Pitbull
Verboten
WTH happened to him
He really sounds like he knows his **** no i'll be stuck in the dark
-
Join the MyBroadband community
South Africa’s biggest forum. Discuss, discover, and connect with thousands of members.
-
Question of the Day: Have you ever been to an airshow?
Server setup.
- Thread starter Pitbull
- Start date
WTH happened to him
He really sounds like he knows his **** no i'll be stuck in the dark
riggs_9mmp
Well-Known Member
- Joined
- Sep 15, 2005
- Messages
- 221
- Reaction score
- 0
dont worry frenchi is here. he's just been banned till tomorrow.
Pitbull
Verboten
riggs_9mmp
Well-Known Member
- Joined
- Sep 15, 2005
- Messages
- 221
- Reaction score
- 0
he shot his mouth off in another thread...
1.) Don't use software raid. Use server orientated hardware (server board, reputable raid controller)
2.) SBS can work and prolly will considering you don't need a large license volume and nor huge RAS requirements (load balance, fail-over, etc), but I would highly recommend a strong firewall between the server and the WAN. Redundant PSU (buy a spare hotswop unit) and Raid 5 + hotspare do come to mind if you don't want to worry too much about hardware.
3.) UPS is needed if you like your exchange. A generator is a bonus.
4.) Make a decent active directory group policy that will lock down certain parts of of the domain pc's. (can even change "My doc's" folder to be automagically mapped onto the server)
5.) Please put a little bit of structure into active directory. This makes life easier when implementing policies, restrictions and so forth.
6.) Write down the way things were setup, including passwords and store it in a safe.
7.) Backups! maybe get an RDX (HDD) device, tape or similar to do regular backups (store recent locally and previous off-site, or make duplicates for both... had enough of customers crying cos their stuff did borked) -- The techie you get in will look at you and say something like "Eish! sorry for you!" when things go pear
8.) Maybe install SUS so windows updates are only downloaded once. Get some corporate antivirus as well (email and flash drives are ev0l)
9.) Don't touch the server unless it is really sick. Lock it up in a room, cage, anything that will stop the evil minions from believing that the mysterious box in the corner is a toy. PS, you still want to hear the alarms on the server when a drive/psu is feeling sad and air-conditioning/comfortable environment not only makes people happy, but servers too.
2.) SBS can work and prolly will considering you don't need a large license volume and nor huge RAS requirements (load balance, fail-over, etc), but I would highly recommend a strong firewall between the server and the WAN. Redundant PSU (buy a spare hotswop unit) and Raid 5 + hotspare do come to mind if you don't want to worry too much about hardware.
3.) UPS is needed if you like your exchange. A generator is a bonus.
4.) Make a decent active directory group policy that will lock down certain parts of of the domain pc's. (can even change "My doc's" folder to be automagically mapped onto the server)
5.) Please put a little bit of structure into active directory. This makes life easier when implementing policies, restrictions and so forth.
6.) Write down the way things were setup, including passwords and store it in a safe.
7.) Backups! maybe get an RDX (HDD) device, tape or similar to do regular backups (store recent locally and previous off-site, or make duplicates for both... had enough of customers crying cos their stuff did borked) -- The techie you get in will look at you and say something like "Eish! sorry for you!" when things go pear
8.) Maybe install SUS so windows updates are only downloaded once. Get some corporate antivirus as well (email and flash drives are ev0l)
9.) Don't touch the server unless it is really sick. Lock it up in a room, cage, anything that will stop the evil minions from believing that the mysterious box in the corner is a toy. PS, you still want to hear the alarms on the server when a drive/psu is feeling sad and air-conditioning/comfortable environment not only makes people happy, but servers too.
riggs_9mmp
Well-Known Member
- Joined
- Sep 15, 2005
- Messages
- 221
- Reaction score
- 0
A few comments if I may:
1.) Don't use software raid. Use server orientated hardware (server board, reputable raid controller) SME does support hardware RAID, but it's software RAID is really fine for the intended purpose.
2.) SBS can work and prolly will considering you don't need a large license volume and nor huge RAS requirements (load balance, fail-over, etc), but I would highly recommend a strong firewall between the server and the WAN. SME is a brilliant firewall. Redundant PSU (buy a spare hotswop unit) and Raid 5 + hotspare do come to mind if you don't want to worry too much about hardware.
3.) UPS is needed if you like your exchange. A generator is a bonus. UPS yes, generator = overkill.
4.) Make a decent active directory group policy that will lock down certain parts of of the domain pc's. (can even change "My doc's" folder to be automagically mapped onto the server) Dude, simplicity is the answer here. SME automatically creates a mapped folder for each user, you can simply change the properties of My Documents to point there. Although then if you're away from the office, your docs will be left behind.
