Slashdot Mirror
Failed Win XP Upgrade Wipes Out UK Government Agency
Lurker McLurker writes "The BBC and the Register report that the UK Government's Department for Work and Pensions attempted to upgrade seven PCs from Windows 2000 to Windows XP, and ended up with BSODs on over 60,000 machines. I wonder if the National Health Service is regretting awarding Microsoft a £500 million contract now." The Guardian also has a good story.
They wanted that new version of Internet Explorer with the fancy built-in pop-up blocker.
Never email donotemail@WeAreSpammers.com
I can imagine it now
Intern: "Sir, Microsoft have bought out Windows XP Service Pack 2. It's had numerous bug reports of dying pcs and software not working anymore. THIS is the time to upgrade to Windows XP, then upgrade to SP2 because windowsupdate won't stop bugging the hell out of us until we do!"
Boss: "You mean we could cock something up, and it might not even be our fault for a change?! Lets pay someone vast amounts of money to do it!"
The Gaurdian reports it was a week long outage. Now, I may be completely wrong here, but surely all they had to do was restore those pcs back to their previous Windows 2000 state using the daily backups they do... I mean, it's only common sense to do backups on such a critical syst...oh, wait, nevermind.
</cynical>
Get paid to search..It's geniune and
Hopefully just another nail in Microsoft's coffin...
When a government ends up with BSODs on 60000 computers, it can't be good for Microsoft.
On another note, How did upgrading seven machines to XP BSOD 60000?
"Your effort to remain what you are is what limits you."
OH SHI-
If only they had reached the conclusion hinted at in this BBC News article a year or two ago, this would not have happened.
It's certainly bad PR for Microsoft though, perhaps this will serve as a wake-up call to other governments that "other options" are out there.
Such wonderful software
I think they should take back Bills knighthood
But still I have to say it: "HAHA!"
Every time I hear about a big government IT fuck-up it seems to be caused by EDS. Yet the government keep awarding them contracts. Why?
The thing is, this sort of thing is expected and accepted by the UK public sector. They'll just find a scapegoat and keep on buying Microsoft. The sad thing is, that's my tax money.
Stick Men
Incompentent admins can turn any minor upgrade to a catastrophic failure. Don't blame M$ for this one unless there are irrefutable proof that the admins did everything by the numbers.
Quidquid latine dictum sit, altum sonatur.
Next, they should setup a similar Linux environment and see how a similar upgrade would have gone. This should be done before the Linux zealots declare that theirs would have been any better.
In the meantime, let M$ and its cronnies be prepared for the wrath of Linux promoters.
Cb..
Every Desktop Shutdown.
All those moments will be lost in time, like tears in rain.
If this was a Linux/Oracle/$flavourOfTheMonth upgrade, would you be just as scathing?
Hey, they may have shite for brains, but the money was worth it! No trouble with the dreaded 228 patents that Linux supposedly infringes!
Seems like the Ministry should have tested the rollout in a sandbox that didn't leak.
Of course, MS could have tested their product better.
Of course, this could all be the work of the NSA working with the little green men (Kodos and Frodos) and the Legion of Inappropriately Named White Guys Named Bruce All With The First Name Of Bruce.
Unitarian Church: Freethinkers Congregate!
It's like a thousand solitaire players suddenly cried out in frustration and then silence...
I like muppets.
I wouldnt rush to blame Microsoft so quickly, I find fault with the person who attempted to do the Update LIVE on the network.
(dont all big failures occur on monday?)
But given that i's the public sector, I bet nothing happens...
D.
is for DOH!
almost everyone who ran 2000 knows that XP
is less stable than it.
i need to laugh now. hahahahahahah
I almost had to go buy a new keyboard...
*chuckles*
(Don't get me wrong, I'm not a MS-flamer... It's just fucking funny...)
From the Guardian article: "At this point there is no known solution or ETA"
I RTFA and all I see is a money discussion, not a technical discussion. I would speculate that an SMS or Zenworks push or somthing similar which was supposed to be restriced to the 7 PC's went almost everywhere. It might be a fair bet that the remaining 20,000 might have been upgraded too if those people had been at work and turned on their computers. IT Computer management tools give the department much power, which could do plenty of damage in the wrong hands.
Have you Meta Moderated t
And then test it for a week to see if there weren't problems?
Gee.
Jon.
This makes me feel so much better about the working mistakes I have made. I would love to see an interview with whoever clicked on "OK" to trigger this one off...
I work in a local government authority myself.
Although we have several xp boxes (mainly used by my development team (along with Windows 2k Pro ones)), there is no way this IT department is going to roll out XP across the entire authority (approximately 400 machines) until at least Mid quarter 2005, there are far far too many problems to even contemplate it.
Heck, half the staff haven't even figured out the difference between a wallpaper and screensaver yet, yet alone giving them more fancy gadgets.
Why didn't they cut them off from the network for a few minutes to do the upgrade... it's common sense.
I like muppets.
The BBC article mentions that EDS is responsible for the ugprade. They're partnered with Altiris, so I'd be willing to bet that the upgrade was carried out using the Altiris Client Management Suite.
It's a great set of tools--we own it at work and managed our own Win2k -> WinXP upgrade using the PC Transplant and Deployment Server tools, but can massively bone you if you don't do enough testing. PC Transplant, in particular, can hurt if you--that's the application that lifts your profile off of one PC and slaps it down on another, so that you don't have to re-configure your Exchange settings, Office personalizations, backup documents and application settings and bookmarks, and a whole mess of other things. When doing an OS migration, if you don't design your personality transplant template correctly, you can end up with all kinds of Win2k-specific settings stuffed into your WinXP profile, which can lead to all kinds of crazy-ass problems.
From the article: Another source says that the DWP was trialing Windows XP on a small number ("about seven") of machines. "EDS were going to apply a patch to these, unfortunately the request was made to apply it live and it was rolled out across the estate, which hit around 80 per cent of the Win2k desktops. This patch caused the desktops to BSOD and made recovery rather tricky as they couldn't boot to pick any further patches or recalls. I gather that MS consultants have been flown in from the US to clear up the mess." EDS is also thought to be flying in fire brigades."
/.
Brilliant work on the part of EDS, trying to patch the wrong systems, lord only knows what can happen then.
You could force an XPSP2 onto a 2k machine... would you still blame Microsoft for it? That seems to be the case here, EDS screwed up, and of course it's Microsoft's fault in the eyes of
Help Brendan pay off his student loans
It seems your firm is costing the British tax payer enormous quantities of cash, predominently through incompetence. Please take any drastic steps necessary to prevent any further IT disasters and consider if your firm deserves the billions of consulting dollars it has already banked.
Yours,
Jim.
i'm trying to give up sigs.
"On another note, How did upgrading seven machines to XP BSOD 60000"
If you read the register article, it says that they were attempting to only push the update out to 7 PCs, but it actually went to all 60,000.
I would imagine they were using something like Microsofts SMS services or Bigfix to push out packages, and simply selected push out to all instead of a test community.
I don't think this is a nail in Microsofts coffin, I have seen similar things happen in the mainframe world where patches intended for dev hit live production systems with similar bad consequences. It has to count as a bad day at the office for the person pushing the button though.
It also highlights the difficulty in pushing out big updates to major networks of PCs, be they running Windows or Linux. The complexity of moving from Win NT to XP has proved so complex in my organisation that for the future Longhorn upgarde and beyond we are now looking to Citrix to allow the migrations of applications across servers and essentially use the PC as a thin client for all but core office and email apps.
throwing Windows 2000 away for Win xp...
or not using
Linux
or
Macs
or
Solaris and sun hardware....
The installation and update of operating systems is so easy any more, a blind one armed monkey masturbating could do it.
I've worked with EDS people, and the one armed monkey would be a godsend compared to most of them that I've had the "fortune" of working with...
When a government ends up with BSODs on 60000 computers, it can't be good for Microsoft.
Yea, I can just see them going bankrupt over this. Their coffin was half closed before, but now they're bound to be pennystock.
Obviously these sysadmins were incompetent. Everybody knows that a BSOD is impossible under Windows XP. If they had simply upgraded the other 60,000 machines to XP first, and then updated these 7 problem systems, this whole problem would easily have been avoided.
So ... 5 working days, 60,000 PCs (= 60,000 employees?)
Assume £8/hr employee. 40 hours of work a week. 60,000 unusable systems.
=> TCO increased by £19.2m for the 8 PCs they upgraded (before costs incurred fixing the problem)! £2m TCO per system for Windows XP eh? A clear example that Windows TCO can increase rather horribly if something goes wrong, and this was a standard upgrade. It's £320 per PC if you count all 60,000 systems - that's still horrendous.
Apparently they were trying just to do that and accidentially "tested" it on all 60000. OOPS.
:-)
At least their automatic upgrade system seems to work both reliably and fast.
the UK Government's Department for Work and Pensions attempted to upgrade seven PCs from Windows 2000 to Windows XP, and ended up with BSODs on over 60,000 machines.
In actual fact, the Register quotes:
According to one, a limited network upgrade from Windows 2000 to Windows XP was taking place, but instead of this taking place on only a small number of the target machines, all the clients connected to the network received a partial, but fatal, 'upgrade.'
and then below it:
Another source says that the DWP was trialing Windows XP on a small number ("about seven") of machines. "EDS were going to apply a patch to these, unfortunately the request was made to apply it live and it was rolled out across the estate, which hit around 80 per cent of the Win2k desktops.
So, by merging them you get the following story:
There was a trial of seven PC's, instead of patching only those seven, the request to roll it out was accidently performed and every computer attempted to install a botched version of XP.
Somewhat slightly different to the Slashdot version wouldn't you say?
In addition, I'm pretty sure that if you accidently deployed a botched version of the linux kernel then it too would probably have a similar effect.
Avantslash - View Slashdot cleanly on your mobile phone.
On a much smaller project, I was supposed to do a minor softare upgrade on 95/98 machines in a single school system. By the time the first lab was finished, it was obvious that I had ruined the computers for the most part. I did not continue, I called up the project manager, stupid bitch that she was, and pleaded the case that I simply couldn't continue.
Of course, I waws removed from the project, which at the time amounted to going back on unemployment. Some day, I'll learn to ignore my conscience.
They upgraded seven machines and 80,000 died? That sounds weird, but maybe they were the AD servers. Why then, on a small number of such critical boxes, didn't they just restore from backups?
