For anyone interested in the current state of things in Switzerland, there is this handy map of which Swiss municipalities are dependent on Microsoft/the US right now: https://mxmap.ch/
Think about integrating calendars, corporate contacts (from AD), handling RSVP replies said mx server receives and updating the calendar server, securely deal with modern auth (+ legacy krb5 auth, yuk). It's a huge hassle and everything except Exchange only handles 80% of this.
Modern expectations now want: web clients (OWA), todo lists, integrated storage (SP/OneDrive), and push notifications to any phone from any vendor.
So yeah, the only on prem solution is still Exchange.
I don't think these things are as important as you think.
RSVP for example. Nobody read or cares who and what people reply. In the last 4 companies I worked for (including one in Switzerland), nobody cared if I accepted or confirmed my attendance to the meeting and would try to call me/force me into a meeting even when my status showed I was on another shsring my screen. And nobody seems to respond nowadays nor check calendars for availability and avoiding conflicts.
But what about push notifications to mobile? I'm not aware of anything that handles this as well as Exchange ActiveSync. it's reasonable that you get an email within sub 1 minute latency, not 15 min polling.
The IMAP protocol has an IMAP IDLE extension for that purpose.
But is that use case really common in practice? With chat tools people don't tend to use email for instant messaging (well, appart from deltachat users, which can be a solution too!) and my experience is that it doesn't even work like that / that well for office 365 users. I am regularly told on teams that an email has been sent to me (same org and same region) yet it still takes more than a couple of minutes to have it visible on my desktop outlook client.
if you dont mind asking, what dont you like about kerberos? I personally like it quite with certs / hardware token
to be honest, most things you list can be setup with some research. The only one I am not sure about is integrated storage, but then I am also not entirely sure what that even is supposed to mean exactly
The user experience between a phone, tablet and computer should be symbiotic. Krb is not a first class thing in the mobile world. So users now hav great Krb experience with Outlook.exe but are typing passwords into Safari at owa.example.com (anywhere you type an AD password that isn't lsass or ADFS is really not good posture)
So, passwords are bad and the password is a key component of krb. Moving away from passwords is a step in the right direction eg OIDC.
right given the product names I assume you are on windows. with kerberos people shouldnt have to type their passwords into apps at all, and if you use pkinit there are no passwords at all?
i give you the mobile part, I dont know how well it is supported - iOS claims to have support though, and android through third parties I believe. Never tried that. Its just that I personally have a preference for auth methods that dont require opening a browser for desktop apps
> This comes as a surprise, as Microsoft 365 was recently installed on some 54,000 administration workstations
Not really surprising. The people Microsoft wined and dined for the contract are not the same people who agree with Thomas Süssli about reducing the dependency. I look forward to seeing them succeed!
I have switched my small swiss business (10 people) to linux (servers and desktops) and away from microsoft around 2020. I am extemely happy about the choice. Theres small friction here and there with clients that rely on certain software, but its usually minimal and can be fixed. Some people here talk about how people need excel and how important it was, I have personally never seen that in practice here with any client or company I worked for in the past, but maybe it just went past me. It has not been an issue for me in the past 6 years.
If it’s not essentially BYOD and you’re provisioning and monitoring security somehow, would you happen to have any quick tips for hassle-free linux MDM? I’m looking for something appropriate for a similar sized microenterprise.
I can share what we do, it might not suit everyone though. We manage the devices through ansible-pull, and we have a small Prometheus metrics exporter on the devices for what I think is good to monitor. Then we have a grafana dashboard, alerts and so on. This suits us because we can manage the servers as well as the devices with ansible. Most users don't have root. If anyone needs help, the person needs to be in the wireguard vpn and the someone helping can ssh into the machine.
There's also fleetdm, which we are not using, but might be something you want to consider
Doesn't everyone? ads, microsoft account required, undefeatable telemetry, and all wrapped up in dark patterns and bad user interfaces (perennial microsoft).
I bet they haven't thought about Typescript, VSCode, Github, Linkedin, .NET, npm/node, or the contributions done to Linux kernel, Rust and Python that probably would also require security reviews.
Also most of the key contributors to FOSS alternatives are sponsored by US companies as well.
