Slashdot Mirror
Experiences with Replacing Desktops w/ VMs?
E1ven asks: "After years of dealing with broken machines, HAL incompatibility, and other Windows frustrations, I'd like to investigate moving to an entirely VM-based solution. Essentially, when an employee comes in in the morning, have them log-in, and automatically download their VM from the server. This gives the benefits of network computing, in that they can sit anywhere, if their machine breaks, we can instantly replace it, etc, and the hope is that the VM will run at near-native speeds. We have gigabit to all of the desktops, so I'm not too worried about network bandwidth, if we keep the images small. Has anyone ever tried this on a large scale? How did it work out for you? What complications did you run of that I probably haven't thought of?"
There are a lot of complications using a VM - there's no 3D, no good audio etc.. Plus if your base computer does not fit into the HAL, you can't expect much out of the VM. I am actually surprised at this - a VM will give you the benifit of portability, but if that was your goal you'd be better off giving a laptop to all your employees.
Microsoft: "You've got questions. We've got dancing paperclips."
thin client be a cheaper and easier solution per seat?
Sounds like you want something like Citrix.
Although, what you could do is automagically have a standard WinXP workstation login on startup. Next, have VMWare in the startup folder so that it begins as soon as the computer logs in. Finally, have VMWare point to a disk image loaded on your server. The employees will then see a full-screen VMWare ready to authenticate on the network and begin their day.
If you really wanted to be fancy, have that image automagically map to a network drive on your SAN/NAS as the D:\ drive. Tell employees to use the D:\ drive to store all work-related documents.
It could work. But you'd be looking at maybe 5 minutes for the morning boot-up. Not to mention all the employees hammering the network for a 2~4gb image at 7am will really thrash the servers.
If you insist on doing this, go a bit further. Activate that WoL crap and autoboot the workstations at staggered times between 6am and 7am.
I'd rather you do it wrong, than for me to have to do it at all.
Get some Sun Microsystems SunRays. Seriously.. thats exactly how they work. Your session can be saved on server and resumed anywhere else you plug in your smart card. One server and all of the terminals you need.
LTSP.ORG does somthing similar. You run X clients on a common "server" and view it with an X server on almost anything with 64 megs or more of memory.
I work at a client site where I implement large software. I have my own laptop, which due to sadly lacking Oracle WAN performance, I primarily use as a dumb terminal to various Citrix apps, and Windows Remote Desktop at my home office where I can run Visual Studio, db-based apps etc.
This works great, with one major caveat. If the network starts stuttering, performance of remote desktop and citrix both suffer badly. Otherwise, the benefits are great: much reduced amount of sensitive data on laptop, access to a higher performance office machine, less app latency when talking to 'local' databases 2000 miles away.
-- "It's not stalking if you're married!" My Wife.
I'm a vmware/virtualization fan, but I don't think this is the best application. It seems to me that it would be smarter to use terminal services / citrix / a thin client approach
If you were going to use vmware, make a standard image and push it out to the local hard drives. don't update that image unless it is time to push out a new set of windows udpates/etc. if you need to update the image though, that is going to be *hell* on your network/file servers.
I think it makes more sense to run a virtualized server than a desktop.
Also, you might end up paying for 2x the XP licenses since you'd have to pay for the host + guest operating systems.
Evolution: love it or leave it
Well, you'd still be running Windows (if that's your poison), and so your users would still be subject to (say) all the Outlook or Explorer weaknesses and exploits. The main upsides I'd see are
(a) presumably all VMs have the same device model, so you'd be running the same image everywhere, and
(b) assuming you carfully partition out the users' data to a different volume, you can give them a "fresh" virtual machine (a fresh Windows registry!) every time.
Nice and useful, but still not bomb-proof.
Where I work, we have a domain so a user can log onto any computer and have their email & favorites all set up. In their profile, it automatically maps their departmental network drives and their personal network drive (where they're supposed to save their documents to). The normal programs are installed on every machine, and it's not hard to temporarily install any special programs they need on the machine they use in the event theirs in unusable. The only issue we have is that for some reason, no matter how much we tell them to save on the network, they apparently refuse to listen and save stuff on their hard drive. And then subsequently blame us if their hard drive dies and they lose data. But that's another story.
