Four: Licensing
Hands down the absolute worst part of using Windows Servers in a domain is the Licensing application. For a company that is to determined to stump the pirates, who makes my life a living hell with endless activations or steep entry fees for corproate licensing, this is the saddest part of their OS. There is a little known application, simply called "Licensing," which runs on your designated Licensing server in your domain. This can be totally separate from your Terminal Services Licensing server.
Licensing is completely unintuitive and behaves unlike any other Windows application. Right clicks bring up useless menus. The terms are not well explained, the help files are useless, and here's the best part: the microsoft.com site is mostly useless. It contains virtually no documentation. So, in an effort to get more information, I called Microsoft, whose support techs told me that if I needed help, I'd have to open an incident (for those not "in the know," am individual support ticket, or "incident," with Microsoft costs $245). So I replied, "I need help making sure the software I bought from you, which is properly configured as far as I can tell, is legit, something I know your company takes seriously. Your program is telling me otherwise. You have provided no documentation, and your technet site is bare." Still, no love from Redmond. Later I fixed the problem by revoking every single license that Licensing had doled out. No service was interupted for any user. What's the purpose of this thing?
Licensing is important to those of us who run large enterprises. There should be a really high quality, easy to use AD (Active Directory) snap-in or stand-alone app to track licensing, report problems, and help the sysadmin rectify legitimate problems. If Microsoft intends to push licensing and activation and combine that with lawsuits for corporations that don't comply, the least they can do is provide a means for tracking the licenses when the enterprise starts getting to big to do in Excel.
Five: Updates and Maintenance
While this complaint lies much more in the architecture of the software rather than the behavior, it's the biggest pain. If you've ever had to maintain more than about 3 servers at once, you're familiar with exactly how much work goes into keeping Windows Servers updated. In fact, there's a running joke with some of my collegues that running Windows Update is a full time job. The thing is, Windows Update, even version 5 so far, still requires a reboot the vast majority of the time.
In fact, simply installing Windows Update version 5 took two reboots for me. Then there were two reboots running the updates. Sure, it's a nice interface, by why can't Windows shut down just a few services yet? With their new GDI+ Detector, they used Windows update to install a piece of software that checks if you're running apps that are vulnerable to the recent JPEG execution comprimise. Can't Microsoft write something into Windows Update that downloads a piece of software, executes, shuts down networking, replaces/updates components, restarts the services, and resumes the Windows Update? How come a bunch of geeks have pretty much mastered distributed computing with BitTorrent, eDonkey, jigdo, GFS, etc and online updates via yum, apt-get, Red Hat Network, YAST, etc, but Windows Update still has to do one piece at a time, punctuated by several reboots?
We run terminal services via thin clients (running Windows CE) at my company. At any given time, there might be 150 active profiles on a terminal server, and the registry can bloat up to 300 megabytes. I've even seen it top out around 800 MBs, which is pretty crazy when it can sustain itself around 15-35 MBs on a server. Terminal servers require a nightly reboot to work well. So important is this, so much does it drain a server to handle this load multiple days, that we have scripted reboots into the normal routine just to assure that the servers get a "fresh start." This practice has been validated by the Microsoft people I deal with. (Sidenote: investigation into our specific registry bloat was researched exhaustively by very capable higher level Microsoft techs who man their profile support department. An 800 MB registry is not typical.)
In the end, Windows still has some pretty amazing stuff. The GUI management tools for domains are unmatched by anything in the Linux/Unix world (except perhaps by Novell's NetWare Admin, which will probably, in some form, be running on Linux for Linux soon enough). There's no way to real standard in alternate realms for joining computers the way that Microsoft domains do. I haven't seen failed dependances in years, save one component that required an MDAC update, something you probably wouldn't need on most computers anyway. Furthermore, Microsoft truly offers, for better or worse, an end-to-end solution that requires very little "futzing" to make work. I could easily name dozens of things that make me crazy: buried admin tools (try to find "Remote Desktop Connection"), the "Show Files" warning in system directories, the presence of Outlook Express in servers, the painstaking effort it takes to setup lockdown policies, the lack of administrate-ability from the command line, the lack of SSH support, and until WUS is released, the lack of a good update distribution application. Despite some shortcomings and a lengthy wishlist, Windows does make an increasingly capable server product.
- "Windows Server Annoyances, Page 1/2"
- "Windows Server Annoyances, Page 2/2"
