Gorilla Arm

silverback_gorillaThose who know me well have probably heard me talk about Microsoft’s gamble with Windows 8 and the touchscreen experience.  I think the new version of Windows does show a TON of innovation, but I’m not sure it’s the kind of innovation that everyone wants.  In a touchscreen environment, like the Surface, it may actually make sense.  But until the PC is really dead and we’ve given up on having monitors sitting in front of us (even touchscreen ones), the mouse and keyboard is a great experience that most of us really like… AND it’s intuitive enough that even kids grasp the concepts easily.

Of all of the articles I’ve read on the topic, this one from ScientificAmerican.com does a great job explaining the concept they call “gorilla arm.”

When Windows 7 came out, offering a touch mode for the first time, I spent a few weeks living with a couple of touch-screen PCs. It was a miserable experience. Part of the problem was that the targets—buttons, scroll bars and menus that were originally designed for a tiny arrow cursor—were too small for fat human fingers.

The other problem was the tingling ache that came from extending my right arm to manipulate that screen for hours, an affliction that has earned the nickname of gorilla arm. Some experts say gorilla arm is what killed touch computing during its first wave in the early 1980s.

Read the entire article here.

What do you think?  Do you believe that the mouse and keyboard are going away any time soon?  Can you do your job in a touchscreen-only environment?


Microsoft’s tablet strategy in disarray?

While I’m not yet a fan of Windows 8, I’ve tried to keep an open mind about Microsoft’s direction with their OS.  Especially when it comes to the tablet market.  Windows 8 seems to make sense if you are using a tablet or touchscreen computing environment.  With that being said, I found this article interesting about the lack of movement of Windows Surface.

Full Article from John Paczkowski at allthingsd.com

If Microsoft is being coy about revealing Surface sales data, it may be for good reason. Early demand for the company’s first tablet is lousy. How lousy? Put it this way: If Microsoft really did manufacture three million to five million Surface tabletsto sell in the fourth quarter, it’s going to have between two million and four million left over at quarter’s end.

Detwiler Fenton, a Boston-based brokerage firm, said in a research note today that Microsoft is likely to sell just 500,000 to 600,000 Surface RTs in the December quarter, far below its previous expectation of one million to two million. The reason: Microsoft’s tablet strategy is in “disarray.”

“Lack of distribution is killing the product,” Detwiler Fenton explained. “Mixed reviews and a [$499] starting price tag certainly don’t help, but lack of retail exposure at Best Buy and others is severely depressing sales.”

In other words, with Surface available for purchase only from Microsoft Stores — and those stores are few and far between — consumers are unlikely to ever see the device, which makes them far less likely to purchase Surface, particularly given its price tag. And with so many other tablets available, there’s not much reason to seek out a Microsoft Store, assuming there even is one in reasonable proximity. Currently, there are just 31 Microsoft stores and 34 smaller holiday kiosks in the U.S. Given that paucity of stores, the average consumer’s best chance of seeing Surface these days is on a billboard.

That leaves Microsoft in a tough spot. Will the company stick to its original plan and continue to restrict Surface sales to its own stores, or will it expand distribution to other outlets in the hopes of clearing out inventory and spurring demand?

Microsoft did not respond to a request for comment.

What are your thoughts about Surface?  I admit that I don’t have any “hands on” experience yet with the device, and yes, even though I love my Macs, I am hopeful that Microsoft is competitive in the tablet (and desktop OS) space!

What do you think about Microsoft’s direction?  Surface?  Let me know your thoughts!

Adding Macs to an Active Directory Domain – Part One

We continue to add more and more Mac computers to our network.  Up until now, we have been happy to simply have the Macs be standalone machines, and haven’t wanted to undergo the learning curve to add them.  We are now at a point where managing user accounts and access has become difficult, and we want to move all of our Mac users onto network accounts.  Thus begins our journey into the abyss.

Starting out, the Mac integration seems simple enough.  Using the built-in Directory Utility, you are able to bind the Macs to the domain with very few issues.  Simply entering the fully qualified name of the active directory domain and clicking “Bind” should do the trick and add the machine to AD just like a Windows machine.