"People who do stupid things with hazardous materials often die." -- Jim Davidson on alt.folklore.urban
At least they might get some overtime in UK for fixing thing. Here in Us you have to suck it up and take what pay you get out of 40 hours even if you worked 60.
What you want to bet they are using some kind of linux or knoppix to recover the files.
I wish I could take one of you Linux "experts" up on your idea. "Here, upgrade these 2000 PCs, all of which are from different manufacturers and different configurations, to Linux. I need it done in the off hours and I need everything to work like it did before.".
*crickets*
Of course someone will reply and say "ok!" knowing it won't happen. It's not because I don't have the ability to make that decision but it's because I know better than to get real information/insight about IT from most /. posters.
It's painfully obvious that a scant few here actually have a clue about running a business that relies on IT. It's more than ripping CDs and DVDs kids. Sure, the company that did the mistake is at fault but the problem is not in the chosen OS, it's in the chosen technicians and management.
i worked for eds about a year ago and i can tell you now that the 'about seven' win xp boxes is a blatant lie. the room that i worked in had over seven desktops with it on. and they were all legal ones too. i had to laugh at the local office staff using the fax to communicate with one anoother tho - 'do you see the white thing on your desk? the thing with all the numbered buttons and the thing that looks like a handle? well, that's called a telephone and it's used to talking to people. remotely. no really. give it a go'.
Im pretty embarrassed for my country right now. How the fuck did we go from technological pioneers to this? And its only the tip of the iceberg, what with Ken Livingstone's numerous stupid ideas, David Blunkett's insanity and the incompetence of 100's of 'IT' projects (hint: if its called an IT project it means its run by incompetent MCSEs and it will fail catastrophically leaving millions of people without a service or having planes crashing into the ground, time and time again) with tax money falling out of their pockets, fuck them! Why do these idiots get the contracts? What happened to all the competent people??
This comment does not represent the views or opinions of the user.
This is the kind of result that you should have to be trying to achieve for it to happen.
No, this is the kind of result that you should not be able to achieve, no matter how bad a sysadmin you are and how little you try, or no matter how good you are and no matter how hard you try.
sigs, as if you care.
was the government spokesperson. After the intro to this piece on Radio 4 this morning, her opening sentence was "Let me correct you, 20% of our workstations are functioning". Talk about a positive spin.
It's just a tad more rare.
All your base are belong to Google.
It seems to me that there is just a lack of importance/trust placed in computing in general, due to the bad rap that MS has being applied across the board. Call me a troll if you like, but this would not have happened in a *nix/Apple shop. There is far too much at stake for willy nilly mistakes like this. Also, with 500 million quid, could they have not built an isolated test subnet?
I hate sigs.
Ofcourse, this is /. so this post will sink fast...
DAMN YOU OCTODOG! DAMN YOU TO HELL!
EDS have screwed up time and time again, and yet the UK government keeps using them. Please look here: Wow, 188 results, most of which appear to contain the words "EDS" and "Cock up"! I appears as if though a lot of people have just failed to read the article or just see this as a good chance to bash microsoft.
from the reg article;
"This patch caused the desktops to BSOD and made recovery rather tricky as they couldn't boot to pick any further patches or recalls. I gather that MS consultants have been flown in from the US to clear up the mess."
So, even more of the money I pay in tax is being diverted to M$ then...
I feel sorry for the goverment sometimes, they keep getting taken advantage of...
"WHAT?, How much for a single piece of glass?!?"
"History lesson"
"Wastage"
EDS have screwed up time and time again, and yet the UK government keeps using them. Please look here: http://forms.theregister.co.uk/search/?q=EDS Wow, 188 results, most of which appear to contain the words "EDS" and "Cock up"! I appears as if though a lot of people have just failed to read the article or just see this as a good chance to bash microsoft.
you do know that it was a 7 PC sandbox test that went wrong yes ?
There are places where the networks are not touching,and there are places where they are-Boeing's Lori Gunter
I once knew a bean-counter (quite senior) on nearly 3 times my engineer's salary. He was sat there in front of a spreadsheet adding up a column of numbers on a pocket calculator.
Welcome to the UK Public Sector. That was your tax money.
Stick Men
UK government IT contracts are awarded to a select group of companies. Senior executives of these companies sit on various committees and steering groups that determine government IT policy. There is often no tender process.
The companies that get contracts (e.g. EDS and Capita) produce poor software and have a dismal record when it comes to requirements elicitation. This latter failing is a good cash cow. When inadequacies in a system are exposed the tax-payer has to fork out more.
Exactly what government ministers and senior civil servants are getting out of this mess is not clear. It's worth noting that board-level jobs after retirement is a favourite in the defence sector.
I have found that many MPs when questioned on anything related to technology simply say that "it is a complex issue", which to me isn't good enough when such huge amounts of money and significant impact on people's lives is involved.
There is a huge contract that'll be up for grabbs soon - EDS are preparing themselves to manage the UK national identity database and identity card scheme. This is one we could lobby our representatives on to ensure they do it right..
Where to have the debate where it might be read by those who mater:
Free service to fax your MP
Boris
Richard Allan
Tom Watson
Shaun Woodward
Citing the recent and ongoing failures such as that cited in the article, and the UK Child support agency's computer failure. as well as the NHS computer system UK
UK Laptops
..and they thought this would work?
They must be double stupid, with knobs on.
I can't believe it!! They Upgraded, rofl..
Fnord Fnord Fnord
a £500 million contract ON Microsoft?
Read the article. EDS applied a patch intended to update 7 Windows XP boxes to 60,000 Windows 2000 machines. The TCO here applies to the contract to EDS, not the software. It's like saying that a prison guard intending to open one gate to let someone out accidentally opened all of the gates and then they blamed the door manufacturer.
It appears to have been a mistake by EDS (formerly Ross perot's company), so presumably they will be paying the bills. But no doubt they will price future contracts to compensate for their incompetence.
I'm guessing that they were attempting to use some fancy MS too to perform some automatic upgrades/updates and while they intended for a limited number of machines to recieve the updates, they went and installed on all the machines that used the service... just a guess mind you but it would fit the circumstances as layed out in the articles. And I would suspect when you add WinXP components to a Win2k installation that bad things would happen.
As much as I would like it to be, it doesn't seem like a "Microsoft" problem exactly and were a parallel Linux situation have happened I'm not sure anything less would have happened... well I guess it would have to depend on a number of things -- for example, if it were an RPM-using distro on the desktops and the wrong RPMs were sent to ALL machines instead of the select few, the machines for which the upgrades were unsuitable would have simply failed due to dependencies unless the --force option were used... okay I'm rambling now but basically, I don't see it as a Microsoft problem as much as I see it as a misuse of tools.
The TCO of their MS installation just went up though... and they shouldn't exclude the cost of firing, hiring and retraining either.
No problem, Just get all the individual users to stick in a Knoppix cd. Remake the network, and let the main root look at all the individual cruft. Then burn a complete backup of all the individual important info. With Windows utilities they would need to fly in 200 WinIT guys to do the same thing. They have not got a hope in hell of doing the same thing on line with a Windows boot CD!
Of course EDS might just have copied out the relevant DLL's, registry settings and whatnot, but if the rollout happened through a preconfigured installer, shouldn't the patch installer detect that it was erroneusly being installed on the wrong OS?
This is my sig. Read it and weep.
"Someone set us up the bomb!" (...5 minutes later...) "You have no chance to survive! Make your time."
SNACKS ARE AWESOME
No, I don't think they are. I think they're regretting not updating those windows boxes. The exact same situation could have happened were they outdated macs or linux machines.
This sig is o Unfunny o Funny
Come now, people, if there was an inherent flaw of this magnitude in the Windows XP upgrade, this would be more widespread.
Windows XP could be a contributing factor, but NOT necessarily the causation. It's hard to speculate on a matter like this, but if I had to put money down I'd put it on shoddy IT work. Microsoft's an easy excuse.
This opinion might be unpopular, but the anti-Microsoft groupthink should be challenged from time to time. Did anybody else entertain this idea or is it just me - I'm not in the IT industry, so this could be more widespread than the article would lead me to believe.
"There's no success like failure, and failure's no success at all."
- Bob Dylan
Microsoft sells itself as easy to administer, what in management terms means that the systems are so /user friendly/ that any moron can administer them.
/user friendly/ GUI program.
So, admin stupidity can also be blamed on MS, it's part of the TCO studies that make the decision to buy MS.
Aside from that, a point-and-click update cannot fail so miserably. A script made by the admin, of course should, because you can assume that someone smart (and bold) enoguh to make a little script should be responsible for their decisions. Some guy clicking checkboxes shouldn't be allowed by those means to break 60000 computers, through a
GUIs for dummies should have enough checks to prevent such underiable effects, they have a sufficiently constrained domain to be able to do so. If the guy wanted to do a legal task that the tools dosnt' allow, he could always write some Visual Basic Script, and then he would be on his own. Bringing down an organization by mis-clicking checkboxes is responsability of the guy that provided the checkboxes, too.
I wonder how she is going to feel when she goes to pick up her pension next and be told "computer says no".
HA-HA!
Well they shouldnt have even thought about upgrading to windows xp. The only person in trouble is the retarded IT guy. Or microsoft for providing support for OS upgrades.
KARMA POLICE ARREST THIS MAN HE TALKS IN MATHS- radiohead
..real men cries a lot!
..
:-)
Seriously, you never "upgrade" a computer (let alone a lot) without knowing what will happen
At my company, they started upgrating on a limited number of machines, corrected a few problems and continued in small steps to upgrade the rest of the (12.000) machines during the next few weeks..
but, different strokes for different folks
If it had the potential to 'go wrong' on that scale then it was *not* a sandbox.
> rolling an XP patch out onto a Windows
> 2000 machine
Wouldn't it notice?
Something that makes me curious, you hear Ballmer lament about the lower TCO of windows. You hear the linux community shriek about it's lower TCO. The bottom line is really this, if your sysAdmins are less than competent and bugger up something like this which system would have a lower cost to recover? This is a really good thing to know when you are considering any enterprise system. Call it, TCCR (total cost of catastrophic recovery). Ballmer, Linux communities answer me this!
All your database are belong to us
*Pats DrSkwid on the head*
Now you know why there's such a push for thin clients and rich interfaces. Although all it would have bought them in this case is the ability to do a quick fix.
This seems more like incompetent IT management versus anything else. Can't really blame Microsoft if someone else presses the wrong buttons.
