And it's also called an NT domain -- or a Windows NT Domain, if you prefer.
I'm sparing you the usual Wikipedia rants - but usually when someone says "NT Domain" the refer to the older NT4 Style Domains, with the primary base being NTLM/WINS/NetBIOS. Microsoft marketing materials say the same.
But i know a guy who refers to XP as "NT 5.1". It's just irritating, even if it isn't wrong.
(Well, there are also People which refer to a System i5 as an "AS/400")
Except that here, no one knows how to do it, so it costs them a pile of money to setup a new machine.
That's the Tech's fault - why?
When someone buys something they didn't really want, they only have themselves to blame.
Each machine has a name like "box7" or "box10", with a username/password based on that.
Ouch.
Active Directory was only used here so these cunts can charge thousands of dollars to come over and twiddle their thumbs while they install Win2K on brand new Dell laptops.
Ouch. And they still hire those guys? I mean, Windows 2000 is no longer supportet by MS - e.g. Timezone changes.
with rsync or DRBD backups over the Internet to someone's house
Don't do Online-Backups unless you always have technical people on site. Tapes are something users can grasp much better - they are much better at dealing with them, and you get less problems. Less callouts for tech too. But don't use cheap tape drives. I personally recommend LTO2/3 tapedrives.
Which is irrelevant when these cunts won't teach us how to admin it.
Probably because that's not their job. I'm not a good teacher either, that's why i'm doing a tech job and not a teaching job. If you lack windows knowledge, go learn it. All they need to do is document their setup.
Don't get me wrong, but you sound like a guy who wouldn't have much problems with learning all the windows stuff - but you don't want to.
Still, I think tying them to a 15-year-old brother for $10/hour is better than two MSCE bastards for $75/hour.
It's like choosing between lepra and cholera. I'm not trying to say that your brother is incompetent, but one thing is for sure: he lacks experience. No matter how small a company is, IT is usually a critical infrastructure. And competent people need to be paid.
If a company doesn't want the risk of their own infrastructure, they can use an ASP (Application Service Provider). This will remove the financial risk.
Regardless, it's not just me. Everyone and their dog knows how to right-click and go "Sharing".
Yeah, but users shouldnt do that. That's better be left to IT staff.
Now, IT staff can be a dedicated person, a dedicated team, or someone else doing it as part of their normal workload, or someone outsourced.
You sure know that IT isn't such a refined technology as cars. Cars can run several years till they need maintenance. But a computer used by a user with full privileges never lasts that long. It will need time. Until then, IT will stay very expensive.
These guys have set them up with a fucking NT domain!
It's called "Active Directory" or "Windows Domain".
And thats the RIGHT way to do things, if you don't use a "Hosted Something" package.
AD makes lots of things easier and simpler. Setting up a new machine is easier, users get their old profile synced back from the server, all "my documents" are properly redirected to the server, and users will have less hassle.
Setting up a new machine can be automated completely using RIS (XP) or WDS (Vista)
but neither of us knows what to do with an NT domain -- but these techs have convinced them that it's somehow "more secure".
That's a selling point, but usually the main point is less administrative hassle.
because I couldn't make the NT domain go across the VPN.
You blame your incompetency on others?
and it runs over a VPN because RDP doesn't do crypto.
To be fair, though, the scientific disciplines aren't completely insular and unrelated as many people would like to think.
I can only agree here - many areas are interconnected.
While working in IT service für SMB, i've learned a lot about laws regarding privacy, copyright, about electrical wiring, about dealing with people, dealing with customers (customers are different from people).
I wasn't trying to invalidate your statement in any way. Just said that there are more or less intelligent features which help against such stuff.
The rm vs. rm -i thing is another interesting point, though.
When i'm deleting something, and get asked everytime, with time, the keystrokes will get automated. I've got this problem in windows - per default, you will get asked, and then the files will only get moved to the recycle bin. So i automatically hit "Shift-Delete, Enter". Which kinda counters the asking behaviour. I think the rm -i thing will do the same.
Don't warn / popup needlessly. I've seen so many users clicking away the norton prompt, asking them to renew their subscribtion...
Yes, certificates aren't everything. In fact, i don't think they have much value (though i have my share of them, as long as my current employer pays for all the expenses).
However, there are a few things which you seem to forget:
* People entering the IT industry don't know professional IT yet
They have built their own PCs. Fine. But in a corporate, professional setting, you don't build your own PCs. You don't build your own servers. And the "why" is what people entering the industry have to learn (sometimes painfully so).