What's the matter, James? No glib remark? No pithy comeback?
I needed a quick and cheap solution for some Windows machines for our QA group to test things on. We bought some VMWare Workstation licenses and ran 6 VMs running XP on each beefy machine. (About the limit for a machine with 4GB RAM) Granted, there are better VM solutions than Workstation, but we wanted cheap and quick. Don't count on it for anything mission critical. About every two weeks, VMWare would basically eat itself and the Linux box. However, it was easy from a maintenance point of view, because I could VNC in and see all 6 VMs at once. Also, since VMWare has a cloning feature, anytime QA infected the machines with something nasty, or just pissed off XP, I could re-clone it. Also remember that any VM hogging resources can slow down other VMs on the same host.
However, for the context that you are speaking about, I would take the advice of individuals below and look at Citrix or roaming profiles.
http://www.vmware.com/products/enterprise_desktop. html.
Just don't what... misconfigure or misapply the technology? If "Citrix" is anything, it's too expensive in some situations and inappropriate for others. Maybe you were just using some Citrix software to do something it's not ideal at doing, or otherwise using it incorrectly... in any case, it's kinda silly to malign an entire software suite with a vague anecdote.
So a lot of expensive desktops emulating, um, pretty much themselves, using funky somewhat pricy software, running substantial images pulled off of expensive servers over an expensive network (bacause GB'net or not, a building full of folks starting up in the morning is gonna hammer you.) Then comes the challenge of managing all of those funky images, reconciling the oddities of an emulated environemnt, etc.
Could you make it work? Sure. But I gotta wonder if it'd be worth it.
Is gonna be any better then a well managed native environment? Or going Citrix clients? Or Linux/MacOS/terminals (chose your poison) boxes instead of MS Windows?
I hear your pain, I just think you're substituting a known set of problems with a more expensive, more complex, more fragile, baroquely elaborate, well, more-of-the-same.
It doesn't sound like much of an improvement really, just new and more complex failure modes, at extra cost.
Though, I guess, if you're looking for a new, challenging, and complex environment this would be it; just take your current one and abstract it another level. I wouldn't want to be the one footing the bill, or trying to rely on any of it, but at least it'd be something different.
I don't read ACs: If a post isn't worth so much as a nom de plume to its author then I wont bother either.
They just used NIS and NFS, and the net effect was pretty much exactly what you describe... Sit down at any machine, log in, and your environment loads exactly the way you left it on the last machine, everything's safely backed up at the server end, and the client machines are pretty much disposable and interchangeable, and so on. Only difference if you're not farting around with virtual machines... ie. you're not quite as "cutting edge" but on the desktops themselves, don't you want a more proven system? So why wouldn't you just do the same thing, and use said proven, if something of a pain to administer, system?
As an alternative to NIS, Netinfo does much the same thing, only it wasn't designed by people quite so sadistic as NIS. You'd still be using NFS though...
cya,
john
Imagine all the people...
First off, I don't think VM'ing your desktops is the answer. Current VM's really dumb down the hardware. You lose 3D, sound, and most of them run a bit slower than native (some quite a bit slower). Couple that with the size of most VM images (my Vista image is about 12GB) and you're really looking at a poor solution.
Here's what you should be thinking about:
- Get some kind of desktop management suite like Altiris. You can push software deployments easily, and it's very easy to lock machines down to the point where users can't fsck them up. I've consulted for companies that do this with hundreds of desktops and it's a very robust, reliable system.
- Go with a thin client setup like Citrix or Terminal Server. Users run nothing on their local hardware. Instead, everything runs on the big server. Downsides are similar to VM's (thin clients are notorious for very lightweight support for anything but the most basic sound and graphics) but you are at least spared the massive network thrashing of hundreds of users logging on and pulling down VM images at 8AM every morning.
- If it's users messing up machines that you're worried about, you might want to consider a solution by Clearcube. They take away everything except the keyboard, mouse, and monitor. The guts of the PC reside in a server rack in what is essentially a PC on a blade. The blades are load balanced and redundant, so swapping them out is a breeze. And users *can't* load software on them because there's no USB ports, no floppy drive...nothing! Unless you allow them to download it from the Internet, *nothing* is going to get on those machines if you don't want it to.