Which is the problem this ongoing geopolitics crysis. Decision makers only think about the superficial parts and not the whole extent of the dependency problem.
It's debatable whether there is a need for the latter in Switzerland though. They have maybe the best fiber network in Europe, which far outperforms anything Satellite-based. You'll regularly get 25 Gb/s symmetrical on residential connections: https://sschueller.github.io/posts/the-free-market-lie/
I know a lot of people with Starlink in Schweiz. It's a mountainous country with a strong tradition of outdoorsmanship. From a military preparedness perspective, you're not guiding munitions with terrestrial fibre.
I managed to convince my org to put up a Grist instance. I now use it for everything I would normally use Sheets for, plus a whole lot more. Row/columnwise permissions, file attachments, multiple views over data, python formulas...
It's a db not a spreadsheet but it's basically the tool I actually needed when I would reach for excel.
Excel is the most widely used document format, database, software runtime, GUI framework and note taking app. It gives Emacs a run for its money in how much you can abuse and overuse one application.
Besides just being everywhere and being ubiquitous (which isn't really a "tech benefit" anyways) what exactly makes Excel "truly superior tech compared to the alternatives"?
There’s a lot of features. I think the one I would present is the enormously complex backwards compatibility support. Companies run on .xls / .xlsx files even if developers are offended by how they use and share them.
I think a lot of “just use Libre Office” arguments are much like “just use Linux.” There’s a deep misunderstanding of what the value is with Excel. Being technically equivalent with features scores very few points.
I've never experienced any compatibility issues with XLS(X) in LibreOffice Calc, and I've been Windows-free for over a decade. Sure, some spreadsheets might have unique functions in it, but I doubt that's the case for the majority over people using Excel.
I'd also argue that Excel is holding back businesses. Instead of storing information in CSVs (for R or Python processing) or SQL, people rely on it when they shouldn't. It's not just that developers dislike Excel, it's that using it frequently causes huge errors:
> Sure, some spreadsheets might have unique functions in it
Million and Billion dollar businesses run their whole companies off Excel. They're not really interested in the risk a software change would entail for their companies or individual careers.
> I'd also argue that Excel is holding back businesses.
> Million and Billion dollar businesses run their whole companies off Excel. They're not really interested in the risk a software change would entail for their companies or individual careers.
I have heard that but never really observed that.
What you usually really have is a number of execs spending their live micromanaging via excel and annoying in cascade all the hierarchical levels below them with excel reports but only a small fraction of them usually have any real business logic and it wouldn't be complicated to switch to something else.
It is simply the good old resistance to change.
In my first job in IT while waiting for my first unix sysadmin role I did some windows support + migrations, I've seen medical secretaries enter in proper rage because we had replaced word 95 for word 97 and the icons were slightly different. Keyboards were launched against monitors. Even accross variying versions of products of the same editor resistance to change applies.
The biggest challenge with replacing Microsoft is licenses come bundled. With office 365 comes online storage/sharing platform, email, chat platform. If you want to move out you need to find alternatives for all of them and all at the same time otherwise you are paying more for the same thing.
I don't know are we sure about that? I remember helping users unable to open a spreadsheet that grew too big in excel. Was working fine on openoffice (libreoffice wasn't yet a thing).
I'm familiar with it, no worries. But my company does way too much with Excel and has in-house coded plug-ins to extend it's functionality. It's not going anywhere.
Mentioning libreoffice as competitor to Excel and Access is like you haven't understood the market, at all.
Excel is a cross department business automation database, which can sync/pull/push datasets across filesystems and networks.
VBA is the single most used language in Enterprise because it allows to automate pretty much any financial workflow. And more importantly: automated by non-programmers.
Libreoffice is made for private users, and that's not the same users that VBA powered office documents have.
You can do all those things. But as someone who used VBA extensively and often got hired because of my automation skills, not having VBA and other aspects of excel would be a non-starter.
its really not that hard, and it might be useful, if MS ends up finding that final straw that breaks it for everyone, you would be better off having a head start and level ground, rather than staring up a wall for employment.
i recommend you orient to it, for future proofing.