* People entering the IT industry won't be the "know it all" anymore
Most people with a serious interest into it, were the one with the most knowledge in their circle of influence. When entering the IT industry, that's usually no longer the case. Even if you're socially top-notch, it will take some time to adjust to this change. If being social isn't your one of your primary advantages, it will take even more time.
* People entering the IT don't know lots of technology yet
You've built your private exchange server at home. It worked fine. Now you have 100 exchange servers, distributed across the globe. At home, you had your own domain. You experimented with Group Policies. It worked fine. Now you have 100 domain controllers, 10'000 clients, and 200 GPOs. Even if you understood the basic concepts, you will need to learn that with a different scale, there is a different responsibility.
In the end, even the most gifted child without a life will have to adjust to the pace of the company, and all its quirk. It takes time.
And most people that are looking for an entry level pc tech job don't have the qualifications, nor the interest in the field. Weeding out the trash is the difficult part of doing job interviews.
But you can't just register as a corporation or self-proprietorship with a tax ID number and thus be self-employed?
You can. a) Einzelbesitzer / Einfache Gesellschaft + Doesn't require anything - Full personal liability - Personal taxes apply
b) Gesellschaft mit Beschränkter Haftung (GmBH) + Limited personal liability + Company taxes apply + Needs registration - Requires 20k CHF capital
Possibly hire other techs as well.
If you want to hire people (instead of starting the company together with the other people) you will need financial security. As an 18 year old starting your own company, you won't have that.
If you advertise and seem like you have a clue, people will use your services, at least in the US.
I've seen several companies like this fail miserably. With age 18, you don't have money nor experience. Leading a successful business requires both. It's highly unlikely that you will get serious customers this way. You can start it as a side job - if your employer allows that (they have to if you aren't in a directly competing business).
If you want to get taken serious as a CEO, you will primarily need age;)
Or is Switzerland that much more of a rigid society that that isn't a possibility?
Most businesses take education very serious. If you don't have a finished education, people will look at you funny. Most services in switzerland are very expensive - even a (good) grunt level tech costs about 150CHF per hour.
Most successful startups have CEOs age 25 and up - meaning a few years of experience.
Well, without a finished apprenticeship (or finished higher education), you won't have any chance on the swiss job market.
The apprenticeship is still the standard way to enter the job market in switzerland, about 60-70% of swiss kids enter the job market using this education as a starting point. The Wikipedia Article (http://en.wikipedia.org/wiki/Apprenticeship) explains the system in more detail, Switzerland system is is quite similar to the German one.
This system sounds probably sounds as strange to you as does the US education system to me.
I've been in a similar situation, i've hired several apprentices for my company.
In case you're unfamiliar how an apprenticeship works:
It's part of one of the possible education roads in switzerland. At age 16, you start an apprenticeship in a company, which usually is 2-4 years (depending on the amount of skill of the job required). An apprenticeship requires attendance at a public school for one or two days a week. The pay is usually very weak, from 450 - 1000 CHF / Month. At the end of the apprenticeship, there's a standardized test.
Since people start at age 16, they have no qualification whatsoever (except that they finished public school), and as an additional drawback, you can't fire apprentices unless they SERIOUSLY fuck up (stealing from the company or something like that, or fucking up in school several times in a row).
The only thing i've paid much attention to is interest. Interest in IT can vary, e.G.:
An avid gamer, maxing out the performance of his video card, by working with lots of settings? Creating custom ini files for you game? A young Linux zealot, telling my windows is a bad thing. Writing programs?
Young, interested people are raw diamonds. They don't understand professional IT yet, and they have a lot to learn. While it is my job to help them to learn, the bunch of stuff is what they have to do alone. Just provide the infrastructure and support. It doesn't matter much what kind of skills they already have, since most of them don't help on their job - but most of my apprentices are more up to date on PC/Consumer hardware than iam.
Interest is all that matters. Someone who is willing to learn will be able to do everything you want him to, it just takes some time.
There's an important second skill, and that is social skills. You always have customers, be they internal (like in an enterprise) or external (in my case, SMB support).
An apprentice will have to learn how to deal with customers. In my case, i go to customers with them, let them stand aside (for about half a year). After that, they will have the skills to solve small problems on their own. The next step is to learn to deal with the customer. Delegate tasks, have them solve the problem on their own, report to the customer. And as a last step, send the on their own way.
