HP laptop pricing is so out of control, management wants us to look at deploying Mac
Posted by down_with_cats@reddit | sysadmin | View on Reddit | 462 comments
We're mostly a Microsoft shop so it's made sense to deploy Windows laptops to our end users. We image them with SCCM (sometimes drop ship using Autopilot) and they're hybrid joined giving users a pretty good experience when accessing M365 resources.
However, our EliteBook 860 pricing has gone from $1100 per unit last year to $2200 per unit due to "AI Constraints". We've built new SKUs that cut every cost possible (no touchscreen, value SSD, no fingerprint sensor, etc.) and even went as far as to build SKUs using soldered on CPU/RAM as we were told that would reduce cost. It's still above $2k for a basic laptop (U5/32GB/256GB).
We're now being told to figure out the cost to switch to deploying MacBook Neos and MacBook Airs because of how much cheaper they are. If we can save $1200-$1600 per laptop then it's likely worth the cost to train everyone on how to use and support MacOS.
My biggest concern is imaging them. We have a very small MacOS footprint now (30-40 devices) and each one was a pain to get setup for the end user. We primarily use Intune which has "user affinity" so we have to reset the end user's password, login as them to download the management certificates, and then spend several hours manually configuring it. I've automated a lot with Intune, but there's a lot of manual effort to domain join, allow the AnyConnect VPN profiles, allow TeamViewer screen recording, etc. We own Tanium but I don't really see a ZTE option with them and it looks like we may need to purchase licenses for a product like Jamf.
Has anyone else been given a directive like this? If so, can you offer any advice?
We deploy around 500 laptops per year, so I understand the upfront hardware cost savings but worry there will be a lot of "soft costs" that might end up costing us more in the long run.
Avas_Accumulator@reddit
SCCM tells me it can be a pain to integrate. What we did at least, is to have Intune Compliance integrated with IRU (aka Kandji) and it has worked to the point of allowing us to finally deploy Macs as an alternative. Cost and quality wise they are a no brainer. However, a lot of blood travel through Microsoft veins, so it's not as easy.
These-Still6091@reddit
This is funny HP has been raising prices significantly slower than Lenovo - can’t speak to Dell. The memory costs being up 500% since September isn’t a secret.
9GqPZD@reddit
Go with jamf. Intune is getting there, but it’s still not as good.
himji@reddit
You'll need an MDM. We use JAMF which seems to be the one that most use
tommytom69@reddit
We use Mosyle. Easy to configure and use
ThePromisedWLAN@reddit
We have a few hundred Mac-s among various companies, all managed by Mosyle.
Simple and intuitive. Some say it is just a JAMF clone but cheaper.
Old-Flight8617@reddit
Jamf was the best when I managed macOS devices.
Intune has yet to get there after all the MS promises about macOS support.
Laearo@reddit
we got rid of our macs and jamf a few years back, now theyre pushing mor macs again but wont pay for jamf - hopefully intunes not that bad...
hej_allihopa@reddit
For me it’s the lack of pre-provisioning options (compared to Jamf), and the amount of delay it has.
Status_Jellyfish_213@reddit
Oh, it is.
thefold25@reddit
It's better for Macs than it used to be, but I'd still pick Jamf over Intune if we weren't all in on the Microsoft ecosystem.
Shaggy_The_Owl@reddit
Honestly it got a lot better in the last few years. Before I left my last role I dumped jamf amd consolidated windows and Mac into intune. We were able to meet all our compliance requirements for SOC2 so that was good enough.
Apple business manage is changing to a proper mdm so we’ll see how that goes.
viking_linuxbrother@reddit
They don't have much of an incentive to do it right. Good enough gets them there.
Autoimmunity@reddit
Microsoft actively benefits from orgs that utilize Intune being tied to the Windows platform, so this is not a big surprise.
down_with_cats@reddit (OP)
As mentioned, we have Intune and Tanium integrated with Apple Business Manager however I don't see how either offer true ZTE. Jamf seems expensive AF.
KSauceDesk@reddit
Jamf also isn't going to solve all of your problems. You still need to manually enable all the privacy settings for screen sharing on EVERY mac if you're switching to them
hankhalfhead@reddit
If you need it, should be part of the price comparison
KingDaveRa@reddit
Here's the important bit. Management want Macs because they're 'cheaper'. I.e. PHB has been seeing advertisements for a new cheap computer 'so why don't we just buy that?'
So it's time to point out that in order to still meet {insert regulatory requirements} we'll need to procure a management platform like JAMF which will cost {price}.
Then factor in training all your people to actually run JAMF (i.e. the JAMF certification), plus any crucial applications that'll need relicensing.
The TCO will probably be about the same all told. Maybe slightly more.
attathomeguy@reddit
Not true Cisco has published a calculator and every year Mac's are cheaper even with Jamf
Arudinne@reddit
IBM published a study saying the same thing back in 2019 or so.
attathomeguy@reddit
Yeah and so does SAP and Cisco but you know they huge companies with huge finance departments that keep track of every cent don't know what they are doing right? Why people still think mac's don't belong in the enterprise blows my mind
Mono275@reddit
Because there a ton of us that have had issues that 5-10% of our user base (Macs) caused 90% of our tickets and each one took way longer than the general Windows tickets we got. This was my experience ~5 years ago anyway.
attathomeguy@reddit
That was 5 years ago Apple has changed a lot since then but it also depends on how you were managing mac's. If you try to make mac's fit in a windows world instead of managing mac's how they are supposed to be managed then you will get bad results. In my current role we get 10x the tickets for windows machines as we do for mac's because I enforce apple's best practices which leads to lower tickets. Also if you look at the public studies from SAP, IBM and Cisco you would read that they all have LESS tickets for mac's vs windows users
Mono275@reddit
I'm not arguiing that it is different now. Just giving one reason that some people are set against Macs in their environments.
attathomeguy@reddit
Fair point, but by that logic we should still be skeptical of online banking and ATMs because they had rough rollouts too. Everything in IT evolves the experience you had 5 years ago with Macs in enterprise is about as relevant as someone in 2024 saying I tried Autopilot in 2019 and it was a nightmare so we're sticking with imaging. At some point you have to keep up or get left behind. The sysadmins who are still resistant to change and clinging to "how we've always done it" are exactly the ones who are going to find themselves obsolete and out of a job in the next few years.
sofixa11@reddit
IBM's study was pretty disingenuous. They published it a year in a pilot programme with power users, and concluded TCO (including support load) was lower over a three year lifecycle. Not only was their dataset not representative (power users), they hadn't actually waited to see the actual full lifecycle.
IBM is still a very big Mac shop so it obviously works, but they didn't need to lie
attathomeguy@reddit
What about the cisco survey and the cisco tco calculator that is on github? https://www.jamf.com/blog/mac-in-the-enterprise-employee-choice/
hutacars@reddit
Why? Get a single Mac admin who can set up zero touch properly, then drop ship computers. If you’re touching them before sending them out, you’re doing it wrong.
hankhalfhead@reddit
Ok, plus one Mac fte.
no-dupe@reddit
How’s you experience with Tanium? Do you’re trying to sell itself as a SCCM replacement. I’m listening, but a bit skeptical.
down_with_cats@reddit (OP)
It’s okay. A bit quicker than SCCM to do things and it’s nice to not have a server to patch and update but in the end it’s just another client running code on the machines.
GremlinNZ@reddit
I can't speak to Tanium, never used it. But as a very Wintel centric admin having to deploy the odd Macs for clients like marketing insisting on it, you NEED a good MDM. Intune ain't it.
Honestly, punching yourself in the balls would give you a less painful experience, Apple is a f'kin nightmare to manage trying to get it to behave in a Windows environment.
From continually re-adding file shares that just don't stay connected through reboots, and it's not as simple as just deploying GPO, to bizarre behaviour with Intune, throwing errors or just refusing to check into Intune or do anything it was told.
Log in at work, fine. Want to login from home? Ah, that won't work until you go find the settings for it. Want to change something needing admin? You thought UAC got in the way? Hahaha, wait until you get the incessant restrictions of Mac.
Tell management the additional overhead will require one person full time if they're deployed enmasse, at a minimum.
Arudinne@reddit
We have Intune set as our MDM in ABM and ZTE works just fine.
We just order the Macs from Apple's Ecommerce site and they get registered for the MDM out of the box.
https://techcommunity.microsoft.com/blog/coreinfrastructureandsecurityblog/enable-zero-touch-enrollment-of-mde-on-macos-devices-managed-by-microsoft-intune/4144066
All we have to do is hand them the Mac.
Looks like this for the user: https://youtu.be/s3mHgPq05wQ?t=340
down_with_cats@reddit (OP)
The last time I went deep into deploying MacOS with Intune was Ventura 13.0 so maybe I need to revisit with Tahoe? At the time, I had to write an 11-page document for the "imaging techs" to follow to get a Mac fully configured and that was after adding a bunch of automation with Intune and shell scripts. Is Tahoe any better?
Some of the steps include:
In the end, it's far from zero touch, and I don't see how Intune or Tanium could automate a lot of these steps.
Arudinne@reddit
We hand them the laptop. Intune does the rest.
Intune pushes the settings, the users don't get an allow prompt for that.
We don't Domain Join them. If they need printers - we have Universal Print thru Entra. Intune pushes the Wi-Fi profile which is authed thru SCEPMAN/RADIUSaaS currently. I plan to investigate moving that to cloud PKI once that comes to E5 in a few months.
We use NinjaRMM instead of TeamViewer.
AdmiralCA@reddit
Do you have a link on Cloud PKI coming to E5 soon?
Arudinne@reddit
https://techcommunity.microsoft.com/blog/microsoftintuneblog/microsoft-365-adds-advanced-microsoft-intune-solutions-at-scale/4474272
SkiingAway@reddit
Things have changed a decent amount since then for the better, and some of this wasn't all that true even then.
No shame to you if you weren't aware at the time since plenty of this stuff isn't that well documented and was much worse around Ventura era. /r/macsysadmin, MacAdmins slack, /r/jamf , Rich Troutons blog, etc, etc are good places to poke around for some of these topics.
Can't specifically speak to Intune but just quickly off the top of my head:
You can skip any of the setup assistant panes, the only one I think you'll have to keep (if you want it enabled) is Location Services.
Some orgs don't necessarily bother with having a "local admin" tech account at all anymore - pros + cons to both approaches. But if you do, LAPS exists now and can rotate that password after each use and display it in your MDM and all that nice stuff.
I mean there's no automatic way for something to know what your asset tag is without you doing something manual somewhere. That said, MDMs do generally have a field like this that is possible to update in some sort of more automated fashion. Ex: You might be able to upload a spreadsheet of 100 serial numbers + your internal asset tags and have them all be loaded in at once and searchable within the MDM from then on.
You should also consider if you actually need numbered asset tags. Assigning + locking computer name to serial number is something easy to do and provides you a unique reference for the machine.
You can automate network filter approval easily.
You can't automate screen recording approval but you can authorize non-admin users to approve it for a specific application. So in this example you can't enable Teamviewer itself remotely but if your tech forgets to check the box, your end user will be able to toggle it on for Teamviewer (and only Teamviewer) even without local admin rights.
Do not domain join a Mac in 2026, arguably was a bad idea even back when you were last dealing with this. It is technically still possible (I think) but quite literally everyone, including Apple representatives will strongly tell you not to do it for all but a few use-cases. Look in to Platform SSO and related technologies.
There are a number of tools out there for handling temporary privilege elevation for when you want to let an end user do something or for your techs.
FriendlySysAdmin@reddit
I don't work for them, but we replaced InTune with Kanji (which just got renamed to Iru) and our Macs are truly zero touch now. We don't have a huge fleet, but it went from being hours of build time to zero, end user auths and MFAs against Entra and then the build kicks off via the internet.
Nateomeister@reddit
I can't speak to the domain join/groups so won't comment on that, but Intune can do almost all of the tasks. For each of your points:
The ZTE takes your techs away from signing in as the user, so no password reset will be needed.
You configure the enrolment profile to only show the relevant setup assistant screens.
Enrolment profile can create a local admin account and now has an implementation of LAPS to rotate the password.
Script can change the device name or can just be done in Intune if the naming format isn't suitable for scripting.
You configure PPPC config profiles to set permissions (like accessibility access) for your app bundles so there's no chance your user can deny your network filter etc. This will also work for TeamViewer. The only thing you'll have an issue with is auto accepting the screen recording permission as Apple do not allow this to be controlled by MDM nor can you script it - users will just need to accept the permission for it once.
Intune is definitely a more complex setup for Macs, but it slightly irks me when people write it off. There's a ton of great resources out there, I'd take a look at the "Intune my Macs" and "Open Intune Baseline" projects
Noxior@reddit
I don't use Intune for mac management, but from what I've found it seems on par with the solution we have deployed. First two points should be covered by ZTE. Creating local admin, changing hostname can be covered with bash scripts. For managing Privacy settings, you will need to create PPPC Profiles - apps like VPNs, remote access software, or anything that hooks into kernel extensions requires those. Bigger software vendors often have ready profile payloads for uploading into an MDM, but there is definitely a learning curve to understanding those. Example guide here - https://www.recastsoftware.com/resources/how-to-build-pppc-profiles-within-intune-for-macos-devices/. For domain you're propably looking at configuring Platform SSO - I haven't dabbled in that, so I'm not sure.
cmorgasm@reddit
Your other post mentions wanting zero touch, but step 1 is the tech logging in as the user?
send_me_Coronas@reddit
I would definitely take another look. We recently went through the process of enrolling our mac devices into Intune and alot of the processes you mention are covered by Intune. Through platform SSO, and ADE enrollment, you can hand a user their device and they should be in within 15 min. They only manual step they might have to do is completing company portal / platform SSO so that their MS password synchronizes with their device.