As long as xlsx files have to be modified, libre office is a non replacement.
No business would even dare to risk this from an operational perspective. That's my whole point, and the whole argument why Microsoft created their own "dip" with it.
If you as an open source promoter within the company tell C-staff that "you found a solution that might be compatible" they gonna ask you what exactly needs what amount of time. And believe me when I tell you, even getting a sharepoint workflow to run with libreoffice is almost impossible without replacing pretty much everything underneath it.
Making MS office as uninteroperable as possible is the reason companies cannot switch, because they have a legal requirement to archive and access the document for at least 10 years (in some industries up to 20 years when it comes to book keeping and accounting).
So if you propose libreoffice as a solution that
- isn't compatible 1:1
- isn't even guessable how long it takes
- forces unpredictable infrastructure changes
- ends up not rendering your documents that are _legally
mandated_
Then guess what the response of your CEO will be.
No amount of downvotes or "opinions" on what is better will change this.
I'm a proponent of open source, but leadership of libreoffice does not seem to understand _why_ companies are using Microsoft office. And that is the core problem that has to be fixed.
There needs to be a predictable and guaranteeable migration path. And as long as there isn't even a converter wizard or anything that helps you with that, libreoffice is a non starter.
I feel like this general story “x European country wants to reduce dependency on Microsoft” comes up at least once a year.
How do they usually turn out? I have heard Germany/France/? switching to LibreOffice or Linux for some government sector, but I suspect they quietly switch back.
Recent events make it quite clear that this time it is going to be different.
It was like you described earlier. Last year and this year it is basically cumulating over multiple countries.
Swiss people are very upset with what is going on with their military spending in US. I do believe they will be serious about all other purchases from US.
> Swiss people are very upset with what is going on with their military spending in US
Can confirm, as a Swiss person I am flabbergasted at how the federal government keeps pushing for the new fighter jets to be F35s, despite not only the US' currenr erratic behaviour in general, but how it has changed the terms of the purchase deal. Blows my mind, honestly.
The whole gendarmerie in France switched more than 2 decades ago first to libreoffice (was openoffice in earlier days) then to their own ubuntu fork.
But it worked well because it is military, they can manage long term projects without too much external interference and there is zero friction (if the head decides, the rest follows without asking).
In regular public administration, decisions can easily be overturned depending on results of each elections and it is not uncommon to face internal sabotage.
We move slow. But the clima for change is here now, it's been brewing for a decade or so. Expect Europe to not use more money on US services the next two decade. So with inflation you will really see a significant decline. My 5 cents
Do you think your comment has any substance beyond expressing your disdain for Europe / the EU? Are you aware that Switzerland is not a member of the EU?
Considering I didn't mention the EU once, I'm quite aware of that. I like how you try shoehorn in it on your own to try gotcha me though. Not a great attempt.
Are you aware of the crashing population of Europe though?
Switzerland is not in the EU. That said, if their goal is to get off US big-tech, I feel they're left with Apple for hardware and Google for software, realistically.
I'm still fascinated that Ukraine has been going on since 2014 and the EU has spent more time and air trying to go after US industries than Russian ones or Chinese. You'd think the US had actually captured Greenland.
Anyway I get it - just, odd to think about. Passion accounts for a lot.
The Russian oil ban only occurred 8 years after the start of this. 2022. Russia had already taken European land for 8 years prior firmly backed by China. I won't even get into the Russian oil hair-pinning back to Europe via 3rd parties.
Again - all this action is within 1 and change years of Trump. It's a fairly visible difference in reaction. I just find it weird, that's all.
I last saw a psychology thing on TV about people reserving theur strong reaction to the second severe transgression. Bad guys get 1 abuse for free, modulo some stern looks and grumbling. Second time, the big hit comes. The number of transgressions is a more important fact than the time or size.
There is some truth to this, once you look at it. So Russia took Crimea as first abuse, and got some survivable sanctions. Then they hit Ukraine a second time.
Trump, well, it is hit after hit after hit. Liberation day, ICC, threatening greenland, backstabbing Ukraine, Iran. And we're not even halfway his term, and we got proof from the last 2 Republican presidencys that this is no outlayer.
reply