this post was submitted on 23 Nov 2023
11 points (86.7% liked)
Sysadmin
7566 readers
1 users here now
A community dedicated to the profession of IT Systems Administration
No generic Lemmy issue posts please! Posts about Lemmy belong in one of these communities:
[email protected]
[email protected]
[email protected]
[email protected]
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
I've never heard of IAC on Windows desktops. IAC is about consistent building of cloud resources. These are individual physical devices and probably aren't all being flashed and rebuilt with every deployment.
https://learn.microsoft.com/en-us/mem/configmgr/core/understand/introduction
Configuration Manager / intune / sccm / whatever they change the name to next is the first-party solution from MS. It has always been able to modify an existing install. Push out a fresh piece of software, reconfigure one, uninstall one, force a group to update a gpo or update windows, etc...
Most universities use intune/puppet/chef for this in labs and for deployed desktops/laptops to faculty/staff to keep things up to date and consistent.
Sure. We manage about 110,000 endpoints with it at the office. It's just not infrastructure as code.
Intune is kinda point-and-clickey for sure, but would you not consider puppet and ansible IaC? What would you classify it if not?
As I understand it, IAC is not about managing devices. When a IAC created device needs an update, you update the config, blow away the device, and build new.
Ansible and puppet manage devices. If you need a change, you send the package or config or reg key. You can't blow away a device and build identical, like you can with IAC. At least not easily and without lots of careful group management.
That said, IAC is changing fast and I may not be up to speed on all the features of those tools. We're an MECM and intune shop, with a bit of jamf on the side.