Difference between revisions of "Trillex small business server 2008"
| Line 158: | Line 158: | ||
After having tried the above, I've decided to just make a small network with just 2 computers in it with no connectivity to the internet. I enabled the scope, I described earlier and set it's gateway and DNS to the fictional router. I've updated both client and server so I shouldn't require any web access. | After having tried the above, I've decided to just make a small network with just 2 computers in it with no connectivity to the internet. I enabled the scope, I described earlier and set it's gateway and DNS to the fictional router. I've updated both client and server so I shouldn't require any web access. | ||
| − | + | == Problems I Ran Into and How to Fix == | |
I started out on a different network than I was going to end up on, so my DNS had already put in all of the information required for that IP and network. This made everything a bit tricky since my client wouldn't be able to resolve anything as the DNS server is out of reach. | I started out on a different network than I was going to end up on, so my DNS had already put in all of the information required for that IP and network. This made everything a bit tricky since my client wouldn't be able to resolve anything as the DNS server is out of reach. | ||
To fix it, I had to reinstall the role DNS server and let it reconfigure itself. Afterwards, everything worked without a hitch. | To fix it, I had to reinstall the role DNS server and let it reconfigure itself. Afterwards, everything worked without a hitch. | ||
Revision as of 12:10, 23 September 2009
Contents
Deployment of Small Business Server 2008
THIS IS AN UNDERGOING PROJECT. MOST THINGS, IF NOT ALL, WILL CHANGE DURING THIS WEEK!
IF YOU SEE AN ERROR, CONTACT ME.
Introduction
For this week, I am going to deploy a Small Business Server 2008, that would be suitable for a "standard" business.
Just to give me some kind of aim, I will put up these demands for myself:
The company got 15 computers. They require logins that goes through an exchange server. As any normal company, they also require emails, a website, personal login and a means of getting their files stored remotely on the server. A VPN connection for the workers as well as a means to manage the server remotely could also be mandatory.
Introduction to 64 bit Architecture
With Windows Server 2008, Microsoft made their operating system 64 bit. This is done for several reasons, but the "main" part of it is that it supports more than 4 GB of memory. They've actually made it mandatory, so you cannot install it without less.
There are more to it, but mostly in memory allocations i.e. larger address spaces, wider registers and data paths. If a 64 bit operating system is handling a 64 bit compiled program or game, it will feel faster in that it got less limitations. This means that the processor can process more data at a time.
Small Business Server 2008
Microsoft have developed this branch of server operating systems to benefit smaller business that does not require big servers. By doing this, they've made a cheaper license that most business can afford with the ability to update.
Features and Components
- E-mail Server Application (Through Exchange).
- IIS Server Application. This is essentially a webserver.
- DHCP server
- DNS server
- Active Directory for handling Users and Groups
- Remote Web Workplace, Remote Desktop and VPN support
- Firewall
- Virus Scanner in the form of OneCare.
Limitations and Requirements
Windows Small Business Server 2008 got certain restrictions. This is because Microsoft wanted this to fit, as the name says, a small business so they put in some limitations to make the server operating system cheaper. Most business will not affected by these limitations. A lot of the limitations, like specific amount of space for emails, can be managed by implanting business policies - such as making sure you keep a tidy email account.
These limitations are:
- Only one SBS server in a domain. The domain can only handle more servers if these are of a different operating system, i.e. like linux, Windows Server etc.
- SBS is very picky about domains. It can only handle one and no child domains.
- Must be the root of the Active Directory forest.
- It is limited to 75 users (licenses).
- Earlier versions of SBS were limited to max 4 GB of memory. SBS 2008 requires a minimum of 4 GB and got a maximum limited of 32 GB. This is due to earlier versions being based on the x86 (32 bit) architecture while 2008 is based on x86-64 (64 bit). This change is because of Exchange Server 2007 is running in 64 bit.
- There are two different versions of SBS 2008. Standard Edition and Premium Edition. The difference between the two are: Premium includes a license to another Windows Server as well as MSSQL database.
- I am not certain if this limitation is still active in 2008 - but in Small Business Server 2003 service pack 2, the Exchange server limits you to 75 GB of emails.
If the business suddenly hits one of these limitations and needs to grow even further, it is possible to upgrade to a bigger license.
Installation of Small Server Business 2008
Everybody knows how to press next and fill it out. So I will only fill this out with information that deems necessary to this project.
Partitioning
Normally, a server will have several harddrives in it and will run a certain kind of raid. Some people like to partition their harddrives to make it more "manageable" because they can assign certain drive letters to specific things, like documents for users etc. This is not at all necessary but can be easier to mange for certain people. I have decided not to do it - simply because it is not needed. By doing it this way, you will also force yourself to "read" drive/folder layouts and optimize them properly. This might be a linux thing but I prefer it this way.
