Stating a bias or showing ignorance in a public forum is a damn near sure way to
be corrected and, by extension, educated.
Some joked (via image)
that Unix users get laid as often as they reboot in response to my stating I
avoiding Microsoft Windows and therefore am not qualified to answer a Perl question
touching on it.
In response to that barb, I cited The 9 Types of System Administrators, which was written way before the verb "administrate"
would be applied to Windows.
Unix desktop administration/IT has changed a lot, but a few of the stereotypes hold some
truth, such as Unix admins automating their jobs away so they can go rock climbing.
I found these stereotypes to be more fun and more flatterning than the
I showed the bais that Microsoft Windows administrators spend their time locking down the
desktop and thought the barb needed a counterpoint.
A flamewar ensued.
I was told:
Frankly, you are talking from your nether regions. You don't have a clue about Windows
enterprise adminisitration, the capabilities of Windows servers or the requirements for Windows desktop support.
You should stop talking.
This is partially true, but I wanted to change that -- I wanted to know what the landscape looks
like now, as I've been out of the Windows-admin game for a long time.
Though I've sat next to people doing Windows admin in large companies, I may have only
heard the worst parts of it, and the companies approaches may have been far from optimal.
But most of my experience in the area of desktop admin/IT comes from the Unix side, and
the rareness of people with this experience is what prompted me to write (again -- I did
an article for Advogato.org a while back).
Q.In fact, I'd like to hear that the world is a better place than what I've seen.
And you have to admit, how Windows is used in small and medium sized offices is wreteched.
A.If unqualified people try to deploy Unix, the reults are equally crap.
Comments: I'm not sure whether to conclude that Linux admins are all-in-all more
qualified, and if so, whether it's easier to become qualified, but it sure does
seem like there is a shortage of qualified admins, according the definition
of qualified admins being people who are able to make a non-hellish desktop fly.
Q.Has the ability to network install applications improved since Novell and Windows 3.11,
where few applications would work from a network install?
Q.
Windows servers can easily and automtically roll out applications on demand or by policy. It is the
DEFAULT behavior, easily managed by knowledgable admins, and regularly done at mid-sized companies.
It requires knowledge and if people who are not qualified are deploying Windows, don't blame the OS.
br>
Comment:
I saw one large health-care provider attempt to use that feature.
About 20% of machines would be completely hosed every time they tried that.
Sat next to those poor schmucks.
It proved to be more work to fix the broken machines than to do what they were doing,
which was loading up all of the machines on carts, re-imaging their harddrives, and then
replacing them with a nuked machine -- for thousands of workstations in the company.
In attempt to minimize relativism's vagueries, I asked a pointed question:
Q.Does it[rolling out applications] require more knowledge than giving someone shell on a server, doing a pkgadd, and showing people how to run X apps remotely?
A.
Holy crap man, you are so full of it the channel is overflowing.
You have clearly NEVER been a sysadmin.
Comment:
I didn't mean to imply anything, just decide whether Windows was on par, superior, or
at a disadvantage in this one area.
Apparently this wasn't a fair comparison to make as evidant by the offense taken.
Regardless, no answer, even a vague one, was given by any of the two people who
claimed knowledge of the subject.
Let me try to patch things up so that I can continue asking questions:
Q.I'm sure everything done on Unix is possible on Windows, but the expense, difficulty, and speciality of the knowledge genereally prevents it form being done -- especially in samller outfits.
A.I need to stop before I am tempted to say or do something inappropriate.
Comment: Holy cow! So much for patching things up.
I say, "many Unix admins are strongly baised and/or ignorant of Windows matters. Don't be so suprised.
Enlighten me some more", but to no avail.
I say, "I asked you if one method of doing something on Unix was easier than what you described. You haven't answered me. Say 'yes' if you think it is" -- for naught.
We're down to one Windows admin to help us.
