When I have something that seems impossible.. I call it “A windmill”
My windmills range from getting a question answered, a problem solved… and sometimes it includes a vendor. For a few years now, one windmill of mine is our reliance so much in business software of administrator rights on the desktops. I’ve said it before and I’ll say it again… one of the reasons when SBS 2003’s connectcomputer wizard was first introduced that I didn’t rag on it was because my industry couldn’t do it. And the key application at that time that was my “bellweather app” for demanding admin rights was Quickbooks.
When I first heard about a year or so ago, that the 2007 version would support non adminstrator natively with no hacking… I knew that the tipping point day was coming. The day that I could go to Microsoft and say.. okay gang… we’re ready… lock us down in the next version. The day Intuit set the tone for non admin was the day that I knew the tipping was starting.
And honestly… I truly think I can in the next version of SBS. I see more and more folks coming into the newsgroups going “hey the connectcomputer made these desktops admin rights… what’s up with that?” and we say “yeah, yeah, we know… just flip it back, no worries”.
So first when I saw the posts from Dana and Mr. Howard about Developer tools and admin right dialogs … since I’m not a coder I just sort of went…okay..no worries, they are going to fix it right? I mean it sounds like they are going to be doing like what other vendors are doing and coming out with some fix up patches for Vista in the future, right?
But when I read this page I winced…
Microsoft recommends that when using Visual Studio 2005, you do the following:
- Run Visual Studio with elevated administrator permissions
- Be a member of the “Administrators” group on the local machine
- Right-click the Visual Studio icon and select the “Run as administrator” option from the context menu
Can I respectfully ask of Microsoft and their Developer documentation, that as a resident windmill tilter out here that you help me and other administrators in our quest to beat into people’s (and vendors) heads that “Be a member of the administrators group” should be the last resort you take? Don’t make it harder for me when dealing with vendors and applications that the very own documentation for developers waxes over the risks you take doing this and is totally silent to the consequences? Can you at a minimum on this page put a “Surgeon General warns you that you may get nailed by malware if you do this” on that page or something? A link to a discussion of the risks this Admin-y Vista machine now has? Or how about this as a compromise? Say something like… “If you do these steps, we recommend the following coder workstation best practices” … and then go on to state that a workstation that’s used for coding should never ever connect to the Internet in this condition… or something along those lines? And if I were in charge of that page… or in charge of bundling the software package of Visual Studio… I’d be bundling this book and even this one into every copy. (Actually both are a very interesting read even for us admins.. about the front 1/2 of both books is admin-y… it’s only the back half that gets into code stuff).
But may I respectfully ask that my job as a windmill tilter not be made harder? Please? Microsoft… show the risks please… talk about them… but please don’t sugar coat them. It may be goodness coming in the future.. but warn folks and use this time when it’s not so goodness to make them learn the process of determing risks… ’cause quite frankly… that’s what I do with the end product of software that I introduce into my network all the time….