Review: Vista Not Ready for Sys Admins

I recently began running Vista at work and much to my chagrin, discovered some real drawbacks from a systems administrator perspective. The very first thing a typical sysadmin adds to their workstation to work in an active directory (AD) environment are the tools enabled by installing adminpak.msi. I always create a custom Microsoft Management Console (mmc) to manage AD and add things like DHCP, DNS, ADUC, and GPMC because those are the tools I use every day. After adding the adminpak, nothing worked. So after a little research, I found folks had already discovered this and managed to find a script that would re-register all of the .dll files. Re-registering all of the adminpak dll’s is necessary to use the admin tools under Vista.

At this point, I manage to launch the mmc, create my customized console and save it. The next thing I want to do is run it as the administrator of the domain. Since Microsoft’s best practices (sysadmins should not be in the domain admins group) dictates that you use the “runas” option to do this. Once again though, I run across another hitch in the process. Vista’s runas command only allows you (by default) to runas a local administrator. You actually have to modify this option under the local security policy to allow access by an administrator other than the local machine admin.

So, after a little more google searching I find the necessary information to make the change. Only now, I have a real problem. Vista needs elevated priviledges to do just about anything on the local machine, such as accessing any of the control panel options; network, display, etc., etc. Vista will prompt you, even if you are local admin on the machine. Even though I now have the abiltiy to specify the domain admin account for the runas option, I am barraged by the constant “Vista needs your security credentials” popup window. After running like this for a few days, I became exasperated. Next up was trying to figure out why DHCP would not show any of my scopes. Apparently Microsoft is aware of this but has not published a work around solution. So in order to manage any DHCP, I must attach to the server remotely, this defeats the purpose of running the admin tools in the first place.

In my opinion, and after running Vista for several weeks at work, there are just too many applications that no longer work of which I rely on to do my job efficiently and effectively. As I use Vista daily, I constantly run across another critical application that will not load, or the vendor support for Vista is just not there yet. While Vista has great potential and a lot of really nice eye-grabbing features, I believe that Microsoft needs to focus on making sysadmin’s jobs easier, not more difficult. We are typically a group that is overworked and understaffed, and needing to focus on “how to get my stuff to work on Vista” is just not a viable option in the real world of IT.

Leave a Reply

Your email address will not be published. Required fields are marked *