VM's make sense for server consolidation. I don't think they've yet gotten to the point where desktops run on them as a form of protection or reliability. There's too many other solutions that work better and have fewer downsides. The problem here isn't Windows per se, it's the fact that your workstations aren't locked down properly to prevent your users from doing stupid stuff in the first place. Fix that and suddenly you'll find a Windows workstation environment isn't the hassle it once was.
In the end they will lay their freedom at our feet and say to us, Make us your slaves, but feed us. - Fyodor Dostoyevsky
An "unsupported configuration"...
In Soviet Washington the swamp drains you.
Sounds like you're trying to solve the same problem X11 is designed to solve. Have you looked into getting a bunch of X terminals and one super-powerful machine?
Help us build a better map!
If their hiring practices are any indicator ... every 6 months or so Citrix calls me and asks if I'll come in for an interview -- I ask what the salary is, and after I stop laughing at them I say no thanks.
Religion is a gateway psychosis. -- Dave Foley
I think I have to disagree. Most of the better gigabit nics out there support PXE boot. Get a small boot loader image going. If these will all be on the same lan segment, at boot time it will grab the latest loader image, boot the small loader (~2MB). The loader can then boot the full OS image.
You can then just capture or encapsulate the computing session to an image file. It's not a full virtualized environment, as you still get the benefits of the cpu horsepower at the workstation, but if corruption occurs ou just roll back the session file. I think.
This is how Windows hibernation functions in a nutshell, just dumps RAM to a file I think. I haven't tried this in practice, but it should work.
Karma: Chameleon (mostly due to the fact that you come and go).
Hmm. Your main issue is going to be switching machines. I see three ways of doing this:
Some virtual machines let you suspend to a file. This is nice if you must run Windows, or some other uncooperative OS. But, that still means suspend to a file, which will take some time. As for the disk, that would be fairly trivial -- your host OS would be Linux over NFS, so your disk image is an NFS file.
Issue to watch for here: Local cache. I don't care how fast your gigabit is, that server is going to feel some stress. I tried setting up gigabit just for file sharing, and it was never as fast as it should have been, yes I was using Jumbo Frames, and it's just a crossover cable, yes it was cat6. And even if that's flawless, there's the server at the other end. You probably want good local caching, probably local disk caching. InterMezzo would have been good, but they've pretty much died. You might try simply throwing tons of RAM at the problem, or you might try cachefs (never got it working, but maybe...) or maybe one of the FUSE things.
Second way: Don't use VMs. VMs will never be as fast as a native OS. But "native OS" can still work roughly the way the VM image does above, if your hardware is identical. With Linux and Suspend2, you can suspend and resume from pretty much anything you can see as a block/swap device. So, all of the above caching issues apply, but just run it as a network OS, have one range of IPs for machines still booting and logging in, and another for fully functional machines. Here, when the user logs in, the bootstrap OS tells itself to resume the OS image from the network.
You could also do this with Windows by copying a local disk image around -- after you hibernate, boot a small Linux which rsyncs the whole disk across the network, including hiberfile.sys. Everything besides the OS itself would be stored over the network already anyway (samba).
I don't know if this will work -- after all, no hardware is truly identical. But it may be worth a shot.
Advantage: Both Linux and Windows XP know to trim the image a bit on suspend, so it won't be a whole memory image, just relevant stuff. Truly native speed.
Disadvantage: If I'm wrong, then you won't be able to properly resume on a different box.
Finally, you could stick to software which supports saving sessions and resuming them. I know Gnome at least, and maybe KDE, had this idea of saving your session when you log out -- and telling all applications to do so -- so that when you log back in after a fresh boot, it's like resuming from a hibernate.
Advantages: Fastest and most space-efficient out of all of them. Least administrative overhead -- in the event of a crash, there isn't nearly as much chance for bad stuff to happen. Easily works cross-platform, native speed on any supported platform. Simplest to implement, in theory.
