via Group Policy

Certificate Services (AD CS)

Why certificates matter — HTTPS, code signing, 802.1X wireless auth, smart card logon
PKI hierarchy — root CA, subordinate CA
Certificate templates — defining what can be issued to whom
Auto-enrollment — automatically issuing certificates to domain computers and users
Certificate revocation — CRL (Certificate Revocation List), OCSP
Common certificate issues — expired certificates, missing intermediate CA, wrong SAN

Windows Server Update Services (WSUS)

WSUS architecture — WSUS server pulling from Microsoft Update, clients pointing to WSUS
Synchronization — scheduling, product and classification selection
Approval and deployment rings — test → pilot → broad deployment
WSUS maintenance — database cleanup, IIS application pool settings, expired update removal
GPO configuration for WSUS — Automatic Update detection frequency, target group assignment

Remote Desktop Services (RDS)

RDS components — RD Session Host, RD Connection Broker, RD Web Access, RD Gateway, RD Licensing
RemoteApp — publishing specific applications rather than full desktops
RDS Licensing — per-user vs per-device CALs, license server activation
RD Gateway — secure remote access without VPN

Resources

Microsoft Learn Windows Server documentation (free)
TryHackMe Windows Fundamentals rooms (free)
John Savill's YouTube channel (free, excellent Windows Server and Azure content)

Stage 02

Linux Server Administration — Deep

Linux runs most enterprise servers, web applications, databases, and cloud workloads. Sysadmins without Linux depth are increasingly limited.

Linux Fundamentals — Full Review

Filesystem hierarchy — /etc (configuration), /var (variable data, logs), /home (user home dirs), /opt (optional software), /srv (service data), /proc (kernel and process info), /sys (hardware parameters), /boot (kernel and bootloader)
Users and groups — /etc/passwd, /etc/shadow, /etc/group, useradd, usermod, userdel, groupadd
File permissions — rwx, octal (755, 644), chmod, chown, chgrp, umask
Special permissions — SUID (4), SGID (2), sticky bit (1) — security and functionality implications
ACLs — getfacl, setfacl — fine-grained permissions beyond basic rwx
Processes — ps aux, top, htop, kill, killall, nice, renice, systemd units, cron jobs
Text processing — grep, awk, sed, cut, sort, uniq, wc, head, tail — log parsing and analysis

Systemd

Unit types — .service, .timer, .socket, .target
systemctl — start, stop, restart, enable, disable, status, daemon-reload
journalctl — -u (unit), -f (follow), -p (priority), --since, --until, -n (lines), --no-pager
Service dependency — After=, Requires=, Wants= in unit files
Resource limits — CPUQuota=, MemoryLimit= — cgroup integration
Creating custom service units — deploying applications as managed services

Package Management

apt (Debian/Ubuntu) — apt update, apt upgrade, apt install, apt remove, apt autoremove, dpkg
yum/dnf (RHEL/CentOS/Fedora) — dnf install, dnf update, dnf remove, rpm
zypper (SUSE/openSUSE)
Package repositories — /etc/apt/sources.list, /etc/yum.repos.d/ — adding, removing, prioritizing
Dependency management — resolving conflicts, holds (apt-mark hold)
Building from source — configure, make, make install — when packages are not available

Storage Administration

Disk partitioning — fdisk, parted, gdisk — MBR vs GPT
LVM (Logical Volume Manager): Physical Volumes (PV), Volume Groups (VG), Logical Volumes (LV); pvcreate, vgcreate, lvcreate, lvextend, pvs, vgs, lvs; Online resize — extend filesystem without downtime; Snapshots — point-in-time consistent copies for backup
Filesystem creation — mkfs.ext4, mkfs.xfs, mkfs.btrfs
Mounting — mount, /etc/fstab — persistent mounts, UUID-based references
NFS client and server — /etc/exports, nfsd, mount.nfs
Samba — SMB file sharing from Linux, integrating with Windows clients
df, du — disk space monitoring; monitoring free space and inodes

Networking on Linux

Network configuration — /etc/network/interfaces (Debian), /etc/sysconfig/network-scripts (RHEL), Netplan (Ubuntu 18+)
NetworkManager — nmcli, nmtui — modern network management
ip command — ip addr, ip route, ip link — replacing legacy ifconfig
Firewall — firewalld (RHEL/CentOS), ufw (Ubuntu), iptables (legacy but still common); firewall-cmd — zones, services, ports, rich rules; ufw allow, ufw deny, ufw status
Network bonding/teaming — redundancy and bandwidth aggregation
VLAN tagging — subinterfaces (eth0.100), 8021q module
SSH — /etc/ssh/sshd_config — hardening: PermitRootLogin no, PasswordAuthentication no, AllowUsers, Port change, MaxAuthTries
SSH key management — authorized_keys, known_hosts, ssh-keygen, ssh-copy-id, SSH agent forwarding
TCP/UDP ports — ss -tulpn, checking listening services