This reminds me of the IT fiasco at Beth-Israel hospital in Boston. Although they lost their network for 4 days, the problem was pinned a researcher in a research lab and/or a poorly implemented Cisco router algorithm.
Regardless of the truth of that explanation, the fact remained that the IT management should have had safeguards in place so that no major cascading failure can happen. Failures should be expected, but isolated.
When the seat back tray of a 747 fails, the plane does not crash.
considering 40,000 jobs were going to be axed thanks to the saving grace of IT, is it possible that this enormous crunch was intentional? Prove that if IT craps out those 40,000 jobs become invaluable?
Simple, it was the sandbox they were roling out too. Its just they hit the rong button and tried to update all the win 2000 mchines instead of the win XP ones in the sandbox.
Now then, it dosnt surprise me a bit.
Why do goverments allways go for the cheepest contracts even if there trach wecord is 0% sucsess rate?
At least it will stop them accessing pr0n.
http://www.itsecurity.com/soapbox/corbelli1.htm
Problem isn't the platform as much as the implementation. I'd say that someone bollocksed the whole thing up, which could be just as tragic rolling out a linux upgrade or whatever.
We've got to educate the people spending our money on large computer systems to spend part of that money on more testing!
Yes. It's not like the upgrade could detect the version of the program it's being applied to, and only install if the version matches the version it is intended for. That is completely unheard of, and would be impossible technically.
This was sarcasm, FYI.
This situation is more analogous to a wrong signal causing the door to open and then jam. And yes, such a door manufacturer deserves to be blamed.
Forget magic. Any technology distinguishable from divine power is insufficiently advanced.
Well, maybe the XP update when pushed to a machine that it isn't suited to shouldn't do its stuff anyway?
It is a software issue, if the software was written correctly to handle the assumption that there are a lot of incompetant sysadmins out there, this wouldn't have happened! Sanity checks are a standard feature of software design.
Maybe it was the update software that EDS use that caused the problem. It clearly doesn't have a dumbuser compliant interface. In that case, it is the TCO of that software that has gone up horribly!
A day without your desktop computer - fine. A week isn't. This smells like EDS fucking up, and I think us UK geeks should write to our MPs and ask them why EDS keep getting contracts with their track record of fuck-ups and cost overruns. That doesn't mean I don't think that an update that is meant for a different version of the OS should be able to run on non-suitable systems.
Did they change the Design for win2k sticker to the xp one?
This could be the problem.
Whose your daddy ????
google "32 trillion offshore needs IRS attention"
LOL Serves 'em right for using M$ - monoculture anyone?
The only real news article here, from the BBC, says that this was "blown out of proportion". I agree. And Slashdot is part of the problem. This is a non-story.
I don't respond to AC's.
Hopefully this will happen to the UK's national ID card system as well.
The Department for Work and Pensions is a Department, not an Agency. "Agency" in the UK generally means an Executive Agency (eg. Highways Agency, Vehicle Operator and Services Agency) or Non-Departmental Public Body, rather than a fully-fledged ministerial Department, like DWP. I'm probably the only person reading this thread who is ever going to care about this distinction, but I'm going to speak up anyway.
With a service history like this:
p ort_agency_it_failure/ v enue_sacks_eds/ _ abbey_offshore/
http://www.theregister.co.uk/2004/04/26/child_sup
http://www.theregister.co.uk/2003/12/11/inland_re
http://www.theregister.co.uk/2004/05/04/eds_mulls
How do these guys win new contracts from major companies? Amazing, truly amazing... I interviewed there once, got an offer, but that very night when I was thinking about taking the job, I had a pentagram stigmata burns appear on my back! It took 3 months of holy water baths to get it off...
It has the entire staff (that has been there the longest and knows networking) wishing they could just trash the MS button powered cruft and go back to a good old simple and faster vax unix system. The simple user friendly Unix guis are still yearned for by those who are in the know! Where do you want to go today Has become a slogan for suckers and foolish IT admins.
all the clients connected to the network received a partial, but fatal, 'upgrade.'
Is it possible that someone noticed that the updates were going to 60,000 machines instead of just 7, said 'oh shit', and pulled the plug without thinking?
EDS is also thought to be flying in fire brigades.
Yeah, to put out the fires from their smouldering backsides.
Extremely Dumb Solutions
google "32 trillion offshore needs IRS attention"
... that's what you get for using Windows. When will people learn?
Registered Linux User
Registered KDE User
you can call them senators if it makes you feel better.
If it is so easy to install patches on the wrong computer, how come so many games say "you have the wrong version of Windows"? Why is it when using a dos 7 bootdisk to load Windows 95 comes back with "Wrong version of dos. Need version >=6.1"?
"attempted to upgrade seven PCs from Windows 2000 to Windows XP, and ended up with BSODs on over 60,000 machines." [Emphasis mine] Is this /. math where 7 = 60,000 ? Or if this was what came from the UK as to what happened ... well although I don't have any MS logos tatooed on me but maybe the problem in their case wasn't really MS but with the implimentors ...
Jeez, sometimes Slashdot readers are blind and zealous like headless chickens...
1. The patch they tried to update with wasn't a complete one for an OS upgrade.
2. Then they deployed it to their entire network by mistake.
This interesting piece of information can be gathered by RTFA.
I wonder what would happen to, say, Linux boxes if they had 60,000 and they applied an incomplete kernel patch?
Maybe some... thing... would panic?
Beware: In C++, your friends can see your privates!
...but is there any actual evidence is was a Microsoft error? I like bashing Windows as much as the next guy, but it seems this is at least as likely to be a huge fumble by the admins.
This is an interesting question. Most large companies have at least a few gloriously incompetent people who really should have gone long ago but for whatever reason haven't.
However, I don't know any reports which consider Total Cost of Ownership Assuming Your IT Department Is A Bunch of Blathering Idiots. Most seem to assume a certain degree of competence.
Ohhh when I read this I just died laughing remembering the .
.
deployment for conoco where the damn Windows 2000 rollout could not
see some of the Intel NIC's by default
I mean really, M$ not considering all Intel NIC's for default
drivers, how stupid can you get
HAHAHAHAHAHA
Ex-MislTech
google "32 trillion offshore needs IRS attention"
"According to one, a limited network upgrade from Windows 2000 to Windows XP was taking place"
"Another source says that the DWP was trialing Windows XP on a small number ("about seven") of machines. "EDS were going to apply a patch to these"
The two DON't agree. The first is going from one OS version (W2K) to another (XP) (a significant step) The second is patching a preexisting XP installation (not as significant). Yes the slashdot summary is incorrect, but the above doesn't clear the issue up either. Either way there should have been a version check somewere. They were either doing one, or the other. Doubtfully BOTH.
"In addition, I'm pretty sure that if you accidently deployed a botched version of the linux kernel then it too would probably have a similar effect."
It would be easier to recover from than say Windows.
When someone logs in to the console as root and reads all their mail real fast (rm /* -rf), we say "stupid admin." But when the same stupid admin does something similarly stupid on Windows, there's something wrong with Microsoft.
This is just your normal, everyday, "I hate Microsoft" propoganda...
I've had my mother moaning to me all week because her pension has ben delayed. She decided now was the time to have her pension paid in to her bank account instead of being paid by order book. She only decided to do this because the DSS were bugging her to do so as they are doing away with order books. I think EDS and the government should be apolgising to all the people who will undoubtably be in the same predicament as me ma.
EDS is from Texas. Enron too. Texas is full of the cult of the fast buck, the ethically challenged social darwinists who are good on selling and who you can never trust. Corrupt corporations, corrupt politicians (Tom DeLay the jerrymandering slimebucket, W the...well, you know). Any government trusting a Texas business gets what they deserve.
Read the article. EDS applied a patch intended to update 7 Windows XP boxes to 60,000 Windows 2000 machines. The TCO here applies to the contract to EDS, not the software.
This sounds like they were pushing out the upgrade via SMS. Checking that the upgrade was on an appropriate system here would not have mattered since the upgrade path from win2k to WinXP is legitimate. This sounds more like sysadmins instead of applying to a custom collection applying to the "All Systems" container. The real question here is why are so many systems under one system and even better why did the sysadmins who did this application not check to ensure the advertisement was sent to the proper container.
EDS takes the blame for this, not MS.
Keyboard Infantry since 2002
Well, assuming you've followed recommendations, testing a population of each of the flavors an organization is using, Microsoft makes this pretty convienet with GPOs. But because they let you smoothly blast all kinds of software, OS Updates, to applications, out to clients, with or without user intervention, they do advise a certain amount of double checking. Given how simple this kind of thing is to do, I can't understand how they made this mistake.
It's not bad, though I've never done 60,000 yikes, if you're starting where Microsofts assumptions meet reality. Perfect knowledge of your network inventory, and having checked that the package you're pushing out actually works.
"They emigrated, most likely. One of the problems with incompetence is that it's self-reinforcing, the competent get more and more fed up with having to deal with incompetence all day and find something better to do with their time."
We're all moving to the Hurd. Care to join us?
Why can't we just have the link to the story of interest, rather than click through 8 irrelevant pages looking for it?
PR is the key not analysis. A few weeks of PR damage control and EDS will be ready to shudown (upgrade) another part of the country.
Yeah, I highly doubt those Total Cost of Ownership Assuming Your IT Department Is A Bunch of Blathering Idiots type of reports exist. Maybe this is a case point that they should? I am not being negative to SAs, I have met some talented ones and some less than talented ones. I feel bad for them, they have a huge amount of responsibility, lots of stress and not enough respect. Let's be honest, mistakes happen, it would be nice to know what the bottom line is if you completely screw the pooch. I bet the execs wouldn't mind know it either. It will cost X dollars if we completely screw up, let's assume it will happen once a year.
All your database are belong to us
surely you've a database with address-config info.
Now I'm the grandest Tiger in the Jungle!
They're probably using something like Novadigms's Radia. And instead of linking the correct 7 PCs, they linked to all of them (misconfigured group). In that case, it's not a case if installing a patch that is installed using the new mechanisms, the "Patch Manager" simply dumps the files to all the machines that connect up using it's client, and force an overwrite.
Given, they should actually have an install script that checks the OS before it actually dumps the install package on there, but hey.
Not normally an MS apologist, but this isn't really Microsoft's problem. It's the contracted company that made the update package failing to ascribe it to the right download group.
So, the analogy. It's like some perfectly good system being installed, and someone presses the button marked 'open all doors' instead of simply open door 7.
I don't see anyone really blaming the door manufacturer here (Microsoft or the contractors), although I'd hazard a guess that the person who skipped over the part of the process that said 'double check the groups you assign this patch to' will be sorely chastised...
