Vol. 22, #11 - March 13, 2017 - Issue #1122

Reader feedback: Mac vs PC TCO

Deep Packet Inspection for Quality of Experience Monitoring

Read this whitepaper to get a detailed description of packet analysis techniques to measure high network response times, network delay, server processing times, client processing time, traffic distribution, and overall quality of experience.

Download Now>>


Editor's Corner

This week we're going to plow through some of the terrific feedback we received from our readers concerning Issue #1120 TCO: Mac vs PC where we explored the possible benefits of businesses giving users Macs to do their work instead of PCs. The rest of our newsletter is just the usual same old stuff--which is exactly what you want, right? <grin>

Speaking of same old stuff, sometimes people who write newsletters get tired of writing the same old stuff over and over again. Let's see how Dilbert's co-worker Tina the Tech Writer dealt with this matter:


Ask Our Readers: WServerNews has almost 100,000 subscribers worldwide. That's a lot of expertise to tap into. Do you need help with some issue or need advice on something IT-related? Got a question you'd like us to toss out to our readers to try and answer? Email us at [email protected]

Let's look at some of the feedback we received on the topic of Macs vs PCs in today's corporate workplace…

Challenges of supporting Macs in the workplace

Kevin the IT Director of a global company that supplies environmental monitoring systems was straight and to the point in his analysis of the technical challenges IT faces with supporting Macs in the workplace:

Macs are great at home but I find them challenging to support in the workplace, for a few key reasons:

AD automates PC but not Mac. Group polices automatically map network drives and printers, even when an employee logs into a new computer. Even when an employee wants to add a different network printer, they see a list of network printers with descriptive names to choose from. This automation is invisible to Macs.

Mac can't see server shares of printers and files. Each Mac must be manually setup to connect to network file shares, and to network printers, and if all printers are the same model which is the one they are trying to connect to? Printer shares are listed in network with descriptive names

Mac can't find printers on other subnets. Mac is designed for home network where everything is one subnet. If WiFi is different subnet than LAN, then Mac can't find a network printer unless configured by IP address instead of name.

In summary, Apple makes iMacs but not usMacs. Macs are designed for you to do great things by yourself on your local files, not to find things on a complex corporate network. It would be wonderful if Apple made usMacs, but they make only iMacs. I don't understand how Apple functions as a corporation using personal computers instead of enterprise computers.

Other readers expressed similar thoughts to what Kevin says. For example, a reader named Ron who supports a smallbusiness environment of just under a hundred computers says:

Our office is mainly PCs with just a few Macs that are located in the Marketing and Sales areas. I think the count of Macs right now is four and about eighty (plus) PCs. Trying to tie the Macs into our Windows AD network has had it's challenges. I would much rather support Linux systems than the Macs because Linux is easier to connect to the network. However, since we use Microsoft Office, that won't happen in the near future. When I've been asked to get someone a Mac system, I will usually ask them why they want an Apple and several times I been told it's because the other designers and marketing people at outside companies look down on people that don't carry a Mac. I've also found that the people in our organization that have asked for a Macs always seem to be more "computer challenged" than the people carrying Windows laptops. I actually expected to see it the other way around. I thought anyone asking for a different type of system would be doing so because of their familiarity with that system instead it seems like they have to come ask me how to do simple tasks on their Macs. Which "honest" also takes me a while to figure out too because of my limited access to those machines.

I know with our small group of Mac systems it's hard to draw any conclusions. I do think Apple makes nicely designed hardware but at a premium price. I don't like the single source choice for purchasing hardware. If I don't like something a company is doing, I like having the option of going some place else to make my equipment purchases. I don't see my company ever embracing Apples and replacing PCs, we've got too much invested in the current system and frankly like our PCs too much.

Brian who works for IT Support services company based in the Greater Boston Area was even more brutal:

We are managing over 1,200 end points and standardization is the key to cost effectiveness, Apple owns about 10% of the market maybe? When working in areas that require regulation (HIPAA, SOX, etc.) lockdown is not a luxury but a requirement. Also trained MAC techs are hard to find, and when you do find them, they tend to lack the networking and security knowledge that the average Windows tech has.

