Windows Small Business Server 2003 Query
Started by
Daz3210
, Jul 28 2008 09:51 AM
#16
Posted 01 August 2008 - 02:53 PM
Daz3210
- Topic Starter
-
- Member
-
- 53 posts
Member
#17
Posted 01 August 2008 - 03:03 PM
dsenette
-
- Community Leader
-
- 26,047 posts
Je suis Napoléon!
exchange itself doesn't have a calendar...what does have a calendar is microsoft outlook...with exchange you can share your calendars with anyone else on that exchange system....
of course there are other shared calendar systems around as well (such as google calendar etc..)
looks like i'm trying to save you guys a headache that you might be willing to take on...
how does your company handle IT? do you always just contract out any computer work or do you have someone on site?
of course there are other shared calendar systems around as well (such as google calendar etc..)
looks like i'm trying to save you guys a headache that you might be willing to take on...
how does your company handle IT? do you always just contract out any computer work or do you have someone on site?
#18
Posted 01 August 2008 - 03:05 PM
Daz3210
- Topic Starter
-
- Member
-
- 53 posts
Member
Most things I can solve myself. Anything else gets contracted out.
I can do most things I need to with the current Novell system, but Microsoft Server is totally alien to me.
I do however like fiddling with things and learning to sort them myself.
I can do most things I need to with the current Novell system, but Microsoft Server is totally alien to me.
I do however like fiddling with things and learning to sort them myself.
#19
Posted 01 August 2008 - 03:10 PM
dsenette
-
- Community Leader
-
- 26,047 posts
Je suis Napoléon!
well...active directory can be learned by fiddeling...but...you can also do some REALLY bad things
#20
Posted 01 August 2008 - 03:46 PM
Daz3210
- Topic Starter
-
- Member
-
- 53 posts
Member
What kind of bad things?
With Novell you basically set the system to map drives to server volumes at login.
Is it the same with SBS?
With Novell you basically set the system to map drives to server volumes at login.
Is it the same with SBS?
#21
Posted 04 August 2008 - 08:50 AM
dsenette
-
- Community Leader
-
- 26,047 posts
Je suis Napoléon!
ok...let's do some basic networking knowledge here
first...there are three basic kinds of networks
Sneakernet: the oldest form of networking which relies on someone to physically transfer the data to be shared to some form of removable media (floppy, USB, CD ROM, DVD ROM, whatever) and walk from computer to computer to share it
Workgroup: native networking in most windows systems from windows 95 on up. User authentication takes place locally at each machine in the network. basic file sharing across an ethernet connection can be done by sharing files and folders, or other network resources (printers etc..) on the "host" computer. access policies can be accomplished locally by assigning folder permissions to the local users. normally a user will "map" a network drive from the "client" to the host by supplying a username and password native to the HOST computer. on each local machine only one user of any given name can exist (i.e. jsmith or hscooter) but there are no restrictions on how many users can have the same user name within the workgroup (i.e. you can have a jsmith on each machine) because these users are local to each computer in the network. all policy settings must be made locally on each machine in the network
Domain: also known as client server. domain networking is available on windows 2000 professional and up and is designed upon the concept of Microsoft's Active Directory structure. in a domain environment you have "clients" and servers. servers serve information to the clients. all authentication takes place on the Domain controller (DC) which means in any single domain you can only have one user with the same username. in a domain environment you can assign DOMAIN file permissions on folders on the file server so that the user doesn't need to enter a username or password to access the files because they are already authenticated to the domain at logon. group policy settings can be set from the DC reducing the need to set policies at the local machine.
you've got some options and i think you may want to discuss them all with your contractors of choice....
Option1: we'll call this one the "easy way"
File storage solution: acquire a NAS that is capable of user authentication and file permissions (most corporate level NAS devices are capable of this but make sure that the one you get is capable), transfer all files from novel systems over to the NAS and set up user permissions and file structure.
Pros: One location for all file storage, ability to "lock users" out of high security file locations, central management of all files and permissions.