LAPS is now available on macOS (account is generated and password rotated through Intune), only issue I agree with is manually enabling screen recording (we use connectwise) but it's definitely useable at this point.
dm117@reddit
Check out Mosyle. It’s extremely cheap.
joshbudde@reddit
ZTE is possible as long as you have Apple Business setup and devices automatically enrolled. You just need to load the serial numbers into JAMF, assign a profile (or have a good default one), and ship it.
Evs91@reddit
you don't even need to load the serials in JAMF. you just assign a default prestage enrollment now and it just goes with it as your devices are loaded into ABM
fkick@reddit
Check out Mosyle. Better pricing than Jamf and may fill the need you have.
OneSeaworthiness7768@reddit
>I don't see how either offer true ZTE.
What do you mean? Intune’s mac management may not be totally on par with Jamf but there’s no reason you should have to manually configure them by hand for several hours. Have you even attempted to see what your options are in Intune?
down_with_cats@reddit (OP)
I just posted some of the manual steps here https://www.reddit.com/r/sysadmin/comments/1t0157x/comment/oj68dr4
OneSeaworthiness7768@reddit
Right but what have you actually attempted to set up on the Intune side to avoid manual configuration?
Few-Shoulder8960@reddit
Hey OP! ABM enrollment is one piece of the puzzle. As it is today, are newly purchased devices automatically added to your ABM instance?
down_with_cats@reddit (OP)
Yes.
BooHorde@reddit
It is expensive af, which is why it should be part of the calulations when switching from a MS fleet to a MAC fleet. I don't know how robust intune is with managing MacOS/IOS devices, but if I have thousands of apple devices in my enterprise I'm going to want an actual apple MDM.
colinzack@reddit
It's about 20 dollars per laptop a year. Add that to the cost of a MBA compared to your $2k HPs and it's still so much cheaper.
torbar203@reddit
Apple has their own MDM now(Apple Business), so maybe that could cover your needs for an MDM for Mac
Fox_and_Otter@reddit
There are a lot of good Mac MDMs out there these days. If cost is a big concern you should check out Mosyle, easily the cheapest full featured Mac MDM. All their documentation is behind their portal, which is annoying. Their support is generally pretty good though.
WiskeyUniformTango@reddit
Its not. Intune + Windows 11/Autopilot is so far ahead in terms of new deployments imo.
Alilttotheleft@reddit
@op if your org is not familiar with Mac management specifically, go with Iru. Largely one-click set and forget (including SOC / ISO compliance in a single click), much easier day to day admin vs Jamf and support is genuinely AMAZING, by far the best vendor I’ve worked with for support needs.
Jamf is more flexible, but if your org can work within Iru you’ll have an easier time getting into Mac management.
Effective-Design2378@reddit
We’ve just moved from Jamf to Iru and it is much cleaner and easier for the service desk to manage.
FastRedPonyCar@reddit
Yeah an MDM will make easy work of all this. I’ve used Jamf at one company and Mosyle at my last company as it was a bit cheaper and essentially did the same thing.
dm117@reddit
Yup. We’re a Mac shop and we use Mosyle. It’s extremely easy once you have your profiles set up. The do zero touch deployment so you can literally ship a laptop directly from Apple to an employee and they’ll auto enroll it on the back end. It’s great. I recommend using Jamf or Mosyle.
ycnz@reddit
Iru (previously Kandji) were much more accessible than JAMF, and also seems to work a bit better. It's still going to be hard going for a windows shop.
gurgle528@reddit
Agreed. I’m not a sysadmin at my current or previously role but a SWE. Previous shop had JAMF and current one has Iru. Iru was brainless for the end user (me) to set up.
lpmiller@reddit
I believe Jamf will even work with intune.
bryan4368@reddit
Jamf is going to overload a newbie. They probably don’t need all of that
rb3po@reddit
Addigy for the win, imo. I love what they’ve done with the platform, and it’s so flexible.
bimmerking83@reddit
Looking at moving about 50% of our end users to Mac devices for this exact same reason. We are a Dell shop as well. Deploying through Intune saved a ton of headaches.
No matter what, before you start, get set up through Apple Business Manager! I cannot stress this enough. We didn’t and about 1 in three devices comes back activation locked because they had Find My Mac enabled.
Given the number of devices I recommend finding an MDM platform specific to Apple for you. EXCEPT FOR JAMF! JAMF is the equivalent of 2010 BlackBerry - they think their product is so good that people won’t leave. They don’t innovate or adapt. Look at Mosyle, Kanji (now IRU), or Addigy. You’d be surprised how cheap they can be - like 500 devices for 5-7500/ year.
If you go the intune route, be ready to test, retest, and update every time Apple makes a quiet change. It works, and for the most part really seamless. We deploy M365, Kerberos auth - accounting for double hop as well, PW sync, deployed apps, etc. Users are about 90% happy, honestly the 10% fail is us getting in our own way.
Djvariant@reddit
As a Mac admin using Intune and domain join.is your first problem. Any other mdm out there will do a better job and domain binding is no longer recommended for macs at all.
A4720579F217E571@reddit
could iPads be an alternative?
don't know the whole context, of course, and what I've read [hybrid join; VPN back to on premises I presume] suggests probably not
but if users are...
...then could an iPad work?
not the consumer one; at least an iPad Air, because you can dock to a USB-C dock and get 4K @ 60Hz to an external display [and wired Ethernet, if that's significant]
higher up to iPad Pro and you get Windows Hello for Business "equivalence" (FIDO2 with biometrics)
not suggesting Apple accessories [which would inflate the cost]; but eg ESR keyboard case.
UniversityAcademic@reddit
I hate all things Apple, but we’re a full Apple site and using Jamf is the way to go. However, Apple Business is now being pushed as their own MDM solution starting this year. Might be worth it to take a look if you have to go with them.
Low_scratchy@reddit
If you're willing to go non Microsoft, why not go linux?
No_Resolution_9252@reddit
The consideration of going to macs over not cutting the laptops further down to specs that are still higher than what the Macs would have makes no sense.
Even reducing the RAM to 16 Gb would likely save 500 dollars on the elitebooks. Going to 8 to have parity with the macbook air or neo would save even more. Going to a core ultra 3 would save more.
HankMardukasNY@reddit
Have you tried at least getting quotes from other OEMs like Dell, Lenovo, ect? Why is the choice HP or Apple?
down_with_cats@reddit (OP)
I've been working with Dell and Lenovo to build custom configs similar to what we have with HP. However, I can see pricing of the already configured SKUs of these models on CDW. We might get some initial "special pricing" but I've been around long enough to know that the pricing isn't going to last.
TheGCO@reddit
Why CDW? They are just a middle man, go direct to the manufacturer.
statikuz@reddit
I think he was saying that he already sees the retail pricing of those and he doesn't anticipate a huge discount off those, not that he was intending to purchase through CDW.
down_with_cats@reddit (OP)
Exactly this. I shot off more emails to the Dell/Lenovo contacts I have. I don't get it, we spend like $700k a year on hardware and they just send me to voicemail.
DevelopersOfBallmer@reddit
You need to fight to get a Dell rep but once you have a good one it's great. We are getting pro premium laptops 32g plus the nice add ons (3 year pro support, wifi 7, bigger battery, ready image, enrolled into AP, etc) for 1500ish. We only purchase about 50 laptops a year.
therankin@reddit
I've had a few great reps, but they get promoted and then I get shittier ones. My Dell rep now is ok at best.
My CDW rep is awful. That went from a 9/10 to a 2/10. Sometimes I have to send three emails just to get a response from her. In the past I can remember at least two times where I've had to CC her boss in order to hear back.
katsai@reddit
The problem with Dell is that if you haven't done any major purchases with them in the last five years, you start out in their Acquisition queue, which is largely driven by inside sales reps with no AE. A big enough purchase can jump you immediately out of ACQ into SMB or Enterprise, but it takes getting someone on the phone. Your ACQ rep isn't going to want to lose the deal so they'll try to keep it in their department, at least for the first year. I don't remember the thresholds for annual purchase to get out of ACQ but it's significant, or was when I worked there a couple of years ago. Another way is to do some Linkedin stalking. Dell reps tend to list their territory on their profile. Find a rep for your state, message them and see if you can get a conversation going that way. Everyone that I know who's still there after the last round of layoffs is looking to bring in new business so the odds are good they'll give you a good deal.
agoia@reddit
That sucks, the VAR I use is stellar when working with Lenovo and will get me bargains even on small stuff like peripherals.
brzantium@reddit
Have you tried reaching out to alternative VARs? I've previously worked at SHI and Connection. A competitive situation like is going to receive a lot of attention - everyone loves taking business from CDW. If I was competing, I would first see if there's any way to get the price down on the HP system. CDW could be taking you for a ride. If not, then I'd send your current system specs to the VAR's dedicated Lenovo and Dell teams to turn around comparable SKUs and submit a deal registration with each manufacturer (note: it'd be important to know that it's been pulling teeth working with direct reps; if the manufacturer is already aware of a potential refresh they'll deny the registration, but a piece of info like that could turn it around). I'd also look for additional funding sources to drive the price down further. Since we're trying to take CDW market share, I could likely get money from marketing. If you're considering moving from Intel to AMD, AMD may also add funding. If the C-suite is dead set on Apple, there's not much that can be done on pricing - they're notoriously stingy with discounts. However, the VAR should have resources to help with the imaging aspect (I know CDW, SHI, and Connection do) and be able to take that off your plate along with asset tagging, kitting, and deployment if needed.
monstaface@reddit
Make sure your contacts know they who they are competing against. Once Lenovo knows that Dell is cheaper with the same specs i've seen them drop their price. It's a silly game to play but i've seen it pay off.
FoxNairChamp@reddit
You will get massive discounts on Dell products if you request quotes. We have seen PCs/laptops/servers at nearly 40% off at times.
8BFF4fpThY@reddit
Recently got 51% off list on an order of 100 laptops.
jmbpiano@reddit
Don't let those numbers fool you into thinking you're getting an amazing deal. I've been buying Dell for over a decade and they have always artificially inflated the "list price" on their website.
If you look at the specs of what they're selling compared to their competitors' products, the price they actually sell at has always been comparable, if a little on the high end, and the prices never ever get anywhere what they claim as list whether you're buying direct or through a reseller.
TheGCO@reddit
Yes, this. The enterprise systems are often priced for retail based on the discount price they are willing to give to corporate entities. It's the same practice medical billing does. List price for patients different price for insurance.
milkmeink@reddit
Through Dell Premier I was able to get spec’d 80k servers for 24k. Two different instances with the same discount. Discounts can be huge!
ExcellentQuestion@reddit
Hilariously, I thought you meant you were buying 84k servers, not $84k servers
E4NL@reddit
We always get a better price via our Dell contact person, even better than via your Premier portal.
But we do half million + every year.
Long_Inflation_7524@reddit
Yeah, the reps are great for discounts and mine have spoiled me with test units a few times a year. Lucky enough to get a last one before RAM/storage prices went insane... and my trusty rep left :(
wttrcqgg@reddit
Only if you're big. Small shops don't get much different pricing than what is available from CDW or similar(its been higher in my experience).
ntrlsur@reddit
Not really true. I had my helpdesk guy spec out a tower on our premier page. Our dell rep got it and massaged it a bit and got us even lower pricing. This was a 10 unit order and he got the pricing under 9000 with pro support for 3 years. We have less then 240 employees.
Hartzler44@reddit
Same here. It does wonders!
degoba@reddit
Legal. Im guessing OP is at a gov shop. Lot of rules around how equipment and software is purchased. Almost never able to buy directly from manufacturers
Shthwi1@reddit
Looking at the same thing coincidentally, but yes pricing is wild across the board.
Dell's their lead times were great 5 to 15 days; it didn't seem as if I needed to go through a VAR at all, and quotes are good for a bit. Lenovo, on the other hand, forces you to go through a VAR (CDW is our VAR and it hasn't been a great experience), along with lead long lead times on the Lenovos, 11+ weeks, quotes only being good for a week, and were talking about switching models soon.
Macs are an option, but you may have to put a dollar amount on the labor it would take to switch, some senior leaders usually don't see the cost down the line and only see the initial sticker shock.
One_Presentation4345@reddit
Dell has been screwing customers and VARs on their servers / storage and also squeezing VARs on pricing for client stuff like laptops and taking the business direct for a while. They've handled the AI boom supply chain management poorly, and have burned and gouge a lot of customers. I will admit, they can ship a laptop though!
aisa10@reddit
I am now way more curious as to other people'a experience on this regard. We used to be with Dell but dealing with our rep was awful, so I decided to switch to Lenovo. So far its been a good experience, we deal with Lenovo directly. Luckily the specs we need are available in stock computers so as opposed to Dell, they would build on purchasr and that would usually take a week or two at a minimun to get them delivered. With Lenovo, I can get them delivered in 1-2 days if it is in stock. I don't need to ask our rep to make us a quote, I can find what I need on their website, add it to my cart and convert it to a quote. Lenovo Pro also gives discounts once you pass a certain spending amount.
I do agree that the cost of computers in general has definitely increased, but at least I find it way easier now than when I dealt with Dell.
yumdumpster@reddit
Thats crazy, Lenovo set up a business store for us in europe and we purchase directly through them and I usually get the laptops within 2 business weeks.
Just purchased a bunch of P14S's on sale, 1500 Euro with R7's 32gigs of ram and a 1tb m.2.
rainer_d@reddit
I think my boss mentioned that he can get the P14s we use (64GB RAM Intel GPU 3k screen, 512GB SSD) for sub 2000 CHF.
I would have preferred a Mac, though.
yumdumpster@reddit
These are just for Finance. Everyone else gets a Mac. I started telling non-finance empployees that have Windows machines when they are up for a replacement they are being forced onto a Mac.