Then there was the recent article that I just read quoting a former NSA Security guy as saying on a scale of 1-10 for security Windows 10 was around an 8 while the latest MAC OS was around a 5. Microsoft's Bug Bounty and working with former hackers has paid off while Apple has no such program.

Apple hardware is more expensive but not more reliable. Apple users tend to be less tech savvy and needier when it comes to corporate computing, since the Apple OS has always been dumbed down for the user. Ask an Apple user their machine name, log in name, or IP address and then ask the same questions of a Windows user. They both need the same amount of help using printers, network shares, and other corporate resources. That information is pretty import stuff when trying to do remote support on a 250+ user network. This added to TCO when you have to start searching for that stuff on every single support call.

Apple cannot run all the software that Windows can. I know that the reverse is true, but the needed software in a corporate environment favors Windows. The Apple users answer is often; "oh I can run Windows on my MAC". Okay, then why buy hardware at a 25% premium that is no more reliable than a machine designed to run Windows. Being "cool' is not a corporate requirement.

And another reader named Lindsay who also has worked in a mixed PC/Mac environment says:

I just want to mention that as contrary as it may seem, many companies are considering a more standard approach to devices they let on the network considering the barrage of malware that continues to cause problems. Having a standard windows installation with the management and security tools (patch management, application control, advanced anti-malware, personal firewall and some form of network access control results in a much more stable and secure environment. Sure, there are always patches for Windows, however every system has holes, including MAC, but as Windows is much more widely implemented, it gets all the headlines (and should be so its users have warnings of some vulnerability). Just look at the 11 year old Linux vulnerability. At any rate, no system is free of vulnerabilities. Microsoft has had many issues with its efforts to balance operability, compatibility and advanced features with security and not always getting the match correct. We are an operation with both PCs and MACs. Unfortunately the MACs require different tools to manage ($) and a different skills set of technical support.

The elephant in the room

A number of readers pointed out the fact that Macs just can't run certain types of must-have business software applications. Steve who works for an IT consultancy and business services company in the UK laid this out quite clearly as follows:

No one every mentions the massive elephant in the room when talking about Apple. Accounts software. Businesses have to run an accounts package. Sage is the industry standard. Accountants like Sage, they understand it. There are alternatives, but they are always a mess of complication and compromise. Please don't try and tell me the Xero is an alternative, it isn't. It isn't even in the same league. And for the small business Sage Instant (and its replacement) are £85 if you shop around.

There is not one piece of business software available on Apple that isn't available on a PC at a lower price. There is a mountain of business software available on a PC that isn't available on an Apple. A £350 Dell computer running Windows 10 will run any and all business software, will connect to domains internally and has Remote Desktop built in. You can even add a second screen without the need for a screwdriver or a degree. Buy it and plug it in. Job done.

To connect an Apple computer to a domain or use Remote Desktop is not something you can just do. Things have to be done first. Money spent. Tweaks, configuring, time wasted, swearing, frustration. Why bother?

And finally, maintenance. Only an "Apple Genius" (says it all really doesn't it) can mend an Apple computer. PCs are readily available, easily repaired and cost half what an Apple does.

PCs are modular, configurable, hardware upgradable, repairable. Components are freely available on the web, the high street. You can add bigger hard drives, more hard drives. Better graphics card, more ram. You can shop around for components and choose what you want to meet your budget. PCs can upgrade to the latest version of their OS, without major disasters. None of those things are easily achieved with an Apple computer.

Apple can run Windows software etc and remote desktop. All you have to do is buy a £1,000 Apple computer, buy £60 worth of emulation software and bingo you have a £350 PC. There is an App available for Remote Desktop Connection and it receives all of 2 out of 5 stars on the Apple Store.

Apple users need to wake up they are being conned.

I tried this awhile back and this is what happened

We had to share this story from a reader named Doug who some years ago tried introducing Macs for some of his customers:

In 2007 during the shaky Vista rollout (primarily due to the lack of drivers from Dell and HP) I decided to engage in a dialogue with several small customers who often commented during a computer problem that this wouldn't be happening if they used Macs. When a client was encountering a problem Mac using family members would comment that Macs "just work".

At this time in advertising John Hodges was playing the dowdy PC user being put down by the cool Mac user played by Justin Long. That campaign continued Apple's tradition of tech brainwashing they've been honing since the 1984 Super Bowl commercial.