Web and Application Services

Apache httpd — /etc/httpd/ (RHEL) or /etc/apache2/ (Debian), virtual hosts, .htaccess, mod_ssl
Nginx — /etc/nginx/nginx.conf, server blocks, reverse proxy, SSL termination
SSL/TLS certificate management — Let's Encrypt, certbot, manual certificate installation
PHP-FPM — FastCGI process manager, pool configuration
Node.js applications — process management with PM2, systemd service unit
Java applications — JVM tuning, heap size, GC logging, tomcat administration

Security Hardening

CIS Benchmark for Linux — the baseline for hardening Linux servers
SELinux (RHEL/CentOS) — enforcing, permissive, disabled; context labels; setsebool, semanage, restorecon, audit2allow
AppArmor (Ubuntu/Debian) — profile-based MAC; aa-status, aa-enforce, aa-complain
auditd — syscall auditing; audit.rules; ausearch; aureport
fail2ban — automated IP blocking for brute force protection; /etc/fail2ban/jail.conf
System update automation — unattended-upgrades (Debian), dnf-automatic (RHEL)
sudo hardening — /etc/sudoers — NOPASSWD restrictions, command limitations
PAM (Pluggable Authentication Modules) — password complexity, account lockout, MFA integration

Linux Monitoring

System performance — vmstat, iostat, sar, dstat, nmon
Log monitoring — tail -f /var/log/syslog, journalctl -f, logrotate configuration
Process monitoring — ps, top, htop, pidstat, strace (debugging)
Network monitoring — netstat, ss, iftop, nethogs, tcpdump

Resources

TryHackMe Linux Fundamentals (free)
Linux Foundation LFCS study materials
Red Hat learning subscription
RHCSA exam prep materials
"The Linux Command Line" book (free online)
OverTheWire Bandit (free)

Stage 03

Networking for Sysadmins

Sysadmins are not network engineers, but they must understand the network infrastructure their systems depend on and troubleshoot connectivity issues at the server level.

Core Protocol Knowledge

TCP/IP — all fundamentals from help desk stage plus: TCP tuning — buffer sizes, TCP_NODELAY, keep-alive — relevant for high-throughput services; MTU and jumbo frames — Ethernet default 1500, jumbo frames 9000 — misconfiguration causes packet loss
DNS — server-side configuration (see Stage 1), troubleshooting with dig/nslookup/host
DHCP — server administration (see Stage 1), client-side troubleshooting
NTP — network time protocol — time synchronization critical for AD, logging, certificates; ntpdate, chronyc, timedatectl — time sync tools; NTP hierarchy — stratum levels, authoritative time sources
LDAP — Active Directory queries, application LDAP integration
SNMP — device monitoring, OIDs, community strings — monitoring platform integration

VPN and Remote Access

Site-to-site VPN — connecting branch offices to headquarters
IPsec — tunnel mode, IKE phases, PSK vs certificate authentication
SSL/TLS VPN — client-based (AnyConnect, GlobalProtect), web-based SSL VPN
WireGuard — modern, fast VPN protocol increasingly in enterprise and cloud

Network Security

Firewall rule management — source, destination, port, protocol, action
Network segmentation — VLANs, DMZ, internal vs external zones
ACLs — router-level access control lists
IDS/IPS — signature-based detection in network context
Network monitoring tools — PRTG, LibreNMS, Zabbix, Cacti — SNMP-based monitoring

Load Balancers and High Availability

HAProxy — open-source load balancer/proxy; frontend, backend, listen sections
Nginx as load balancer — upstream blocks, health checks
Keepalived — VRRP-based virtual IP failover between servers
Clustering concepts — active-active vs active-passive, fencing/quorum

Resources

Professor Messer Network+ (free YouTube)
Cisco Packet Tracer (free)
GNS3 (free network simulation)

Stage 04

Virtualization

Virtualization is foundational in enterprise IT. Most servers in production run as VMs. Sysadmins who cannot manage virtual infrastructure are limited.

