When I was an Enterprise Strategist and then Consultant in Microsoft's US Midwest sales district, one of the most frustrating situations I experienced were customers (mainly enterprise: 20K+ desktops, 1000+ servers) who didn't utilize technology to its fullest.  I was always troubled by how much untapped IT potential customers had at their disposal.  They'd spend $100K on a solution that they already owned.  Mea culpa?  Its possible they may have not known what they had because I didn't get to meet them until it was too late (and we as a company didn't make it easy enough to discover/utilize).

Windows Server is a great example.  There are a multitude of services ("applications" in some ISV's vernacular) in Windows Server that enable it do much more than just the typical workloads such as file, print, and directory.  Off the top of my head I can think of: .NET [application engine], IIS [web hosting], terminal services [there's an addt'l fee for the TS CAL], media hosting/streaming, Kerberos realms, desktop management via group policy objects, clustering, network load balancing, and remote routing.  Yet, too often and too late, I'd find out my customer had purchased a one-off solution that had little to no synergy with the company's IT strategy or current initiatives (TCO/cost reduction, simplification, manageability, rapid application development, etc.).  BTW, even file and directory services can do much, much more.  For example, the file service supports Volume Shadow Copy snapshots which make it easy for a user to retrieve their own deleted/changed file(s) and the directory service does highly scalable DNS and LDAP.

A few years ago, Gartner released a study that revealed a typical enterprise customer had ~130 directories.  This doesn't surprise me because I've met with lots of customers who have built their own directory service.  They didn't necessarily think of it that way--an application needed to be build (yesterday!) and they needed a way to authenticate/authorize the people who needed access to it.  Problem was the app created an additional user ID, password, password policy, helpdesk procedure to reset the password policy, security attack vector, etc.  If they'd leveraged Active Directory and IIS (SQL can utilize AD too) their users could have seamlessly gotten to the app without doing anything more than clicking a hypertext link or favorite.  Who wins in this case?  No one except for the software vendor.  The developers have to write authentication code (adding time to their schedule if they do it with security best practices in mind), the users have to remember another user ID and/or password, the helpdesk has to one-off support another user ID and/or password and the finance people spend money for what amounts to more complexity.    That's a lot of User IDs and passwords!  One of the understated benefits of working at Microsoft is having a single password.  I only have to remember one password which is great since I have about a 1000 to remember as I browse the 'net.

What does any of this have to do with "good enough"?  I'm glad you asked.

Just like their Enterprise brethren, I've found that most Midsize businesses are just scratching the surface when it comes to leveraging technology.  For example, of the hundreds of companies we've visited only a handful are able to find the time to truly utilize the power of the Microsoft platform.  One company, a construction materials manufacturer we visited in Vancouver, Canada is leveraging the published APIs that Microsoft's server products expose by consuming them in .NET and presenting the results via dynamic web pages in IIS/Active Server Pages.  The pages show server uptime, when a user last logged in and on which machine, backup successes/failures, device management and inventory, drive space, etc.  I love meeting with customers who are REALLY pushing [our] technology like this.  I know that most IT Administrators I've surveyed and visited would love to have that data at their fingertips as well.  We love it so much we're putting much of that functionality into EBS (accessible via the Administration Console). :-) 

One of the areas I've heard good enough mentioned many times is in reference to open source software.  Open source code enthusiasts emphatically believe there is no reason a company should purchase and use Microsoft software (see "Running Only on Open-Source Software".  BTW, a small business company named Smartleaf is quoted liberally and their Chief Architect is Robert Thau who just happens to be one of the principal authors of Apache).  I believe some open source software is (very) good and useful in the hands of the right people at the right company, but based on my research I don't believe its in the best interests of most companies (especially midsize) to widely adopt it just because the initial software acquisition cost is less.  For example, I've visited some companies who are only using Windows Server for basic file (read/write) and directory services (authenticate/authorization).  A few of the IT Administrators told me that they thought SAMBA and LDAP might be good enough because they're really not doing anything extravagant. They need to push Windows Server harder where it really begins to add value and reduces operational cost.  In the next breath, one said the users were adding "non-company approved" software to their PCs and they were having problems as a result.  We discussed locking down the company's PCs using Organization Units (create another OU for the exceptions) and group policy objects (made possible because of the deep integration between Active Directory and the Windows workstation--there are almost 3000 GPOs in Vista and Windows Server 2008*).  For one that needed a new application I suggested they build it (or insist it be built) using Visual Studio's (there's even a free version) WebForms (aka ASPX pages) on IIS/.NET  That would enable him to more fully utilize his company's existing Windows Server license and CALs for the web pages, application run-time engine and authentication/authorization.  Please, please, please stop writing your own plumbing code!

One of out-of-the-gate visions for Essential Business Server was to expose many of these services to the midsize company's IT Administrator so he/she can consume them to better the business.  I think we've done a good job putting some of this functionality into the Administrator's hand but there's a lot more we can do (and will, in future releases).  I mentioned the extensibility story in a previous post and I'm excited to say there's more good news on that front.  I you'd like to push the EBS' envelop even further (please do!) then I invite you to use the Essential Business Server Software Developer's Kit (SDK) and extend the Administration Console.  Make great into outstanding!


*I fully expect the open source community to take advantage of Microsoft's Interoperability pledge and integrate their software work with Microsoft software.  If I worked for an open source company I'd make it a high priority for my future versions.