Cons: users may have to enter their username and password to gain access to the system (this is actually a pro because it makes sure that someone can't get to the files unless they really are the person they say they are)
Email sollution1a: acquire actual email addresses for each user (either through your DNS registrar or your ISP) and set up each user's MS outlook to connect to the proper POP server so they can manage their own mail
Pros: one person no longer manages everyones mail and distributes it
Cons: cost
Email sollution1b: no change from current setup
Pros: no change in cost
Cons: one person is still in charge of the email
Option2: this one is "slightly more difficult"
File storage solution install one SBS server in a Workgroup environment. move all files from novel system. create local user for each person in the organization on the server. create file storage structure and assign permissions to the local users
Pros: One location for file storage, Central management of files and permissions.
Cons: local permissions for files are not as robust. still requires any settings for clients to be done at the client machine. sometimes it can be difficult to get multiple machines connected properly to a workgroup.
Email solution2a: acquire actual email addresses for each user (either through your DNS registrar or your ISP) and set up each user's MS outlook to connect to the proper POP server so they can manage their own mail
Pros: one person no longer manages everyones mail and distributes it
Cons: cost
Email solution2b: acquire actual email addresses for each user (either through your DNS registrar or your ISP) and set up exchange on SBS 2003 to distribute mail locally
Pros: one person no longer manages everyones mail and distributes it, with exchange you can set up certain spam rules and connection rules that could limit unwanted mail. with exchange you can also set up delivery rules and restrictions (i.e. no mail over 1mb or no zip files, or this guy can only send mail internally etc..)
Cons: cost and complexity of exchange management
Email solution2c: keep the current email structure the same (one email delivery point for everyone) but integrate it with exchange.
pros:one person no longer manages everyones mail and distributes it, with exchange you can set up certain spam rules and connection rules that could limit unwanted mail. with exchange you can also set up delivery rules and restrictions (i.e. no mail over 1mb or no zip files, or this guy can only send mail internally etc..)
Cons:complexity of exchange management
note: i have no idea how this would work as i've not done it...ever
Email solution2d: maintain MX record with domain registrar that points to SBS exchange server as your MTA.
explanation: this removes the usage of POP servers from your current mail host and transfers all mail directly from the sender to your exchange server via SMTP (you can also do POP or IMAP)...all email processing is done locally. you can create any number of email addresses and users as you like (you must have a license through Microsoft for each user) basically you become your own mail host
Pros: no reliance on outside MTA for mail. ultimate control over your mail environment.
Cons: cost of licensing, difficulty of management
Email sollution2e: no change from current setup
Pros: no change in cost
Cons: one person is still in charge of the email
Option3: this one is "most difficult"
File storage solution install one SBS server in a domain environment. move all files from novel system. create domain user for each person in the organization on the domain. create file storage structure and assign permissions to the domain users
Pros: One location for file storage, Central management of files and permissions. central management of domain client settings. central management of user settings
Cons: difficult to manage if you've never done it
Email solution3a: acquire actual email addresses for each user (either through your DNS registrar or your ISP) and set up each user's MS outlook to connect to the proper POP server so they can manage their own mail
Pros: one person no longer manages everyones mail and distributes it
Cons: cost
Email solution3b: acquire actual email addresses for each user (either through your DNS registrar or your ISP) and set up exchange on SBS 2003 to distribute mail locally
Pros: one person no longer manages everyones mail and distributes it, with exchange you can set up certain spam rules and connection rules that could limit unwanted mail. with exchange you can also set up delivery rules and restrictions (i.e. no mail over 1mb or no zip files, or this guy can only send mail internally etc..)
Cons: cost and complexity of exchange management
Email solution3c: keep the current email structure the same (one email delivery point for everyone) but integrate it with exchange.
pros:one person no longer manages everyones mail and distributes it, with exchange you can set up certain spam rules and connection rules that could limit unwanted mail. with exchange you can also set up delivery rules and restrictions (i.e. no mail over 1mb or no zip files, or this guy can only send mail internally etc..)
Cons:complexity of exchange management
note: i have no idea how this would work as i've not done it...ever
Email solution3d: maintain MX record with domain registrar that points to SBS exchange server as your MTA.
explanation: this removes the usage of POP servers from your current mail host and transfers all mail directly from the sender to your exchange server via SMTP (you can also do POP or IMAP)...all email processing is done locally. you can create any number of email addresses and users as you like (you must have a license through Microsoft for each user) basically you become your own mail host
Pros: no reliance on outside MTA for mail. ultimate control over your mail environment.