Now, who is going to do a parody of one of those MS advertisements...
"Mr. Screwed-up over 60,000 desktops in a few hours"
= The ohno second - That minuscule fraction of time in which you realize that you've just made a BIG mistake.
"Free software as in beer, copy protection as in racket" - Telsa Gwynne
They sysadmins of linux systems flat out don't have the option of managing 60,000 PC's from one location like this, competent or not. And, as in all things, the more powerful something is, the more damage someone who doesn't know what they're doing can do. And knowing about what they were trying to do, having done it. I cannot believe they managed to make a mistake so colossal.
The closest thing linux has is cron, and it is nowhere near as powerful, and way more of a hassle. (Maybe enterprise linux systems have something better.) And if one did use cron for push software they shouldn't on to the wrong computers it would fail just as spectacularly.
Upgrades NEVER work! Not for Windows 95, 98, ME, 2000, XP, Longhorn, whatever! It will never be a good idea to try and replace a MS OS without doing a clean install.
This is first day stuff.
Whenever you see some scumball like "Lev13than" here promoting a "free ipod", go hide your money because it is a pyramid scheme and you will end up on the losing side, guaranteed.
I wonder if the National Health Service is regretting awarding Microsoft a £500 million contract now."
Why would they? Microsoft isn't at fault here. EDS f*ed up.. which you'd know if you read your own links.
Unfortunately, given that Slashdot has by far the lamest search capabilities on the planet (shame!), I can't find the post in order to provide a link.
Maybe you should realise that on slashdot you can't always relise when sarcasm is being used, especially when MS is involved.
Did the update work on the 7 machines they intended to test it on?
Without any specific details on the failure or what exactly happened, it seems like this is a huge admin error. My guess is they're using something like Altiris to do their builds, and if an admin were to accidentally "drop" the package meant for the the test group on to the production group, wham-o... every PC starts installing a build that probably isn't meant for them, and won't work. And you can imagine how that would go.
As much as I'm sure the zealots among us would like to make this seem like a Windows failure, it looks like it's more of an example of how outsourcing leads to disconnected, incompetent, and unmotivated IT staff. And that, of course, leads to mishaps like this.
Either way, if you work for a company that brings EDS in house in any way, drop your shit and run. And don't look back. The flash could be blinding.
From the Guardian:"The disruption is the latest in a line of government technology failures and follows last week's resignation of the head of the Child Support Agency, part of Mr Johnson's empire, after the disastrous introduction of an EDS system contributed to only one in eight parents receiving the correct amount."
Wait a minute... a government official resiged over a major failure in his department? I wish that would happen here...
"Anyone that has ever gotten an idea based on any of my work and done something better with it-good for you."--J.Carmack
Because I can't see them ever getting the scheme to work...
XP is a tool that if not used correctly can be dangerous, just like a poor implemetation of Linux, BSD, etc. That's why companies hire IT Pros. I think this should be chalked up to someone not doing their prep work. What happened in the sandbox testing I wonder?
dont have much experience with linux etc, but have been shown a demonstration of linux off a CD - i think they call it a linux live disk??
well, anyway the point is where wasa a bunch of enthusiasts to rock up at the "warzone" with a case of these disks and put microsoft to shame?
I'm sure they could have tailor made a disk with apps and config settings etc etc. A bulk burner and a couple hours and they could have all those machines up and running and being used productively again.
Wont microsoft have had a bit of egg on the face then?
...and didn't get it because we were "too cheap"!
No wonder the NHS is in dire straights at the moment financially. They probably gave the gig to a "consultancy company" who would end up charging them 500k+, selling them stuff they don't need and all this time farming it out to the lowest bidder and therefore producing shoddy goods that don't work and further tarnish the reputation of IT in the NHS.
I am NaN
The public sector in the UK is nothing more than unemployment benefit for the middle classes.
In my experience (having worked for both) in terms of inefficieny and stupidity, there's only one thing worse than the British Public sector and that's the British Private sector.
My company used to be part of a large public sector concern and was sold off. Since then we seem to spend nearly of our time/money:
Changing company logo and name every 6-12 months
Adding a new problem management system which we have to learn every 6 months (we currently have about 5 each of which was supposed to replace all the others).
Paying huge bonuses to upper managent.
Paying huge car allowances to middle management including those who refuse to drive.
Not giving any rises under the so-called performance related pay scheme for 4 years despite meeting profit targets because all the money has gone on the above 2 items.
Making skilled people redundant then recruiting at vast expense people with the same skills 2 months later.
Making skilled people redundant then reemploying them at twice the pay as contractors for the next 2 years because they're still needed.
Repeatedly shuffling kit from datacenter to datacenter around the country at vast expense and disruption to our customers.
Ordering expensive buffets for management meetings , 95%+ of which get thrown away.
Managers having a schedule involving meetings all over the country which means that they spend about 25 hours out of 40 driving.
Managers refusing to use video-conferencing for meetings even in the light of the above.
How many of these things happened when I was in the public sector? Virtually none. We didn't have the money to throw around on such things. We were forced to be efficient.
Also if this private sector company I'm referring to was atypically inefficient, presumably it would do so badly it would collapse or be taken over. So this implies that many private sector companies are like this.
It's very easy to slag off the public sector if you use stereotypes, generalizations and distortions.
"But it's cheaper" scream IT heads everywhere in unison. Of course for them, TCO means iniTial Cost of Ownership. But, hey, you get what you paid for, or in this case, less than what you paid for.
But then again, what do they care? They still have a job the next day. The money doesn't come from their pocket, it's only taxpayers' money.
Hi, I'm Clippy, your assistant to keeping your Microsoft products up-to-date!
It looks like you're trying to upgrade your Windows XP system. Do you want to:
x Update all the systems on the network to the latest version of Microsoft Windows, and enjoy enhanced features such as advanced security capabilities
o Do a custom install (For advanced Administrators only)
[OK] [Cancel]
She added that the emergency payments system was "working perfectly."
Jones agreed, "I still have plenty of blank cheques. My pen is at room temperature."
Know your pads. One time pad: good for cryptography. Two timing pad: where to take your mistress.
Call it, TCCR (total cost of catastrophic recovery).
Windows. Closed. Impossible to backup completely a running system without highly specialized software. Few effective recovery mechanisms.
Linux. Open. Almost trivial to backup completely a running system. Many effective recovery mechanisms. Live/Recovery disk of your own distro should work, although any other distro's may work even better.
Dunno about assigning costs, but it looks pretty lopsided to me.
Some interesting views here, but I would contend that this was a screw-up waiting to happen because screw-up potential was built in to the setup. A sysadmin has pressed the button here for sure but I wouldnt be too hasty to point the finger.
This is what happens when you have a fat client. There's a lot in a fat client. A lot to go wrong, a lot to be insecure. It therefore needs a lot of looking after. Many updates, many risks. Multiply by many desktops and it only becomes manageable by central updates. Central updates means lots of automation. Lots of automation means someone presses the wrong button and.. BANG.
But for the whole thing to go BSOD... now THAT is bad. It means you can't even back out. The reports I have seen imply that they had to nuke Windows or install stuff manually using some kind of recovery diskette... It's a disaster whichever way up you put it.
Would it have happened if they used Linux? Who knows. Linux is a complicated beastie too.
However, if they had used web apps or thin client for eveything then the issue might not have even come up.
It does make an interesting academic exercise to consider what would happen if the same screw-up hit other installations with many thousands of windows clients. Yes I am referring to the recently announced UK NHS (900,000 nodes) and US AirForce (500,000) Microsoft "wins".
I have seen NHS and DWP apps. Pretty basic stuff. Running these things on XP or W2000 is a bit of a hammer to crack a nut. The only earthly reason I can think of is the MS upgrade machine says they have to.
I wish at was Friday, but I dont want to wish my life away. So I wish it was last Friday.
Although numerous people have pointed out that this was the fault of EDS, and not the OS. We can still blame MS as the EDS sysadmins are probably all MCSE (:
Comment removed based on user account deletion
How much has the UK goverment recieved from m$, after all, isn't m$ indemified ?
Meanwhile staff were forced to communicate by fax because the e-mail system broke down.
That is most harsh, indeed. You'd think some guy could grab his laptop, shove a copy of Fedora and sendmail on there, and get back to work.
C'est la vie.
which, after setting up your account and login details, asks if you want to download messages now? And if you said yes, it would download AND delete the messages on the server because the default setting is to "Delete messages from server on download"? :)
Seems to be like a case of the same.
I agree that it was the fault of EDS... What I see as the overall issue here is that the EDS admins (incompitant or not) were ABLE to do this. For anyone who has tried to install/upgrade an rpm from one version of a particular Linux distro to an earlier version (or even the same version), knows (and has bitched to the heavens about it) about the endless amount of dependency errors that result - and would likewise prevent anything like this from happening.
This is very unfortunate that it happened (I would not want to be one of the ones not getting their money because of it), but on the flip side I see the humorous side of this in that everyone who uses linux has bitched about the dependency problem at one time or another (I know I have), and ironically this type of situation is why the dependency tree was invented.
Now, don't get me wrong, this STILL could have happened with Linux with poorly built RPM's with obviously no dependencies. Note that I equate official rpm's from the linux community (companies or groups) as the same thing as a patch from M$ - in other words the patch it self should never had been able to be installed on an incompatible system (aka unsatisfied dependencies), whether it was attempted or not.
to EDS(UK) working on the initial install of these 80,000 PCs I can't say I'm at all supprised this went tits up.
EDS (UK) is a true management culture, its all about statistics, statistics and damn statistics, regardless of the consequences.
To quote a former manager:
I know that if we replace these PCs now they won't work until we have the power cables next week, but we need to get them out
I guess as usual their development department had the 50% required sucess rate before launching something live.
It will be easy for them to roll back to the original install, I still have one of the ghost cd images around here somewhere if they need to borrow it.
Most of the desktop computers in the UK's Department for Work and Pensions were paralysed for four days on Monday, when a failed upgrade took them offline. The outage, covering 75-80 per cent of the DWP's 80,000 PCs, is one of the largest in the UK Government's not entirely impressive IT history.
And possibly one of the most costly. According to staff reports the outage occurred on Monday afternoon, disconnecting staff email, benefits processing and Internet and intranet connectivity. According to one, a limited network upgrade from Windows 2000 to Windows XP was taking place, but instead of this taking place on only a small number of the target machines, all the clients connected to the network received a partial, but fatal, 'upgrade.'