VMware vSphere / ESXi

ESXi — the hypervisor; bare-metal installation on server hardware
vCenter Server — centralized management of multiple ESXi hosts
Virtual machines — creation, hardware configuration (vCPU, vRAM, virtual disks, network adapters)
VM snapshots — point-in-time state capture; risks of long-lived snapshots (snapshot growth)
VMware Tools — guest OS integration, performance metrics, quiesced snapshots
Datastores — VMFS, NFS — storage for VM files
vSphere networking — virtual switches (vSS, vDS), port groups, uplinks
vMotion — live migration of VMs between hosts without downtime
Storage vMotion — live migration of VM storage
High Availability (HA) — automatic VM restart on host failure
Distributed Resource Scheduler (DRS) — automated load balancing across hosts
ESXTOP — advanced ESXi performance monitoring
Common VMware issues — snapshot growth, datastore full, HA isolation response, time drift

Microsoft Hyper-V

Hyper-V on Windows Server — Server Manager installation, RSAT tools
Hyper-V Manager — VM creation, management, checkpoints
Hyper-V on Windows 10/11 — client Hyper-V for development and testing
Generation 1 vs Generation 2 VMs — BIOS vs UEFI, secure boot
Virtual switches — External (bridged to physical NIC), Internal (host-to-VM), Private (VM-to-VM)
Live Migration — moving running VMs between Hyper-V hosts
Failover Clustering with Hyper-V — high availability for VMs
PowerShell for Hyper-V — Get-VM, Start-VM, Stop-VM, New-VM, Checkpoint-VM

Proxmox VE

Open-source hypervisor — KVM + LXC containers; popular in home labs and SMB
Web UI — VM and container management
Storage pools — ZFS, LVM, NFS, Ceph
Clustering — node management, HA
Backup — Proxmox Backup Server integration
Excellent for home lab — free, full-featured, community documentation

Containers vs VMs

Docker fundamentals — images, containers, volumes, networks
Container lifecycle — pull, run, stop, rm, ps, logs, exec
Dockerfile basics — FROM, RUN, COPY, CMD, ENTRYPOINT, EXPOSE, ENV
Docker Compose — multi-container application deployment
Container networking — bridge, host, overlay networks
Why sysadmins need container knowledge — increasingly containers replace VMs for application workloads
Kubernetes awareness — sysadmins increasingly interface with K8s; full depth in SRE path

Resources

VMware Hands-on Labs (free, vmware.com/try-vmware)
Proxmox documentation (free)
TryHackMe virtualization rooms (free)

Stage 05

Backup, Monitoring & Patch Management

These three disciplines prevent outages and data loss. They are the operational disciplines that define a mature IT environment.

Backup and Recovery

Backup types: Full — complete copy of all data; longest to run, simplest to restore; Incremental — changes since last backup of any type; fastest to run, complex restore chain; Differential — changes since last full backup; compromise between full and incremental
Backup rotation strategies — GFS (Grandfather-Father-Son), 3-2-1 rule
3-2-1 rule — 3 copies of data, on 2 different media types, with 1 copy offsite
Backup testing — restore test is the only way to verify a backup is valid
RTO / RPO — Recovery Time Objective, Recovery Point Objective — targets that drive backup frequency
Enterprise backup solutions: Veeam Backup & Replication — industry standard for VMware/Hyper-V, also physical servers and M365; Acronis Cyber Protect — combined backup and security; Backup Exec (Veritas) — enterprise backup, common in large organizations; Azure Backup — cloud-integrated backup for on-premises and Azure workloads; Bacula / Amanda — open-source enterprise backup
Backup for specific workloads: Active Directory — System State backup, AD Recycle Bin, Azure AD backup; SQL Server — differential and transaction log backups, VSS-aware backup; Exchange — DAG-aware backup, brick-level mailbox backup; File servers — shadow copies + off-server backup

Monitoring

Why monitoring matters — finding problems before users report them
Monitoring dimensions — availability (is it up?), performance (is it fast?), capacity (is it going to run out?)
SNMP monitoring — polling device counters via SNMP OIDs
Agent-based monitoring — lightweight agent on each monitored host
Common monitoring platforms: Nagios / Nagios Core — open-source, alerting, extensible with plugins; Zabbix — full monitoring stack, SNMP, agent, dashboards — popular in enterprise; PRTG — commercial, Windows-focused, intuitive UI; LibreNMS — network device monitoring, autodiscovery; Grafana + Prometheus — metrics visualization and alerting, increasingly standard; Datadog / New Relic — cloud-based monitoring SaaS; SolarWinds NPM / SAM — common at large enterprise and government; Site24x7, ManageEngine — SMB and mid-market monitoring
Key metrics to monitor per category: Servers — CPU %, RAM %, disk I/O, disk free space, service status, event log errors; Network — bandwidth utilization, interface errors, ping latency, packet loss; Applications — response time, error rate, transaction success rate; Backups — job success/failure, backup size, restore test results
Alert fatigue — tuning thresholds to reduce false alarms, tiered alerting (warn vs critical)
On-call rotation — how monitoring integrates with PagerDuty, OpsGenie, or email/SMS alerting