One small contracting firm did a wholesale switch of all 8 workstations to iMacs and a Mac Mini as the server. I engaged a Mac only consultant whose office was down the hall to assist. Everything went very smoothly except that they decided during the rollout that they could not use the Mac based contracting software they picked out. I ended up putting their PC's on a rack in the server area and setting them up to remote into them to run their existing software for that.

We found the Macs to be equally temperamental and glitch prone. Something that surprised us was the standard recommended remedy was to re-image the machine. For someone just looking at email and browsing that's not a big deal but for our average business user it's a half to all day project to get them back to where they were.

My conclusion is that the Mac tends to attract the lower complexity user who likes being able to walk into the store and have the "guru" re-image their machine. They go home happy that "everything" is working.

Thoughts from IT in a university environment

Mark who is the Technical Lead/Architect) at an American university has his own opinions on this matter based on his personal experience managing a mixed OSX/Win10 environment:

I haven't had the opportunity to read IBM's report on TCO yet. I will therefore stick to our personal experience. As a university we have about a 50/50 split of OsX and Windows 10 computers. The Macs are definitely easier to manage and deploy. DeployStudio makes imaging Macs easy and Apple prints the MAC address on the outside of the box so the computers don't even have to be unboxed to get them staged in DeployStudio. Jamf, formerly Casper, is a tool similar to SCCM without the legacy SMS cruft going back to at least NT 4.0 that makes SCCM horribly cumbersome and overly complex. Since Macs lack a Registry, the jamf management suite can deploy applications with a simple file copy and Plist update. Also, since Macs are based on BSD, locking them down using least privilege is not a problem at all.

The catch is that Macs are significantly more expensive to purchase and the license for OsX is still completely tied to hardware so there is absolutely no legal way to do OsX based VDI. So with hardware costs, hardware maintenance costs, licensing costs, and employee costs is the Mac cost really less TCO? I suspect it is probably closer to a wash based on what we pay. There is one final catch: Macs do not run all the software many companies will need; specifically Engineering software.

Of course IBM would say that

Carlos who is an IT systems architect points out something we need to be aware of when we read the CIO article referenced in Issue #1120 TCO: Mac vs PC:

I want to remind everybody that there is a partnership between IBM and Apple. So take this media piece from IBM with a giant grain of salt.

Carlos also makes some other comments about Apple based on his experience working in academic environments:

The arrogance of Apple has led to them losing the K-12 market. As somebody that had to support iPads and Macs in education, I can tell you what a pain. Hello Chromebooks. Apple does not play well with anything that is not part of their 'Ecosystem'. Which means for us IT Pros that AD support and other standard enterprise tools are hard to make work in the Apple products.

Taking another view of what IBM is doing

On the other hand here's what Michael Niehaus the brains behind the Microsoft Deployment Toolkit (MDT) and now Director of Product Marketing at Microsoft has to say about this:

My personal 2 cents: I think you need to frame your analysis in the "Mac vs. PC" TCO scenario a little differently. If you think about what IBM is doing, they are effectively saying "we don't need that heavy-handed IT process that we've used for PCs for years." So, if you switch to a lighter-weight scenario (using the OS that shipped on the device and automatically provisioning it, managing via the cloud via MDM, etc.) you get the same benefits.

So the real story is about how you need to rethink the way you go about managing and deploying your devices to get the benefits that you describe. Otherwise, you're doing an apples vs. oranges comparison (no pun intended). If you have different "rules" for managing PCs than you do for other types of devices, you can't then claim that PCs are more expensive because you made that choice.

We call that "modern IT" (which includes modern deployment and modern management), and you'll hear a lot more about that in the coming months. But the only companies that will be successful with this are those that are willing to take a step back and re-analyze the way they manage PCs. If they can't "think differently" and insist on continuing the same processes that they've used for the last 20 years, then they're going to get the same results (and have the same costs) as they've had for the past 20 years.