Another source says that the DWP was trialing Windows XP on a small number ("about seven") of machines. "EDS were going to apply a patch to these, unfortunately the request was made to apply it live and it was rolled out across the estate, which hit around 80 per cent of the Win2k desktops. This patch caused the desktops to BSOD and made recovery rather tricky as they couldn't boot to pick any further patches or recalls. I gather that MS consultants have been flown in from the US to clear up the mess." EDS is also thought to be flying in fire brigades.
If these claims are true the DWP could face grave difficulties in rolling all of its machines back to their previous, working state. Staff from Microsoft and EDS are reported to have been working around the clock to dig the Department out of the pit, while speaking on the Today programme this morning a spokeswoman amusingly insisted that the Department's systems had not in fact fallen over. They were working, it was merely the case that "80 per cent of desktop computers are not connecting through to the mainframe systems."
So that's cleared that up then. She added that the emergency payments system was "working perfectly." The emergency system appears to have kicked in on Wednesday, and the Department was preparing a press release on the matter yesterday. No sign of it this morning, yet.
Reports coming in this morning however suggest that at least some of the DWP's systems are coming back online. ®
mmmmm...karma
I am the Lizard king
Bring Steve along in a clown suit, have him dance outside the Social Security offices with sweaty armpits, amusing the angry hordes with his continual chanting of "De benefits, de benefits".
Smug mode engage...
Gentoo Linux - another day, another USE flag.
This could've happened on any platform, not just Windows. I know I've accidentally done some *stupid* things while trying to upgrade Linux and *BSD boxes that have rendered them near useless.
they applied a WinXP patch to Win2K boxes.
when you are selling a complex tool to simple folks to maintain ( PC = Personal Computer ) enough care must be made to prevent mixed OS Rev patches from installing.
Solaris Patches are OS Rev specific.
RPMs, if properly pakaged, check for proper versions.
Why is it not reasonable to expect that a WinXP specific patch would not verify the OS onto which it is being installed?
comment directly in my journal
All the same, most OS reinstall mistakes don't wipe out 60,000 computers at the same time. I contend that this is the kind of goof-up you tend to associate with Microsoft. ;)
Interesting set of threads ... "it's not Microsoft's fault that EDS pushed the update out wrongly".
The fundamental error here is deep seated and architectural - they have 80,000 user interface devices which are stateful. By putting the wrong device on the desktop they have set this situation up.
In the olden days when clerks in government agencies used green screens this problem wouldn't happen. If a green screen failed, it would be replaced as a FRU. Today's equivalent is something like a SunRay - the user interface device holds only enough configuration to bootstrap itself and, again, is a FRU.
The situation at the DWP is different: the user interface device is a stateful device which holds configuration itself, and requires this configuration to be consistent before it gets enough connecticity to be remotely managed. The toolkits discussed, which are used to push config around these UI devices, are probably most excellent, but there should be no need for this sort of mularky.
So while I don't necessarily blame Microsoft for this incident, I do blame them for creating a monoculture where this sort of architecture is deployed. I expect the trials underway in government using SunRay devices as the user interface will be watched with more interest after this debacle.
A final question - how on earth do DWP recover 60,000 unbootable PCs?
The last scintilla of doubt just rode out of town
They do use Novadigm Radia, and it's not at all simple to send software to the wrong machines. I called up someone I worked with there and got more information about it. The articles have a certain amount of FUD about them as you would expect.
Something was missed during testing, and got pushed out on the nightly updates. Simple as that, yet the consequences were a little more disastrous than someone losing a desktop icon.
Yes, shit happens, and it happened in a very large way here. It doesn't reflect on EDS as a company, it doesn't reflect on Microsot products either. Localised error. That's all. Nothing to see here. Except some faulty machines.
I guess one to do it and a hundred to undo the damage?
HaHAhaHAhaHAHA
.. Airport Check-in Software failed (talk about a software which is over 30 years old).. DHSS Payment scheme also failed - bet they hired cowboys like "Anderson Consulting" .. oh pardon me "Accenture" (how damn queer)..
...)- they don't want to know (I guess its beyond Charlie's IQ).
Well deserved - you bafoons!
See I would blame the Americans, the poor gullible brits keep listening to your libellous flash add and buying into it.
The Brits just get EVERYTHING wrong: UK Passport Software: failed - they hired Siemens which in turned used VB5 !!
In America do you guys have so many deployment blunders one after the other?
Even the outsourcing fever - which crippled many companies here - these poor Brits copycats got it from you guys.
Next thing you want to teach them is how the IP law is ever so beneficial.
Our problem lies with the "Charlies" - you know those cocky arrogant/ignorant IT managers, that know sweet FA - bluffing crap - and the technophobe dumb-arses (instead of learning something for themselves) just take the bull.
Sadly the real good stuff and principles you've created (Posix/W3C/ANSI/Open Source
I seriously pity this Island I was condemned to live in.
or at least, thin client devices.
It seems these desktops spend most of their time running terminal emulators to access mainframe sessions.
I've always thought that fat clients with big, complex OSs were a bad idea in this sort of massive, standardised environment.
Any doofuss sys admin that does not give the client a second kernel boot to run with LILO should be shot. Just try that under a Winbloze client! MS does not deploy this because the Win boot loader sucks and is a deliberate clone/competition blocking device.
"...wrong when an incompatible system was downloaded on to the whole network."
That sounds amazingly like operator error to me. Exactly how is that Microsoft's fault?
I get sort of tired of the rote "Its MS's fault" arguments. The majority of issues I see at MS sites are the result of operator error or companies not spending the money needed to manage their systems according to best practices. The same goes for Linux, Solaris, and AIX.
The catch is that unix engineers and admins are generally more experienced, higher skilled and higher salaried than most windows administrators. But where I find a highly skilled windows staff, what they are able to accomplish and the level of stability is very impressive.
-----
Hold up.
Bringing down an organization by mis-clicking checkboxes is responsability of the guy that provided the checkboxes, too.
So is it GM's fault if someone crashes and kills themselves (and others) by pushing the gas instead of the brake pedal by mistake?
------
No.
I said "Bringing down an organization by mis-clicking checkboxes is responsability of the guy that provided the checkboxes, too.
"
I mean that admin tools that are sold as easy to use do take the responsibility for the consequences. You cannot claim to do the work for the user, and then say you are not responsible.
Hate to say it...but depending upon what industry you're in you may have little or no choice on what operating system you can use. Case point...I'm an IT worker for a small architectural firm. Guess what! There is not one mainstream architechural program that is widely used that isn't on Windows! So in order to run Bentley Microstation or Autodesk AutoCAD, two of the top architectural programs out there, you have to have Windows. Sorry...no Microstation or AutoCAD for Mac or Linux! Might be an alternative out there...but is it as powerful and compatible as the top two that are widely used? Probably not. So...the problem isn't a question of just the operating system...it's a problem of whether the software companies are designing their software to run on operating systems other than Windows! Till Bentley get's their head our of their ass and starts distributing a version of Microstation for OSX or Linux...my company is stuck using Windows! Nuff said!
Jeff Whitfield jeffwhitfield@gmail.com "I can learn to resist anything but temptation..."
(Checking...) No, I didn't say anything about Linux.
I didn't think so, Linux can't be compared to WindowsXP it's a kernel. It's like comparing a Turbo Diesel motor to a scooter. They don't match. I could have spoken about RedHat, or SuSE, but I didn't.
I was talking about admins, dumbed down admins, and whose fault it is.
I put the blame on people who buy dumber down software, and that promote dumbed down software culture, and hire dumbed down consulting firms that hire dumbed down admins.
Much of that blame is on Microsoft, for promoting that culture. Much is on stupid management, of course.
Firstly, this looks like an administration cockup, not anything particular to Windows. It looks like from the circumstantial evidence, that the DWP don't have a separate test network.
We have a distributed system at work. This is why I have built a test network which is completely separate - there is no physical connections between test and live - (physical - not separation via a VLAN, but completely electrically separate) - so if you're in the test room there is absolutely no risk of trying to roll out a patch you're testing on the live system. We don't rely on software to keep tests within the test environment.
Oolite: Elite-like game. For Mac, Linux and Windows
Normally you have to pay extra for the BSODs, but Microsoft wanted to be nice and threw them in absolutely free in their limited time offer.
Just one of the many features they offer.
-M
when you see the word 'Linux', drink!
It's this willingness to say "Localised error. That's all. Nothing to see here" that gives IT it's bad reputation. With properly designed processes and appropriate tools, localised error cannot have catastrophic consequences. In a system like this, I can see no excuse for pushing something out to 60K desktops in a nightly update without at least one, and probably both of:
a) Pushing it out to (say) 600 representative desktops a night or two before and monitoring
b) Having a cast-iron, regularly practiced and tested, process for pulling it back again.
Look at somewhere like SEI who make the Space shuttle flight control software. It cannot go wrong and it doesn't. Why, because they have processes! There are checks and testing and simulation and code walk-throughs and whatever, and if a problem NEARLY makes it through, and is caught in late testing or whatever, there are processes to look back and see how it got that far and make sure that the processes are improved so it doesn't happen again. The process writes the software and the people carry out the various roles prescribed by the process. There are processes for monitoring and improving the processes, etc.
Hey, you must work at the same place I did !
That buffet thing is bang on, every time management had a meeting on our floor it would take the starving call centre staff 30mins + to finish off all the food they had left and wanted to throw away.
Microsoft imposes the culture of the point-and-click magic, through _marketing_, no whitepapers.
Management is sold (by MS) on the idea that a 4 year old can run their network, so they hire one to do it.
It's management fault, but Microsofts too.
Your experience is unique to anyone I've ever talked to about the subject, apparently. And, an upgrade from Windows 2000 to XP is not a patch. Just because most machines didn't finish the upgrade process doesn't mean the process was not an upgrade.
If they had done fresh CD installs, or maybe even used the OEM Preinstallation Kit to automate things and/or create a duplicatable drive image (which I'm so intimately familiar with due to my Win95-exclusive experience), this wouldn't have happened.
You can pray for your Windows upgrade to propogate over the network without incident in one hand, and take a crap in the other, and see which one fills up first.
The UK Government's Office of Government Commerce has a heavyweight methodology for controlling the procurement of IT projects. This is meant to stop the endless IT cock-ups.
See www.gatewayreview.org.uk for a very sceptical view on this.