Patch Management

Why patching matters — vulnerabilities exploited in the wild overwhelmingly target unpatched systems
Patch categories — security patches, critical updates, feature updates, driver updates
Patch ring deployment — Ring 0 (test), Ring 1 (pilot), Ring 2 (broad) — staged rollout
WSUS (Windows Server Update Services) — see Stage 1
Microsoft Endpoint Configuration Manager (MECM/SCCM) — enterprise patch management
Microsoft Intune — cloud-based MDM and patch management
Third-party patching — PDQ Deploy, Ivanti, ManageEngine Patch Manager — patching non-Microsoft software
Linux patch management: Unattended-upgrades (Ubuntu/Debian) — automated security patches; dnf-automatic (RHEL/CentOS) — automated updates; Ansible — centralized patch automation across many hosts
Patch compliance reporting — tracking which systems are patched and which are not
Change management integration — patches as change requests in ITSM

Resources

Veeam documentation and free community edition (veeam.com)
Zabbix documentation (free)
Nagios documentation (free)
Microsoft WSUS documentation (free)

Stage 06

Scripting & Automation

Scripting is the skill that separates an administrator from an operator. Sysadmins who can automate repetitive tasks are more effective and more employable.

PowerShell — Deep

All fundamentals from help desk stage plus: Modules — Import-Module, Get-Module, Install-Module from PSGallery
Error handling — try/catch/finally, $Error, -ErrorAction
Functions — parameters, return values, CmdletBinding
Regular expressions — Select-String, -match, -replace
Working with files — Get-Content, Set-Content, Import-Csv, Export-Csv, ConvertTo-Json, ConvertFrom-Json
Active Directory automation: Get-ADUser, New-ADUser, Set-ADUser, Remove-ADUser; Bulk operations — Import-Csv | New-ADUser, ForEach-Object pipelines; Get-ADGroupMember, Add-ADGroupMember, Remove-ADGroupMember; Get-ADComputer, Get-ADOrganizationalUnit; Search-ADAccount — finding locked, disabled, expired, inactive accounts
Windows Server automation: Get-EventLog / Get-WinEvent — event log querying and reporting; Get-Disk, Get-Partition, Get-Volume — disk management; Get-Service, Set-Service, Start-Service, Stop-Service; Get-WindowsFeature, Install-WindowsFeature; Get-HotFix — patch inventory; Test-Connection, Test-NetConnection — connectivity testing; Invoke-Command — remote execution on one or many computers; New-PSSession, Enter-PSSession — interactive remote sessions
Scheduled tasks — New-ScheduledTask, Register-ScheduledTask
Reporting — generating HTML reports (ConvertTo-Html), emailing via Send-MailMessage
Practical scripts to build: Bulk user creation from CSV with AD provisioning; Stale account report — AD users not logged in for 90+ days; Disk space reporter — email alert when any server falls below threshold; Service monitor — restart a named service if it stops, log the event; WSUS compliance report — servers not fully patched

Bash — Server Automation

All fundamentals from Linux stage plus: Functions — named, return values via echo, $?
Arrays — declaration, iteration, indexing
String manipulation — parameter expansion, substr, replace
Regular expressions — grep -E, sed -E, awk patterns
Heredoc — writing multi-line strings and files in scripts
Cron — * * * * * format, crontab -e, /etc/cron.d, environment in cron
Practical bash scripts: Log rotation / archiving; Service health check with email/Slack notification; Disk space alert; Automated certificate renewal with certbot; Backup verification — checking backup completion and size

Ansible — Configuration Management

Why Ansible — agentless, SSH-based, idempotent automation across many Linux (and Windows) hosts
Inventory — hosts file or dynamic inventory
Playbooks — YAML-based automation: Plays, tasks, handlers; Modules — yum/apt (package), file, copy, template, service, user, command, shell; Variables — host_vars, group_vars, defaults, vars; Conditionals — when:, failed_when:; Loops — loop:, with_items:; Tags — running subsets of a playbook
Roles — reusable, organized playbook structure
Ansible Galaxy — community roles repository
Common use cases: OS patching across all servers; User account management; Package installation and configuration; Application deployment; Configuration file management with templates (Jinja2)