This process takes about 3 years with an apprentice - you can shorten this ALOT if someone has at least a bit of previous experience.
And another tiny bit i've learned. Never solve a problem for your apprentice, if time is not critical. Give hints, push them in the right direction, let them figure out the solution on their own.
Never lie to them - while it is sometimes necessary to adjust the truth for a customer, never lie to your apprentices - there's nothing worse than learning the wrong things.
I see, we're talking about a different kind of businesses. You talk about enterprises, with their own IT staff. I talk about small businesses, which may have a person who ALSO does IT, besides his usual job.
CSA, systrace, SElinux, and everything in that direction are nice tools - for an enterprise. They are to expensive to buy, setup and maintain in a smaller business. You still have about 50 boxes to manage, so using GPO is a big plus because you don't have to run after every machine.
They can't protect against phishing either, as long as you allow "normal" web surfing.
I agree that the integrated firewall, windows defender et. al. probably aren't the right thing for a big bank like UBS, credit suisse or other enterprises. But for a small business with 50 computer's, these tools have just the right integration, and the right functionality.
Don't get me wrong, your points are all valid, but don't apply in my case. Maybe i should've mentioned that in my post first.
Yes, you may have. But this functionality has now been integrated into the OS, making managment a lot easier.
4)
Ever tried roaming profiles between different languages of windows? Also, the MUI Version of WinXP had many, many bugs. Often small, but together it was very annoying. Vista finally offers an easy to use, standardized way since all installations are essentially MUI, and you can deploy and install language packs later. Especially important since i work in switzerland, were we have to support 3/4 Languages (German, Italian, French and English)
5)
I use SVN a lot. It's great. I don't think our sales would use svn, though. So shadow copies is way to go:)
6&7)
No. They are an improvement. Not one that might be significant for you, but one that might be significant for end users, support and admins.
You don't pay retail prices when buying a new machine with Vista preloaded.
And if you build your machine, you can purchase an OEM version at half the price of the Retail version.
And noone, except for testing, really needs the Ultimate version. Home Premium will be all you need at home (Home Basic? What's this shit? Just so they can sell Premium through anytime upgrade?), and Business at work.
Our reseller shows one OEM copy of vista at 242 US$ (converted from CHF) So you will probably be able to get it for 199US$, considering that Switzerland is hugely overpriced.
Some Dude's Findings: VISTA: Vista has a similar but improved firewall to Windows XP SP2, but anyone who is serious about their security will still replace it with a third party firewall or Internet security suite.
The firewall in Vista has been much improved for GPO configuration, and this means that the rollout in a company is much easier. There simply is no need to use third party firewalls in XP SP2 OR Vista. Of course, many "power users" which only work on their own machine don't see this.
Some Dude's Findings: Both score 'pretty terrible'
Anti-Phishing is like Anti-Spam. It doesn't work, as it is not a solution to the problem, but a workaround. We will get a simple arms race here, and the problem will persist. There's a feature in IE7 which will allow the addressbar to turn green with certain SSL certificates (which probably are going to be very expensive). That sounds more like a solution, but it remains to be seen if users are able to grasp this.
Some Dude's Findings: However pressing the 'ok' button lets you do whatever you want anyway, and experienced users will just be annoyed. What did I do? I turned it off completely and am not bothered by it anymore.
I've been using UAC on my desktop machine at work since early betas. Of course, it bothers you often when you're "working on the system" as opposed to "working". What i would like to see is UAC caching (i.E. UAC gives admin rights automatically for five minutes, or something), but this would severe security implications (but sudo does the same thing). UAC does not bother anyway when they're working (on the ERP system, in Office, cutting videos, etc.)
UAC allows me to strip users of legacy applications of their admin rights, while they will still be able to install programs and some such. I've reconfigured UAC by group policy to always ask for credentials, this behavior imitates sudo and it's a very nice warning that you're changing something inherent to the system.
Utter security failure. Plenty of work fixing broken windows. Forced upgrade with new hardware sales. It's a win-win all around!
Users don't buy new operating systems, they buy new computers. Enterprises don't buy new computers, they will roll out new operating systems when the paid support for the old one gets too expensive (lots of companies still running 2000...)
Slashdot Mirror
But i know a guy who refers to XP as "NT 5.1". It's just irritating, even if it isn't wrong.