Can big projects ever be properly controlled? And do heavyweight procurement methods encourage the procurers to make projects even bigger so they don't have to do it again next year.
It's expected behaviour from moronic sys admins.
Imagine if it were running linux, the entire damned building would go up in flames instead of a simple error message, LOL!
And yes, the problem has been GREATLY exaggerated.
The Holy Grail of IT is to reduce bugets by lowering payroll. Because Windows is really easy to install and maintain, the sales pitch goes, you can hire less skilled (expensive) people to do the work. Problem is, Windows isn't so easy to install and maintain anymore, if it ever was. Even before Active Directory, keeping 4,000 or more Windows systems up to date with the latest patches was a challenge. AD introduces even greater complexity, requiring the admins that ride herd over it have *at least* the same skill level as their brother (or sister) UNIX admins (I'd argue they actually need to be *more* skilled). Of course EDS and others have stubbornly refused to recognize this, and so you have foobars like the one reported in the original article here.
eldapo
Radia is a bloomin' pain in the neck, the last place I worked used Radia and it was horrible ( Radia it's self is possibly very nice and useful, it's the way it was implemented that was annoying ).
Company polict stated that everyone should always turn off there PC's when they left for the day and you'd get moaned at if you didn't. The Radia team told everyone they must keep their PC's on at all times but this was never company policy.
Every morning it would take 20mins or so for Radia to install all the nights patches and reboot the PC's a couple of times. At random times during the day it would also reboot your PC automatically for you if you didn't notice what was happening quickly enough to stop it.
Various PC's were being used as servers but not offically classed as such ( due to the excessive hurt and pain involved in that process ) and they also would reboot themselves randomly cause outages on whatever they were doing.
Some PC's were still Windows 95 and Radia would never manage to install anything on them, just keep crashing, rebooting indefinitely.
In the end I managed to delete enough of it that it stopped working and gave me some peace of mind.
I think the lesson here is not to just deploy cool new tools willy nilly without assessing their place in your working practices.
I don't feel like it...
Doesn't Radia work on Linux boxes too? There is a tool very much like it which does I'm sure.
Remind me again... what does the "T" in TCO stand for?
"A witty saying proves nothing." ~Voltaire
"d'Oh!" ~Homer
... to really screw things up, you need a computer. - Anonymous (human)
--
make install -not war
This sounds more like sysadmins instead of applying to a custom collection applying to the "All Systems" container.
Dumbfuck: Hey boss, you want me to apply this patch to All Systems or Custom Systems?
Boss: All 6 custom systems.
Dumbfuck: So that's all systems, then, is it?
Boss: Yes, All 6 systems.
Dumbfuck: Ok, it's done.
*phones ring*
Like what I said? You might like my music
It was the losers they had working with them.
EDS used to be a great company, with the top people.. Wouldn't make silly mistakes like this..
Doesn't appear they are like that anymore.....
---- Booth was a patriot ----
yay
what do you consider highly specialized?
We have a computer we save all our CAD files on at work via windows networking, and it uploads a backup of itself to another server every week, but only uploads the changes. I believe it's one of Novell's nice little setups.
Highly specialized.
With the backups and nothing else restore all programs, configurations, registry setting, registrations, etc to a completely bare system. Like if a hard disk crashed.
Managing 60,000 computers.
With almost no admin or unix skills, dd from the network or a USB disk should cover a lot of ground. A few scripts and some skill should make it quite manageable.
Managing 60,000 computers smoothly.
No idea exactly what or how, but this should be very much in Novell's turf. Small minor details of just what is tweaked just which way will in total make a large difference. This is why corporations will gladly pay Novell for something that is not much worse that what they can get for free.
This is the fault of the admins, of course.
But also: management, that hires inderqualified admins.
Plus, Microsoft, that openly promotes that you don't need a real admin for your network.
Of course the guy who built the app is not responsible for that, but the guy who sold you this app so you didn't need a real sysadmin is!
According to the Register, they were not upgrading machines to WinXP.
Keep in mind that doing a 2K->XP upgrade is not really more complex than applying a service pack. Every file gets replaced, some reg scripts run, that's it. Of course, like a service pack, there's plenty of things that can go wrong.
Many shops time their OS upgrades along with upgrades of MSOffice, Notes, etc, so quite often the wipe/reinstall process is much simplier to plan for.
Scripting. One can do it either client or server side through a number of ways.
How I would do it:
Central ftp server with clients running either apt or urpmi.update as a cron script. Combine with some scripts using expect and ssh to login into a few machines a night or two before uploading to the central ftp server.One might have more than one central server but that really doesn't matter for a simple explanation.
Just a Tuna in the Sea of Life
Can do the job properly. If you look really close, thru all its faults, and thru ones own biases, a *properly* maintained Active Directory based/GPO managed windows domain is a piece of cake to support.
Doing piecemeal upgrades/patches is also simple.. Unless you are a total idiot, as it appears these people were.
So we aren't talking about a defective trigger that is fubar.... more like a Uzi that needs magazine lubrication to operate properly...
---- Booth was a patriot ----
He or she has probably already been promoted to management. I find that's generally how EDS deals with people who screw up really bad.
My username does not make me Apathetic. It's irony, get it?
True, although if they had followed the CERT system guide to system administration (I know, this is more U.S.-centric), those 60,000 PCs should never be connected so intimately on the same network (segmentation on large networks is important for this very reason.) Secondly, a "testbed" should never be connected to the main network. It should be isolated for this very reason.
This was certainly an example of failure at the speed of light and exactly why networks shouldn't be administered in that way.
Of course, I am with you in waiting for more hard details.
*-*-*-*-*-*-*-*
"We are Linux. Resistance is measured in Ohms."
A testbed should never be connected to a network in a way that such a large error could occur. One of the first rules to good system administration is to test on an isolated testbed, which this very apparently was not.
The grandparent post had it correct in calling this a "leaky" sandbox.
*-*-*-*-*-*-*-*
"We are Linux. Resistance is measured in Ohms."
I for one welcome our NT chimera overlords.
Take off every sig. For great justice.
Being a linux enthusiast and all..
/lib, or do an unsuccessfull attempt to switch from libc 5 to glibc (long ago), both cases ends in a less than fully functioning system.
This is no different from some admin writing an own update-script that (without checking) would just copy a new version of glibc to thousands of machines.. And the results could be very same.
Ever tried to rename
Testing is everything.
I disagree, although I am not talking about this in a server situation, 99% of the upgrades I've done with MS Operating Systems went flawlessly. The problem is, is that so many people do not do them properly. They don't uninstall anti-virus software (Disableing is not good enough, it still leaves filters and such in the registry), they try to upgrade from an unstable OS, they don't check application compatibility, they don't uninstall drivers where possible. Geeks do this as well.
I say this as someone who has done hundreds, if not thousands of windows upgrades and Windows installs.
If Windows had some sort of easy way to back up before installing a patch so that you can revert to a known previous working version (like when you change your resolution or change the registry) then there wouldn't be a problem. Think about how grub works - if the kernel won't boot it uses the last known working kernel.
I'll probably be modded down for this...
Well, typically you would want a larger test set than that. But, as another poster pointed out, they were indeed trying to test this on seven PCs, but "infected" the other 60,000.
So, while they were heading down the right road, they still had the testbed connected to the same network as the production machines, which is a no-no. And they had scripts that were too wide-reaching.
But ideally, yes, you are correct in that you would want to set up a set of machines and test them first.
*-*-*-*-*-*-*-*
"We are Linux. Resistance is measured in Ohms."
Man, imagine a Beowulf cluster of th- Oh, nevermind.
Sure, I can script an update for a Linux box, but the version checking will mean that the update doesn't get applied if it doesn't have ALL of the available components.
So I'd have to break some of the packages BEFORE scripting the update.
Then, once the broken packages create the problems, it is a simple task to write another script to fix the broken packages.
So depending upon which packages your broke, the repair process could be accomplished in less than 5 minutes.
At the very, Very, VERY WORST, you'd have to distribute a bootable CD that would chroot the system and apply the correct patches.No. This is an example of a weakness with Windows. This specific problem may have been brought about by EDS, but it only happened because Microsoft chose a flawed security model for their systems.
No, a closer system would be a combination of something like yum (using a yum server or cluster of servers to download package updates) and CFEngine (get the server version that -doesn't- segfault and you're fine!). I use this combination to reliably administer 1,000 Linux workstations at my company, but there's nothing there that would prevent it to scaling up to 60k. The load on single cfengine and/or yum server would be pretty high, but a clustering solution would fix this.
Better put on TWO TIN-FOIL HATS for this one... the cock-up was intentional - they had to install spyware on government machines - as many as they could, as fast as they could. It required a BIOS re-flash... and the bios-based spyware needed a re-install of the OS to spoof some intall-time machine parameters. Had to be done immediately... no time to ease it in. Needed a cover story - EDS took one for the team.
It's much more reliable to back up your data and do a fresh install. I experimant with upgrades, but even(or especially) with linux, I prefer to clean the disk and start fresh. Apple on the other hand(before OS X anyway, don't know if it still is) was great. It would just create a clean new system folder. With the old one still there, I could just "bless" it if necessary. Oh, well...There's still nothing more trustworthy than pen and paper, and a good ol' mimeograph machine(the hand crank variety) for makin' copies...And they smell great.
What?
System Restore?
They should'vestarted with their version of the DMV. I bet nobody would have noticed any slowdown.
What?
How do you upgrade 7 PCs that results in 60,000 BSODs?
How is Windows 2000 to Windows XP an upgrade? Office 2000 to XP, sure, but what does Windows XP do that 2000 can't? Heck, we have one Windows 2000 desktop PC at work and I have (slightly) less problems with it than the XP PCs. 2000 to 2003 I understand, but why would anyone waste time going sideways from Win2000 to XP?
How did they screw-up so many machines? At what point did someone say, "Guys, this isn't working." 12,000, 40,000 or did they actually mess-up 60,000 systems before stopping to ask themselves if they should continue?
Also, what ever happened to TEST BEFORE DEPLOY? Are we to believe that these guys are that stupid?
Assuming that the machines nuked had the same config, couldn't they just reverse the changes by finding a non-nuked machine (perhaps one that hadn't been turned on), getting copies of all the files that were fuxored, and replacing them. I'd assume registry death as well, but you could export appropriate areas , regedit import them, and perhaps somehow delete any new uglies.
Yes, because "apt-get update && apt-get install samba" as SOOOO hard. At least that's how it would work here
Yes, there might be some questions from the installer, but that's not too hard to script fairly reliably.