Cons: cost of licensing, difficulty of management
Email sollution3e: no change from current setup
Pros: no change in cost
Cons: one person is still in charge of the email
personally i would go with the easiest solution possible as it would reduce your reliance on contractors....the choice is obviously yours to make though...there are advantages to every solution but as you go up the scale you reach different levels of complexity...it's my opinion that with the size of your organization and the amount of users you've got...that the first solution would do everything you'd need to do...and the final solution (a domain) would introduce a bit more...."intellectual hardship" (that is not a knock to your skill or knowledge base.....domain management is easy....once you know what you're doing and have the knowledge...it is NOT easy to learn from scratch without detailed instruction)
first...there are three basic kinds of networks
Sneakernet: the oldest form of networking which relies on someone to physically transfer the data to be shared to some form of removable media (floppy, USB, CD ROM, DVD ROM, whatever) and walk from computer to computer to share it
Workgroup: native networking in most windows systems from windows 95 on up. User authentication takes place locally at each machine in the network. basic file sharing across an ethernet connection can be done by sharing files and folders, or other network resources (printers etc..) on the "host" computer. access policies can be accomplished locally by assigning folder permissions to the local users. normally a user will "map" a network drive from the "client" to the host by supplying a username and password native to the HOST computer. on each local machine only one user of any given name can exist (i.e. jsmith or hscooter) but there are no restrictions on how many users can have the same user name within the workgroup (i.e. you can have a jsmith on each machine) because these users are local to each computer in the network. all policy settings must be made locally on each machine in the network
Domain: also known as client server. domain networking is available on windows 2000 professional and up and is designed upon the concept of Microsoft's Active Directory structure. in a domain environment you have "clients" and servers. servers serve information to the clients. all authentication takes place on the Domain controller (DC) which means in any single domain you can only have one user with the same username. in a domain environment you can assign DOMAIN file permissions on folders on the file server so that the user doesn't need to enter a username or password to access the files because they are already authenticated to the domain at logon. group policy settings can be set from the DC reducing the need to set policies at the local machine.
you've got some options and i think you may want to discuss them all with your contractors of choice....
Option1: we'll call this one the "easy way"
File storage solution: acquire a NAS that is capable of user authentication and file permissions (most corporate level NAS devices are capable of this but make sure that the one you get is capable), transfer all files from novel systems over to the NAS and set up user permissions and file structure.
Pros: One location for all file storage, ability to "lock users" out of high security file locations, central management of all files and permissions.
Cons: users may have to enter their username and password to gain access to the system (this is actually a pro because it makes sure that someone can't get to the files unless they really are the person they say they are)
Email sollution1a: acquire actual email addresses for each user (either through your DNS registrar or your ISP) and set up each user's MS outlook to connect to the proper POP server so they can manage their own mail
Pros: one person no longer manages everyones mail and distributes it
Cons: cost
Email sollution1b: no change from current setup
Pros: no change in cost
Cons: one person is still in charge of the email
Option2: this one is "slightly more difficult"
File storage solution install one SBS server in a Workgroup environment. move all files from novel system. create local user for each person in the organization on the server. create file storage structure and assign permissions to the local users
Pros: One location for file storage, Central management of files and permissions.
Cons: local permissions for files are not as robust. still requires any settings for clients to be done at the client machine. sometimes it can be difficult to get multiple machines connected properly to a workgroup.
Email solution2a: acquire actual email addresses for each user (either through your DNS registrar or your ISP) and set up each user's MS outlook to connect to the proper POP server so they can manage their own mail
Pros: one person no longer manages everyones mail and distributes it
Cons: cost
Email solution2b: acquire actual email addresses for each user (either through your DNS registrar or your ISP) and set up exchange on SBS 2003 to distribute mail locally
Pros: one person no longer manages everyones mail and distributes it, with exchange you can set up certain spam rules and connection rules that could limit unwanted mail. with exchange you can also set up delivery rules and restrictions (i.e. no mail over 1mb or no zip files, or this guy can only send mail internally etc..)