We have a couple of more reader comments to share but we'll save them for next week. Meanwhile what Michael says here has some truth to it--modern deployment/management can be simpler than traditional top-down process-heavy systems management, plus it can work with any device from anywhere. And Microsoft has made and is making great strides forward in this area with their cloud-based Mobile Device Management (MDM) solution currently packaged and branded as "Enterprise Mobility + Security":


The problem of course is that businesses often do have problems trying to "think differently" especially about something like IT which is generally viewed as a cost center instead of a revenue source. And this applies both to large enterprises and small business, but for different reasons. Large enterprises can't think differently because their size gives them a lot of inertia that tends to keep them approaching things the same way year after year. Smaller companies on the other hand often lack the resources (IT staff and expertise) to significantly change their business processes without hiring outside help which is often expensive. Vendors on the other hand (like Microsoft) always want to sell you stuff (though they may also actually want to help customers) but have a look anyways at Microsoft's MDM offerings, especially Microsoft Intune, because they've made remarkable progress with their MDM offering since their new CEO uttered his "mobile-first, cloud-first" mantra. And be sure also to check out the following article by Jeanie Decker on Microsoft's Windows IT Center which includes a short introductory video explaining Microsoft's new modern management paradigm:

Manage Windows 10 in your organization - transitioning to modern management


Send us your feedback

Got feedback about anything in this issue of WServerNews? Email us at [email protected]

Recommended for Learning

From the Microsoft Azure blog comes news that Technical Preview 3 of Azure Stack is now available for download:

Azure Stack TP3 Delivers Hybrid Application Innovation and Introduces Pay-as-you-Use Pricing Model

Technical Preview 3 (TP3) is available for download today and has new features that enable: more modern application capabilities; running in locations without connections to Azure; along with infrastructure and security enhancements.


Why not download it today and give it a test spin?


Microsoft Virtual Academy

How to Harden Your Enterprise in Today's Threat Landscape

How accurate are your enterprise security concerns? Watch this short on-demand course to find out. It's a practical look at common issues customers face when securing their environment in today's complex threat landscape. This course explores misconceptions, often based on legitimate concerns, and take a look at solutions based on public guidance, along with Microsoft Enterprise Services offerings



Factoid of the Week

Last week's factoid and question was this:

More than 80 percent of Australians engage in some kind of gambling. Question: Why?

We only got a couple of responses to this and the best one is what Rodd Young a System Administrator in Queensland, Australia says here:

Aussies love Beer, Sports and Gambling. The perfect day out at the pub with mates, have a beer or seven, watch the cricket and have the odd flutter on the ponies. What could possibly go wrong…


Now let's move on to this week's factoid:

Fact: Sitting in a 15-minute meeting uses more energy than Usain Bolt expends over three 100-metre sprints.

Source: http://www.wservernews.com/go/2fa92xww/

Question: What was the most exhausting business meeting you've ever been in?

Email us your answer: [email protected]


Until next week,

Mitch Tulloch

Admin Toolbox

Admin Tools We Think You Shouldn't Be Without

GOT ADMIN TOOLS or other software/hardware you'd like to recommend? Email us at [email protected]

Veeam Endpoint Backup™ FREE 1.5 includes CryptoLocker protection for USB storage, email notifications, and standalone full backup. It comes with support and isolates your PC or laptop backups from malware attacks.


SQL Load Generator is used to run multiple concurrent queries against SQL Server:


ManageEdge is a free program for Windows 10 that lets you manage Edge favorites:


Back4Sure is a simple free backup program with some nice extra options for more advanced users:



This Week's Tips

GOT TIPS you'd like to share with other readers? Email us at [email protected]

Active Directory - Adding a computer to a group without a restart

Misha Hanin has a tip about how usually when you add a computer to a security group you havef to restart in order for the computer to see that it is now a member of the group. He explains how you can delete the system's Kerberos ticket and run GPUpdate to get around this limitation:


PowerShell - Deploying customizations of the Outlook ribbon

David Barrett has a cool tip on the EMEA Developer Messaging Team Blog on how you can use PowerShell to push out changes to the configuration of the ribbon in Microsoft Outlook:


SharePoint - Creating test documents

Have you ever been PoCing (proof-of-concepting) a new SharePoint deployed and have needed a big pile of test docs you can upload into your doc library for testing purposes? Dmitri Plotnikov explains how you can do this:


Events Calendar

Microsoft Build in May 10-12, 2017 in Seattle, Washington.