I tried to sell some software to database stuff to the EDS group in charge of the tax system (based in Telford, England). I kid you not. We asked if they has an ERD of the database. "Whats an ERD?" we got back. You kn ow a database design. How do you design the database? "Well Dave here gets on the console and types SQL statements in to Oracle". On the test system, right? "no, direct in to live". We got up and left. There is no way I am going to be front page news for my software taking down the live tax system in the UK!
Since installation the times I've had to change grub.conf or lilo.conf have been few and far between indeed.
/vmlinuz symlinks, etc etc) - the kernel installer already does that automatically, and reliably enough that between hundreds of machines I've had no problems.
/. has plenty. You know why the TCO can be lower, because the braindead sysadmins are a dime a dozen. Because you can get by in many circumstances with a braindead MS sysadmin, and when things bork like this because of said braindeadness, MS can count them out of the TCO as one of the "1 in 5" circumstances. Nevermind that the other 4/5 were saving 15%, and companies accounting 1/5% suffer a crippling downage due to the f-up.
The best I could think of was moving from LILO to grub, or perhaps changing the grub splash screen - neither of which would be needed on any type of critical machines. As for the scripting of anything else (modifying the
The problem is this: Qualified windows admins are far between. Yes, there are those that know enough to get by in many circumstances, but few and far between are there those that handle a major crisis well. In addition the crap ones make the whole lot look worse. In addition, MS encourages having less paid sysadmins.
Now why would MS encourage that? The answer is simple enough: look at those TCO comparison ad that MS is spitting out,
There, is that a good enough answer for you? Rampant admin incompetence is because MS encourages it. Back in the day when server admins were 'leet and very well paid because of their scarcity often enough this situation wouldn't have happened.
Bahahahahahahahahahaahhahahaha. Or, you could be like the Chinese Goverment, use Linux, not crash, but instead get sued. (read the OTHER slashdot article about MS suing Linux users) Stupid Microsoft. Stupid. Stupid. Stupid. (I need to waste 50 seconds to be able to post - it requires 2 minutes between post... 45 seconds........) Dot. Dot. Dot. Dot. Dot.
If/when linux becomes mainstream and problems of this type occur, do we then get to bash that distro? Or do we bash the OS as a whole? Where would fault be placed, the core technology or the flavor of the month distribution.
Boris Johnson is a lot more entertaining than David Blunkett.
Ripping an new rectum in the fabric of spacetime.
The simple way to solve this is to detail the steps that would have to be taken under both systems to achieve these same results.
Under Windows, that's already been done. That's in the article.
Under Linux, they'd have to knowingly break the package management system and overwrite the files manually. Why would they knowingly break the package management system? Hmmmm?
It isn't that you cannot do the same thing under Linux, it's that you have to take more steps and each step is stupid.
With Windows, since Microsoft doesn't have a decent package managment system, lots of companies sell products that attempt to fill that gap. EDS was using one.
With Linux, there is no need to bypass the package management system. Which is one of the reason you don't see very many 3rd party apps for that.
Don't think you've really tried managing 60,000 desktops have you? From USB disks!! Can you really imagine your local benefits staff coping with that - and then there is the security issue of allowing local staff to boot machines from local media!
NDS for SUSE is coming but it's hardly in the spirit of open source and I don't see the benefits over M$ offerings. Truth is there are systems that you could use for last known good type recovery but like ap there are security issues if users can revert changes pushed out by admins.
A sys admin is a like a pilot of a plane - there may be any number of systems that will HELP to stop a catastrophe but it didn't stop the terrorists flying one into the twin towers.
Believe me there are no small and minor details in managing more than 500 desktops.
MS contract is really cheap, based on 62 $ / per year / per pc. But if Redhat/Suse/Mandrake could form alliance probably they could out perform Microsoft. With Redhat sitting on 500 million USD investment and Size of contract it should be no brainer for open source community and would probably come up with better UI than MS.
I wish we could reverse the time and seeing this happening.
http://shit.slashdot.org/article.pl?sid=04/11/26/1 40211
It's well known that EDS are incompetant and unprofessional, costing UK taxpayers hundreds millions of pounds. Examples include tax, welfareand air safety. In fact they seem to be awarded contracts by default despite not a single success with projects running hundreds of millions over budget and those that aren't a couple of years late are junked as a massive write-off.
It's well known that the UK government are in the pocket of EDS and Microsoft. The worst thing is that it's not intentional. The people in charge of making these decisions are complete non-techies and haven't heard of any IT company that aren't a regular in the new headlines of the FT. It's not corruption, it's basically a lack of education.
Phillip.
Property for sale in Nice, France
"Nine times out of ten, starting a fire is not the best way to solve the problem." - my wife
This is what you get when you run businesses and governments on the contracts
of the lowest bidder.
Neko
Unless you are under a NDA.. can you reveal which company is this? Never heard of such practices before.
That's why you redirect the users' home folder to a properly managed server, and/or implement an automatic backup scheme. That way, if the machine crashes, or if you want to perform a fresh OS install, you won't lose anything.
Windows Installer is NOT as developed or as robust as the package management systems on Linux. That is why so many programs leave so much crap behind them when you un-install them on Windows.Fascinating. They're being paid a lot of money, yet they do really stupid things even when there are lots of tools out there to help them do it right.
You need to look into deborphaner and debfoster to see what functionality a REAL package management system provides.
Bottom Line: NO XP patch issued over the network should have been accepted by the Windows 2000 workstations. The patch mechanism should have tested for OS release and version.
EDS triggered the stupid goof.
Microsoft created it.
Period.
End of story.
Now if you can prove that EDS created the patch system and was not using Microsoft's standard patch mechanism, you can have a point.
But as far as I can tell from the story, there is NO indication that EDS was doing anything other than applying a patch (probably Service Pack 2) to XP on a limited number of machines, and accidentally applied it to the entire network.
This doesn't surprise me. In my current Windows Support Technician class I'm taking (basically an XP how-to), the stupid lab server and XP workstations are repeatedly installing McAfee AV and Microsoft Office on every bootup. The teacher hasn't figured out how to stop this yet.
Not to mention that several XP lab machines have simply gone belly up for no apparent reason.
Just today my home machine's XP partition wouldn't boot because of "missing or corrupt hal.dll" - which in fact was nothing of the sort. The stupid boot loader was messed up and decided that it was too stupid to find the hal.dll, so it decided to send me on a wild goose-chase by telling me the dll was "missing or corrupt". Rebuilding the bootcfg fixed that.
Then it decided to bomb loading the AVG AV once or twice. That apparently went away on its own after another reboot.
Then the PPPoE connection to my ISP wouldn't work - had to delete and recreate it. Was working fine before.
Bottom line: Windows XP - like Windows 2000, Windows NT, Windows 98 and Windows 95 before it - is a bloated piece of crap that is unstable and unreliable.
Mod this troll, mod this flamebait, make me sit in the corner again. Is that all you got, huh? Are you nuts? Come at me!
Richard Steven Hack - This sig is TOO GODDAMN SHORT TO DO ANYTHING USEFUL WITH! MORONS!
That really, really sucks. Poor bastards. Hope they can, err, recover their data? ;)
clustered crashing at the tips of the finger.
Leanna Paige (Wal-Mart Heriss of Bud Walton)
got her BS by paying a tutor to do all her
work while at UCLA - smart.
William B. Gates (nerdy no nothing but born
into a little bit of Seattle old money) threatened
Harvard Profs that if he did not receive a
grade of A on all submitted work that his dad
would have the Prof fired from Harvard;
end result, no degree - stupid.
Therefore, Mr. W. B. Gates, front and center.
Mr. W. B. Gates, stick you're head up the ass
of Ms. Paige.
Enjoy the life digital.
Toodles.
The problem is that people get promoted until they can no longer do the job well enough to get promoted any more.
So your left with a lot of people in jobs they can't do.
thank God the internet isn't a human right.
They should not regret anything, they should be thankful.
They can launch a 1 billion dollar class-action law suit against Microsoft.
The DWP admitted 80,000 staff were not able to process new pensions and benefits claims for several days, but regular payments were unaffected.
Technical experts have worked around the clock to find the fault
It said it would have received 60,000 new claims during that time.
So does this mean it takes 80,000 government employees to process 60,000 claims? Kinda brings government inefficiency to a new level..
heh heh..... I think you've summed up most large companies..... I like the bit about managers banquets - I always refuse to eat managers leftovers... my co-workers dont seem to understnad why as they stuff themselves with old camembert thats been sitting out for a few hours.......
Just when I thought the art of the subtle troll on /. was dead ...
Americans have though nothing about interfering in democratic processes, even in their own hemisphere.
One example is Augusto Pinochet in Chile, who was installed after a left-leaning government was elected.
I forgot to mention that the States' intervention was much more than writing letter to voters.
Microsoft (nor anyone else's) TCO metrics never include downtime costs.
System Restore only works if your computer can boot!
I'll probably be modded down for this...
. . . this was an upgrade to a Linux system? Would it have been this easy to bring down the network?
If you have admin rights to a Linux/MS PC, you can do almost anything including screw things up totally. Otherwise it'd be hard to replace system files that needed to be replaced don't you think?
I'd like to know what patch distribution and management software they used to screw up so bad.
There are various such patch distribution and management software around. My company used to sell Patchlink - seemed an OK software, with Patchlink I don't think you'd be able to screw up like this, unless you forced a custom update. The various Patchlink supplied patches will only apply if the relevant software is installed. So the way to screw up is you distribute custom software and run it without any checks - e.g. distribute an executable to ALL machines regardless of O/S and software, and ran it.
I doubt this was Microsoft's fault at all. This is either EDS's fault or the patch management software vendor's fault.
If that spreadsheet program was Excel running on a buggy Pentium, it was probably a good idea to double-check the figures. Oh, and then there are all the macro viruses which could be messing with the numbers...
Never Ever Ever Ever Ever Ever Ever Ever Ever Ever Ever Ever Ever Ever Ever Ever Ever Ever test on the live system. period.
= Grow a brain...
Hold on. They ugraded 7 systems and ended up with 60 000 non-working PC's? Where did those 59993 other come from?
You can make all the claims you want, but now it is time for you to substantiate them.
Now, I say that there is no Bigfoot (Microsoft's tools are not sufficient).
You demand proof that there is not Bigfoot (Microsoft's tools are not sufficient).
I laugh at your ignorance of basic logic.