5.) Please put a little bit of structure into active directory. This makes life easier when implementing policies, restrictions and so forth.
6.) Write down the way things were setup, including passwords and store it in a safe. Always a good idea.
7.) Backups! maybe get an RDX (HDD) device, tape or similar to do regular backups (store recent locally and previous off-site, or make duplicates for both... had enough of customers crying cos their stuff did borked) -- The techie you get in will look at you and say something like "Eish! sorry for you!" when things go pear. You can setup and extre SME box to replicate to, but in most cases a USB drive with a scheduled backup (SME does this too) is fine.
8.) Maybe install SUS so windows updates are only downloaded once. Get some corporate antivirus as well (email and flash drives are ev0l) Antivirus on the desktops yes, SUS no. You don't want ALL the Windows updates on your desktops, trust me. Rather download Autopatcher and deploy them manually once a month, and only the really critical ones. Windows updates will slow your machines down over time because of all the rubbish it installs. I've seen this over and over and over. SME has built in virus scanning for the server and email, it does not however have enterprise wide deployable AV like the Trend products. I think there is a contrib that does this though, havn't tried.
9.) Don't touch the server unless it is really sick. Lock it up in a room, cage, anything that will stop the evil minions from believing that the mysterious box in the corner is a toy. PS, you still want to hear the alarms on the server when a drive/psu is feeling sad and air-conditioning/comfortable environment not only makes people happy, but servers too.
Software raid is nice until it breaks. I'd still go for hardware. if the card breaks, most modern cards can import the previous raid-set with little to no fuss. Less things to go wrong IMO. Hardware raid + BBU (to enable cache) = really nice performance and safety.
I'd still keep a firewall (seperate device/box) between the wan (think an ISP used to provide one on their business adsl, but having your own isn't a bad idea) and the server. A honeypot (additional toy the hackers might enjoy) is nice if you an a retired box lying around.
SME might be really cool to use, but not everybody knows linux. So simplicity would prolly be a win2k3svr + SBS. Windows can pretty much be setup by a semi-trained, half-witted monkey (maybe not wise though). Don't know about SME, but I think it requires more skillz.
Yeah SUS can be annoying, but I'd rather take my chances, unless you want a sysadmin full-time.
I'd still keep a firewall (seperate device/box) between the wan (think an ISP used to provide one on their business adsl, but having your own isn't a bad idea) and the server. A honeypot (additional toy the hackers might enjoy) is nice if you an a retired box lying around.
SME might be really cool to use, but not everybody knows linux. So simplicity would prolly be a win2k3svr + SBS. Windows can pretty much be setup by a semi-trained, half-witted monkey (maybe not wise though). Don't know about SME, but I think it requires more skillz.
Yeah SUS can be annoying, but I'd rather take my chances, unless you want a sysadmin full-time.
Last edited:
I have to support bleeding SBS - it's prolly far more than will ever be needed by an organisation that size - and it's a real pain to setup, maintain and backup.
With the benefit of hindsight I'd go with something like SME or a custom linux/oss setup.
With the benefit of hindsight I'd go with something like SME or a custom linux/oss setup.
riggs_9mmp
Well-Known Member
- Joined
- Sep 15, 2005
- Messages
- 221
- Reaction score
- 0
once again, the setup of SME is so simple a child could do it, and the whole thing is managed through a web interface. check it out and post some comments. we all know SBS and Win2K3 server, take a look at some other options.
SME 7.1 actually looks basic enough (just ran through the screenshots). WebGUI does look easy, making the box appliance like. Nice intro to swervers, plug and plug OS.
I would love to see if it picks up my hardware like SLES10 and openfiler/freenas
Definitely need to play with it in the lab when I get time.
I would love to see if it picks up my hardware like SLES10 and openfiler/freenas
Definitely need to play with it in the lab when I get time.
riggs_9mmp
Well-Known Member
- Joined
- Sep 15, 2005
- Messages
- 221
- Reaction score
- 0
please post results here guys, this OS rocks and needs a bit more exposure locally.
wow, easiest setup i've ever come across...
took me a while to figure out that you have to login as 'admin' instead of root, and then the webadmin interface is https://ip/server-manager/
otherwise no real problems yet!
http://wiki.contribs.org/SME_Server:documentation for the clueless
took me a while to figure out that you have to login as 'admin' instead of root, and then the webadmin interface is https://ip/server-manager/
otherwise no real problems yet!
http://wiki.contribs.org/SME_Server:documentation for the clueless