(Well, there are also People which refer to a System i5 as an "AS/400")
That's the Tech's fault - why?
When someone buys something they didn't really want, they only have themselves to blame.
Ouch.
Ouch. And they still hire those guys? I mean, Windows 2000 is no longer supportet by MS - e.g. Timezone changes.
Don't do Online-Backups unless you always have technical people on site. Tapes are something users can grasp much better - they are much better at dealing with them, and you get less problems. Less callouts for tech too. But don't use cheap tape drives. I personally recommend LTO2/3 tapedrives.
Probably because that's not their job. I'm not a good teacher either, that's why i'm doing a tech job and not a teaching job. If you lack windows knowledge, go learn it. All they need to do is document their setup.
Don't get me wrong, but you sound like a guy who wouldn't have much problems with learning all the windows stuff - but you don't want to.
It's like choosing between lepra and cholera. I'm not trying to say that your brother is incompetent, but one thing is for sure: he lacks experience. No matter how small a company is, IT is usually a critical infrastructure. And competent people need to be paid.
If a company doesn't want the risk of their own infrastructure, they can use an ASP (Application Service Provider). This will remove the financial risk.
Yeah, but users shouldnt do that. That's better be left to IT staff.
Now, IT staff can be a dedicated person, a dedicated team, or someone else doing it as part of their normal workload, or someone outsourced.
You sure know that IT isn't such a refined technology as cars. Cars can run several years till they need maintenance. But a computer used by a user with full privileges never lasts that long. It will need time. Until then, IT will stay very expensive.
It's called "Active Directory" or "Windows Domain".
And thats the RIGHT way to do things, if you don't use a "Hosted Something" package.
AD makes lots of things easier and simpler. Setting up a new machine is easier, users get their old profile synced back from the server, all "my documents" are properly redirected to the server, and users will have less hassle.
Setting up a new machine can be automated completely using RIS (XP) or WDS (Vista)
That's a selling point, but usually the main point is less administrative hassle.
You blame your incompetency on others?
You're wrong.
http://msdn2.microsoft.com/en-us/library/aa383015
I can only agree here - many areas are interconnected.
While working in IT service für SMB, i've learned a lot about laws regarding privacy, copyright, about electrical wiring, about dealing with people, dealing with customers (customers are different from people).
Don't irritate me with facts!
And OS/400, i5/OS with it's interactive cpu pricing scheme...
Your dog is not a legal person, and thus can not enter any sale contract.
I wasn't trying to invalidate your statement in any way. Just said that there are more or less intelligent features which help against such stuff.
The rm vs. rm -i thing is another interesting point, though.
When i'm deleting something, and get asked everytime, with time, the keystrokes will get automated. I've got this problem in windows - per default, you will get asked, and then the files will only get moved to the recycle bin. So i automatically hit "Shift-Delete, Enter". Which kinda counters the asking behaviour. I think the rm -i thing will do the same.
Don't warn / popup needlessly. I've seen so many users clicking away the norton prompt, asking them to renew their subscribtion...
Both zsh and bash have options that prevent this.
.tmp /home/lb/fuu [yn]?
:)
lb@yuffie:fuu [9|0] % rm *
zsh: sure you want to delete all the files in
I really like this. It saved my live more than once
IFS is already a file system used by IBM.
It's used on the System i (formerly known as iSeries, formerly known as AS/400), and offers unix-like characterists.
I have to agree and to disagree with you.
Yes, certificates aren't everything. In fact, i don't think they have much value (though i have my share of them, as long as my current employer pays for all the expenses).
However, there are a few things which you seem to forget:
* People entering the IT industry don't know professional IT yet
They have built their own PCs. Fine. But in a corporate, professional setting, you don't build your own PCs. You don't build your own servers. And the "why" is what people entering the industry have to learn (sometimes painfully so).
* People entering the IT industry won't be the "know it all" anymore
Most people with a serious interest into it, were the one with the most knowledge in their circle of influence. When entering the IT industry, that's usually no longer the case. Even if you're socially top-notch, it will take some time to adjust to this change. If being social isn't your one of your primary advantages, it will take even more time.
* People entering the IT don't know lots of technology yet
You've built your private exchange server at home. It worked fine. Now you have 100 exchange servers, distributed across the globe. At home, you had your own domain. You experimented with Group Policies. It worked fine. Now you have 100 domain controllers, 10'000 clients, and 200 GPOs. Even if you understood the basic concepts, you will need to learn that with a different scale, there is a different responsibility.