Cons: cost and complexity of exchange management
Email solution2c: keep the current email structure the same (one email delivery point for everyone) but integrate it with exchange.
pros:one person no longer manages everyones mail and distributes it, with exchange you can set up certain spam rules and connection rules that could limit unwanted mail. with exchange you can also set up delivery rules and restrictions (i.e. no mail over 1mb or no zip files, or this guy can only send mail internally etc..)
Cons:complexity of exchange management
note: i have no idea how this would work as i've not done it...ever
Email solution2d: maintain MX record with domain registrar that points to SBS exchange server as your MTA.
explanation: this removes the usage of POP servers from your current mail host and transfers all mail directly from the sender to your exchange server via SMTP (you can also do POP or IMAP)...all email processing is done locally. you can create any number of email addresses and users as you like (you must have a license through Microsoft for each user) basically you become your own mail host
Pros: no reliance on outside MTA for mail. ultimate control over your mail environment.
Cons: cost of licensing, difficulty of management
Email sollution2e: no change from current setup
Pros: no change in cost
Cons: one person is still in charge of the email
Option3: this one is "most difficult"
File storage solution install one SBS server in a domain environment. move all files from novel system. create domain user for each person in the organization on the domain. create file storage structure and assign permissions to the domain users
Pros: One location for file storage, Central management of files and permissions. central management of domain client settings. central management of user settings
Cons: difficult to manage if you've never done it
Email solution3a: acquire actual email addresses for each user (either through your DNS registrar or your ISP) and set up each user's MS outlook to connect to the proper POP server so they can manage their own mail
Pros: one person no longer manages everyones mail and distributes it
Cons: cost
Email solution3b: acquire actual email addresses for each user (either through your DNS registrar or your ISP) and set up exchange on SBS 2003 to distribute mail locally
Pros: one person no longer manages everyones mail and distributes it, with exchange you can set up certain spam rules and connection rules that could limit unwanted mail. with exchange you can also set up delivery rules and restrictions (i.e. no mail over 1mb or no zip files, or this guy can only send mail internally etc..)
Cons: cost and complexity of exchange management
Email solution3c: keep the current email structure the same (one email delivery point for everyone) but integrate it with exchange.
pros:one person no longer manages everyones mail and distributes it, with exchange you can set up certain spam rules and connection rules that could limit unwanted mail. with exchange you can also set up delivery rules and restrictions (i.e. no mail over 1mb or no zip files, or this guy can only send mail internally etc..)
Cons:complexity of exchange management
note: i have no idea how this would work as i've not done it...ever
Email solution3d: maintain MX record with domain registrar that points to SBS exchange server as your MTA.
explanation: this removes the usage of POP servers from your current mail host and transfers all mail directly from the sender to your exchange server via SMTP (you can also do POP or IMAP)...all email processing is done locally. you can create any number of email addresses and users as you like (you must have a license through Microsoft for each user) basically you become your own mail host
Pros: no reliance on outside MTA for mail. ultimate control over your mail environment.
Cons: cost of licensing, difficulty of management
Email sollution3e: no change from current setup
Pros: no change in cost
Cons: one person is still in charge of the email
personally i would go with the easiest solution possible as it would reduce your reliance on contractors....the choice is obviously yours to make though...there are advantages to every solution but as you go up the scale you reach different levels of complexity...it's my opinion that with the size of your organization and the amount of users you've got...that the first solution would do everything you'd need to do...and the final solution (a domain) would introduce a bit more...."intellectual hardship" (that is not a knock to your skill or knowledge base.....domain management is easy....once you know what you're doing and have the knowledge...it is NOT easy to learn from scratch without detailed instruction)
#22
Posted 05 August 2008 - 03:47 AM
Daz3210
- Topic Starter
-
- Member
-
- 53 posts
Member
Thanks for that.
One problem that I do have is historical, and comes from having superiors that do not understand computers and how they have evolved.
Going back pre millenium we had an old Dos based network using I think Novell 3. These were the good old days when I found computing easy.
Then along came the millenium, and at the time I was not involved in the business (I left and later returned, but thats another story). With the millenium came the bug that resulted in a new computer 'system'. The contractor employed sold a Windows 95 peer to peer network, which was put simply insecure. Anyone could see everyone elses files.