Padgriffin@reddit
We also got that deal for the P14sG5 but we paid about 600 GBP per machine for them
Sammeeeeeee@reddit
Our dell quotes are usually good for 48 hours. At the time of RAM pricing votility we got a quote exposing EOD in the 6 figures, for pallets of computers - they sent a whole truck down from a freight company, we've never had that before.
af_cheddarhead@reddit
Don't forget the costs to transition current PC user to their new Mac. Depending on your user base it can be quite expensive.
tardiswho@reddit
I heard from Dell yesterday that prices are coming back down. Don’t know what that means yet.
ITJoshNJ@reddit
Work with Dell directly. They will undercut their own resellers…it’s actually kind of nuts
Top_Boysenberry_7784@reddit
Pricing is wil across the board. We are a small shop and consistently get much cheaper pricing than what you see on cdw. With current market we have to email our rep for quotes on every order though but he is quick.
THe_Quicken@reddit
No. Nothing against CDW but you need to get a dedicated Dell account rep if you want best price. And in my experience Apple just doesn’t play well with an AD environment.
injury@reddit
CDW is part of your problem in that scenario. Web prices are generally better than CDW and Dell's sales people beat their advertised web prices by quite a bit.
AwalkertheITguy@reddit
We have been moving around from each of our vendors, cdw, Quadbridge, and Insight. Every blue moon we catch a break. My guys spent 8k last week for 3 Lenovo laptops and I was "happy" as opposed to February where we spent 9.5k for 3 units
ThecaptainWTF9@reddit
Look at people like Griffin IT, refurbishers, sometimes they have new stock even that is cheaper.
We’ve bought like 15 laptops to have on hand that were BNIB, and like 1200 a pop for a Ryzen 7 chip and 32gb of mem compared to the 2200+ they are new.
SirEDCaLot@reddit
And your solution was start buying Macs?
I'd rather have Dells as a stopgap and keep everything 100% manageable than start creating snowflake users and more tech overhead.
willdeleteacct1year@reddit
https://www.cdw.com/product/lenovo-thinkpad-p14s-gen-6-copilot-pc-ai-workstation-14-amd-ryzen/8401308?pfm=srh
That is list price under $2000, if you have an account with them you can get another 10-20% off depending on volume and how large your account/business is,etc.
iamabdullah@reddit
Pricing IS going to tomorrow.
locke577@reddit
There's your problem. Get an actual HP account representative, they will get you much better pricing than CDW, the HP website, or any other source. I'm still buying 860s for 1100-1400 depending on spec
down_with_cats@reddit (OP)
I have an HP account rep.
henrylolol@reddit
A 32gb with 500 gb of storage on a Max pro is $1400 with an ultra 7 chip. I’ve been with Dell for 7 years now. I also thought I could go with Apple over Dell due to cost and boy was I wrong.
Ron-Swanson-Mustache@reddit
I've been getting stuff from Lenovo from $1300-$1500 out the door.
Threshereddit@reddit
I use CDW to price things for people I dislike.
GardenWeasel67@reddit
CDW doesn't always give the specifics of why a SKU is priced a certain way. Sometimes it's not just raw hardware, but if CDW does additional customization and handling, then that gets added to the SKU but doesn't show in the description.
Also note that HP has started locking RAM to a single slot for DDR5 SKUs. If a custom SKU uses 2 or more slots the price will be substantially more.
hurkwurk@reddit
do you work with VARs or direct? generally speaking, an order of \~50+ units should be a discount of 30+% over "retail".
HP's retail pricing is insanely high, and we have never paid anything close to it. my last "ai" system order had a retail price spec around that same 2200 range you mentioned, but our cost per unit was around 1700 for 10 units.
we do competitive bidding with our registered business partners. I have about 15 VARs registered with our middle sized government, but all of them work with smaller customers as well. Even if you got yourself a CDW account rep, they should be able to get you better than list pricing, especially if you have a 700k/year spend.
INSPECTOR99@reddit
How about leaning on Apples Engineering to "Engineer" your solution. I am sure they would not be unhappy at creating & providing assistance & training for a new customer convert to MAC :-). Especially since Apple could then leverage THAT solution across the board in their marketing efforts :-).
tshwashere@reddit
We are a Dell shop. Just received 2 laptops similar to OP, U7 instead. $2400 so it's all the same across all manufacturers.
allogator@reddit
Yup, and the ups and downs are insane. A few weeks ago I forgot to make an actual "quote" for a high end desktop build. It went from ~$35k when I originally priced it for the user to $~31k. I rejoiced.
Yesterday I made the same mistake on a laptop. 4 days ago I priced it at ~$3.1k. Yesterday that exact same laptop and spec was ~$4.2k. I will no longer be pricing computers for folks without generating an actual quote even if they say "we probably won't buy it".
Doesn't help that quotes are only valid for 14 days now instead of 30.
HankMardukasNY@reddit
Dell Pro 14 with a U5 235 32GB RAM and 512SSD i can build online for $1698 which in my experience will be a good anmount less when getting a quote for his quantity from a rep
bloodlorn@reddit
Dell is staying competitive but long lead times. Lenovo custom units are crazy. Top sellers are a mix.
VernapatorCur@reddit
Our company started buying a bunch of macs for Claude Cowork, so I've gone through the process recently. We're currently using Jamf as the MDM for our macs. It uses Entra as the IdP, so all user accounts are centrally managed. We have configuration profiles that push the apps and settings our policy requires. We drop ship the Mac to the end user from the apple store, apple store adds the computer to Apple Business Management, ABM assigns the Mac to Jamf as it's MDM, and when the workstation arrives at the users end they power it on, it connects to ABM, ABM redirects it to Jamf for its configuration profiles, then it presents them with an Entra login window.
It was a pain to set up because we tried doing it ourselves initially, but one 4 hour session with their onboarding techs and we were up and running. If you're definitely moving to macs, it /can/ be really hands off setting them up for an end user.
therankin@reddit
That's definitely sweet. I haven't made the leap to IdP yet, so all my in house computers still use Active Directory. I will probably make the jump to Google Workspace IdP at some point.
Here's a question though. If you have one of those machines and it can't connect for whatever reason, can you log in with a local account?
VernapatorCur@reddit
Jamf creates a local account that is synced to your IdP, so yes you can sign in when offline.
daveagill@reddit
I don’t see anyone talking about Apple Business for MDM. I’ve not used it so I don’t know how it compares to the likes of Jamf but it’s the “official” solution from Apple.
therankin@reddit
It's interesting because about 7 years back, when I was looking for a solution, jamf was the "official" Apple solution.
It's amazing and zero touch deployments are doable. I've never gotten that far though. I need to have my hands on the machines first anyway. It really makes app, script, config deployments easy and has great logging capabilities.
From what I've heard, Apple's solution is a bit more basic, but works if you don't want to get too deep in the weeds. I think it costs less too.
therankin@reddit
jamf is great. I've been using it for years now.
There are many people who claim they've set up zero touch deployments with jamf, but I haven't gotten that far because I'm a smaller shop and having to touch each device is ok for us.
mweitsen@reddit
Stop buying HP. Our 16" Dell laptop standard with 32GB of RAM is under $1800.00 with a 48 month PS+
DismalOpportunity@reddit
We are in the exact same boat. MacBook airs are now 20-30% cheaper than equivalent elitebooks. I’ve heard from our partners that all OEMs (except Apple) are the same, there’s no deals to be found.
I do wish there were macOS alternatives to some of our Windows only apps. I really don’t want to have to manage a parallels vm on macOS.
MathmoKiwi@reddit
Saving pennies to lose dollars! Support costs and training time will eat up any initial small savings.
novix_@reddit
Dell did the same just after Easter. Laptops went up $1000 each.
Hunter_Holding@reddit
>My biggest concern is imaging them. We have a very small MacOS footprint now (30-40 devices) and each one was a pain to get setup for the end user. We primarily use Intune which has "user affinity" so we have to reset the end user's password, login as them to download the management certificates, and then spend several hours manually configuring it. I've automated a lot with Intune, but there's a lot of manual effort to domain join, allow the AnyConnect VPN profiles, allow TeamViewer screen recording, etc. We own Tanium but I don't really see a ZTE option with them and it looks like we may need to purchase licenses for a product like Jamf.
Imaging?
Internet recovery, hand to the user in the fresh out of box state, done.
Don't domain join them. Kerberos SSO extension or Platform SSO (or both, as needed) for seemless integration.
Your user accounts are local accounts. Accept and learn that on the mac. They can be tied to your cloud identity (PSSO) or AD (Kerberos SSO) but are not domain accounts or cloud accounts - on the mac you treat them as linked-to-whatever but still local accounts first and foremost.
Local account setup, machine naming, etc - all automated via intune. DEP(ABM) handles joining it during initial turnon setup and guiding the user through the whole setup process.
We, unfortunately, do use Intune. Forced to move off of JAMF. If you can, get JAMF. It'll still cost less than your expected difference.
Mac, done right, will be cheaper overall than windows laptops in their lifecycle and long-term support costs/staffing/ticket volume regardless, and even in the x86 days our configs were approximately 1:1 spec with the Dell and HP's we were buying, and about within $100 of each other's prices, but with 4 years of hardware support instead of the 3 on the dell/HP side - so we had 3 year replacements for windows machines, 4 year for mac.
>I've automated a lot with Intune, but there's a lot of manual effort to domain join, allow the AnyConnect VPN profiles, allow TeamViewer screen recording, etc
All of that should be automated and/or up to a user prompt to enable when needed. No issues there.
moreanswers@reddit
How do I lock-out termed users from accessing company Macs? In windows we just disable the AD user, then force a reboot on the machine. Is this doable with a mac with local accounts?
Hunter_Holding@reddit
MDM wipe/lock/disable the machine. https://support.apple.com/en-jo/guide/deployment/depb980a0be4/web
Lock a Mac: Device management service administrators can lock a Mac with a six-digit personal identification number (PIN) and include a short message. After sending the command to the device, it restarts and the user can see the message. The user can’t restart into macOS until they enter the PIN and the Mac validates it.
As to what you currently do on windows - it's theater, doesn't prevent local access to the machine.
A rebooted AD joined machine is still accessible unless you've disabled cached credentials. It'll fail logon is on network, but offline it'll still validate against the cached credentials/account. Even if it's been in contact with the DC and failed login with disabled account before, take it back offline and you're in!
If you have a machine tunnel setup going, then just not connecting to any network will still let the user log in with the last working password.
Disabling the AD account does nothing to prevent local access. The reboot doesn't help either.
I've often (for many reasons) taken machines offline in scenarios where I was troubleshooting to bypass AD connectivity issues and/or log into machines with known password disabled accounts that had been used previously, as a valid troubleshooting step! (Especially useful if restoring/exploring an old VM backup....)
As to disabling cached credentials, current STIG (US Gov security guidance) requires restricting it to 10 logins being cached (that is, 10 accounts, not 10 previous login attempts) to align with TPM2.0/Windows Hello functionality, but it applies even if
So unless it's a chained machine locked in an office/datacenter, you're using cached accounts/logins, even if it's just so the user can get to the desktop to connect to VPN.
moreanswers@reddit
I just tested this on a W11 laptop joined to our domain, and once the AD account is disabled and the laptop synced to the DC, taking the laptop offline didn't allow me to log in with that user's creds?
Hunter_Holding@reddit
Give it a reboot with it offline then try and log in. That's what I usually do to log back into a laptop.
The credential cache doesn't actually sync the account's status. Just the user/pass info/hashes.
There's nothing it "syncs" to the laptop in regard to account status in reality.
I've used this trick before to reboot a desktop, log in, plug back in the network cable, and regain my locked-out account 😃(I could then RDP to the DC from the machine - had to use the joined machine because of network 802.1x machine auth - and unlock myself)
Account lockout status in an AD scenario is only served/stored from the DC side of things. The credential cache doesn't keep AD account status or other attributes - it just doesn't care.
Disabling the object in AD essentially disables the ability to authenticate against the domain with the account but doesn't revoke or obliterate the cached credentials.
https://learn.microsoft.com/en-us/entra/identity/devices/faq#why-can-a-user-still-access-resources-from-a-device-i-disabled-in-the-azure-portalhttps://learn.microsoft.com/en-us/entra/identity/devices/faq#why-can-a-user-still-access-resources-from-a-device-i-disabled-in-the-azure-portal
This is, as i noted, still an issue with Entra/AAD joined only as well - https://learn.microsoft.com/en-us/entra/identity/devices/faq#why-can-a-user-still-access-resources-from-a-device-i-disabled-in-the-azure-portalhttps://learn.microsoft.com/en-us/entra/identity/devices/faq#why-can-a-user-still-access-resources-from-a-device-i-disabled-in-the-azure-portal
moreanswers@reddit
I don't know how long ago you used this trick, but its just not working for me. This a fulled patched win11pro laptop, maybe MS fixed the loop hole.
I really wanted this to work. It's cool.
Hunter_Holding@reddit
It's not a loophole, it's how the cached credential system works.
I just reproduced it in a VM here myself.
GeekBrownBear@reddit
We are a Windows shop that only recently got into Mac and everything you said is what made it damn easy. At least once we figured it out. Sure you need a bunch of mobiconfigs for some security policies, but once you make one device perfect and learn what you need to configure. It's smooth sailing.
ASympathy@reddit
Also a windows shop first here. Intune with platform sso is the way to go if you can't afford jamf. It's finally a good enough solution, including laps.
GeekBrownBear@reddit
100%. We are using NinjaOne's Apple MDM and it works well along side Intune for platform SSO.
RikiWardOG@reddit
Listen to this guy, Mac management isn't as scary or bad as you think it is. Users might need a little training, but really they mostly just need to understand how to get to their apps usually.
carterxz@reddit
Yup, Mac’s at my agency are way easier using JAMF. You install profiles after registering and activating. Create the user profile with a temp password and that’s it.