Q.Netbooting is coming back into fashion in the Linux world, where thinclients
netboot and run many applications remotely with the most common applications, such as
office software and Web browsers running locally.
Has netbooting on Windows changed significantly over the years?
Comment: Asking if something has changed since 3.11 was probably a bad idea, even
thought I wouldn't be offended if I was asked if something had changed since Linux 1 --
a lot has and a lot hasn't.
But in the interest of keeping the answers flowing, I'll be gentle.
Still, a catty game of Q&A went on for a while, and as it turns out, PXE basically is not
used these days for boot Windows over the network, thought it remains unclear whether or not it could be.
Windows 3.11 would commonly be netbooted, allowing sysadmins to maintain one working image,
making changes and updates there, and having everyone updated to the same image.
Of course, if everyone showed up at 9am sharp and turned their machines on, no one would be
doing any work before 10am.
Q.
I know Windows users started using PCanywhere at one point, and kind of picked up on the idea of
network transparent windowing, but did this ever go multiuser, where one
Windows system would serve a few people at once, such as with Terminal Services or Citrix?
Do end Windows users, such as office workers, Windows programmers, and
random IT people, run that so they can have other people do things on their machine whlie they work?
Or, alternatively, do PCAnywhere or similar applications yet offer similar functionality?
My question is whether Microsoft *users* use it to give accounts to friends and coworkers.
Okay, let me rephrease. When you give someone an account on your Windows machine, do you have to log off for
them to log on remotely?
A.
Are you talking about terminal servers? one terminal server can serve dozens, if not hundreds of users
depending on the hardware?
Citrix is used at the hospital, and it also serves multuple users on one server.
[....]
We use 3rd party remote control software. it's common practice in both the hospitals I work for
and the university.
A-ha. On a non-terminal server, yes [the other person must log off before you can log on].
It's not a multiuser OS in the same sense as Linux.
Remote desktop with Windows XP works fine, but it's limited to one user at a time.
But you can always start a shell on their box while they're logged on, I do that all the time.
Comment:
I kind of knew the answer to this already, but I'm seeing more and more examples
of people running pirated copies of Microsoft Windows Terminal Server Edition
on development machines under their desks.
MWTSE is expensive, so I hope for their users sake, Microsoft will lower the price
and take this technology mainstream, as it's clearly a nice feature and people want it.
Getting this question answer entailed rephreasing repeatedly -- the requests for
clarification and irralavent answers were ommitted.
Unix users routinely invite their friends to "come hang out" on their system
by giving them accounts.
For many years, this was the foundation of departmental servers, where everyone
would log onto one machine, and share files (relating to business, of course), programs, and all benefit from
automation written by the sysadmins.
Q.
I'd also like to see what we call "rootless" windows, so you could VNC/RDP/ICA/PCAnywhere just one application's
windows from a machine, rather than pulling down it's entire desktop.
A.
I suppose those are features Windows currently lacks?
Comments: On Windows, it's easy enough to attach to a particular server and run
software on it, but it quickly becomes confusing and tedious to work on several
remote servers at once.
The user must constantly sort out which application is on which server, and flip to
that connection, and then flip to that application there.
With "rootless" Windows, which is the default on Unix when running X11 applications
on remote machines for display on the local machine, all of the applications, their
windows, their icons, etc are all intermixed, just as if they were all running
on your machine, except the file system is from the perspective of the server
they're running on.
This feature makes it fantastically easy to deploy applications and services,
and makes implementing thin clients trivially easy, as any number of applications
server, each serving different applications or databases, can be used rather than
one machine that provides the entire desktop.
I seem to recall some VNC hack attempts to bolt this feature on, and I also noted
publically that if users screamed for these features, Microsoft would surely deliver them,
so the only real tragedy is that people aren't aware of them.
Q.Do Windows organizations do ad-hoc programming for desktop users?
Does any fascility or department exist for
this in lage companies, or are general office workers expected to do their own automation using
Word/Excel/Access and shared files?
