
Ask HN: Big software teams, how do you manage your computers? - sekasi
I&#x27;m curious how big (this definition: Above 50) development houses manage licenses, installation of updates, software in general.<p>I&#x27;ve seen so many models in terms of locked down deployment, self-managed machines and I&#x27;m genuinely curious about what large software teams around the world are doing to keep themselves.. you know, legal, efficient and malware-free.<p>Thanks for any responses.
======
codeonfire
I think most developers would quit if not given sudo access to their machines.
Don't use windows and fire people who manage to install malware. Most
companies use some sort of remote management app no one except IT cares about.
Yes, it probably spies on employees. Software that needs licensed probably has
a license server option.

~~~
throwaway3301
On the contrary, I work at BigCorp where every machine is locked down - no
administrator access, no sudo, etc. People routinely install programs to C:\
simply because it is writable. If you need admin access to install it? Forget
it, open an IT ticket.

I've never heard of anyone quitting because of this issue.

~~~
user7878
Yes. BigCorp have very limited access to resources depending on their role. IF
you need to install software OR require admin rights your ticket have to pass
long tail of approvals with lots of justification.

------
kixpanganiban
Most dev shops nowadays use Vagrant to manage and provision their dev
environments, making sure that all developers are on the exact same setup.

------
contingencies
What part of _git_ \+ commit-based CI/CD processes doesn't scale?

~~~
abrookewood
Git isn't going to manage the licences for commercial software and your
operating system updates ...

~~~
jdubz_
This. I think people were too quick to judge the OP as an idiot. He's not
talking about your applications. He's talking about physical developer
hardware. The laptop sitting in front of you.

~~~
contingencies
Nobody called the OP an idiot.

The consensus is that physical developer hardware is best managed by
developers.

The 'problem' of managing 'large numbers' of 'commercial software licenses' is
not a problem with automation; unfortunately it goes against the grain of
developers managing their own hardware.

It seems the real problem in the OP's organization is management unwilling to
delegate and constantly searching for centralized solutions to trivial
'problems'.

------
schappim
I worked on a large deployment (hundreds of Macs) that used custom scripts to
harvest, and backup license files. Our scripts were executed with Apple remote
desktop and also used JAMF.

At the time other companies (such as google) used puppet + custom scripts to
deploy their license files + other executables on their Macs whilst leaving
the users with sudo access.

------
victorhugo31337
Typically I've seen teams have a set of build-machines that use NIS/LDAP to
authenticate and authorize users, but also auto-mounts an NFS home-share on
something like a NetApp filer when a user logins. Developers have their own
laptops and ssh/XForward to build machines.

------
gadders
At the various banks I have worked at, PCs are all windows and locked down.
You can apply for Admin access (or a more limited version via a 3rd party
product like Privilege Guard) if you a developer.