JAMF will push the installs automatically after installing the profiles and checking in with policy through self service.
phillymjs@reddit
Intune is garbage for managing Macs, and nobody should still be domain joining Macs in 2026.
WraithYourFace@reddit
We buy through the UPS program for HP. An ElliteBook we just bougt went up $500 in price. Luckily we just replaced everything in the past year (although I wish I went with 32GB memory for even standard laptops).
FuckinHighGuy@reddit
Jamf is going to be your answer. That’s what my company uses and there are over 65K employees. I’d say most choose MacBook Pro when they are hired or at tech refresh time.
Crion629@reddit
Every OEM is pretty bad right now on the pricing front. Because pricing is so volatile, pretty much every OEM I know has terms that if the deal doesn't close/ship within 30 days they reserve the right to cancel the order if pricing changes. Lead times are bad across the board and pretty much luck of the draw if you catch them while they have unspoken for stock.
breenisgreen@reddit
I was concerned about macOS management with intune but honestly, not that bad at all. Our Macs work just as well if not better than some of the windows counterparts.
sneesnoosnake@reddit
PacketSmeller@reddit
Warranty is a big factor with Macs in business. If you don't meet the minimum for Apple Care+, then you won't get onsite NBD repair replace. There's not much you can repair, so this is something your finance team needs to understand.
The rest is just details (MDM, RMM, MAM). There's plenty of ways to manage them.
Initial_Western7906@reddit
As someone who's worked in a mac-windows hybrid environment for years, Mac's are actually so much easier to deal with than Windows. As much as that pains me to say. They're just consistent and quality.
I_cut_the_brakes@reddit
This has to be rage bait.
Initial_Western7906@reddit
Which part?
Willamette_H2o@reddit
I'd try shopping around. We order directly through Dell and got 14-inch 2-in-1, Ultra 5, 32GB RAM, 512GB SSD, fingerprint reader, BIOS settings, Ready Image for $1400 as of 7 days ago. This was also a one off device, not ordering in bulk.
mourningwitch@reddit
Can confirm, we just put in an order for a small batch of Dell Pro 14 Plus (that naming scheme though...) for one of our departments and they were about $1300 a pop with a slightly lower config. Not bad given the RAM Apocalypse going on.
7eregrine@reddit
Another point, I just paid $850 for 2 "Dell 16 Laptops". The chassis feels kind of cheap, but:
Intel Core I7 15th gen, 16gb DDR5, TB SSD, 16" touchscreen.
PLENTY for what we do.
pdp10@reddit
Coincidentally enough, LTT tested a 4-core AMD version of the Dell 16, and a couple of others, against the Neo. Were they $850 each or $425 each?
7eregrine@reddit
850 each. We just got rid of the last Apple in our domain. I'm good. 🤣
down_with_cats@reddit (OP)
Thanks, I'm trying to get Lenovo/Dell to take us seriously, but I guess we're a small fish in a big pond. It's been a pain constantly bugging them to respond with pricing and quotes.
lilotimz@reddit
Go through a good VAR.
Our standard Pro Plus 14/16's customized with a registered deal at our VAR (i5/16gb ram + 500 gb ssd+5yPSP) is ~$15-1600 wile equivalent open market models are $2-2.4k. Pro 14/16 are -$2-300.
You need a good VAR and account manager.
entropic@reddit
Your time might be spent best finding a good contact at a reseller who sells HP, Dell and Lenovo.
Our org has a Dell Premier portal but usually a reseller can still beat that price, and help us look into alternative vendors if needed that cycle.
thatfrostyguy@reddit
Why not go through a vendor like CDW, Insight or any others. They normally will try to get the lowest prices.
Deodedros@reddit
They are generally slow. My company is also experiencing that with both lenovo and dell. Its an unfortunate situation.
DifferentSpecific@reddit
Dell is (was) notorious for going through account managers for businesses. When that was in my wheelhouse I think we went through 5 in 2 years. Just about the time the person learned our way of doing business they left.
Awkward-Candle-4977@reddit
Which dell model?
Op elite book 860 is equivalent to pro premium / latitude 7000 series
Willamette_H2o@reddit
Dell Pro 14 Plus, definitely not apples to apples comparison but just throwing out a price point.
ohyeahwell@reddit
I can't wait till Dell goes back to a sane naming scheme. Pro plus premium is awful.
Livid-Setting4093@reddit
You may want to look up the price on this one - as far as I know they had a price increase just this week.
wasteoide@reddit
I just got a quote two days ago from a reseller for HP Probook 4 16" G1i, Ultra 7, 16GB RAM, 512 SSD for $1,299 ea.
Livid-Setting4093@reddit
That doesn't sound too bad.
We purchased a batch of desktops last week and this week they are 30-40% more on Dell website so I suspect it can be a global increase.
wasteoide@reddit
It's not great but it's not the end-of-the-world doomsday scenario I keep seeing preached. I know it's not going to get better any time soon but I'm just praying it doesn't get much worse.
Few-Shoulder8960@reddit
Wow thats a great price. Keep that Dell rep close lol
nsnively@reddit
We ended up making the switch from Dell to Lenovo for this same reason. They were taking forever to ship to us and costing us way more. The Lenovo's have been more stable too.
GardenWeasel67@reddit
It's not just HP. RAM and SSD prices are out of control.
You need to be vary careful in evaluating Neos and matching to user workflow.
They are cheap for a reason and priced low because of the engineering tradeoffs.
DifferentSpecific@reddit
Just needs another 8GB of RAM and they would dominate the basic business PC market.
tejanaqkilica@reddit
They would also need to run Windows though, and I don't see that happening anytime soon.
ohyeahwell@reddit
Our ERP is the last windows-bound app, everything else is saas. Our ERP has a WVD/RDP option to but idk if I want to support that yet. I use it and it's fine but it's another two layers of login to get to the app even with the "Windows App" app.
pdp10@reddit
A non-webapp Line-of-Business application in 2026?
ohyeahwell@reddit
Tell me about it! Just had a sit down with them last week about their future project and told them the young people we're hiring are NOT interested in late-90's thick app clicking, typing and tabbing.
jlharper@reddit
You could always make it accessible through Citrix or AVD if you support either. I’ve found AVD to be a good solution for these edge cases.
ohyeahwell@reddit
This is AVD via our erp SaaS. We auth against their tenant to login to AVD, then the app login sso to our tenant.
I don’t control the overall AVD erp tenant so it’s a completely separate set of credentials. It’s a wonky way of doing things.
jlharper@reddit
Ahh yeah that makes sense. I can’t see any easier way in that case!
flecom@reddit
Why? Windows 11 is garbage, and I'm sure most of your non-technical userbase has an iPhone already
If you need to run windows applications you can do that via various packages like parallels
But since everything is a webapp now (for better or worse) I don't really see much of a usecase
tejanaqkilica@reddit
MacOS and iOS, have awful interoperability with other software, it's either Apple's way, or now way, and that's something I hate. Some of my users do have iPhones, they like their personal ones, they hate their work provided one.
Windows is fine. Just like it has always been. I like Windows a lot better than MacOS, partially also because I have 20 years of experience managing it, while with MacOS that knowledge goes down the drain.
pdp10@reddit
I've always thought that about Microsoft.
tejanaqkilica@reddit
Microsoft has nothing on Apple when it comes to locking down a system. All my iOS users for example, are in God's mercy when it comes to backups, since you can't backup to anything else besides icloud, and we don't use icloud.
tecedu@reddit
excel
flecom@reddit
https://www.microsoft.com/en-us/microsoft-365/mac/microsoft-365-for-mac
tecedu@reddit
not the same
HDClown@reddit
There are industries and verticals where critical business software is not a web and reliant on Windows apps. Some are still knee deep in Windows only apps, like banking/finance.
The ability to run Windows on Mac doesn't come with zero cost, so it's just as simple as "you can do that".
DeeYumTofu@reddit
Do you think this could be solved with something like parallels or some sort of published application VDI?
HDClown@reddit
Sure, there are many options. Virtualization like Parallels/VMware Fusion, translation tool like CrossOver and Wine, remote desktops in RDSH/published apps, dedicated VDI machines, multi-session VDI.
What will work will depend on the apps themselves working in those options, which solution the app vendor may support (if that's important to you), performance needs, etc.
There's also hard and soft costs among those options, so you're just shifting things around, plus they all introduce different layers of complexity in terms of supporting the solution deployed that way.
If the driver to use a Mac and not a PC starts with "the end user hardware and support costs will be less over the usable lifespan of the device", pulling the trigger solely on that would be a poor decision, which is what everyone's trying to point out in general.
As is always the case with this stuff, it's just a black and white decision, and if you are in an org with Windows only apps, then that's just another part of the equation in making a fully informed decision.
TheFriendshipMachine@reddit
100% agree. But as the Mac admin in the banking/finance space, every day less and less of the work being done here needs to be done on Windows. I doubt Mac will ever truly replace windows entirely in this space but there's a lot more reasons to put people who don't need windows onto Macs these days than before.
Geno0wl@reddit
There is a lot of work being done by different companies to create translation layer software to run native windows apps on Linux or Mac. And I suspect that work is in part the reason why Microsoft has said they are changing course slightly and going to focus on actually improving the end user experience of both their OS and office Apps. Microsoft must know that their market advantage of a long entrenched install base might start slipping through their fingers if enough pressure is applied. I mean Valve's work with proton and the steam deck alone has obviously caused some consternation for MS
pdp10@reddit
If Apple ships an A19 SoC-based version of the Neo in 10-24 months, then that has the technical potential to have 12GiB memory on-package.
GoogleDrummer@reddit
That was my thought. The Neo runs on the same processor as the iPhone 16 and is locked at 8 gigs of RAM. That'll probably work for some workloads but not all.
b4k4ni@reddit
The devices themself are ok and should be enough for normal work. Main issue might be the RAM and whatever they use as software. Its it's all web, RAM could be an issue, even if the OS itself doesn't need much.
sinchiyap@reddit
After serving a large corporation for 2 years, I'd say that for most manager / VP level personnel, a MacBook neo is sufficient for email, docs, and zoom meetings. But of course, since they're manager / VP they must have 14" MBP with 64GB of RAM.
/s just in case
Generico300@reddit
Spec less RAM? What do you need 32GB of RAM for? And no, chrome isn't a real answer.
badaz06@reddit
I LOVE MY MAC!!!
(you will want to look at Jamf though)
Crazy-Rest5026@reddit
Lenovo thinkpads and think books are solid replacements.
We give HP to upper management only
electrowiz64@reddit
The irony because HP is as low as it gets in terms of quality, Now theyve migrated to robbing and scamming people lol
GreenBurningPhoenix@reddit
Yep, our HP orders got cancelled as well due to prices skyrocketed, but that was cancelled by HP. In terms of mac, we image it by creating the very specific user with a very specific password, and then we install a specific profile on it, which enables out auth and synch with the AD, and the rest is pulled by the script. It's a giant company with tons of sec related sensors installed on each laptop, plus inhouse tools, plus office m365, so everything has to be automated. The entire procedure does take a few hours (the same as our windows imaging), but the machine does it on its own basically. This gets 'clean image' - a base which firs everyone, and the specific software for specific people is installed manually, and they usually do it themselves. We have very solid wiki pages for devs or ops.
So, maybe you can look into building a profile for MAC for the initial kickstart, and then build a script which will slowly install and configure everything.
I_cut_the_brakes@reddit
I would literally quit. I worked with a few Mac shops during my MSP days and you'd have to pay me a lot of money to willingly do it again.
AntFirm4593@reddit
give ur management team macs for test then see if they still wanna do it
GardenWeasel67@reddit
Make sure they are tested with fully managed and locked down controls equivalent to your Windows environment. C-Levels LOVE out-of-the-box Macs w/o any controls.
F0rkbombz@reddit
Exactly. They just want a Mac they can do personal things on and work things, but they don’t wanna say the quiet part out loud. Folks stopped screaming for Mac’s when we locked them down and managed them like our Windows devices.
Tramd@reddit
lmao so true. You disable the consumer features like imessage, airdrop, etc. and suddenly they don't really want it anymore...
BemusedBengal@reddit
On the other hand, I'd leave my work phone at work if it wasn't an unmanaged iPhone.
Pestilentsoup42069@reddit
Bingo
Kinamya@reddit
This is what we're are doing, we are still in the setting up Intune to support it. We'll see!
TheRani_Ushas@reddit
Have you looked at HP Probooks? They are more in the range you are looking for. We have a fleet of both Elitebooks and Probooks, and I find the Elitebooks to not be worth the price increase over the ProBooks. The ProBooks just last longer. We have had nothing but problems with the EliteBooks and are phasing them out of our fleet.
Bill___A@reddit
That’s not a sound basis to be changing platforms. And changing to a low end consumer grade model is an added issue. RAM and disk prices have skyrocketed.
TheITCustodian@reddit
Corporate locks us to HP. We’re not doing AP or Intune (long non-Microsoft 365 reason.. hello Google Workspace. Ugh).
HP rep kind of sucks, pricing is bad, quote is only good for a week “because AI, you know.” Basically “don’t like it? Tough.” Then purchasing/finance/asset control sit on the req for 8 days and bitch cuz I provide yet another updated quote that’s different. “If you moved in a timely fashion, this would not happen.”
Every quote the price goes up. What was $1100 4-5 months ago is now $1400-1500 and climbing. Leadership is bitching that I’m spending too much money replacing Win10 systems that should have been recycled 2+ years ago by my predecessor. It feels like I’m on a weird merry go round.
I’d like to have a mix of OEMs, and HP isn’t my first or second choice, even. Corporate: “we standardize on HP” sigh whatever.