A.
3rd party software is available to do various things.
Comments:
Unix on the desktop or Unix powering the desktop was so nearly for so long,
that little memory remains of what was done in days of yore.
Now that it's making a comeback, this knowledge is being lost, and Unix is
being re-invited in the image of Microsoft.
The problem is networking.
Each of the questions outlined above, including this one, highlights a way
in which Unix systems used to be used as tools of collaboration across the
network -- running applications remotely, support for concurrent multiuser sessions,
handing out accounts to friends, and so on, where peices in what had been
assembled of this puzzle.
But more was needed, even then.
Conclusions
Conclusions were drawn largely by complete silence or outright evasion in response to
questions, though I did get many answers.
I learned a few things, but for the most part, the landscape has not changed significantly
from the days of Windows 3.11, filesharing, Novell, and network application installs.
A lot can be done with Microsoft Windows as a departmental or desktop workstation/server
setup, but the cost, difficulty, and specialized experience required to make it happen
is a significant barrier that mega-corporations struggle with a medium and small sized
businesses wouldn't touch, even if they knew about the features.
The only substantial development was the work done by Citrix (Citirix Metaframe)
and later extorted by Microsoft as Microsoft Terminal Services Edition.
However, most differences are in attitude, not technical.
Unix setups are server-centric, data-centric, while Windows deployements are
user-desktop-centric.
In Windows, business data is generally emailed to you (in ad-hoc cases where it isn't
part of a the database), whereas on Unix, the user generally remote-logs-onto a
server to access data.
In Windows-land, the data moves; in Unix-land, the user moves.
Specifically:
Important business data tends to be put in departmental-public places on Unix
whereas on Windows it winds up on the C: drive, the Z: drive (user-private fileserver area),
or in the Outlook inbox.
Unix applications that process data tend to exist on the same server as the
data, allowing programs using many modules, libraries, and other products to
be duct taped and glued together.
By contrast, Windows data munging applications must be bundled for distribution
to be run on the individual workstations, changing automation from a matter of
scripting and levering a pile of software to a matter of developing a compiled,
stand-alone application -- a level of difficulty that makes the whole idea
of one-off applications unattrative in all but the most extreme circumstances.
My experience is Windows admins throw some applications out there, such as
Microsoft Office, and Lexus Nexus for those who need that, and a few other
things, then leave users to fend for themselves.
Badly designed Access databases are created, and Excel spreadsheets are used
as ad-hoc databases.
Outlook/Exhcnage is used as a database of persistant documents, much like
one would use a Wiki.
And that's it.
There's a stark contrast here, and the Windows side seems to take the DOS-centric
approach of each user having a computer, and communication between computers
happens entirely in the form of exchanging files.
And, in the enterprise, this happens overwhelmingly by email.
And the Unix guys wonder what kind of brain damage these crazy Windows must have
suffered to consider emailing a copy of a database around, sending a multimegabyte
file through email dozens of times a day, manually trying to track who has the
latest copy.
While Windows machines are capable of sharing files through a fileserver (though this is poorly
supported by Microsoft Access, which only lets one user lock a file at a time),
Unix users are used to both data and applications living on the server,
where the admins have set up reporting, merging, editing, and query features
as ad-hoc tools.
In a lot of ways, running Ultrix on a DEC 31000 was easier than running Linux
these days.
Companies are less willing to invest in hardware, administrations have more users to
support, and users are less willing to learn powerful, cool, but somewhat techinical
tools to get their job done.
And even back then, in the early 1990s, we had intra-office text messaging, email,
vacation autoresponders, corporate directorying, and all that juicy stuff Microsoft
got sooner or later.
But the spirit of the Unix desktop is badly damaged, and in its suffering is
trying to recreate itself in the image of the model Microsoft office.
Users aren't happy to use little text files as databases, and awk generated
reports are rare to be found these days.