Disadvantage: Not really implemented. 99% of all software may remember useless things like window size and position, but very few actually store a session. If you mostly roll your own software, this may be acceptible.
And of course, you could always do web apps, but those won't be anywhere near native speed -- yet.
All approaches share one flaw, though -- bad things happen when a box goes down. With a VM image (or a suspend image), if you crash, you'll obviously want to restore from a working image -- but what about the files? If they're on a fileserver, does your working image properly reconnect to the fileserver, or does it assume it's still connected (thus having weird things cached)? The third option (saving sessions) is the safest here, because in the event of a crash, programs behave the same way they would on a single-user desktop. But you still lose your session.
What others are suggesting -- various terminal server options -- is much slower, but it also means that as long as the application server is up, so is your session. If you crash, you can switch to another machine and literally be exactly where you
Don't thank God, thank a doctor!
http://www.vmware.com/products/ace/
"With VMware ACE, security administrators package an IT-managed PC within a secured virtual machine and deploy it to an unmanaged physical PC. Once installed, VMware ACE offers complete control of the hardware configuration and networking capabilities of an unmanaged PC, transforming it into an IT-compliant PC endpoint."
--BlueLines "The cost of living hasn't affected it's popularity." -anonymous
You do have a point...
I'm amazed nobody has brought this up. Someone said you'd need twice the XP licenses. That isn't true if the host OS on each PC is Linux. VMware DOES have a client for Linux. I imagine it would be a lot more secure if Linux was the host, and you can customize all the startup scripts so you wouldn't have any unncessary overhead.
I'm not sure on the loading time differences between XP host and Linux host, but last time I ran VMware on my XP laptop, it was slower than shit. 1gb of ram, Turion 1.8ghz, it ran slow...... SLOW
You can't legally do this with Windows. The (bulk-licensing) EULA states that you are allowed to install Windows on one computer and one virtual machine *that runs on the same computer*. Moving the image from computer to computer is specifically prohibited, IIRC (yes, I've considered doing this before).
Your goals may be better accomplished with a different approach.
Now you have most of the benefits you asked for: you can have users switch places at random, you can replace physical computers and set them all up with the same VM... you can even have them all run windows on a linux host if this helps prepare for "the big switch". :)
As for your maintenance of the VMs, you can remotely log in to any of the workstations and replace the old VMs with new ones when you need to update something. Ocasionally you can wipe out all files that are kept on workstations to ensure that no kiddie p0rn is found, and to further illustrate that it is essential to keep all work-related files on the server as instructed in 2)
Vmware ACE would probably be a good choice, it allows you to lock down the host hardware, disabling various pieces.
VM's can run off of network shares if you set things up right. Fast network, and you won't see a problem. I have run VM's off mirrored ximeta netdisks over 100meg with NTFS as the partition type, and it worked great, although it was only about 4 machines accessing it at one time. For office apps and such, it's a piece of cake.
I encourage people to use vmware for laptops. Create an encrypted disk with the vmware image that they want to run, then if the laptop gets stolen, you have to decrypt the disk before you can get to the really good stuff. Backups are easy, and it makes if necessary, laptop "sharing" something that you can do pretty easily as well. Multiple shifts can PC share easily as well. It's also easier to fix problems test updates and such by just snagging a copy of the image, and monkeying with it.
Citrix and remote desktop have their places as well.
The network IS the computer ;)
My friend had setup Windows for his girlfriend as guest OS under Linux host. He was using VMWare. His girlfriend was forced to use IE to access her University Intranet. Also she needed M$Office for documents from profs. The notebook was constantly plagued by malware/spyware/etc making it barely usable.
My friend installed Linux (Gentoo one) and VMWare Workstation. Inside the VMWare he installed the OEM Windows off the notebook. State of Windows - fully updated and with M$Office installed - was saved on backup image. In guest Windows, all work was done on SMB/CIFS drive of host Linux.
The only problem was video performance - e.g. macromedia flash animations at times were making the notebook to melt. Also there were some sporadic network problems - mostly attributed to poor Windows network stack implementation. (IOW, the network problems occurring with normal Windows installation under VMWare were occurring more often. E.g. Windows DHCP client was at times failing to get address from host Linux. That IE thing was at times failing to load pages properly or simply hanging. The usual WinXP/IE problems.)