In the end, even the most gifted child without a life will have to adjust to the pace of the company, and all its quirk. It takes time.
And most people that are looking for an entry level pc tech job don't have the qualifications, nor the interest in the field. Weeding out the trash is the difficult part of doing job interviews.
But you can't just register as a corporation or self-proprietorship with a tax ID number and thus be self-employed?
;)
You can.
a) Einzelbesitzer / Einfache Gesellschaft
+ Doesn't require anything
- Full personal liability
- Personal taxes apply
b) Gesellschaft mit Beschränkter Haftung (GmBH)
+ Limited personal liability
+ Company taxes apply
+ Needs registration
- Requires 20k CHF capital
Possibly hire other techs as well.
If you want to hire people (instead of starting the company together with the other people) you will need financial security. As an 18 year old starting your own company, you won't have that.
If you advertise and seem like you have a clue, people will use your services, at least in the US.
I've seen several companies like this fail miserably. With age 18, you don't have money nor experience. Leading a successful business requires both. It's highly unlikely that you will get serious customers this way. You can start it as a side job - if your employer allows that (they have to if you aren't in a directly competing business).
If you want to get taken serious as a CEO, you will primarily need age
Or is Switzerland that much more of a rigid society that that isn't a possibility?
Most businesses take education very serious. If you don't have a finished education, people will look at you funny. Most services in switzerland are very expensive - even a (good) grunt level tech costs about 150CHF per hour.
Most successful startups have CEOs age 25 and up - meaning a few years of experience.
Well, without a finished apprenticeship (or finished higher education), you won't have any chance on the swiss job market.
The apprenticeship is still the standard way to enter the job market in switzerland, about 60-70% of swiss kids enter the job market using this education as a starting point. The Wikipedia Article (http://en.wikipedia.org/wiki/Apprenticeship) explains the system in more detail, Switzerland system is is quite similar to the German one.
This system sounds probably sounds as strange to you as does the US education system to me.
I've been in a similar situation, i've hired several apprentices for my company.
In case you're unfamiliar how an apprenticeship works:
It's part of one of the possible education roads in switzerland. At age 16, you start an apprenticeship in a company, which usually is 2-4 years (depending on the amount of skill of the job required). An apprenticeship requires attendance at a public school for one or two days a week. The pay is usually very weak, from 450 - 1000 CHF / Month. At the end of the apprenticeship, there's a standardized test.
Since people start at age 16, they have no qualification whatsoever (except that they finished public school), and as an additional drawback, you can't fire apprentices unless they SERIOUSLY fuck up (stealing from the company or something like that, or fucking up in school several times in a row).
The only thing i've paid much attention to is interest. Interest in IT can vary, e.G.:
An avid gamer, maxing out the performance of his video card, by working with lots of settings? Creating custom ini files for you game?
A young Linux zealot, telling my windows is a bad thing.
Writing programs?
Young, interested people are raw diamonds. They don't understand professional IT yet, and they have a lot to learn. While it is my job to help them to learn, the bunch of stuff is what they have to do alone. Just provide the infrastructure and support. It doesn't matter much what kind of skills they already have, since most of them don't help on their job - but most of my apprentices are more up to date on PC/Consumer hardware than iam.
Interest is all that matters. Someone who is willing to learn will be able to do everything you want him to, it just takes some time.
There's an important second skill, and that is social skills. You always have customers, be they internal (like in an enterprise) or external (in my case, SMB support).
An apprentice will have to learn how to deal with customers. In my case, i go to customers with them, let them stand aside (for about half a year). After that, they will have the skills to solve small problems on their own. The next step is to learn to deal with the customer. Delegate tasks, have them solve the problem on their own, report to the customer. And as a last step, send the on their own way.
This process takes about 3 years with an apprentice - you can shorten this ALOT if someone has at least a bit of previous experience.
And another tiny bit i've learned. Never solve a problem for your apprentice, if time is not critical. Give hints, push them in the right direction, let them figure out the solution on their own.
Never lie to them - while it is sometimes necessary to adjust the truth for a customer, never lie to your apprentices - there's nothing worse than learning the wrong things.
When you're using WSUS, you didn't need WGA in order to install updates - this changed a few agos though, since IE7 and WMP11 require WGA validation.
