Overclockers Australia Forums
OCAU News - Wiki - QuickLinks - Pix - Sponsors  

Go Back   Overclockers Australia Forums > Specific Hardware Topics > Business & Enterprise Computing

Notices


Sign up for a free OCAU account and this ad will go away!
Search our forums with Google:
Reply
 
Thread Tools
Old 8th May 2012, 4:12 PM   #16
tin Thread Starter
Member
 
tin's Avatar
 
Join Date: Jul 2001
Location: Narrabri NSW
Posts: 5,801
Default

Quote:
Originally Posted by rainwulf View Post
3: Stability. An SBS box is a finely tuned hunk of shit travelling along at around 100kmh an hour on a bumpy road with a flat tyre.
I think that's pretty clear - Every SBS version I've ever seen is a fight to do almost anything if MS hasn't coded in a popup to tell you to do it.

Some of the other points are fair enough though... None of them really showstoppers though IMO. I mean if you put 2 boxes into a small business and hand them the passwords, if someone's going to break Exchange by installing something, they're just as capable of doing it on the non-TS box as the TS one, aren't they?
__________________

The software required Win95 or better, so I installed Linux.
Question marks are the new full stop?
tin is offline   Reply With Quote

Join OCAU to remove this ad!
Old 8th May 2012, 4:17 PM   #17
mwd
Member
 
mwd's Avatar
 
Join Date: Jul 2002
Location: Sydney
Posts: 199
Default

Quote:
Originally Posted by tin View Post
I mean if you put 2 boxes into a small business and hand them the passwords, if someone's going to break Exchange by installing something, they're just as capable of doing it on the non-TS box as the TS one, aren't they?
Um no? Firstly you don't give them login rights to the main server. They would only be able to install programs on the TS box.

The TS box would just be a member on the domain, not a domain controller, if setup correctly nothing they do would break exchange.

No one should ever logon to the SBS box.

EDIT: SBS 2011 is really pretty good. Yes running Exchange/Sharepoint/AD etc on one box can cause some issues, if setup correctly it is mostly stable. You just need to be a bit careful when patching it. Also 16gb+ ram and Raid 10 SATA min (this is not expensive anymore).

Last edited by mwd; 8th May 2012 at 4:19 PM.
mwd is offline   Reply With Quote
Old 8th May 2012, 5:13 PM   #18
Iceman
Member
 
Iceman's Avatar
 
Join Date: Jun 2001
Location: Brisbane (nth), Australia
Posts: 6,481
Default

Quote:
Originally Posted by rainwulf View Post
LOTS OF SENSE
Listen to this man, for he speaks the truth.

In case you're wondering if this is still a good idea, I invite you to watch this for a while.

http://goo.gl/nC69J
__________________
_,`,_,`,_,`,_

WTB: Cisco 1801-M PM me
Please rehash my posts and pass them off as your own ideas! Triple points for doing it in the same page of the thread. Plagiarism is the sincerest form of copyright infringement.
Iceman is online now   Reply With Quote
Old 8th May 2012, 7:57 PM   #19
rainwulf
Member
 
Join Date: Jan 2002
Location: bris.qld.aus
Posts: 2,953
Default

Quote:
Originally Posted by tin View Post
I think that's pretty clear - Every SBS version I've ever seen is a fight to do almost anything if MS hasn't coded in a popup to tell you to do it.

Some of the other points are fair enough though... None of them really showstoppers though IMO. I mean if you put 2 boxes into a small business and hand them the passwords, if someone's going to break Exchange by installing something, they're just as capable of doing it on the non-TS box as the TS one, aren't they?
If you give them the passwords, but never give them a reason to log into the SBS box, your exchange is bulletproof. It however requires you to be on the admin mailing list to get the reports, and probably setup a service contract with the client to do a monthly login to check things like updates, exchange size, check the queues, just give it a once over.

All the sbs boxes i personally administer have got teamviewer on as well as RDP from vpn, and the only person who has absolutely admin access is myself.

If a client absolutely insists on managing their own SBS box, more power to them, just make sure you have a robust backup solution, and shadow volume service running, and that will make you look like a hero when they DO break it.

Another thing i do is NOT run an AV on the SBS box itself, but use av protection before and after the box. I have found AVs cause more issues then they solve on an SBS box, especially fucking trendmicro trouble free... grr.