Advantages were clear. Spyware/malware got to notebook? - recover from backup image. Something crashed? - data are most likely are Okay on host Linux hard drive. Also, gradually girlfriend ha been taught how to use Linux and how to get around the University Intranet with Linux and Firefox/Konqueror. Though most documents she used still required M$Office under Windows.
All hope abandon ye who enter here.
I have been using Parallels for quite some time on my MacBook Pro, in order to use a few apps on Windows ( installed Windows XP Professional on the VM ). It works like a charm, as fast, or at least almost as fast, as if I was to use a separate system for just Windows. I 've also installed Ubuntu today, which runs equally well. According to the rumors-mill, Parallels is getting 3D hardware acceleration soon which means, among other things, you will be able to run games on the VM, get better performance on the desktop and, once Vista comes out and Parallels provides support for EFI, you will get an accelerated desktop experience through Aero. I personally have no other use for Windows other than running one or two apps once in a while and playing games ( Mac OS X is just too good to fallback to Windows for anything else ).
Technology ramblings : Simple is Beautiful
Also with such a setup GF could never get help anywhere else. She's locked in, muahahaha.
I've used both Xen (personal use) and VMWare (comercial use). Of those two Xen is the way to go IMHO. I had FC5 running on FC5 with only 256MB RAM given to the virtual machine and the speed was amazing. It really felt like a sepereate, full powered machine!
... A coworker left his VMWare vm running over the weekend and when he returned only 2 hours had passed for the VM ...
On the other hand, VMWare is a bit sluggish. It's easier to set up virtual machines for but I've never used it where I didn't feel like it was sucking up system resources and slowing down both host and virtual machine. I also found that it seems to screw with the virtual machines clock a lot
In every single case I've ever seen of being "constantly plagued by malware/spyware/etc," it was someone who was doing it to themselves. They were constantly stealing music, downloading porn or otherwise being stupid about their online activities. They didn't have automatic updates set, or were ignoring the stupid bubble that says they had updates waiting to be applied. They weren't running decent AV, probably never scanned their machine for spyware and so on.
And yes, I'm blaming the victim. While there *should* be sense in saying that you ought to be able to walk anywhere without fear, if you keep going to drug-riddled areas downtown and getting mugged, then STOP GOING TO THOSE AREAS. Learn to take some responsibility for your own damn habits and learn a bit. You change the oil in your car and give it the occasional tune up... why not the same to your computer?
She's at a university. She can probably find more help there than most places. Heck, myself and at least five other companies support Linux in a town of less than 500,000 (Springfield, Missouri), so I don't think this nearly as true as it used to be.
Besides, think of the geeks. A girl, at university, that will seek you out because you can fix her laptop--that's running Linux--and who might find out that you DON'T have a tentacle pr0n fetish like her current boyfriend. The romantic possibilities are endless! Don't be selfish...
I think Mauve has the most RAM. --PHB (Dilbert Comic)
The edubuntu distribution is basically a plug-n-play instant LTSP environment.
I use it for junk laptops with busted hard drive controllers. I just wish wireless network cards had boot proms, I'm using MMC/SD cards to bootstrap.
Before I part with'em: two pennies weigh ~4.996+/-0.014g, have a zinc core, and the face of Lincoln. You can keep 'em.
I work for a .edu and perhaps a solution we use here could be helpful if your main goal is a "clean" computer state at startup. We've (finally) moved to an Active Directory based network. I'm now building .msi packages to be installed by AD and use a startup script to install a program called Deep Freeze which prevents changes from being made to the system while it is in a "frozen" state. With Deep Freeze, any changes that are made to the system are removed on reboot. Any file storage is done on a networked home directory. Deep Freeze can be setup to "thaw" during the night for windows and virus updates to run and then "freeze" again after X amount of time has passed.
If a computer breaks and needs to be replaced, we can drop in a replacement PC, move it into the proper organizational unit in AD, do a group policy update on the box and it will install the appropriate software on startup (and with the exception of programs like VS.Net it goes fairly quickly).