Assumeweknow@reddit
Lenovo pro shop here. We only do a quarter million a year but it works. Amazon if all else fails..
redline83@reddit
lol, unless these are software developers, any business thinking they will save money in the end by switching everyone's OPERATING SYSTEM and stack is on crack
Horsemeatburger@reddit
Well, we did (went from MS365 + Windows + MS Office to GWS + ChromeOS), so unless they are putting something in our drinking water we actually did save money. Quite a lot, in fact.
redline83@reddit
If you ignore the massive hidden cost of temporary inefficiency and retraining.
Rand_alThor_@reddit
It takes 2 seconds to ask chatGPT how to do X on new OS. It’s not a barrier anymore.
Applications and web UIs aren’t tied to OS either. Main cost is IT admin and documentation. Depends what kind of competency you already have.
Horsemeatburger@reddit
Sure, if the aim is just to get some kind of laptop, you'd be right.
If the aim is to switch the whole business to something else, though, that's a different story.
electrobento@reddit
At my software dev company, the vast majority of developers prefer Mac.
redline83@reddit
Well, that's why I said unless they are devs. However, even among software engineers, embedded other hardware adjacent developers need Windows for many tools.
Spirit117@reddit
I can't comment on issuing macs to end users in terms of setup/support/mdm etc, but I find it ironic and hilarious that for the longest time apple has been price gouging the absolute shit out of people on ram and storage so badly that they didn't have to increase prices significantly for the rampocalypse.
Now that all their other competitors have raised prices, MacBook pricing actually looks reasonable compared to windows laptops.
Rand_alThor_@reddit
They also don’t do just in time pricing. So they can kill their competitors atm, even while making a profit
Rand_alThor_@reddit
It’s very possible to admin macs just as easily. Find what it takes to either get trained (for IT admin not users), or bring in a consultant/consultancy.
Then let management decide if they want to pay that.
Karnitine@reddit
JAMF
headstar101@reddit
With the obvious risk of downvotes; macOS does not belong in a corporate environment.
Overdraft4706@reddit
Apple seem to do alright using them! And you can even run real Microsoft Office and OneDrive and all sorts on them!
headstar101@reddit
Cool. Doesn't change my opinion about them.
Overdraft4706@reddit
yeps that fair :) We have 3 in my org and they are a pain to manage compared to Windows. But.... i am getting paid so who i am to argue.
headstar101@reddit
Your boss. Bosses hate wasted time ^(Hints at flair)
Overdraft4706@reddit
he was not the one who made the choice, we are just blessed with having to support them!
ProfessionalEven296@reddit
Darnit… need to tell our IT people to call back that last 5000 MacBook pros.
Just bought my wife a MacBook Air to replace her POS HP laptop (6 months old), that she, I and HP support were never able to make work correctly..
headstar101@reddit
I'm not responsible for how your company chooses to waste their money.
Also, we all know HP techs are morons...
geekonamotorcycle@reddit
I managed just under 300 Mac’s for a music company and I came from almost 2 decades of windows management and my god is it so much easier to manage Macs. A few things
After that, abm connects to your mdm and enforces the profiles. It’s really super simple. You control with policies and it just works without a ton of extra licensing or Mikel and diming.
The training is minimal and if you have nix knowledge you have everything you need.
jazxxl@reddit
Lenovo e series with that spec is around 1k from cdw. Cdw web prices have nothing to do with actual vendor pricing
hibby18064@reddit
If you need 32 GB of RAM, how is a Neo with 8 GB or an Air with 16 GB going to do what you need?
Visible_Spare2251@reddit
There are Air models that have 24GB that will outperform a Windows devices on 32GB.
hibby18064@reddit
OK, but this man said Neo...
MomsSpagetee@reddit
Macs don’t need the RAM that PCs do.
sharkstax@reddit
This isn't /r/shittysysadmin
intelpentium400@reddit
Those prices are crazy and EliteBooks aren’t even that good
Civil_Inspection579@reddit
yeah the hardware savings look great on paper but the operational side can bite later. mac deployment gets way easier if you go all-in with something like automated enrollment + proper MDM, otherwise it stays manual and painful.
Visible_Spare2251@reddit
Once you set up an MDM (which is pretty straightforward), managing Macs actually becomes simpler than Windows.
Low-Branch1423@reddit
Sorry but one thing really stands out. Mac Book news are mobile phone CPUs with 8gb of RAM. What makes that comparable to the HP you are quoting? Surely reducing the RAM to 16 and cpu to i3 would be a closer spec comparison?
waitingforcracks@reddit
Try Kanji as MDM, our IT team loves it
Effective-Design2378@reddit
Switching your whole ecosystem isn’t the answer to that, plus you’d need to factor in the cost of the MDM (Kandji/Jamf) to manage them and the downtime where people don’t know what they’re doing. Look elsewhere for Windows machines, there’s no way you can’t get an equivalent for less than an Apple machine. They might have to just suck it up for a bit, everything’s expensive as shit at the moment.
j0mbie@reddit
You can't compare a laptop designed for 40 hours a week of business use, to what is essentially a cell phone in a laptop form factor called the MacBook Neo. If you want to go that route, you can grab an Asus from Microcenter for $500 and save an extra $100 from the Neo!
MacBook Air 13" (tiny, IMHO) with 24 GB RAM and 3 years AppleCare+ is $1509. Dell Pro Plus 16" with 32 GB RAM and 3 years ProSupport w/ accidental damage coverage is like $50 more. And you don't have to change your whole ecosystem around to support it. (Make sure all your software is compatible...)
xueimelb@reddit
Talk about comparing oranges and apples, the Neo can only ever have 8 GB of RAM. Either you don't need 32 in your "basic" laptop or the Neo doesn't meet the basic spec, but not both.
korvolga@reddit
32GB is more than what Most people have in their gaming computers. No way common business stuff needs that.
j0mbie@reddit
16 GB is the bare minimum these days for our users, and only because of RAM prices being what they are. 24 GB would be ideal, but since barely anyone ships that we usually go for 32 GB now.
Outlook + Word + Excel + Adobe + browser + VoIP client all going at once starts to slow our users down on 16 GB. Unfortunately, software just isn't made efficiently in most cases. Especially niche software.
ohyeahwell@reddit
Idk, we're a GC and we definitely need it between large PDF and chrome/edge. I was team 16GB forever, but the users proved me wrong.
orby@reddit
Our devs spec has moved from 32gb locally to 64gb. General office users are 16gb.
xzer@reddit
Nah, 16gb is the minimum now. I don't think it's unreasonable to spec out 24-32 depending on your refresh cycle. Having a CRM open, a few excel sheets, outlook, and 10 tab chromes (totally reasonable daily work) needs 16gb.
MyUshanka@reddit
+1. We don't spec anything lower than 16GB anymore and anyone who does any sort of power user task gets 32. CAD computers are starting to get 64.
RikiWardOG@reddit
The Neo is literally a phone with big screen and keyboard. It's legit the same processor as their phone.
mad-ghost1@reddit
I think you need to layout the hidden cost of bringing in MacOS at scale.
-Probably want to get a consultant in to check and optimize your installation. -is Intune enough or is another platform needed? -how apps are update. PmPC or manual -OS hardening and policies - - AV and security software -support cost -user training Aso
Maybe sticking it out and delay the invest in new hardware is your way. Or get an extended warranty. Just my 2 cents
gerowen@reddit
HP is the problem seems like. If you're cheaping out that much don't worry about whether it's marketed as a business machine.
Here's a Lenovo that's better in every way than the machine you spec'd out for less than half the price.
https://www.amazon.com/Lenovo-IdeaPad-Windows-Business-Battery/dp/B0GWDDM969
DheeradjS@reddit
There is kinda in important thing I'm missing.
Is your environment set up for it, or are you going to piss those savings away getting them to work with your environment?
Crotean@reddit
Lenovo and Dell's business lines are still way cheaper than that for quality enterprise laptops. Just change vendors. No need to overcomplicate things with Macs.
Arudinne@reddit
Macs really aren't that hard these days, especially compared to Windows 11's bullshit. I switched to one back in 2024 after being a long-time Mac hater.
j0mbie@reddit
Yeah but now instead of one user base, you have two. You're doubling a lot of the work and a lot of the points of failure. Plus, you'll get a lot of users that want to switch from one to the other.
Unless you go full Mac, which... Good luck? I would hate doing that but it depends on the company I guess. But then what happens if Apple gets expensive like HP, or just gets a huge backlog for whatever reason? Then you have to change your whole ecosystem again instead of changing hardware vendor.
The fact that they don't even make servers now though... It kind of says a lot about their direction for enterprise customers.
Rambles_Off_Topics@reddit
Wow, there are still some of us around? I main a Mac and IT guys specifically bag on it more than anyone lol
RikiWardOG@reddit
we're a 50/50 mac and windows show. I'm a long time Windows user/traditional windows sysadmin environment guy. Hands down Mac these days are better. I really hate to say it Win 11 has become such a shitshow mess imo. Every update breaks something stupid, the windows vendors are all in a race to the bottom with cutter corners with hardware and not testing drivers before releasing them. Intune is slow as shit. As far as dev machines and permissions issues Windows is an absolute shit show there too in comparison and it's always getting worse support for dev tools because linux/unix stuff is always where dev tools get developed.
Arudinne@reddit
Half the reason I pushed my boss to let me switch to Mac was wanting to do some development work more effectively for some internally used stuff. It's so much easier than it was on my Windows Machine.
Only issue I've run into is a handful of PowerShell things don't work on Mac, but it's stuff I rarely use so I can just RDP to VM if I really need to.
Lepryy@reddit
What specific types of development work are you doing where you found MacOS to be better for you? I asked my CIO for a Mac but was told I need a proper justification.
Arudinne@reddit
Internal tools used by our helpdesk mostly.
raffey_goode@reddit
yeah but what about an entire enterprise of users. i mean, yeah i can set my mom up with a macbook and call it a day but I don't believe I could deal with having to switch over like 800 users over to MacOS
7eregrine@reddit
I had one Mac user for years. We finally got tired of it. Moved him to a PC and now I stop in occasionally to say hi...and the joke is because he never calls me anymore. Fuck Mac in workplace.
dm117@reddit
Nah, it’s super easy to deploy and manage if Macs are actually prioritized.
7eregrine@reddit
Oh is that why I had problems? I didn't prioritize it?
Come on man. Give me a little credit.
dm117@reddit
Sorry, I meant when the entire fleet revolves around it. We are a Mac shop and hate to switch over to windows
7eregrine@reddit
If we were all Mac, we'd have gone with a different DMS. That was our main issue.
dm117@reddit
Yeah makes sense
TheFriendshipMachine@reddit
The problem isn't Mac being bad in the workplace, the problem is with treating it like a niche one-off inconvenience.
Mac needs to be treated on the same level of effort and care as Windows to thrive. And really if you build up the proper tools and processes for it, you'll find that managing it can even be a lot smoother than Windows in some ways.
That isn't to say mac is perfect by any stretch of the imagination, it has its headaches for sure. But if you're willing to invest into doing mac in the workplace right, it works and works great.
7eregrine@reddit
Been doing it for years and I absolutely have treated it possibly even better then my Windows PCs. We use iManage for a DMS here. It sucks on Mac compared to PC.
RikiWardOG@reddit
We have new people start all the time and switch over to Mac. Better battery performance cuz ARM and honestly hardware has been far more reliable than anything we've bought from Dell
xblindguardianx@reddit
I would say they are much harder now than they ever were to support. It is obviously much easier with an MDM in place but if they are planning on investing in apple, it would require investing in infrastructure as well to handle it.
Arudinne@reddit
Trying to manage any fleet with out some sort of MDM solution in place is madness.
xblindguardianx@reddit
yup a nonprofit i worked with previously had 100 macbook airs. no MDM at all minus Jumpcloud that was in agent mode (not mdm). I left pretty quickly.
nextyoyoma@reddit
Well, if you were doing Mac management in the MCX settings days, you might not say that…
Although in many ways I agree. There are certain things that you just cannot do, and other things that are extremely complicated and poorly documented. I’ve yet to be convinced that Apple really cares about Enterprise.
the_worm_store@reddit
Going on 7 years supporting an environment that is 85% Windows 15% macOS, I will say the Apple hardware is without fault, and for the most part macOS is too. It is a burden having to support two environments and two MDMs (Intune and Jamf Pro) though, but I think Intune is probably at the point where it can replace Jamf Pro for many smaller orgs.
Lenovo has not increased their pricing that much with the AI craze for basic laptops. The 1TB/32GB touch T14 / T14s models have always been in the $1800-2000 range. On a tight budget you can buy systems from the refurbished outlet and add the same warranty on to them as well. The P1 / P16 / P16v workstations have increased in price quite a bit though, but they are being hit by memory (some of it in specialty packaging) and a discreet GPU.
TreborG2@reddit
only came to say this..
256G hard drive? sometimes you'll get away with it, but most times not.
as to Mac's .. they usually have small drives and rely on cloud storage ... that will continually cost you.
Business_Lime_433@reddit
Let me start off by saying, if you found imaging and deploying macs tricky it is more than likely because you are using Intune.
I have a fair amount of experience using Jamf (am actually officially jamf 300 certified, not sure if its called that anymore), Kandji (now IRU) and Intune. Intune is by far the shoddiest of the 3. Jamf is the best by far in terms of customisability, and IRU is still a great option if you want a more hands off approach with less admin.
I would suggest ditching Intune if you do get to the point where you end up full mac shop.
