Comment by andix
1 day ago
Switching from Word/Excel to LibreOffice is comparably easy. A lot of other Microsoft Products are much harder to get rid of.
I've never seen a European corporation that doesn't do user management with ActiveDirectory. Some still have it on their own Windows servers, but most browser based applications still go through Entra (Azure Cloud based AD). Just shut off their Entra/AAD and most of their software is blocked because nobody can log in.
Agreed, and even things like Keycloak/FreeIPA are only partial solutions.
FreeIPA in particular is a beast to maintain, it puts kubernetes-cowboys to shame.
This is the elephant in the room that most comments on this page miss. Office may be hard to replace, Teams maybe even harder, but the real pain comes when you touch identity and access management. The usual initial optimism that "yeah but [insert solution name here] does this, problem solved" dissolves very fast as you start going through the inventory of requirements for managing users, devices, authentication, etc.
It's not just the technical hurdle which maybe you'll whip your admins into finding workarounds (-keep praying that your admins don't leave because it will be painful to find replacements who understand and can maintain the spaghetti pasta monster your infra ended up being-). In overall non-technical organizations the user experience always ends up hobbled even just by asking people to keep track of multiple identities.
MS is still entrenched because they give a turnkey solution with Eeeeeverything™ and your CTO doesn't need to struggle with any uncertainty. SaaS made it so easy to just "outsource" everything to MS, they'll be responsible and accountable for operations, infra, security, processes, etc. Even less headache for your C-level people. See no evil, hear no evil, you pay MS to take the shit and your job is safe. If you throw a stone out the window you'll hit someone with general "MS administration" skills. And users are usually familiar with MS tools, Windows, Office, so they aren't bothered (you hear a lot of complaints about Teams on HN but not so much from normal users). So this covers the tech, the skills, and the UX.
> Office may be hard to replace, Teams maybe even harder.
It actually depends how you use it. If you use the shared online collaboration features (concurrent editing for example) it might be pretty hard since I do not know any other solution besides Google Workspace that can do that.
And Excel standalone I think is the hardest to replace if you have lots of macros with business logic inside them.
For Teams, as long as you use it for conferencing and chat (no file sharing or editing), you can replace it with Slack or whatever other solution might exist that has some feature parity.
IAM can stay MS, as it is a pretty battle tested solution on-prem and in the cloud. Or you move to something like Okta with a LDAP like backend where you manage users and groups.
> IAM can stay MS
That's leaving the most critical component still with a US company. Doesn't fly if the goal is what the Danish agency is trying to achieve.
> It actually depends how you use it.
Obviously but the larger the company, the more ways to use it, and one of those ways will be a nightmare to tackle. You want one solution, not a patchwork. So the one that does everything gets picked. MS throws everything and the kitchen sink in their ecosystem to fit every need even if sometimes at mediocre or crappy quality.
> For Teams, as long as you use it for conferencing and chat (no file sharing or editing), you can replace it with Slack
Taken in isolation you're right. But in a world of network effects every company, supplier, service provider you work with might use Teams and you can federate. Switch to Slack alone and you make your life harder.
I mentioned this in another comment, if protocols and formats were mandated to be open or interoperable (in practice) to allow usage in the public sector, replacing MS would be a notch or 2 simpler.
2 replies →
> IAM can stay MS
The idea is to move critical parts away from US companies.
The US shows hostility towards Europe, even threatened a military attack. So the goal is now to remove as much dependence as possible.
To claim Microsoft is a company and doesn't have to follow US government order is naive. US government is now routinely breaking the law, if they threaten Europe with military action, they can also threaten Microsoft with military/police action.
2 replies →
Exactly. And if identity and access management is turned off, then nothing works anymore.
In the past there was a lot of Software directly installed to user's PCs and might have been authenticated without SSO. Also log in to a PC often works without identity management (cached credentials). But nowadays nearly everything is somehow in the browser and requires SSO.