Anyway this is a derail, back to the initial OP, do not run TS from an sbs box.
As you can see, MS actually make it hard on purpose.
__________________
derp
rainwulf is offline   Reply With Quote
Old 8th May 2012, 8:22 PM   #20
tin Thread Starter
Member
 
tin's Avatar
 
Join Date: Jul 2001
Location: Narrabri NSW
Posts: 5,801
Default

Quote:
Originally Posted by Iceman View Post
In case you're wondering if this is still a good idea, I invite you to watch this for a while.
http://goo.gl/nC69J
LOL - I love the way he says stuff

And don't worry - we've stopped even trying. Probably going with Server Standard instead and forgetting about Exchange. They weren't going to get huge benefits from it and it's looking easier (and cheaper) just to forget it.

Quote:
Originally Posted by rainwulf View Post
All the sbs boxes i personally administer have got teamviewer on as well as RDP from vpn, and the only person who has absolutely admin access is myself.
We really don't like doing that. We've been on the follow-up side of those sort of deals, when the original guy/business disappears or pisses the client off. It's not a huge problem, but it's another problem that needs solving before the one the client has asked us to look at. Sometimes I'd like to not tell the owners, but it just seems wrong.
__________________

The software required Win95 or better, so I installed Linux.
Question marks are the new full stop?
tin is offline   Reply With Quote
Old 8th May 2012, 8:28 PM   #21
mwd
Member
 
mwd's Avatar
 
Join Date: Jul 2002
Location: Sydney
Posts: 199
Default

Quote:
Originally Posted by tin View Post
And don't worry - we've stopped even trying. Probably going with Server Standard instead and forgetting about Exchange. They weren't going to get huge benefits from it and it's looking easier (and cheaper) just to forget it.
Er okay, please remember that you still should not install TS on a domain controller! I would recommend just getting another server and getting the SBS premium add-on for TS (not expensive and it is basically just 2008 R2 standard).

What do you mean by cheaper? They already have SBS! Exchange is great, what would you replace it with?

To be honest it sounds like you have no idea what you're doing. I suggest hiring an IT company that can provide real support and setup Microsoft products correctly.
mwd is offline   Reply With Quote
Old 8th May 2012, 8:29 PM   #22
rainwulf
Member
 
Join Date: Jan 2002
Location: bris.qld.aus
Posts: 2,953
Default

Thats where documentation comes in handy.
All my clients have an up to date excel file with usernames/passwords to routers, sbs servers, access points, IPs of critical devices.

I dont actually lock them out, they just dont touch them because they know that i take care of it all.
I have around 10 companies like that paying me a monthly contract fee to monitor and keep their servers and critical devices/machines up to date, backed up etc
If anything happens, they hand over the excel file. I have had it happen twice in the last 4 years, one company got bought out by a much bigger company with their own in house IT, and the other one wanted someone who didnt have to drive 1.5 hours for a callout. In both cases, a handover of the folder containing all critical software, logs, username/passwords to routers and machines.
__________________
derp
rainwulf is offline   Reply With Quote
Old 8th May 2012, 8:32 PM   #23
rainwulf
Member
 
Join Date: Jan 2002
Location: bris.qld.aus
Posts: 2,953
Default

You didnt just get SBS 2011 because its a bit cheaper then 2008R2 did you?

If you got SBS2011, it offers you a LOT of options and features that 08R2 cant offer by itself.

Honestly, you need to really sit down and look at what the client wants now, and wants in the future.

You really also need to look at virtualisation as well.
__________________
derp
rainwulf is offline   Reply With Quote
Old 9th May 2012, 8:57 AM   #24
ra66it
Member
 
ra66it's Avatar
 
Join Date: Oct 2007
Location: Melbourne
Posts: 821
Default

Quote:
Originally Posted by rainwulf View Post
7: AV. You have to run a semi decent AV on a ts machine. There is a good chance, nay, GREAT chance that one day your AV will think store.exe is doing weird things, and oh, your exchange store is now hosed. Thats ignoring sql, wid, IIS.
Any decent AV has an exclusion list where exchange files are specifically excluded by default, or the admin needs to manually populate the list. Microsoft publishes a list of files to exclude.

But Trend "worry free" on exchange is a heap of shit, as someone else mentioned
ra66it is offline   Reply With Quote
Reply

Bookmarks

Sign up for a free OCAU account and this ad will go away!

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT +10. The time now is 9:56 AM.


Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd. -
OCAU is not responsible for the content of individual messages posted by others.
Other content copyright Overclockers Australia.
OCAU is hosted by Internode!