WhyBother323@reddit
Dell seems to have the lowest pricing right now. Even if you go through a VAR. Spec AMD and 16gb ram and if it’s an option explore leasing while prices are high like this. Why buy when you expect severe depreciation within 36months anyway
WhyBother323@reddit
Is leasing an option for you? Maybe its wishful thinking but prices should come down in 24-36months
4e714e71@reddit
have you looked at going to ARM based windows laptops instead - MS Surface Laptop is pretty much in-line with macBook Air pricing, and avoid re-do all your tooling ( and also avoid paying JamF tax )
7FootElvis@reddit
Then you can actually run 2 external monitors AND the laptop screen too.
sweetrobna@reddit
There are a lot of ways to prep laptops without reimaging, resetting end user passwords and logging in as them. But you didn't really ask about that.
Macbook air and pro are great hardware. Air's are a really good option for many many cases. Neo 8gb of ram is a limiting factor for a good chunk, it could be fine for some though. This is in no way comparable to a u5 cpu. It's easier than ever to support macs though.
Apple doesn't do field support, either mail it to a depot or go to the apple store. So you could factor in a few more loaners, and applecare. My experience with hp field support is poor though, apple could be an improvement
We sell a lot of dell and lenovo because of field support with the warranty. And the price. Should be ~$1400 for a 14" 16gb ssd latitude or thinkpad, before you get into any discounts.
7FootElvis@reddit
Wow, no onsite support with Apple? Guess not, as they're not really business friendly. Wouldn't want client computers to have to be mailed away or dropped off at a consumer store for repair.
Zer0CoolXI@reddit
First, get other quotes for other machines. I’d consider framework laptops too, repairable and upgradable.
If Apple really seems like the only option (you’re given), put together an assessment of the additional costs with changing over to an all Mac setup. Calculate what new systems need to be put in place to manage them. See if you can get data/estimates about the cost in lost productivity from employees not being initial as effective with computers/software they don’t know. Any additional costs in training employees on the changes. Uptick in help desk tickets/calls anticipated.
It may be that $1200 per laptop doesn’t cover the cost and headache of switching due to the above. Or even if the true cost savings was $200 a laptop but the real world impact was a ~3-6 month turn over to get infrastructure setup to support it and work out kinks…is that worth it? Depends on the size of the business I guess. For some thats a rounding error, for others could be a big deal.
Masoul22@reddit
Would jamf pro be better at managing Mac’s?
stableos@reddit
JAMF is sort of the gold standard. We use it even tho we are a huge MS and Azure shop.
Masoul22@reddit
Same here
Injector22@reddit
Sign up for apple business manager (it's free), log into abm and setup intune as your mdm. Then, when you're ordering, make sure your reseller includes your abm ID with the order.
Apple will automatically upload the device serials to abm. When the devices power on, they call into abm, which then tells the device, "go self register in intune". From here, your intune enrollment profile takes over (make a non-user affinity profile to save you time).
Any time the unit is reset, same process applies. It's like autopilot to apple.
tenkenZERO@reddit
Damn, that's how you know the industry is tripping when it's cheaper to deploy Macs than Windows machines. That's crazy
free2game@reddit
If you need 32gb of ram on windows you'll also need it on a Mac. Despite what people will claim.
electrobento@reddit
Not true. Windows memory management is obscenely bad.
free2game@reddit
It's not I need 32gb to run decently bad. Chrome is going to use a lot on a Mac or a PC. Going to 8gb neos isn't going to be a good replacement for that.
electrobento@reddit
Chrome will use as much available memory as it can. That doesn’t mean it needs it to operate well.
free2game@reddit
https://www.reddit.com/r/macbookair/comments/1qz1v2h/8_gb_of_memorynever_make_the_mistake_i_made_folks/
it's not like it's a regular pain point people complain about with the 8GB macs. An org we manage won't buy macs with less than 16GB of ram because of the issues they've run into. Zoom Their users prefer chrome by a large margin also, imagine that's the standard, so forcing users to an "optimized" browser they don't like isn't an option for most people since that's what most young people know how to use coming out of high school/college.
Reading some of these comments the mental gymnastics people go through is kind of insane.
https://www.reddit.com/r/mac/comments/1rnmpxp/whats_with_mac_people_suddenly_going_8gb_of_ram/
Yeah. Power user here. The Neo is going to live in my tote bag for email use on the go so I don’t have to carry my 16MBP with me everywhere I go
"Yeah this thing sucks, but I just use it for email" When you can using a fucking phone or a tablet for email. Having a $600-700 computer "just for email" is kind of nuts.
This also just goes back to the point about ram, somehow his use cases need 16GB of ram. You can do basic casual web browser on a PC with 8GB of ram, I have an older Surface Pro I still use to play youtube or look up recipes in my kitchen. My work laptop however has 32GB of ram because I'm doing a lot more than basic casual web browsing on it. You're not running a large multi-monitor setup with a host of apps on a computer with 8GB of ram without a lot of friction, I don't see why people try to argue this. Apple isn't even marketing the Neo as a work device, their "work" class devices are all 16GB of memory as the standard now.
Ajamaya@reddit
Our EliteBook G1i U7/512GB/32GB - no touch screen w/fingerprint ~1600 I suggest that.
beritknight@reddit
RAM prices are through the roof at the moment. The Neo is an 8GB device. That’s why it’s cheap.
If that’s enough for your workload, get your supplier to quote some 8GB and 16GB HP models and compare prices.
beritknight@reddit
Other thought, compare the warranty. Are you paying for 3 years of onsite NBD with your EliteBooks? The Neo and Air are 1 year of included warranty, RTB. If you need more than that, look into AppleCare for Enterprise and include that in the cost of the Apple laptops. Make sure you're comparing like-for-like.
If at any point in that process someone says "well do we really need 3 year warranty" then make sure you have quotes handy for a HP with 8/16GB and a 1 year RTB warranty. That will be a fair bit less than the $2200 you're getting quoted right now.
r3dditatwork@reddit
https://github.com/microsoft/intune-my-macs
It’s 2026, Macs are more efficient and cheaper to manage. Learn to manage them with Intune or management will find someone who can.
The 1000 delta cost is too big not to look at.
Think of it this way, you’re gaining new skills and will be more attractive in the marketplace if you know how to manage both Windows and Macs.
Moses_Horwitz@reddit
If you're thinking about buying, today is a bad day. Tomorrow will be worse due to a bombing in Saudi Arabia of a chemical plant that supplies 70% of the world's need to build printed circuit boards. So, lock in whatever pricing you can get.
I'm not a Mac guy, but I remember reading that the very first MacOS was a derivative of FreeBSD. BSD is easy. I'm sure the Mac goodies on top are not.
Heckle0@reddit
All computers are gonna be insanely priced right now. Drives and memory market.
sumZy@reddit
32GB RAM is standard?
do_not_free_gaza@reddit
I laughed at this. 32GB RAM is sooo overkill for the average nupty who uses Excel/Word/Outlook
do_not_free_gaza@reddit
Why do you need a 'basic laptop with 32gb' of RAM? Seems overkill.
MonoChz@reddit
Apple has MDM now. Haven’t tried it yet but looks promising.
omniuni@reddit
It sounds like you just need lower spec PCs.
You're still configuring your HP with 32GB of RAM and a U5, and you're being told to deploy a MacBook with a phone processor and 8GB of shared memory.
It sounds to me like the first thing you need to do is actually figure out what your employees need.
I'd also widen your search.
If employees only need a web browser, you could use Chromebooks, which are super easy to admin.
Or if you still need a full laptop the new Lenovo ThinkBook with an AMD chip and 16GB of RAM is going to start at about $820. https://www.lenovo.com/us/en/p/laptops/thinkbook/thinkbook-series/lenovo-thinkbook-14-gen-9-14-inch-amd/21v00007us
RCTID1975@reddit
Agreed
If they're fine with the specs on a Neo, spec a like Windows device.
Don't compare a Honda Civic to a Jaguar
BemusedBengal@reddit
You can get away with less memory on Apple devices, but 8GB to 32GB isn't comparable.
SylvainLafrance@reddit
Mac’s are fun but check for software compatibility.
Even office is quite different.
Unless you’re full web or Citrix, I would think it twice before switching to Neo(iOS)
pman1891@reddit
r/macsysadmin
blakeatwork@reddit
If you're in Canada, shoot me a DM and we can chat. I'm a reseller, but happy to just speak and share on what we're seeing and hearing from OEMs and distys. Pricing for most complete systems up here has increased anywhere from 20-60%, though there are deals to be had for off the shelf kit if you're willing to massage spec requirements.
massachrisone@reddit
Don’t forget that you need to manage the Mac’s as you already know it’s a pain to manage via intune so you need to factor in the cost of a decent MDM. You also need to build a list of all the applications your company currently uses and factor in the cost of deploying them for MacOS. You might be surprised to discover the overall cost exceeds the price of just biting the bullet on the Dells
swiftarrow9@reddit
Have you considered the Framework Pro?
https://frame.work/nl/en
Ice-Cream-Poop@reddit
Just upgrade 250 instead.
fbn429thuanf4@reddit
That sounds like a excellent idea!
NeverRolledA20IRL@reddit
If you're going to manage Mac's factor in the cost for a real mdm like jamf and factor that in.
FourEyesAndThighs@reddit
Platform SSO exists in Tahoe, so if they're newer Macs you don't need to worry about logging in as the user to set everything up. However if your company want to deploy Macs, they should invest in a Mac-friendly MDM. Intune is not Mac friendly, and quite complicated to deploy profiles on. Most companies I've worked with don't even have config instructions for deploying their apps and services via Intune.
JAMF Pro with JAMF connect (to keep Entra ID PW's in sync) would be ideal in your situation. Post your question in /r/macsysadmin as well.
Tall-Geologist-1452@reddit
Why are you domain joining instead of Platform SSO?? our team just ships the Macs to the end user and they log in and follow directions.. system extensions and shell scripts are your friend..
Sasataf12@reddit
You could get rid of several components. - do you need domain join? Look at Platform SSO. - do you need to manually deploy TeamViewer? - do you need to manually download certs?
I haven't used Intune to manage Macs, so maybe there's a huge gap in features. But the defacto standard way is to push config via profiles and/or scripts rather than manually doing it.
Also, users needing to accept screen recording prompts isn't the end of the world. It's a lot better than resetting their password to setup their Mac.
SikhGamer@reddit
Whatever you save by switching to macs, you'll eat up by having to support users who are not used to macs.
Working_Cod1892@reddit
Jamf, Absolute Manage, Apple Business Manager.
CeC-P@reddit
Look at deploying anything NOT from the OEMs. There's a lot of sketchy but working 13th gen "brand new" warehousers and upgraders out there on Newegg for like $600-800.
IWantsToBelieve@reddit
Context. Sure they are 2k... But that barely registers when you consider what the employee gets paid and the fact they need the tool to do their job.
It's also a depreciating asset meaning the box price isn't even what the company pays.
Shop around but rearchitecting your end point solution hardly makes any sense.
BrokenByEpicor@reddit
I'm a fan of SimpleMDM. It's owned by the same people that do PDQ Deploy/Inventory/Connect.
I haven't used it to manage macs, just iOS devices. It's great for that though and it definitely has Mac capability. Excellent support too.
macdude22@reddit
Simple MDM is great and they see building out some good stuff for macOS in connect. Hopefully they will bridge the two a little better in the next few years.
BrokenByEpicor@reddit
Yeah Connect in general seemed to be a little bit underbaked when they launched it. Good for what it was but not really ready for primetime. I haven't checked it out in a few years and we're going towards Intune now basically because it's included in our licensing.
Skinny_que@reddit
Jamf is the way to go but Mac neo is a terrible idea for an enterprise laptop the user is gonna hit a wall pretty quickly doing tasks. The air should be your lowest tier tbh
electrobento@reddit
The base Air is adequate for 90% of enterprise activity.
TwoBiffs@reddit
Yep, Neo is the Chromebook tier of Apple. It isn't suitable for enterprise laptops.
pantherghast@reddit
With Intune, deploying Macs is extremely eesy. I've setup Intune environments where you can just send the device directly to the end user, they go through the ADE themselves and everything gets pushed down, including apps and ocnfigurations. The only thing that requires user approval is screensharing permissions. You can also set up platform SSO, so that the user's log in to the machine is synchronized with Entra ID.
Active_Drawer@reddit
So the elitebook 860 g11 are $1400 with ultra 7 16/512 Touchscreen version is $1568.11
U5 are $1150 16/512.
Ram is 400-500($433 or so).. so 1650. Even at 10% margin I am out the door under $2k. Unless you are talking taxes all in.
FriendlySysAdmin@reddit
Iru (formerly known as Kanji) has been great for us to manage our Macs.
taystrun@reddit
That’s where we are as an org. I use Dell premiere and base PCs in my environment can easily be replaced by a MacBook Air that’s a couple hundred dollars cheaper. I used to do everything I could to steer people away from a Mac but now I’m happy to fulfill that request.
sieb@reddit
Apple's look cheaper only because Apple has multi-year deals for components. Once that expires, they will be in the same boat, unless they can weather it until the AI bubble bursts.
As you've touched on, the retooling required to adopt Macs to your infra will have it's own soft-costs and might not necessarily be worth it in the long run.
attathomeguy@reddit
Here is a random idea don't join Mac's to active directory! Also stop imaging them they are not windows machines! You need to adapt and learn how to manage mac's in a windows environment which is totally possible! You need to look an Entra PSSO and Intune. Unless you are a totally on prem windows shop you need to adjust and move forward with Mac's. PC manufactures don't do supply chain like Apple does. Apple buys entire years worth of parts not just a quarter or so and they control the manufacturing and design end to end which is why you don't see the price hikes that PC manufactures do
TheFriendshipMachine@reddit
Every single part of your comment is on 1000% point but especially this part. Macs really just need to be treated as their own thing. Give them the right tools and processes and they'll work amazingly, treat them identically to windows and do stuff like bind them they'll give you hell.