In short, it's a matter of preference.
Updating and Virus Protection
Throughout the installation, it asks us whether or not we want to keep it up to date with updates and install it's virus scanner. We might as well, eh? Don't do it if you plan on using another one.
Post-installation
For the love of everything, remove UAC at once. It will make you hate everyone. Do that now.
Setting it Up
Internet Connectivity
An important part of a good business network, is having a constant connection to the Internet.
As we do not have a server with two ethernet interfaces, we are forced to do it a different way.
I believe that the best way to do it, is to let the router do the "sharing" and make the server give the IP, gateway and DNS information through it's DHCP server with a standard scope.
As I cannot do this with the current setup, I will not attempt it.
Adding Computers to the Domain
A pretty nice change in SBS is the ability to add computers. Not only does it add a computer, but it also installs certain tools to make sure that you can monitor a computer without having to physically look at it, i.e. it monitors virus scanner, status, updates etc and gives you a means to log on to it if needed. The way to do this is:
- Have a ready made XP installation. Login as Administrator.
- Go into a webbrowser and go to http://connect - or plug in a USB drive and tell the server to put the necessary files on there
- Follow the simple wizard.
Easy Configuration
Small Server Business 2008 have truly made it a lot easier to manage users and setting up the system. Upon installation, it starts up and installs the most commonly used services and utilities, such as DNS, IIS, Active Directory and more (These are also called roles and features). But the Windows SBS Console also allows for some amazing wizard options. If you want to add a user, it will automatically create a personal share for it, set the permissions for that folder as well as a "global" shared folder, create an email and send them a default "Welcome" email. Along with this, it can also print out this information. It is sort of a default way to do it, which can be very limiting to some.
While certainly streamlining the general process of managing and monitoring the server and the network, it can get very limiting in certain aspects and if you want to do something that isn't in the SBS Console, you will have to dig it out. If you are not familiar with earlier versions of SBS or Windows Server in general, you could get into a lot of problems doing something that was meant to be easy - like changing DHCP scope options, advanced permissions and logon scripts.
Network Diagram
This network diagram is suited for a very standard small business.
Note that since I do not have access to a computer with two ethernet interfaces, I have made it so I will not require this on the diagram. This can be a problem for certain businesses, since you cannot set up a proper firewall or monitor internet activity etc., except through a router's very limited monitoring tools and firewall. It is, however, possible.
It can be done in many ways, but this is a pretty good one for what we got.
Remember that this is not how it will look physically.
What we got is a router that connects to the internet. We could have connected the server directly to the router and the switch with it, but that could create a necessary burden on the router - which could strain the network if huge amounts of datas are passed through. You CAN do it but there is no reason to it, if you already got a switch handy. Why would it do this? Well, every packet going to the server would have to go into the inbuilt switch in the router as well as every packet aiming for the web, would have to go through it. Again, you can do it but it is not ideal.
Now that we cleared that up, we got a switch connected to the router. This switch is connected to the server and as many computers there are in the company. Notice that there easily could be more switches in the physical setup, due to computers being spread out in different departments and offices.
IP Table
| IP | Device | DHCP or Static | Gateway | DNS |
|---|---|---|---|---|
| 192.168.1.1/24 | Router | Static | ||
| 192.168.1.2/24 | SBS 2008 Server | Static | ||
| 192.168.1.10-254/24 | Computers and Devices* | DHCP |
* Devices are network printers, IP phones and everything else that would require an IP.
Pretty straightforward and easy.
How to Simulate at Mercantec
I do not have access to 15 computers or devices nor do I want to have to set up an entire Cisco Router just for this project, so I cut some corners on certain things but will still accomplish the same thing. I am only writing this here, so I can keep it organized and noted down.
After consulting Henrik about the network here, he suggested that I just use some IPs freely available here and create it out from that. These two are:
192.168.138.128192.168.138.131
What I will do is give the server the first IP and the computer the second one. Because of this, I cannot install DHCP. I find that installing DHCP is pretty forward anyway and shouldn't need to be documented as we can just assume it is there. It is used for Internet Connectivity section and I will describe it like it is used like that. But if it is needed, let me know and I can find another way to do it.
After having tried the above, I've decided to just make a small network with just 2 computers in it with no connectivity to the internet. I enabled the scope, I described earlier and set it's gateway and DNS to the fictional router. I've updated both client and server so I shouldn't require any web access.
Problems I Ran Into and How to Fix
I started out on a different network than I was going to end up on, so my DNS had already put in all of the information required for that IP and network. This made everything a bit tricky since my client wouldn't be able to resolve anything as the DNS server is out of reach.
To fix it, I had to reinstall the role DNS server and let it reconfigure itself. Afterwards, everything worked without a hitch.