Python for Sysadmins

OS module — os.path, os.listdir, os.makedirs, os.environ, subprocess
Shutil — file operations, directory copying
Paramiko — SSH from Python, automating remote commands
Requests — HTTP API calls to infrastructure APIs (VMware, storage, cloud)
JSON/YAML parsing — configuration management
Schedule / APScheduler — Python-based task scheduling

Resources

Microsoft PowerShell documentation (free)
Learn PowerShell (learn.microsoft.com, free)
Ansible documentation (docs.ansible.com, free)
TryHackMe PowerShell rooms (free)

Stage 07

Cloud Integration & Hybrid Administration

Most enterprise environments are hybrid, with some on-premises and some in the cloud. Sysadmins who understand both are significantly more employable.

Microsoft Azure — Sysadmin Perspective

Azure Virtual Machines — provisioning, resizing, extensions, managed disks
Azure Entra ID (formerly Azure AD) — cloud identity; sync with on-premises AD via Entra ID Connect
Hybrid Azure AD join — workstations registered in both on-premises AD and Azure AD
Azure Arc — managing on-premises servers in Azure portal
Azure Bastion — browser-based RDP/SSH without public IP on VMs
Azure Storage — blob, file shares (Azure Files replacing some on-premises file servers)
Azure Virtual Network — VNet, subnets, NSG, VPN Gateway to on-premises
Azure Monitor — metrics, logs (Log Analytics), alerts for Azure resources
Microsoft Intune — cloud MDM, managing Windows 10/11 devices, co-management with SCCM

AWS — Sysadmin Perspective

EC2 — virtual servers, instance types, AMIs, security groups, key pairs
Systems Manager (SSM) — patching, remote commands, run command without opening SSH/RDP
AWS Directory Service — managed Active Directory in AWS, or AD Connector to on-premises
S3 — object storage, backup targets
CloudWatch — metrics, logs, alarms, dashboards

Cloud Migration Concepts

Lift and shift — moving VMs to cloud without modification
Replatform — minor modifications for cloud (e.g., moving to managed database)
Refactor — redesigning for cloud-native architecture
Hybrid connectivity — Site-to-site VPN, AWS Direct Connect / Azure ExpressRoute
Identity federation — on-premises AD to cloud SSO via SAML/OIDC

Resources

Microsoft Learn Azure Administrator (AZ-104 path, free)
AWS Cloud Practitioner Essentials (free)

FAQ

Common questions

How long does it take to become a System Administrator?

18–24 months optimistic at 20–25 hours/week, 2–3 years realistic. Sysadmin rewards depth in Windows Server + Active Directory + Linux + at least one cloud platform + scripting. The fastest paths come from help desk backgrounds with documented Windows Server or Linux progression. Cloud migration shifted focus toward hybrid environments but didn't eliminate sysadmin work — it expanded it.

Which certifications matter for sysadmin roles?

Microsoft AZ-104 (Azure Administrator) for hybrid environments. CompTIA Linux+ or LFCS for Linux depth. Microsoft Certified Solutions Expert (MCSE) — partially deprecated but still cited. AWS Solutions Architect Associate for AWS-heavy organizations. PowerShell + Bash proficiency outweighs any cert; automation is the differentiator in 2026.

Do I need a degree?

No. Sysadmin is one of the more meritocratic IT paths. Career-changers from help desk and self-taught practitioners with documented home labs compete effectively. What you do need: Windows Server + Active Directory depth (especially GPOs and Group Policy), Linux fundamentals (RHEL or Ubuntu Server), basic scripting (PowerShell + Bash), and at least one cloud platform foundation. Sysadmin is the most common bridge into cloud engineering, DevOps, and security roles.

What separates a hired System Administrator?

Automation portfolio. PowerShell or Ansible playbooks for routine sysadmin tasks (user provisioning, patch management, backup automation, monitoring) demonstrate readiness for modern hybrid environments. Generic 'I know Active Directory' candidates lose to candidates with automation evidence. Other differentiators: hybrid identity experience (on-prem AD + Azure AD/Entra ID), monitoring depth (PRTG, Nagios, Zabbix), and at least one cloud migration story.

System Administrator

Common questions

Related roles