We're finally killing the bind at my shop and gods am I excited, been wanting to do this for about 6 years now. Should slash about 60-70% of our Mac user's ticket generation
attathomeguy@reddit
Some people refuse to change for whatever reason
sgt_Berbatov@reddit
This is funny, just because I've been trying to get a specific spec of laptop for some engineers at my place and we moved to ThinkPads last year. It's a long story, but in 8 weeks from getting the quote, putting the order in, and the delivery date going past with no laptops - Lenovo cancelled the order and the only alternative was a similar spec for £800 more.
Dell won't give us a quote, and I'm alright with that because the last batch of their laptops we had weren't fit for watching Barney the Dinosaur on YouTube on.
The only manufacturer giving us the spec we need near to the pre-stupid prices we've seen now, are HP.
NHarvey3DK@reddit
I can’t imagine an $1100 “enterprise” laptop being any good…
down_with_cats@reddit (OP)
HP EliteBook 8 G1i - Intel Ultra 5 235U, 2x8GB RAM, 256GB SSD, Intel BE201 Wi-Fi 7, 5MP IR Cam, Fingerprint Sensor, 77Whr Battery, 100W USB-C Charger, Backlit Keyboard, AMT Enabled, Tamper Lock, 3 years onsite parts/labor. The initial price when we built the config was $1180. That same SKU is now $1500 but is going EOL and the G2i is even more expensive.
ohyeahwell@reddit
$1180 WITH 3 year is fantastic
ohyeahwell@reddit
T16/P16S G2, 7840u, 32GB, 512GB-1TB were $900-1100 forever. Paying $1700 for the same specs T16 G4 (Ryzen AI 350, sidegrade gimped GPU). Curious what AI 4xxx/ultra 3 will be like but the G5 isn't out yet.
pugs_in_a_basket@reddit
Just a personal person, there's nothing better value but refurbed enterprise laptops. My HP elitebook 840 G1 16GB frankly struggles these days, but it's about 12 years old. The battery is surprisingly good for writing and coding, modern web kills it though. It can even do some gaming, but not really since even modern indie games require a better GPU support.
That being said, an enterprise laptop is not a gaming machine, but a tool. They have to not only perform, but be durable. This is indeed my experience with them. They're great!
My current work dell something or other 5 or 6 years old, is doing fine, except for over 30min zooms or multiple virtual machines. Only 8G ram, though. Maybe the source of my ills, but our corp (or rather their contract supplier) cant supply newer machines with a proper 32G, but a weird 20-something.
My less than $1100 machines work just fine.
mullsies@reddit
“enterprise” means unreliable garbage 90% of the time.
skylinesora@reddit
You over-estimate what people in an average organization needs on their computers.
topazsparrow@reddit
Office 365's web based applications are resource hogs. Most laptops struggle to run Outlook and Excel and teams at the same time now on windows 11 without 32gb of ram.
MrFawl@reddit
That seems very exaggerated.
We're running a thousand computers with 16gb of RAM, our users are using all of those apps at the same time + a browser without a struggle. 8gb would be painful but 16gb is still very standard and enough for this use.
korvolga@reddit
I’m still running a fleet of 160 surface laptop 4 with 8GB RAM and using normal office apps. Not a single user have complained.
topazsparrow@reddit
it seems to also depend heavily on which security stack you're using. Cortex seems to slow everything up in my org a lot as well.
Raichu4u@reddit
Wut? 16gb has been fine enough for our clients.
bjc1960@reddit
This may be an opportunity for leadership to "lead by example" and be early adopters.
You need to understand your cyber insurance, as we have a number of statements that might not/will not be true for Macs until we spend a lot of time/money to deploy.
down_with_cats@reddit (OP)
Didn't think about the cyber insurance, that's a good point. We do have a small Mac footprint with Defender configured on them so not sure how big of a deal the security team would make of having more than \~40 in the environment.
burnte@reddit
Depending on your needs they can be great. We send out Dell Pro 14s and our docs love them.
Awkward-Candle-4977@reddit
They buy in bulk so more discount.
odellrules1985@reddit
It can be. Sometimes if you buy in large enough numbers and during good sales you can get a really decent laptop for around that much. Not sure on HP but that is the case for Dell.
Bright_Arm8782@reddit
You probably won't need to image a mac but you will need some sort of management too.
Infinite-Stress2508@reddit
Have you looked a SKU lower at ProBooks? Significantly cheaper for same components in a different chassis. I just did a quick comparison and spec for spec they are about $1k cheaper (in my AUD). We have deployed the ProBooks for a decade, can't complain about them really, quite solid. So unless you need the premium chassis, slightly brighter screen give them a look. Unfortunately Ram and Ssd just sky-rocket prices.
Deez_Gnuts@reddit
is there a reason it has to be an elitebook? We just use Probooks.
realCheeezeBurgers@reddit
Do it! With the new CEO they will most likely get cheaper and better.
I worked for 5 years wirh Mac only and with services like Jumpcloud and the reliability and durability of Macs in general it was a blessing!
Users love them, support love them. Everyone else got left behind in my opinion.
Bash scripting the OS is also so much better than Powershell!
(Currently) I will die on that hill
ohyeahwell@reddit
Wow, talk about hot takes!
cdoublejj@reddit
HP dropped the AMD 15.6" zbook and my vendors are taking forever getting back to us with elitebook prices and SKUs
cdoublejj@reddit
i barley remember imaging macs, it wasn't a big deal. we preferred a monolithic image for our needs but, our JAMF trainer preferred different images for different groups/depts.
this will only continues with Apple dropping new affordable units like the NEO and Microslop getting worse by the day.
throw0101a@reddit
In case you do end up down that path:
/r/macsysadmin
/r/AppleEnterprise
LebronBackinCLE@reddit
Anybody seeing the irony here?! Apple is the reasonable cost option? Holy chit!! lol
OregonTechHead@reddit
It's not. OP isn't comparing apples to apples.
LebronBackinCLE@reddit
I see what you did there lol
VNDMG@reddit
I’d recommend something like Uru (formally Kandji). You’ll be able to provision users and map M365 groups via SCIM to streamline access to the different MDM configs (Blueprints).
And if it helps to make you feel better, I’ve been in Mac environments the last 5 or so years after a lifetime in Windows. They are night and day easier to manage. Users have way less issues and require way less handholding.
ncc74656m@reddit
Jamf is pretty amazing for deploying Macs. It works as well as or better than Intune, so I'm fully on board with that. But it is also kind of expensive considering what it is, too.
As for us, we went to Framework, and while it wasn't the smoothest experience out of the gate as they are still building out their business customer support, they have been very very good about making sure we get what we need. (Granted, we are a small shop and able to spend the time we need to on these issues.) My rec is just to go with their recommended SSD, when we went with one of our own it was what caused an issue.
The downside is it's probably still more expensive, and you can't get away from the pricing on the Neo - they're just too good. But for a more traditional mainline device, the Frameworks are pretty great. Plus, considering that you can upgrade the device in a few years, you begin to have a diminishing cost.
Ok-Dinner235@reddit
True bro they r hella expensive
IowaDala@reddit
Recently moved from HP to Lenovo, because of the price hikes. Also have looked into Mac products for the exact same reason.
willwork4pii@reddit
Everyone should switch to Apple.
I’ve been a windows PC admin for nearly 30 years.
mikenasty@reddit
Why not look for bulk used Lenovos and Dells? There are loads of enterprise clients who lease those machines for 2-3 years and sell them off for $300-$400 for a 13 or 14th gen machine. Those prices might be a few months old but it’s not too different now.
I love a good MacBook but I’d spend a little more time looking at PCs if that’s what my clients were used to using.
orby@reddit
Be mindful that the Neo is a fantastic device, it serves a use case. Keep in mind, a Neo is not going to compete with any productivity tasks, only has 8GB of ram, and one USB 3.0 port (which can only drive a single external monitor). It is a great entry level computer for most home users that need something to just browse the web/watch a show. Heavily verify the use case you looking to solve if you are seriously considering a Neo.
Once you start specing something closer to your baseline needs, you will likely be closer in price than you expect.
a60v@reddit
What makes them think that the factors that have caused HP to increase prices do not apply to Apple? If anything, a single-supplier situation has the potential to be worse. At least now you can go to Dell or Lenovo or Asus to get competitive prices on similar hardware.
There are many valid reasons to use MacOS and Apple hardware, but pricing is not usually one of them.
Evs91@reddit
You will want to skip the domain join unless there is a valid reason to do so. I'm not saying to not do EntraID Hybrid Join though. Do that.
You would want to explore doing automated device installs after users sign in. platformSSO allows any user to sign in and that would then allow the management profiles and the like to start.
JAMF is the "gold standard" and is a reasonable cost for your size org. your per-year spend per user ($150) still saves you money and, more importantly, time.
But if you stick with Intune or JAMF or some other MDM - use Automated Device Enrollment with Apple Business https://learn.microsoft.com/en-us/intune/device-enrollment/apple/setup-automated-macos
don't have to install that management certificate then. Then - you do the Setup Assistant with modern auth which assigns that device to a user by them signing into EntraID as part of the provisioning process.
BasicallyFake@reddit
2200 US dollars?
our Tseries laptops are $900 less than that
jotobean@reddit
Buy cheaper laptops, force everyone to use a cloud pc. It seems like the way things are going right now from what we are looking at. We spend $3 mil a year on laptops, but if the prices are what they are, it would be closer to $4.5 mil this year. We can get AVD under $13 a user per month, spend $1200 on a laptop instead of $2700 (what we have been told they are moving to by the vendor) and actually save money each month or break even from what we were paying.
HDClown@reddit
What kind of resources are you dedicating to each user at $13/mo for AVD. That is ridiculously cheap.
jotobean@reddit
I posted below, but if you want me to show you some numbers I can probably do so if you would like.
HDClown@reddit
I see, you are doing multi-session, which makes sense now. My mind went to dedicated VM's since you said "cloud PC".
jotobean@reddit
We had over 300 dedicated when we were looking to move and I cut it down to maybe 70, and they are developers only. Need to get manager and director approval to have your very own machine in the cloud. We have around 1600+ sessions going between all machines and remote apps. I'm kinda shocked anyone would do Windows365 or dedicated when you multisession is so much cheaper. Granted I've been doing VDI for the past 8 years in some crazy environments, plus being VMWare certified for DCV and DCTM.
HDClown@reddit
Windows365 is nice for how ridiculously simple it is to deploy. I already have Intune deployed in general and I went from zero experience with Windows365 to deploying a couple cloud PC's in a couple hours. All of that time was just reading through the Microsoft Learn and making one time Intune changes since it was a first time deployment.
W365 is great if you just need a few cloud PC's, it's part of a DR plan, or something short lived. I was doing it for something to be used a month or two. AVD by comparison requires way more effort but is certainly much more cost effective.
jotobean@reddit
If we had Intune deployed I might consider moving more of the dedicated machines there, or if we decided "real" laptops are too expensive and go the way of cheap laptop/avd, it will be a whole new ballgame for those users. Might not want the contention of other users on there using PowerBI or 10 billion line Excel sheets. But with the cost of ram and chips, I don't see laptops being super affordable for much longer.
down_with_cats@reddit (OP)
That's actually a good idea.
jotobean@reddit
We used to use Horizon, but with hardware and software renewals unknown, we made the leap to AVD. I was a huge skeptic about it at first, long time VMWare admin since 2005, so moving to the cloud thinking it would ever compete cost wise was like "awwww hell nahh". I was pretty shocked, once we got everyone moved, reservations in place, using Nerdio for the front end management, we dropped our admin hours by half. We run 8c/64gb machines and load around 10 people on them, depending on workload and Nerdio helps us adjust that. These are all non persistent machines though, we do have persistent ones as well, but were able to convince 70% of the previous persistent machine users to swap out to non persistent using fslogix. We also use remote apps that replaced our rdsh stuff and have app attach for some stuff as well. We are getting into the cost saving phase though where Nerdio tells us to move to a different cpu and possibly save a bunch of money on host pools. There is also efficiencies to be gained by using InTune, which we are using ZERO of today.
ReydanDeathrain@reddit
Where are you purchasing from? We buy only HP Elitebook laptops. Currently buying Elitebook 8 GLi models. Four different configs, pricing is 1,394, 1,445, 1510, and 1,775 each - was just updated this month.
traviss8@reddit
We use apple business manager and Cisco/Merakinas our MDM
cotd345@reddit
I'd suggest contacting Dell for a quote on their Pro 16 Plus with the Intel 236V cpu. I work at a reseller and recently sold that model to a client for $1800 CAD.
Iced__t@reddit
Macs are super easy to manage, but they can be a little overwhelming because it's an entirely new platform to learn if you're only used to Windows.
I've used Jamf for over a decade and love it, so that would be my recommendation. However, Intune is still ~mostly~ capable for Mac management.
I would recommend steering away from domain joining macOS devices and look into something like Jamf Connect or XCreds. There's also Platform SSO, which isn't production-ready yet but is getting closer every day.
Given the details you've shared about your current environment/situation, finding another PC OEM will probably be a lot easier on you than increasing your Mac footprint.
I've worked with Lenovo for a long time and they've always been very competitive with regards to pricing.
MacrossX@reddit
Could prob get decent Lenovo models still as long as you aren't going for the latest model x1 carbon
blow_slogan@reddit
They have issues with their thermal sensors not working after waking from sleep as well. We’ve been seeing HP laptops overheating and shutting down in the middle of conference calls lately their own support hasn’t been able to determine what is wrong.
i_said_unobjectional@reddit
Manufacturers prefer the free money that the AI/Data Center scam creates rather than competing on price in the commercial sector.
Apple keeping the design in house has made their prices go up more slowly than Microsoft running devices. RAM and SSD prices are pushing Mac price up, just not as fast.
xzer@reddit
The Apple CPUs are incredibly good, it is kinda ironic that Mac's biggest haters would pick on their value, are now kinda getting rekt.