This was quickly realised, and another contractor was found which recommended a return to Novell. The reason for Novell was that a cost effective upgrade was available on the back of the old Novell server licence. This returned a level of security that was satisfactory.
Eight years on the existing kit is becoming long in the tooth, and a replacement program is being considered. In an ideal world 'the boss' would expect a Novell replacement, but costs are again an issue, and SBS appears a cheaper option.
I have had my work cut out convincing him to even consider SBS because of his connection of Windows Server to Windows 95. He doesn't understand that they are two different animals, he sees them as all as part of the Windows family, therefore because 95 was insecure, all incarnations of Windows must be likely so. I have tried to tell him that even XP is pretty secure, but it is hard work convincing him.
So, what are my chances of convincing him of NAS being a solution. Nigh on nil I think. Which leaves SBS on some scale I guess. Lets forget email for a while, I think I am correct in thinking that the file server part and email are something that can coexists on the same machine, but can be set up at different times.
So, if I accept that I will end up with SBS, am I better plunging for a domain situation? Will this give any better reliability of connection over workgroups? I have a desktop and a laptop at home. The laptop has a network share over part of the desktop drives. Every so often the laptop fails to see the network share, for reasons I have yet to work out. Is this typical of a workgroup situation?
What I am half tempted to do is get hold of a reasonable spec machine, obtain the evaluation version of SBS from Microsoft and basically have a play ina non critical situation. Is this a good idea, or will I confuse myself even more? The geek in me is saying DO IT. What do you think?
One problem that I do have is historical, and comes from having superiors that do not understand computers and how they have evolved.
Going back pre millenium we had an old Dos based network using I think Novell 3. These were the good old days when I found computing easy.
Then along came the millenium, and at the time I was not involved in the business (I left and later returned, but thats another story). With the millenium came the bug that resulted in a new computer 'system'. The contractor employed sold a Windows 95 peer to peer network, which was put simply insecure. Anyone could see everyone elses files.
This was quickly realised, and another contractor was found which recommended a return to Novell. The reason for Novell was that a cost effective upgrade was available on the back of the old Novell server licence. This returned a level of security that was satisfactory.
Eight years on the existing kit is becoming long in the tooth, and a replacement program is being considered. In an ideal world 'the boss' would expect a Novell replacement, but costs are again an issue, and SBS appears a cheaper option.
I have had my work cut out convincing him to even consider SBS because of his connection of Windows Server to Windows 95. He doesn't understand that they are two different animals, he sees them as all as part of the Windows family, therefore because 95 was insecure, all incarnations of Windows must be likely so. I have tried to tell him that even XP is pretty secure, but it is hard work convincing him.
So, what are my chances of convincing him of NAS being a solution. Nigh on nil I think. Which leaves SBS on some scale I guess. Lets forget email for a while, I think I am correct in thinking that the file server part and email are something that can coexists on the same machine, but can be set up at different times.
So, if I accept that I will end up with SBS, am I better plunging for a domain situation? Will this give any better reliability of connection over workgroups? I have a desktop and a laptop at home. The laptop has a network share over part of the desktop drives. Every so often the laptop fails to see the network share, for reasons I have yet to work out. Is this typical of a workgroup situation?
What I am half tempted to do is get hold of a reasonable spec machine, obtain the evaluation version of SBS from Microsoft and basically have a play ina non critical situation. Is this a good idea, or will I confuse myself even more? The geek in me is saying DO IT. What do you think?
#23
Posted 05 August 2008 - 06:17 AM
dsenette
-
- Community Leader
-
- 26,047 posts
Je suis Napoléon!
novell and windows 95....you had it rough....
windows 95 was/is not secure....it wasn't built to be secure...and it wasn't built for networking
XP pro was built for the specific purpose of being a network OS....and SBS is...well it's designed from the ground up to be networked as that's it's only real purpose
if their main concern is file security...and only file security....then a good enterprise/corporate NAS would give them everything they could ever want as far as file security is concerned.....with a GOOD NAS you can do everything their novell server could do and more as far as file permissions are concerned.
with SBS you have the ABILITY to get even more security through group policy....this is ONLY the case if you implement a domain structure....if you've got SBS sitting there as a file server in a Workgroup (peer to peer) environment...then all you've got is a NAS sitting in the corner running a bunch of services that you don't need running on a NAS...