Everytime I hear this it amazes me how unrealistic this line of reasoning really is. The essential statement is that, since there was a way to prevent the problem, the onus is on the user to "know what to do" because they are obviously "ignorant". It's like returning a broken hammer to the hardware store only to be told you "shouldn't have hit something so hard". Have you considered that the real problem lies in allowing vendors to completely avoid liability for their mistakes? Perhaps the lack of an economic incentive to make a good product has created the environment where this is possible?
From a practical perspective, telling college students not to download music, to avoid MySpace, and to not download seemingly harmless things like Screensavers and Wallpaper is about as effective as the rhythm method. Sure, they're "sinners" with their pr0n and their music. How dare they? They get what they deserve by using a computer on the internet to download the information they want. That's a sin to be sure. It's strange how that apparently makes them culpable for systematic, intentional, and malicious exploiting of their computers. Of course, the long-term social effects of corporate self interest manipulating law and public opinion to create stigma in their economic interest is beyond the scope of a Slashdot comment.
Back to the technical issues. Understand that a lot of malware immediately turns off ActiveX security. They leave the door wide open behind them. In your perfect world, not only does every user have to be perfectly responsible and knowledgable, but they also can't make even a single mistake--since this basically leaves them wide open (i.e. it doesn't ask, just downloads and installs any application that asks) in many cases.
Similarly, there is no safe site. A vast majority of the web is ad sponsored. A single malicious banner ad can catch millions (the recent MySpace incident for example). Expecting every user and every advertising company (with possibly tens of thousands of ads) to not ever make a single mistake is unrealistic as it is lazy. The web can be secure if people would put the effort into getting secure systems developed and into place instead of blaming security problems on the sinners.
Ironically, one of your "solutions", Antivirus Software (a.k.a. stopgap measure or snake oil depending on your inclination), is probably the reason things are as bad as they are. Rather than closing holes, AV just stomps the critters that run in through them. If users had insisted on fixes and security rather than installing Norton Antivirus (and considering it "fixed", things probably wouldn't be nearly so bad as they are. It would also be nice if the economic disincentive for insecurity would lie with the vendors where it belongs, not with each and every user.
People don't realize it, but this is really an old misconception. Make something illegal, and its sources become disreputable. This then reinforces the belief that it's inherently bad. My issues of concern are software licensing, patents, and copyright reform. I'm sure the same argument could (validly) be made for marijuana, prohibition, and prostitution.
Of course we've got a double-whammy with software security. Not only are the sinners browsing seedy sites, there is also no one responsible for protecting them (since the vendors have all licensed their cares away).
I think Mauve has the most RAM. --PHB (Dilbert Comic)
You know you're addicted when your non-geek wife recognizes Slashdot...
My dear wife thought that Linux was black text in a terminal, and that the mud I used to play, Nuke, was green text in a termial. Got alot of mudding in while "learning" Linux to prepare for the future.
But alas, all good things must come to an end. She finally wised up and figured out I could mud in any color text *grin*.
I traded my "Life" for a "Wife". So far in the grand scheme, I have come out way ahead!
I only look human.
My mother is a halfling and my dad is an ogre, so that makes me an Ogreling
>A girl, at university, that will seek you out because you can fix her laptop--that's running Linux--and who might find out
problem is their are 1000 geeky looking guys who will claim to be able to fix the thing, and only 100 who can.
so she may have to tease 5-20 geeks to find the one who's real, hopefully none of the pretenders screw too badly (err screw up the laptop, ya.)
sort of the beauty and the geek without (hopefully for her) cameras.
Try Unison. It caches the state of the last sync, so it's dramatically faster at startup. Under the hood, it uses the rsync protocol when it does need to transmit changes. Additionally, it's much more configurable than rsync.
I use Unison to sync/backup my home and work computers, including my music and photo collection as well as ~/bin, ~/perl, ~/.cshrc and ~/.emacs.
I am working for a SME, and we are currently going from remote desktop to Citrix. Having most production applications hosted on either a web server or a remote server are *huge* wins for us in terms of support costs, esp. since we have a number of custom apps to support (we are in a niche market and have yet to find a large vendor who creates useful apps for us). Most of the desktop costs are gone, in that you only have to upgrade the central server or servers, users cannot monkey with the config, everyone ends up using the same versions of the software, we have images of the server loads so if it does fail we can get it back fairly quickly etc.