It is up to YOU to provide evidence that Bigfoot exists. I say your evidence is not sufficient and I give an example of what sufficient evidence would be (the capabilities of a real package management system).
The ball is in your court.
IT people are paid to provide fault tolerant systems 100% of the time.
Nowadays there are no excuses for well funded projects to shut down like this.
IANAL but write like a drunk one.
Eh .. I had heard that the UK was very Americanized, but now I really believe it.
My condolences..
Maybe you'd like to try again? This time, leave out the logical fallacies, okay?No. I said that they do NOT exist. If they do, identify them. If you cannot (and your refusal to do so shows very clearly that you cannot), then you have failed to counter my claim that they do not exist.
Do you have a problem with reading?No. I have not claimed that. Nor have I claimed that 5cm open end wrenches do not exist.
What I claimed is that Microsoft does not have the tools sufficent to handle the situation.
Not that Microsoft does not have tools available.
What you are doing is called a "strawman" http://www.infidels.org/news/atheism/logic.html#s
It looks like you've failed basic logic a SECOND time.Yes, yet like my wrench example, NONE of them are sufficient to the job. Again you attempt the strawman.Again, the existance of tools from Microsoft was never in question. That is your strawman.
All you have to do is show that the tools you've mentioned are sufficient to the task described earlier.
Fuck it. I'll make it really easy for you.
Just post a script or whatever tool and flags I'd need to type in to or whatever buttons I'd have to click on to identify all of the
Under Debian it is "orphaner -a".
Can you do that? Hmmmm?Again with the strawman. http://shop.store.yahoo.com/tmt/crsowrandwr.html Look! Tools! Yet not one of those tools will correctly apply an update.
One last time. The existance of tools is not in question.
What is in question, and what you are required to provide proof of, is the existance of Microsoft tools that would perform the required task. Identify the tool and identify how it would be used.
Smoke me a kipper, can you do that?
The company is very strict about employee comments - all have to be cleared with the press office on pain of dismissal. Perhaps unwisely, my slashdot id is quite similar to my real name. So the most I can say is that I work for a large (but not one of the very largest) European software consultancy which despite its size, few people seem to have heard of.
That is the only way to show that your package management system is handling everything. Every single file on your system should either be identified by the package management system or be known to you as something you created.That's called "knowledge". I know Microsoft products (probably better than you do). I know their functionality, I know their deficiencies.
But I did provide you with the opportunity to show that I was wrong and that you know more than I.
You only believe Microsoft has certain capabilities because you've never used anything else. The reason there are so many 3rd parties tools to facilitate pushing updates to workstations is because Microsoft's core system is fatally flawed.
All those other vendors are selling products that take different approaches to band-aid'ing those flaws. Which is why so many people have so many problems patching Windows systems.And that is the difference between your ignorance and my knowledge.
apt-get install deborphan
orphaner -a
I can easily and clearly post the instructions. You cannot. The reason you cannot is because you don't know how to. All you can do is recite the names of tools that you hope will perform the function.
There is no way to prove a negative.
I state that Microsoft's tools are insufficient. You say they are sufficient.
My "proof" is that you are unable to provide instructions on how to accomplish that task while I have done so twice now.
Here's a third time:
apt-get install deborphan
orphaner -a
There, I've done it THREE times and you're still complaining.
To do that, you have to show how to use those tools to accomplish the task.
So far, you've been unable to do so.
apt-get install deborphan
orphaner -a
Yet you'll continue to claim that you don't have to show that the tools actually do what you claim they do.
Well, there's one reason I can think of that you'd refuse to do so. Particularly when I've shown how easy it is to show exactly how to do it with Debian.
Go ahead. Keep claiming that it is easy to do on Windows. I'm sure that someone will believe that's it's easy and you just don't have to show how to do it.
apt-get install deborphan
orphaner -a
I was talking about EDS management.
In my country, IBM runs many critical government IT contracts, they sign the contract, and then start hiring junior java developers for that.
You don't always get what you pay for.
Where did I claim that that is all that is needed?
That is the evidence that Debian has a functioning package management system and that Windows does not.
With a functioning package management system as the base, I can do things you've never dreamed possible.
cd
dpkg -S *
That will tell me the package that installed each file in the
Go ahead and show me how to do that with Windows.
Is that what you're saying? Before this goes anywhere else, that question will be answered.
Again
apt-get install deborphan
orphaner -a
That's all you have to do.
Glibc since libc6 is forward and backward compatable.
/sbin, you'd simply recover the correct Glibc.
/sbin, there is *no* Linux distribution I'm aware of that does this. The "s" in /sbin now apparently stands for "super-user", not "static".
The functions may be compatable, but it's common for binaries compiled for newer versions to reject older versions.
You would have to reboot the machines in single-user mode and, using all those shiny static binaries in
While this is historically the purpose of
If you accidentally install a version of glibc that's too old for your binaries, your system will refuse to boot; and even if you've got a static shell compiled, you won't be able to do anything.
The correct way to do it would be to boot the system with a rescue/live CD and then reinstall the glibc.
This reminds me of a funny story about Windows fans. It seems that they are rather, how to say it
Maybe you had to be there. I was amused. Anyway
What you are actually trying to do is to take the discussion off on a tangent in an attempt to find something that you can claim I am wrong about.
I'm not going to let you do that.
I said that Microsoft does not have the tools.
You said that Microsoft did.
It is up to you to identify the tools and how they are used to accomplish that. Otherwise, my statement stands.
apt-get install deborphan
orphaner -a
Once you that has been dealt with, then I will be willing to give you specifics on how to install/update software on a network of Debian machines via the network.
And that gets back the the story about Windows fans that I found so amusing. Once your magic words failed (you naming tools from Microsoft that I already knew do not have that functionality but that you did not know I knew and you hoped would "prove" me wrong), when pressed for specifics on how those magic words would work, you resort to attempts to blame others for your failings (demanding that I show the existance of functionality in Debian that you have not shown exists nor stated does not exist in Windows).
(Here's one example)
apt-get install deborphan
orphaner -a
(Here's another example)
dpkg -S
There. I've provided TWO very specific examples (down to the exact keystrokes to type) of the functionality of a real package management system.
What have you provided? Nothing but empty claims.
So far, I'm up 2 to your 0.
Then I have already given you the information you are requesting.
No, you have not. You have not answered whether it is able to check multiple networked computers at the same time. It is a simple question I'm asking for explicit clarification which you are apparently refusing to answer.
Learn to love Alaska
In case you're going to claim that you have, here is your first reply to me in this thread. It contains your original claim: http://slashdot.org/comments.pl?sid=130875&cid=10
Go ahead, substantiate your claim:Right now, all your attempting to do is to take the discussion off on a tangent that you believe you can win at.
That's not going to happen. You have to substantiate your original claim before any other tangents are examined.
You don't even know what a package managment system is, do you? Let me remind you of what you had claimed. http://slashdot.org/comments.pl?sid=130875&cid=10
I thought you were trying to confuse the issue by just listing whatever tools you could find.
Now I believe that you really do not know what a package management system is.
dpkg -S
That will tell you which package installed which file in the
Windows' does not have that capability.
That capability is required for a decent package management system (which you claim Windows has). http://slashdot.org/comments.pl?sid=130875&cid=10
Go ahead and support your claim. Show how I can get the same functionality with Windows as:
#1
apt-get install deborphan
orphaner -a
#2
dpkg -S
I've already answered that. You have to either admit you were wrong or support your claim by showing me the functionality I used as an example.
You think that just getting files onto a box is "decent package management", don't you.
Yep, you're definately a Windows fan.
Even when I give you specific examples you cannot admit that Windows is flawed.
It's a very simple process once you understand the basics of package management.
#1. All files belong to packages.
#2. Packages have dependencies upon other packages.
#3. So to update a bunch of systems on a network, all you have to do is make the updated package available to the system. With Debian, this is controlled in
#4. Then you trigger the system to download and install the update. This is done via ssh or telnet or rcp whatever you have.
Because the system is downloading and upgrading/installing the package, it is much more difficult to make an error that gets installed.
If you are upgrading libfoo4, but the machines that you don't want to upgrade have libfoo3, that's not a problem. Both can exist on the same system. That's when orphaner comes into play so you can see what is installed that isn't referenced by other packages.
If you are upgrading something that would break the system (although I don't know what that could be), you'd still have to get the dependencies correct. The system would throw an error when it saw an upgrade that didn't match the dependencies of other packages. (if no dependency issues, then it wouldn't break the system, although that specific app may not work).
So, in order to get the same result as in the article, you'd have to:
#1. build an upgrade package with the bad file in it.
#2. build the package with broken dependencies
#3. build updates to the packages that depend upon that package
#4. put those packages in the incorrect directory.
In other words, too many things have to go wrong in very specific ways to cause these problems.
It's easy to check various items before installing the software. Kernel version, library versions, group existance, user existance, etc. All you have to do is parse the associated file/report. uname -a tells you the kernel package you have installed, for example.
So, for Debian, to do a controlled, automatic update of all machines on the network with kernel package 2.4.25-1-386, with packages libfoo4 and myapp4, the process is
ssh to first candidate
check kernel version
apt-get install libfoo4, myapp4
log success/errors
next machine
mail success/error log to myself
The key concept is having the stable, reliable package management system on the machines. Once you have that, each step above that is simple and logical and errors will cause the update/install process to fail rather than to break the machine (which is how it should be).
If you can, grab an old machine and install Debian testing on it. Play with it for a while and you'll see how easy a single machine is to administer. With just a bit of scripting, an entire network of them is only a bit more complicated.
Not to mention troubleshooting those workstations. I can quickly compare the exact package listing of two machines (one not working / one working) to see where they differ on packages, file versions, even file checksums. So troubleshooting a software package problem takes 5 minutes on matching workstations.
With a Windows system, the package contains the information, not the system itself.
I can build a package with SMS for SMS to distribute foo.dll and SMS will distribute that package.
I then install an update to foo.dll from Microsoft's website.
So, two different packages have installed foo.dll.
I can then have the SMS package remove foo.dll and it will be gone. Even though the file should now be owned by whatever package installed it from Microsoft's website.Again, such an error is easy with Windows (as demonstrated in the article). It is far more difficult with Debian. And that is because Debian has a working package management system.Yet I have shown how having only ONE error will result in the update NOT being installed on a Debian system. Which is how it should be.
If there is an error, the update process should fail rather than corrupt the workstation.
Under Debian, it takes multiple, very specific errors to break the system.