so the deciding factor comes down to what the final result really needs to be.....does your company only want to control access to files? or do they want to be able to control pretty much anything done on the computers in the environment (like keep people from installing poker games)
windows 95 was/is not secure....it wasn't built to be secure...and it wasn't built for networking
XP pro was built for the specific purpose of being a network OS....and SBS is...well it's designed from the ground up to be networked as that's it's only real purpose
if their main concern is file security...and only file security....then a good enterprise/corporate NAS would give them everything they could ever want as far as file security is concerned.....with a GOOD NAS you can do everything their novell server could do and more as far as file permissions are concerned.
with SBS you have the ABILITY to get even more security through group policy....this is ONLY the case if you implement a domain structure....if you've got SBS sitting there as a file server in a Workgroup (peer to peer) environment...then all you've got is a NAS sitting in the corner running a bunch of services that you don't need running on a NAS...
so the deciding factor comes down to what the final result really needs to be.....does your company only want to control access to files? or do they want to be able to control pretty much anything done on the computers in the environment (like keep people from installing poker games)
#24
Posted 05 August 2008 - 07:20 AM
Daz3210
- Topic Starter
-
- Member
-
- 53 posts
Member
Games are a problem, as is surfing websites for other than work purposes, so if we could get a hold over that this would be an advantage.
Its just something we haven't found a solution to yet.
Its just something we haven't found a solution to yet.
#25
Posted 05 August 2008 - 07:23 AM
dsenette
-
- Community Leader
-
- 26,047 posts
Je suis Napoléon!
the internet surfing will require some other software/hardware.....natively SBS can't really managed being a web filter....for that you're going to need something designed to be a webfilter
if you want more info on that i've got a few options (don't want to overload you)
if you want more info on that i've got a few options (don't want to overload you)
#26
Posted 05 August 2008 - 07:24 AM
dsenette
-
- Community Leader
-
- 26,047 posts
Je suis Napoléon!
by the way...this whole post has been really fun so far hehe
#27
Posted 05 August 2008 - 07:49 AM
Daz3210
- Topic Starter
-
- Member
-
- 53 posts
Member
Don't worry about overload, I rather get all the options now than suffer the same error as was suffered back in 2000.
So with a webfilter system what do you need
So with a webfilter system what do you need
#28
Posted 05 August 2008 - 08:14 AM
dsenette
-
- Community Leader
-
- 26,047 posts
Je suis Napoléon!
there are more options than possible to list here for webfilters....
the two main options are hardware or software
i use a hardware webfilter and a software webfilter as a backup
my hardware filter is a barracuda networks webfilter...i love the thing...it's really easy to set up and use...and it does a good job
for the software i've actually got a virtual machine running a pre configured vmware appliance that runs a squid proxy server with a dansguardian web filter on it....again..simple to use IF you've used squid and dans before
the two main options are hardware or software
i use a hardware webfilter and a software webfilter as a backup
my hardware filter is a barracuda networks webfilter...i love the thing...it's really easy to set up and use...and it does a good job
for the software i've actually got a virtual machine running a pre configured vmware appliance that runs a squid proxy server with a dansguardian web filter on it....again..simple to use IF you've used squid and dans before
#29
Posted 05 August 2008 - 08:55 AM
Daz3210
- Topic Starter
-
- Member
-
- 53 posts
Member
So would that mean we need an extra machine on which to run the web filter software? Or could it all be run on the SBS box (if we went this route).
Obviously if we went down a hardware route I guess that means some kind of fancy router to do the work, am I right?
Obviously if we went down a hardware route I guess that means some kind of fancy router to do the work, am I right?
#30
Posted 05 August 2008 - 08:58 AM
dsenette
-
- Community Leader
-
- 26,047 posts
Je suis Napoléon!
the hardware route is always a self contained box that you usually just plug in and make some setting changes on
the software route...i would suggest running it on a seperate machine as the software options always take up A LOT of space
the software route...i would suggest running it on a seperate machine as the software options always take up A LOT of space
Similar Topics
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users
As Featured On:
Sign In
Create Account