For remote users we use Cisco VPN to the remote desktop.
Citrix licensing is expensive but you should first rough out some numbers as to how much it costs to support the desktops individually versus the same tasks by one or 2 techs on one or two servers plus Citrix costs.
We are using VMs in our development and test environments on an older AMD 64 bit machine. It still bogs down after 3-4 Vm's are running so my advice is to by the biggest, fastest and most reliable box you can. Lots of memory, fast disks and memory and CPUs. Newer 64 bit hardaware would be sweet as you should be able to set up 32 bit OS's on it and support older apps without having to upgrade everything to 64 bits all at once. Make sure it is not 'cutting edge', rather if it is for critical apps make sure it is stable on the hardware side, even if you sacrifice a little speed. Think in terms of how mainframes do things.
HTH
putting the 'B' in LGBTQ+
Dude, you must be a total god if you got her to work perfect and seamlessly. Her first husband couldn't, my dad couldn't, and neither could her other two husbands. If you really did fix her I owe you big time man.
About windows roaming profiles; these things tend to grow huge (I have found a couple of them over 1 GB). They eventually will saturate your network and will have the user bitching about long delays after logons. Maybe if you have 1Gb to the desktop, this will not be an issue, but try streaming a 1 Gig profile over wireless.
My other OS is the MCP!
I would also checkout a product by Faronics called DeepFreeze.
From the website: "Deep Freeze instantly protects and preserves baseline computer configurations. No matter what changes a user makes to a workstation, simply restart to eradicate all changes and reset the computer to its original state - right down to the last byte. Expensive computer assets are kept running at 100% capacity and technical support time is reduced or eliminated completely. The result is consistent trouble-free computing on a truly protected and parallel network, completely free of harmful viruses and unwanted programs."
At my company we use a combination of Citrix and DeepFreeze that allows users to roam from station to station while still having full access to all of their apps and data (stored on the network). DeepFreeze ensures that a user never messes up the local computer with anything that a reboot can't fix.
You could also just do DeepFreeze, profiles, network based app installs which would ensure the apps and data are on the network.
No, you're wrong, it is more like screwing a thousand people unprotected and then complaining when you get syphilis. The tools are there, the info is there, take the time to learn how to use the equipment that you are using. you don't just get into a car and drive it, so why can't people learn to use thier computers
Yes, yes you are. First of all, it is entirely possible to download music and movies without being infected. Second of all, with the right operating system, you can do all that shit without even any significant risk of being infected. Yet, many are locked into Windows.
Then again, I do run windows (hardware support issues) and I'm not getting owned.
"You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
My employer uses Thinkpads with docking stations as standard issue. For those of us who need more power, we just use Terminal Server (or another remote access program for non-Windows computers.) We use Connected Backup to backup the laptops on a daily basis over the network.
While I personally would prefer a more powerful laptop, (as I do serious development,) I'd rather use a laptop then a generic workstation. I can telecommute with it anywhere in the world, and I can use it in meetings with a projector. This is more difficult with generic workstations.
No, I will not work for your startup
As I've seen your pr0n collection firsthand, I assume that you're speaking hypothetically?
Dewey, what part of this looks like authorities should be involved?
Many Windows admins do not know about this little behavior and it comes back to bite them. It's been in there since Windows 2000: use it!
Also check this registry setting:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList
Consider changing the ProfilesDirectory to a mapped drive network share. If your network is fast enough this has the added benefit of having no profiles stored locally at all.
Downside is you'll have to pre-emptively create all the folders on that drive because LOCAL SYSTEM won't have permission to create the folder at first logon to a machine. But it'll detect if it's there and think you've logged on before.
Make sure you use Samba as the backing for a system like that though because you will need to play with oplocks settings so Windows doesn't bitch about loading the NTUSER.DAT hive from a network share.
THIS THING CAN TURN ON A DIME, MACROSSZERO STYLE ALSO FUCK BETA, ~NYORON