Running RedHat Enterprise Edition, a desktop user isn't likely to ssh into
a server and run text-based applications, and the graphical database tools
leave little room for Unix admins to work their magic.
No one runs fingerd any more, so figuring out where your coworkers are logged in
from and walking over to them no longer works, and you can't even see what
applications they're running.
X-terms and dumb terminals are dead.
While it's not uncommon to see a Windows desktop machine being used to ssh
into a server, important files are likely to be on the C: drive, rather than
in someones home directory where a quick flick of a permission bit makes it
available to the department or company.
It's strikingly evidant that Unix was a fantastic timeshare environment for
one machine but didn't scale to providing the kind of sharing and communication
for the network, and as a result, the Unix desktop is nearly as isolated on the network as
the Microsoft Windows desktop.
Unix admins have been struggling for the past ten years to figure out how to
automate userful tasks, beyond just those related to maintain basic service.
The primary focus of the Windows sysadmin seems to be on locking down users desktops.
The XP firewall allows a whitelist of applications allowed to talk to the network,
and a common means of attempting to secure a Windows machine is to lock it down
so only Outlook, IE, and perhaps a few other applications can talk to the network.
This strikes me as a return to the days of dedicated office computer systems, such
as those sold by Wang, where the tasks available to a user were clearly enumerated,
and no other tasks could be performed using the computer.
This is ironic considering Microsoft's pain at losing control of the desktop to
the Flash and Java empowered Web -- rather than making their desktop more useful
for users, they've catered to the sysadmins, and users no longer consider their
desktops their own.
Instead, they live through their Webmail and Flash games, and companies
rolling out networked products use HTML, DHTML+Javascript, or Java to make it happen.
With the industry moving away from actually writing software for
the Microsoft desktop, it seems as though Microsoft desktops are ripe for replacement with thin clients.
Simply put, a call for support to a Windows helpdesk is likely a problem printing,
or another problem involving a machine misbehaving or malfunctioning; a call to a Unix
helpdesk is likely a request for automation of some task or advice on getting some
business task done with the aid of the computers and network.
While Unix admins are often moody, especially with ignorant or stuid users,
they're also generally keen to automating tasks demanded of the computing
machinery in the name of getting business done.
Microsoft Corporation has taken a softer attitude towards hard questions, and trying
to answer them, putting themselves in the best light possible, rather than shutting
down entirely.
Shutting down entirely, or becoming irrate, beligerant, or insulting wasn't good PR
and just made Microsoft look imbicile.
The attitude shift apparently hasn't caught up with their users, who don't like to
talk about absolute merits.
But I'm not the only one to draw conclusions:
No. I don't like this sort of discourse. Go read on your own. What you described as the requirements
to manage a Unix enterprise are so short of the reality there is no point in talking.
Apparently enterprise Unix desktop administration is so simple that the procedure is
implausible.
Afterword: This could have benefit from more editing -- especially from the use of the bin in the editing room.
Insights and constructive feedback are encouraged in the comments, but please keep to yourself opinions and conclusions without evidence or at least a good argument.
Everyone has an opinion, and most of us already know what the spectrum of them are.
I'm trying to de-muddle things, so such grotesque simplifications are out of place ;)
-scott
I once tried to set up a Samba server. The documentation told me how to set up a huge number of things. An experienced SMB admin would know what those things were and how they'd choose an appropriate subset of the things for their particular needs, and how to configure the Windows boxes to make use of those things. But I was looking to set up Samba because I had no interest in becoming a Windows admin. What I needed was a Unix terminology description of Samba and how it can be used for administering an Windows network. That documentation was useless to me.
Re:Unix terminology
scrottie on 2005-09-20T03:38:30
Thank you for this very nice, insightful reply -- this completely didn't occur to me. I was aware that I was in no position to illustrate the ways in which Micorosoft Windows has an edge over Unix, of course, but that was pretty obvious at least =)
-scott