Higher spec CPU and 32gb ram air for $1600 seems quite good.
TheKuMan717@reddit
Jamf is the MDM for Macs. You don’t really image Macs.
fanatic26@reddit
Best buy has an Elitebook 860 right now for $935...how are yours $2200?
iObama@reddit
Here’s my two cents:
macOS sucked to manage in the enterprise 15 years ago. It’s no longer 15 years ago. I would rather manage 10,000 Macs than 200 PCs.
Do not give Neo to regular users. It’s not meant for them. Air is powerful, cheap, and a badass machine.
I’ve never understood how PC manufacturers get away with murder in terms of charging $2.5k for a fucking 400 nit screen that looks like trash.
Look at Mosyle over Jamf. Save lots of money, get lots of great built in features.
Best of luck.
Admirable-Anybody360@reddit
That’s not an HP issue. Work with Dell and their laptops have gone from I think $6-800 last year for a Pro 14 last year to about $11/1200 now. From what I gather the problem is the price of RAM rocketing due to a higher demand because of extra requirements to keep up with all the new AI features. Judgement Day is getting a step closer
ohyeahwell@reddit
Our T16 went from 1k to 1700, and I haven't priced them since we started a war with Iran, or really since the memory/ssd price hikes. Bought a ton bc Lenovo said prices were going up.
jakarotro@reddit
Look at Filewave for your MDM - it handles Windows and Mac, can be self-hosted or cloud based.
Sorry-Committee4443@reddit
No way it's cheaper considering equal specs. Then theres support hell for different architectures. And then there is user training. And app compatibility test and possibly app migration to consider. What we are doing is acquiring real base machines 256/16 and upgrading next year memory/storage. This year it's difficult.
GeneMoody-Action1@reddit
"$1200-$1600 per laptop then it's likely worth the cost to train everyone on how to use and support MacOS."
Hardly.. There is a huge difference in the ecosystem as a whole, to make a switch like this will likely end up being a hybrid mix of OS, and therefore have to support both at the same time, by different means in many areas. Not all software will port over, Most will have functional equivalent, but that's a reinvestment in time, support, and software as well.
Has nothing to do with which is *better* for any given task, just different, enough that there is a LOT more to this than just choosing new laptops for savings. Total ROI (if there even is one) could be years if you are doing this for purse savings at the HW level. And by the time it is making economic impact of any significance the choices will be new and you will be looking at a next wave. Remember hours cost money as well.
No harm in having a hybrid mac/windows/linux environment, to each their own, but in the grand scheme it is not a savings PAST the HW level, and undoubtedly will incur extra costs associated.
It will be a project, in $$$ and man hours that equal $$$, that could possibly eat those perceived savings fast.
williamvirkis@reddit
You need an MDM for MacOS. With that you can have an autopilot like experience.
countsachot@reddit
Lenovo. Yeah, quality is a bit lower, but the price is great.
Remote_Advantage2888@reddit
Drop to a probook and save some money.
FKFnz@reddit
Have you seen the price inflation on probooks? It's even worse than EliteBooks.
Geminii27@reddit
What software packages (and any back-end compatibility) would you need to re-purchase for the Mac platform?
titaniumoctopus336@reddit
Instead of the Elite book line of HP laptops, my organization uses the Probook line. Might be something worth looking into.
FKFnz@reddit
Probooks are even more infected by "inflation". And in my country at least, they've all sold out and no suppliers have any, and there's no ETA on any more.
Ok-Measurement-1575@reddit
It might be worth the saving to someone but that someone won't be you.
RikiWardOG@reddit
Don't domain join unless you absolutely have to. What would be the reason to domain join the Macs? Look into a opensource product called installomator. A lot of this is upfront work but you shouldn't have to then touch it all that often. That's of course if you have the inhouse expertise. Our shop is 50/50 mac and windows. We do have them split between intune and jamf just because we have the money and we have a Mac guy with the knowledge on the Jamf side and I know the windows ecosystem and intune, but you can do most of what you can do in Jamf in Intune.
Electrical-Risk445@reddit
If you thought HP was expensive, their pricing is going up 20% tomorrow May 1st...
RustySprocket13@reddit
Reach out to hp.com and request an account manager. We did it a few years back and got set up with net terms. We get some unbelievable deals working with them directly. Previously we were using CDW among other vendors.
MinimumViablePerson0@reddit
Jamf is the way if you’re doing 500 machines a year, and while a little more expensive, it’s a fleet management tool and it gives you all the granular control you need, especially if you are in a regulated industry or just generally lock users down like a good admin should. Intune Platform SSO is getting there…but get ready to go down the rabbit hole if you are not going to deploy your users as local admin since there are some disconnects with user rights on the device like printer and network settings, the small one off launch on start up configs for certain apps, etc…this has been our sticking point and I’m left wanting more. Its close but like all things Microsoft it feels like they got it 70% of the way, had a massive marketing blitz to get people a little excited and then it just falls by the wayside development-wise and we’re wanting more but getting very little to none…and understandably so, MS wants you to use Windows at the end of the day
Master-IT-All@reddit
I'd rather use an abacus.
The saddest thing is that Apple wasn't properly killed by Microsoft when they had the chance.
apple_tech_admin@reddit
What a terrible take for a “master” IT professional.
phillymjs@reddit
Intune is garbage for managing Macs, and nobody should still be domain joining Macs in 2026.
If you don’t have anyone on staff who has experience with administration of an enterprise Mac fleet, you’re gonna have a bad time. If your leadership wants this to succeed they should bring someone in at least temporarily to get things set up and show you guys how to do things properly.
cardrosspete@reddit
Apple and JAMF works a treat, hardware (endpoint) is now much much better value. Also, we get less calls per Mac than per PC ( from a decent fleet ) and accreditation ( CE+ for us ) easy on the Mac. Also comes with a patch management service. I suspect if I worked it out they are cheaper in the whole than the PC's are.
chesser45@reddit
You (or your leadership) think training users to use Mac OS is less than $1500/pp in cost?
Man have I got a bridge to sell you…
But seriously, other than entirely different software deployment, management and support than PC, you have to consider if your software stack and tooling migrates to Mac. Then, how are you training Jill who’s got 15 years in the workforce using PC to now use a Mac? Like, people can adapt, I just don’t see how productivity and efficiency will outweigh the $1500 your spending.
Just my $0.02 but then again maybe I’m thinking scale and your a very small shop?
7eregrine@reddit
Just bought 2 from Dell, where I always go.
$850 "Dell 16 Laptop"
Chassis feels a bit on the cheap side, but they fly through everything we do.
GreyHasHobbies@reddit
For what it is worth, setting up Apple Business Manager + Intune has worked great for our Mac environment. There is only about 15 minutes of Technician time to prep each device before handing it to the user.
We have gotten pretty far with this. I suspect it would be an even better experience if we had the budget for JAMF.
Think_Inspector_4031@reddit
Framework 13, or framework 13 pro?
Horsemeatburger@reddit
That's a consumer grade laptop. I know they sell to business but the line is clearly aimed at the "enthusiast" market and the vendor behind it has no offerings for enterprise grade support.
Rancor_Keeper@reddit
For what? A chrome book enterprise environment?
greenstarthree@reddit
Lenovo V14, Ryzen 5, 16GB DDR4, 256GB NVMe. Affordable. Versatile. Good for 80% or more use cases.
Zealousideal-War6372@reddit
I used salt stack to deploy to apple products on intel silicon in the past with the Google Santa kit. What are people doing on apple chips ?
bluegrassgazer@reddit
This headline has r/nottheonion vibes.
repooc21@reddit
Dude I use Dell and have been for almost a decade between two companies. One large and one very small
I won't deviate because pricing is so choice for me.
Call dell.
Email Andrew Woodward
zorinlynx@reddit
The thing that's blowing my mind is that Macs are actually cheaper now. Are we living in backwards land? Apple has always been premium; now they're affordable!
Asleep-Bother-8247@reddit
Haven't seen this directive per se, but I'm also 'dealing' with HP's price hikes. Our usual model was $1700 last time I made a purchase and a few months ago we ordered a new batch and the new price was just shy of $2200. Idk what I'm going to do if it goes past $2500 - the machines are specced to what our devs really need to have, and if they go above $2500 I'm probably going to have to look elsewhere.
Stonewalled9999@reddit
A Neo is so not going to be in the running - 8GB RAM 2 of which is used for video, 1080 screen? Yes I get they are $500. I can't see them as viable for usage though.
Mister_Brevity@reddit
Look into better Mac mdm, it’s more expensive but jamf is great for hand holding new admins and they have lots of documentation. I know there are others, I have no personal experience with them, so I’m not sure what the “new to mac management” posture is for those. There’s /r/macsysadmins too.
F0rkbombz@reddit
My org is mainly a Windows shop with like 20 Macs that we manage with Intune. We hate it.
If your org is seriously considering this, just factor the cost of JAMF in right away b/c managing Macs with Intune is just painful.
SkillsInPillsTrack2@reddit
One big positive point at my work is those too much special users who demand Apple products are ignored. I could adapt to replacing workstations with Linux. But if we were to go full Apple, I'd leave immediately; I don't have enough energy to endure too much absurdity.
Nonaveragemonkey@reddit
What kind of compliance is required? They need to consider that before Macs are even discussed as an option, some compliance and security requirements would make anything apple a hard no.
Warronius@reddit
Dell isn’t bad but you have to go through them not CDW.
CaseClosedEmail@reddit
We use Intune and Mosyle as an MDM for Apple
I think it is free for under 35 devices
WaldoOU812@reddit
Speaking as a kind of outsider here (I've never used it), I've heard nothing but good things about JAMF. My boss, our two desktop engineers, and one engineer have all used both JAMF and SCCM and they all like JAMF much better. Our two desktop engineers have both mentioned that if JAMF could handle Windows machines, they'd boot SCCM out the door without a second glance.
Again, I've never used it, but it sounds to me like JAMF is about as obvious a direction as you can pick. I'd also guess that the overall experience likely isn't going to be as bad as you'd think.
Also, as a lifelong Windows admin/user who just changed over to using a Mac as my primary work workstation, I've found that it's much easier to use than I thought it'd be.
chirp16@reddit
Jamf has always been the "gold-standard" as they've been in the game a long time for Apple-device management but in my experience they also aren't innovating as much as some other MDM companies. Jamf (with the fully fledged MDM options) is also one of the most expensive. Mosyle has been really stepping up their game and their prices are really reasonable.
Dirty_Techie@reddit
Deploying would be the least of your concern, unless you plan on taking out break/fix coverage with them.
I'm not entirely clued up on the Neo but aside from application compatibility, device management etc. That "saving" management are thinking they will save, will soon be eaten up again in the amount of replacements, repairs and time/management needed to maintain a fleet like that.
apandaze@reddit
Neo is Apple competiting with the Chromebook essentially; Neo has an aluminum body i believe though.
intune alone is kinda miserable with macbooks. OP mentions how hard the setup is already, jamf pro is an additional cost to maintain. do this switch over time, two OS and software need to be supported with licensing. overtime this switch will probably cost more money than sticking with HP or a competitor
Dirty_Techie@reddit
Yea this is why I would stick with Windows as an estate, at least you widen your scope of engineers or IT staff who can and will know how to support a Windows device.
But each to their own.
ddadopt@reddit
Eh? I can think of a lot of negatives with Apple, but "build quality" isn't one of them.
Dirty_Techie@reddit
Eh, I would disagree that it's gone down as of the past 10 years.
In terms of MacBook:
Display Delamination Butterfly keyboard Flexgate
That's just my experience and then when it comes to repairability, I prefer something I can simply swap out and not be soldered.
Old-Flight8617@reddit
MacOS devices are really good if they are taken care of.
Also, don't know if OP could qualify, but apple offers leasing options with replacements baked in.
OP should be talking to an apple rep and also starting to think what MDM he is going to use if this takes of.
skwormin@reddit
probably easier to switch to a Dell contract if you can, our laptops are much cheaper than 2k with our business contract. Or yea go Mac, you'll need an MDM like JAMF and setup and then a fee per device
Awkward-Candle-4977@reddit
Which dell laptop?
Op elite book 860 is equivalent to latitude 7000 / pro premium 16"
skwormin@reddit
prices did go up recently, but looks like we still have Dell Pro Max 16" with 256GB SSD and 16GB RAM for \~$1600. I should add this is for higher education, so probably a better deal than standard business. 14" "standards" around $1400
sjenkins1009@reddit
If your manually logging into these devices to set them up your already putting yourself up for failure.
Get an Apple Business Manager account, register all your existing devices in there and make sure anything further you buy is tagged in there.
Set ABM to auto enroll the devices in Intune and set Intune to auto deploy all the apps.
The deployment and config is actually pretty simple and similar to how autopilot does it. You don’t need JAmF or any of those big time mdm’s and that will just be increased overhead.
Expensive_Plant_9530@reddit
Why not literally any other OEM? Dell? Lenovo?
Historically, HP was always the most expensive for us.
AYF_Amph@reddit
We use Jamf for Mac and iOS deployment and have nothing but good things to say. Definitely look into it.
That being said, given the current state of things, you might be waiting for your Macs for awhile. I’ve had an iMac on order with constant delays for 2 months now.
badteeth3000@reddit
when covid hit the place I work at bought some $600 toshiba laptops & mdt ran a-okay after grabbing the drivers…it was all that was left in stock & worked fine … it was the next day support that cost so much … so, if you’re in office & want to save, shell swapping becomes the game…lots of ways to save money when you lower standards.
switching to mac would mean having to figure everything from the ground up … there are nice resources like github’s awesome-macadmins-tools but yeah, all the domain things can work.