>Bit of a shame all the machines had that installed really.

Are you new to Windows sysadmin stuff? Or you have 0 idea whatsoever and you are just vibein?

How else are we supposed to deploy/push programs and settings and in the past over SCCM, an entire OS, if the machines don't have it installed?

This is also how your precious Linux tool Ansible and Puppet works btw.

And MDMs like Mosyle for OSX. They need it installed. Because IT need to keep check on updates and settings and programs. But I suspect you are a rockstar dev and dont need no IT.

Go on, I'll wait.

mmm yeaaah just downvote me instead. Hide the wrongthink. You people need to not be so sure of yourselves.

▲

JonChesterfield 3 hours ago | parent | next [-]

An alternative is people install the software they choose to on the machines they're using. Optionally write a list of suggested programs down somewhere.

In that world, there is no central IT team pushing changes to machines and arguing with developers about whether they really need to be able to run a debugger.

I don't know how to keep windows machines alive. It's probably harder.

	▲	heraldgeezer an hour ago \| parent \| next [-]
		That is all well and good but how do you: - Ensure the machines are up-to-date and users are not just indefinitely postponing OS updates? - Same as above but with programs/software - How do you ensure correct settings configuration in terms of security? Say default browser, extensions, program access etc? - Re-image or reinstall the OS when there are issues or PC handover to another employee? Manually with a USB stick? This kind of control exists and is needed for Linux and MacOS too. RMM is not a Windows only thing... The critics here see Intune but what if they used another RMM and they compromised another cloud RMM account? Same issue. Also, here there is no "arguing". They order the software from our portal and it gets pushed into Company Portal via Intune... Write down a list you say... idk what to say. You have only worked for small startups I gather? Nothing wrong with that but please recognize that these types of limits and programs are not deployed for fun or to ruin your day.
	▲	pjc50 2 hours ago \| parent \| prev \| next [-]
		It's annoying, but it's also grossly irresponsible to let dev machines get compromised. Regardless of which OS they are running.
	▲	vntok 2 hours ago \| parent \| prev [-]
		I, for one, don't really want employees to install video games, porn cam clients, torrenting apps, shady vpn clients, crypto miners, remote access tools, dns "optimizers" and more generally viruses on their work computers.

▲

pjc50 2 hours ago | parent | prev [-]

On HN, if you have a valid point but get unnecessarily aggressive about it, people will downvote you for attitude. This mostly keeps the forum under control.

	▲	heraldgeezer an hour ago \| parent [-]
		I am sorry and I get carried away sometimes but it is frustrating seeing comments from cowboy devs saying to just give everyone admin, have an excel sheet of software and have people manage their own PC and to get rid of IT just because as here they got phished or breached. That works for a 5 person company but not a 1000 person company. Or a 10 person company with 1000 machines.