Fuck Windows and Microsoft really. Today I had a meeting call through Teams first thing in the morning so I start my computer 10 minutes earlier than the call because it takes a like 3 or 4 minutes to boot and for Windows to be responsive. Windows decides to apply some past update so it takes 2 or 3 additional minutes which is fine, I am just in time for the meeting call. Well, 10 minutes into the call a notification in windows appears that the computer will restart in 5 minutes and with no option to postpone WTF. Imagine this was an important sales call, an emergency or something else critical, I might be fucked. The computer restarted I started my linux personal computer and I connect my bluetooth headphones to the it but no, they were connected to the Windows computer while it was restarting so I could not just call from it as the microphone started failing a few weeks ago. (I will just replace it, thanks Framework). So fuck my company for using Windows. Fuck Windows for developing such a nightmare OS with so shitty code. This was for sure a patch for a critical vulnerability, like always. And WTF this is Windows for a business, have a fucking super stable branch that does not need patches every other day. I don’t care about your updates to the shitty weather widget, just have a fucking working operating system that let’s me do my work. Fuck Microsoft monopolistic practices that keeps people and businesses from switching to Linux. There is no better publicity for Linux that Windows itself. Most Linux/GNU distros just let you choose when to update.


I work in a higher ed org that uses a mix of (mostly) Red Hat servers and Windows & Mac endpoints; the Linux-focused admins use Ansible for things I’d do with either GPOs (if it’s something tried & true) or Intune (if it’s some half-baked newness and campus IT would actually give my group the permissions) in Windows.
Oh, Ansible is an interesting starting point. Would not thought of it for that purpose, I always „only“ link it mentally to automated deployment.
Will look into it out of curiosity.
Yeah, I’d never seen it used in this way either. They use it mostly to modify config files, which gives you a lot of control over most things on a Linux box. We also use it for Macs to do things like create a standardized local administrator account (since Apple doesn’t have a LAPS equivalent). It’s a pretty tangled web but we have an old-school Linux admin who keeps it all ticking (we just worry about his ticker!).
Good luck!
In Linux everything is a file. So modifying files is all you really need. The hardest part is how to handle mobile endpoints like laptops, that don’t have always on connections. Ansible pull mode is what we were looking at in a POC, with triggers on VPN connection. Note we have a large Linux server footprint already managed by ansible, so it isn’t a large lift for us.