I live in Switzerland, were the Wii launched at December the 7th (as today is a holiday).
I preordered about a Month ago, and got my Wii delivered at December the 7th, 08:37. I paid the regular price.
Now i'm done checking my email, and back to zelda.
However, I seriously doubt that even ONE of them has already rolled out office 2007.
So there are no commercially available cars?
I see, we're talking about a different kind of businesses. You talk about enterprises, with their own IT staff. I talk about small businesses, which may have a person who ALSO does IT, besides his usual job.
CSA, systrace, SElinux, and everything in that direction are nice tools - for an enterprise. They are to expensive to buy, setup and maintain in a smaller business. You still have about 50 boxes to manage, so using GPO is a big plus because you don't have to run after every machine.
They can't protect against phishing either, as long as you allow "normal" web surfing.
I agree that the integrated firewall, windows defender et. al. probably aren't the right thing for a big bank like UBS, credit suisse or other enterprises. But for a small business with 50 computer's, these tools have just the right integration, and the right functionality.
Don't get me wrong, your points are all valid, but don't apply in my case. Maybe i should've mentioned that in my post first.
And?
I don't care what Joe User thinks, so do most people which do IT professionally (well, except for those guys servicing end users).
2)
:)
Yes, you may have. But this functionality has now been integrated into the OS, making managment a lot easier.
4)
Ever tried roaming profiles between different languages of windows? Also, the MUI Version of WinXP had many, many bugs. Often small, but together it was very annoying. Vista finally offers an easy to use, standardized way since all installations are essentially MUI, and you can deploy and install language packs later. Especially important since i work in switzerland, were we have to support 3/4 Languages (German, Italian, French and English)
5)
I use SVN a lot. It's great. I don't think our sales would use svn, though. So shadow copies is way to go
6&7)
No. They are an improvement. Not one that might be significant for you, but one that might be significant for end users, support and admins.
Not enough RAM. Vista runs fine on any older P4/P-M with 1024MB of RAM.
512MB is the standard for office pc's right now. I don't see a problem with upping that to 1024MB.
Nope. Intel will release DX10 compatible integrated graphic chipsets soon.
Try Paint.NET (http://www.getpaint.net/download.html)
.NET. Source Code available.
Another Photoshop replacement for SOHO users. Like GIMP. Except not as ugly. Written in
You ever heard of backups?
You can reload your user profile (containing all your settings), or even the whole machine (which was also finally integrated into windows).
If you deploy multiple machines, you can use WDS/WAIK to prepare a custom image that fits your needs.
You don't pay retail prices when buying a new machine with Vista preloaded.
And if you build your machine, you can purchase an OEM version at half the price of the Retail version.
And noone, except for testing, really needs the Ultimate version.
Home Premium will be all you need at home (Home Basic? What's this shit? Just so they can sell Premium through anytime upgrade?), and Business at work.
Our reseller shows one OEM copy of vista at 242 US$ (converted from CHF) So you will probably be able to get it for 199US$, considering that Switzerland is hugely overpriced.
The firewall in Vista has been much improved for GPO configuration, and this means that the rollout in a company is much easier. There simply is no need to use third party firewalls in XP SP2 OR Vista. Of course, many "power users" which only work on their own machine don't see this.
Anti-Phishing is like Anti-Spam. It doesn't work, as it is not a solution to the problem, but a workaround. We will get a simple arms race here, and the problem will persist. There's a feature in IE7 which will allow the addressbar to turn green with certain SSL certificates (which probably are going to be very expensive). That sounds more like a solution, but it remains to be seen if users are able to grasp this.
I've been using UAC on my desktop machine at work since early betas. Of course, it bothers you often when you're "working on the system" as opposed to "working". What i would like to see is UAC caching (i.E. UAC gives admin rights automatically for five minutes, or something), but this would severe security implications (but sudo does the same thing). UAC does not bother anyway when they're working (on the ERP system, in Office, cutting videos, etc.)
UAC allows me to strip users of legacy applications of their admin rights, while they will still be able to install programs and some such. I've reconfigured UAC by group policy to always ask for credentials, this behavior imitates sudo and it's a very nice warning that you're changing something inherent to the system.
Users don't buy new operating systems, they buy new computers.
Enterprises don't buy new computers, they will roll out new operating systems when the paid support for the old one gets too expensive (lots of companies still running 2000...)