Just a philosophical observation, but there's something that really, really bugs me about the fact that "Enterprise" features seem to revolve around use-prevention technologies.
Though it's not by any means exclusively a "Microsoft" thing, this is especially apparent when AD comes up, and it never seems to be about making things more productve so much as preventing people from using their computers. "All the computers have USB ports. How to I keep people from using them?" "The computers have internet access, how do I keep people from using the internet?" and so forth (and the perception that use-prevention features of ActiveDirectory and other technologies somehow magically fix everything).
Yeah, I understand why people feel the need for them, and I don't really have a real alternative to suggest. There's just something that really bugs me about it.
We now return you to your regularly-scheduled ActiveDirectoryFest...