@Fraser

What did you expect? The Linux fanbois on here invariably show that they actually know bugger all about Windows in a corporate environment. This is why they don't realise why the lack of Linux equivalents to AD, group policy, SMS, integrated login to e.g. SQL Server and so on which are available for a Windows domain are (a) in many instances more than compensation for Windows' faults, which those of us who manage Windows systems are by nature even more aware of than they are, and (b) absolute show-stoppers for migration.

I've issued this challenge to the Linux community before on here. Please free me from Redmond. Write a NOS which can do what Windows domains do, including group policy. Write an open source equivalent for SMS which allows me to manage Linux desktops. And make it work without hours spent compiling binaries only to find I've created a new dependency. Give Linux the functionality of Windows _in a domain environment_ and we'll all save £££ by moving to it.

My suspicion is that these tools don't exist because they're antithetical to the Linux philosophy - Linux users don't _want_ and administrator hiding system tools, pushing software to them, configuring their database connections and so on, so they don't write the tools. But this is the indispensible backbone of a corporate network, and it is why Windows and AD dominate. Not because Windows sysadmins are twerps (the fanboi conclusion), but because there is no alternative.

The NHS and computing..

All these comments running rife about what NHS sysadmins should do, and why they all 'fail'.

Take into account:

1) Medical systems (not embedded clinical devices; just the ones you punch info into) are developed externally to the hospitals. These are almost invariably Windows based. So Windows must be brought in. Historically, most of the apps are windows only, so Windows is the primary OS in most hospitals.

2) Due to the nature of budgeting, and the fact that the whole place is clinically focussed, budget cuts tend to hit IT hard (HR get to make the cull, so don't choose their own, Finance hold the purse strings so they don't get hit, which leaves medical areas, where consultants complain, or IT. Oops).

3) When everything is not failing, hospitals tend to assume that all is good because it's not failing (or at least not inconveniencing enough people by the failures to really make an impact on them). If all is good, then IT is fully staffed or overstaffed (making IT a big budget cut target again).

4) You tend to find in a lot of places there are either 1, perhaps 2 sysadmins for a site. This site can be about 4-5000 people all in, with a couple of hundred different servers, including mail, database, firewall, application, web, mix of above, departmental oddities etc. Some of which IT run, some of which IT aren't allowed to touch.

5) There is no budget for the commercial tools for IDS/IPS, wider management, Database management etc. This means you're running on the 'out of the box' tools only.

6) Sysadmins are expected to meet vendors and approve/veto apps brought in (unless overriden by the departments when consultants complain), create security tools, create monitoring tools, administer servers, commission servers, handle daily maintenance, monitor servers, create reports, consult with users and departments about the way data can be used, perform and test backups on servers, develop, report, get called into meetings, fix minor issues, test and develop networks.. You get the picture. One or two people handling that level of work? It's a case of pick which of the list you want, the rest will fail. Except nobody will choose as it all needs to happen.

So, in overview, you have a very few, very overworked people in IT that are ignored largely when all works. When it fails, everyone seems to point that direction and call 'em muppets because they can't do everything with the very limited resources available, and call for sacking, which would result in the exact same number of people hired to do the job that the previous ones didn't have resource to do, and without knowledge of the systems there. Which would be a worse situation.

Solution? Fund the IT department properly. However, hospitals have limited funds (and the funds for any task are annually shrunk by 3% due to the governmentally imposed "yearly efficiency gains" rules). This means something else has to go. So do you take money from Facilites (which can end in air filters not getting cleaned, resulting in bacterial infections killing people, or not enough cleaners, results as previous), from Clinical (so people are even more rushed, resulting in more problems on the front line), or where?

Yes, there are solutions, but it really does mean more NHS funds. Which means a bigger tax burden to fund it (or less Gvt. pork spending elsewhere, but more likely a tax increase), and nobody wants a higher tax.

Reducing the targets culture would go a long way to freeing up money inside the NHS (as the amount of juggling that needs to be done in hospitals to meet these targets is horrendous). But that will mean longer waits, which irritate people.

Running tech is a fine balancing act between money, keeping users happy and keeping users secure. If any of that is wrong, the rest of it goes to pot very quickly.