So the point about this piece of development is that it's the result of a protracted and therefore contemplative combination of research and creativity. As a result, it looked to me as little like a separate, branded product or app kind of package. Indeed, the bit that took up the most time in demonstration was (prepare for sharp intake of breath, oh Network Administrators!) a suite of custom extensions to Windows Server management tools for Active Directory. These guys have actually put more database fields and more information in the deep, dark and twisty roots of the standard Microsoft Domain Security and Authentication repository.
This paragraph is the Boggle Pause. That's my name for a bit of text that I produce so people can gasp for breath, mop up spilt tea, or apologise to their fellow commuters, when an especially astonishing idea comes flying past. Seasoned systems admins know to treat AD as the computing equivalent of a somewhat forgetful grizzly bear. Something to be handled with cages, prongs and a lot of shouting. Traditionally, the suggestion from Microsoft when producing smallish databases in smallish networks has been to use SQL Express, and there's plenty of examples of such things where a lot of the laboriously entered information is a straight re-cut of what's also in AD as user identity and login information. But, if AD is extensible in a way that isn't at the mercy of software updates or architecture changes, and the type of information stored there is well aligned with the user-headcount and the fact that they are using PCs, then why on earth not make more use of it?
It was explained to me that in that long recessionary investment pause, it was possible to look at how Microsoft was proposing to solve pretty much the same machine-management problems as RM claimed was unique to schools, just using the regular MS utilities. In particular, a suitably recent revision of WSUS and the Deployment Manager free tool that comes with an Open Licence Subscription which by now don't need heavy re-engineering to cover the vast majority of regular daily or weekly jobs.
This is, to my mind, absolutely inspired. As was their other work in collecting together event viewer activity from all their servers not by demanding a mega-structure of authentication and delegation, but rather by being a bit low key and just shipping XML files around via email, generated by a lightweight data collection agent on each machine. It's a classic bit of British software engineering at it's best. And it's worst.