You are presented with several advanced options during this process.


Our first hurdle was determining what each of these options do.  In a nutshell, here were our findings (and our default settings above.)

  • Force local home directory:  This is something you will want to do, especially if you want applications to be available when users are off the network.  Not checking this box will place a ton of files on your server in the “network user home” directory.  That means that applications get installed here, the library folder is here, music is here, etc.  Not a good thing if you are a laptop user or are ever offline, and it creates more network traffic as well.
  • Use UNC path from AD:  Checking this box will map the AD user home folder upon login and will place it on the dock by default.  This is pretty useful if you have users who use their network folder a bunch.  In our situation, our network home folder in the windows environment was mapped to the user’s My Documents using Group Policy and offline files, so most of our users have a lot of documents there.
  • Default user shell:  Just leave it as it is.  /bin/bash works just fine.
  • Create mobile account at login:  This is the most tricky one. So we’ll talk about it later in detail.

Here is what show up under the mappings tab of Directory Utility.


Unless you really have a need to change anything here, it works great when left alone with the defaults.  And then we are left with the administrative tab.


The administrative tab is important for administering the machine.

  • Prefer this domain server: This is fine if you really want to set it, but is not really necessary in our case.
  • Allow administration by:  This is useful when the user is connected to the network and will allow the active directory network user account to make changes on the local machine… if they are a member of one of the groups added here.  In our testing, this seemed to only take effect at the GROUP level not at the user level, meaning we were unsuccessful in adding an individual user here for administration.  ALSO NOTE <ALERT> i.e. this is important! This seems to work fine when a user is connected to the network, however, what happens when the user is at home and can’t see the network?  Any guesses?  If you guessed that the user’s admin privileges are not cached and the user WILL NOT have administrative privileges when they are offline, you are correct.  Impact of this is that a network user goes home and while at their house needs to install an update, etc.  Because they can no longer see the network they will not be able to approve the update unless they have a second local user account with admin rights.  Not good, and probably confusing to the user.  This is a pretty major flaw in my opinion.

Mobile Accounts

Let’s talk a little more about creating mobile accounts. Creating the mobile account at login seems like a great thing to do.  In fact, it is the ONLY way that your users will be able to login using their network credentials when they are offline.  (Under Tiger, there was an option to cache credentials, which has now been replaced by Mobile Accounts.)  As we have previously mentioned though, if the user is offline they are no longer an admin, which really limits the ability of the user to administer the machine when off the network.  In addition, the mobile account user will be able to sync their folders between the network and the local machine.  This is great in theory, however not nearly as intuitive as Microsoft’s offline files, which automatically determined the latest version and save the appropriate one.  In the Mac implementation of sync, the user has to choose which version of the file to keep, which is dangerous in my opinion, and an extra burden on the user.  We choose NOT to sync the files for these reasons.

So where did we finally land on integrating our Macs with Active Directory?  Due to the limitations of offline administration and creating mobile accounts we decided to take a look at a few third party products.

Next time:  How we implemented Macs in Active Directory with Admitmac.

Musings about Vista

I’ve spent the last several months taking Vista through the paces, first with Beta 2, then RC1 and 2, and now with the final build of Vista Ultimate. 

I can say with confidence that it is a big step forward for Microsoft and I really do like the Aero interface.  However, beyond the spoofed up look, I’m not seeing much benefit RIGHT NOW for our church.  Most of our machine are less than 2 years old (we typically have a 4 year upgrade plan) but of those really good machines, most won’t be able to take advantage of the Aero interface. 

In addition, I’m just not sure what is to be gained from being an early adoptor here.  As of last week, Dell still didn’t have drivers for my test machines and the laptop machine (a Dell XPS 1210) seems to have the most incompatibility problems. 

I’d love to hear what other churches plan to do about rolling out Vista.  As for us, we’ll wait until Dell won’t ship us XP any longer.