Microsoft Worldwide Partner Conference (WPC) on July 9-13, 2017 in Washington, D.C.


Microsoft Ignite on September 25-29, 2017 in Orlando, Florida


Add Your Event

PLANNING A CONFERENCE OR OTHER EVENT you'd like to tell our 100,000 subscribers about? Contact [email protected]

New on TechGenix.com

Answering all your FAQs about Storage Replica in Windows Server 2016


Public WiFi threats and how to avoid them


Power BI vs. Tableau debate finally settled


Microsoft Azure Backup Server gets refreshed, new features


Dark cloud: Cisco pulls the plug on Intercloud



Tech Briefing

Enterprise IT

Autodiscover: How To Check SRV Record Using Nslookup (HighClouder)


Active Directory Insights (Part 16) - Secondary accounts and password policies (WindowsNetworking.com)



Hyper-V optimization tips (Part 7): Network performance - CNAs (VirtualizationAdmin.com)


Hyper-V and Storage Replicas (Part 2) (VirtualizationAdmin.com)


Office 365

Office 365 Advanced Security Management overview and demonstration (Cloud Adoption Advisory Board)


Just Moved to Office 365. What to do with Multifunction Device? (HighClouder)



What Does Converged (CI) and Hyperconverged (HCI) Mean to Storage I/O? (StorageIO)


Cloud Storage Concerns, Considerations and Trends (InfoStor)


Windows Server

Multipoint Services in Windows Server 2016 (Microsoft Australia OEM Team)


Active Directory Group Policy Health Check Items (Part 2) (WindowsNetworking.com)


Other Articles of Interest

Unwrap containers-as-a-service challenges and best practices

Organizations are adopting containers to drive value, and, in many cases, deploy containers through a cloud service – a model known as containers-as-a-service – rather than on-premises. Here’s a breakdown of containers-as-a-services benefits, challenges, and current options on the market.


Citrix Linux Virtual Desktop provides Windows VDI alternative

Windows isn’t going anywhere, but with Citrix’s Linux Virtual Desktop, VDI admins who want to work with open source desktops can actually do so. This expert tip breaks down what Citrix Linux Virtual Desktops supports and what Citrix’s push toward Linux means for the market.


Recognize and address application performance issues

No matter how well you prepare when designing the ideal infrastructure, eventually you’re going to experience application performance issues or bottlenecks. In this tip, learn the difference between bottlenecks and faults and discover the steps involved in troubleshooting a bottleneck.


Consider these Linux I/O scheduler options for storage performance

If a Linux server isn’t performing well, it is often related to the storage channel. But today’s data centers make the storage channel not so easy to analyze. In order to optimize Linux performance, explore the different Linux I/O scheduler types and learn how to set the Linux I/O scheduler.


WServerNews FAVE Links

This Week's Links We Like. Tips, Hints And Fun Stuff

GOT FUN VIDEOS or other fun links to suggest you'd like to recommend? Email us at [email protected]

Beautifully Seductive FIAT 500 Abarth Commercial With English Translation


Artist With A Chainsaw - Jordan Anderson


Cockatoo Thinks He Is A Dog


People Are Awesome - Best Of The Month February 2017



WServerNews - Product of the Week

Deep Packet Inspection for Quality of Experience Monitoring

Read this whitepaper to get a detailed description of packet analysis techniques to measure high network response times, network delay, server processing times, client processing time, traffic distribution, and overall quality of experience.

Download Now>>


WServerNews - Editors

Mitch Tulloch is Senior Editor of WServerNews and is a widely recognized expert on Windows administration, deployment and virtualization. Mitch was lead author of the bestselling Windows 7 Resource Kit and has been author or series editor for almost fifty books mostly published by Microsoft Press. Mitch is also a ten-time recipient of Microsoft's Most Valuable Professional (MVP) award for his  outstanding contributions in support of the global IT pro community. Mitch owns and runs an information technology content development business based in Winnipeg, Canada. For more information see www.mtit.com.

Ingrid Tulloch is Associate Editor of WServerNews and was co-author of the Microsoft Encyclopedia of Networking from Microsoft Press. Ingrid is also manages research and marketing for our content development business and has co-developed university-level courses in Information Security Management for a Masters of Business Administration program.