This is the second of a three part series that covers the basics of installing, configuring and maintaining Microsoft Small Business Server 2003. This part focuses on configuring Small Business Server to work with users and workstations as well features like remote access.

1. Small Business Server
B siness Se e
Part 2
Presented by :
Robert Crane BE MBA MCP
director@ciaops.com
director@ciaops com
Computer Information Agency
http://www.ciaops.com
Agenda
Week 1 – What is SBS / Setup
Week 2 – Using & configuring SBS
Week 3 - Troubleshooting
2

2. Week 2 Agenda
Connecting to Internet
Remote access
Setting up user network user
Setting up network workstations
Setting up monitoring
Setting up backups
Faxing
Sharepoint 3
The plan
Workstation
Remote User
Tape Drive
Switch
ADSL Router
SB Server Internet
Fax Modem
4

3. SBS supported connection
methods
Broadband connection with local
router.
Direct broadband connection.
Broadband connection with user
authentication ( PPoE ).
Dial up.
5
Dial up
• Up to 56k Bps speed ( slow )
p p p ).
• Cheap.
• Local call cost on every connection.
• No additional firewall protection.
• Di l up must configured on server.
Dial t fi d
LAN
Switch
Modem
SB Server Internet 6

4. Broadband – Local router
• Fast.
• Normally used for servers with a single network
card
• Always on.
• No additional firewall protection.
• Unable to use SBS as additional firewall
• More complex to maintain.
Switch
SB Server DSL or Internet 7
cable modem
Broadband – User
authentication
• Fast.
• ISP login details configured on server.
• Always on.
• No additional firewall protection.
• Connection must be configured on server.
• More complex to maintain.
LAN
Switch
SB Server DSL or Internet
8
cable modem

5. Direct Broadband
• Fast.
• No ISP login details to maintain.
• Always on.
• Additional firewall protection.
• Connection doesn’t have to be configured on server.
• Internet connection load maintained independent of server.
• More reliable and easier to configure / troubleshoot.
LAN
Switch
SB Server Router / Firewall Internet 9
Server Management
10

6. 11
Web domain names
Appears far more professional
professional.
Cheap and portable ( ie can move
between Internet providers ).
Is easier to remember than a static IP
address.
Can have multiple domain names
pointing to same or different servers.
12

7. Need to know
Connection method.
method
ISP login / password if required.
IP address of router.
ISP DNS addresses.
Remote access options ( Remote Web
Workplace, Outlook Web Access, etc ).
Whether plan to use server for
receiving Internet emails. 13
Connect to the Internet
14

8. Connect to the Internet
15
Connect to the Internet
16

9. Connect to the Internet
17
Connect to the Internet
18

10. Connect to the Internet
19
Connect to the Internet
20

11. Connect to the Internet
21
Connect to the Internet
22

12. Connect to the Internet
23
Connect to the Internet
24

13. Connect to the Internet
25
Connect to the Internet
26

14. Connect to the Internet
27
Hardware firewall config
Need to allow following ports through
hardware firewall to SBS machine ( router
port forwarding )
– Port 21 = File Transfer Protocol ( FTP )
– Port 25 = Internet emails
– Port 80 = Web site
– Port 110 = Allow POP3 to Exchange
– Port 500, 1701, 1723 = VPN protocols
– Port 443 = Permit secure web connections
– Port 444 = External Sharepoint access
– Port 3389 = Terminal Services
– Port 4125 = Remote Web Workplace 28

15. Port forwarding
No forwarding
Firewall / router
X Internet
SB server
Port forwarding
Firewall / router
Web : 80
Email : 25
Internet
SB Server
Secure : 443
Remote : 3389 29
RWW : 1425
Less open ports the
better
Minimum open ports
– Port 443 = Permit secure web
connections
– Port 4125 = Remote Web Workplace
30

16. SBS Certificate
SBS creates its own encryption certificate so
that remote traffic is protected.
This certificate is not authenticated by
“trusted third parties” like Verisign.
When you access SBS remotely you will
prompted with a warning about the
certificate.
To overcome this warning in future simply
install the certificate onto the device.
31
SBS Certificate
32

17. Connect to the Internet
Demo
33
Corporate web site
Use an external hosting business,
business
unless you run a back end database.
– Web sites are most subject to attack.
– Web site traffic can slow link.
– If your SBS is down your web presence
isn’t down.
– Hosting companies have faster internet
links.
– Problem with web site won’t affect SBS. 34

18. Remote Access - VPN
Layer 1
y Data Data
IPSEC VPN = Port 500
L2TP VPN = Port 1701
PPTP VPN = Port 1723
Encryption Encryption
Virtual Private Network
Layer 2
Layer 3
SB Server ADSL Router Remote User
Internet
35
Remote Access - VPN
36

19. Remote Access - VPN
37
Remote Access - VPN
38

20. Remote Access - VPN
39
Remote Access - VPN
40

21. Remote Access - VPN
41
Configuring VPN access
Demo
42

22. VPN considerations
Provides an unchecked tunnel into an
organization.
Can never be 100% sure that VPN
client machine is clean.
VPN only as good as password.
VPN i generally slower than other
is ll l h h
remote access methods.
Routers can also functions as VPN
endpoints. 43
Adding users
Use existing templates whenever
possible.
Possible to create additional templates.
Use consistent naming convention.
Can be changed later if needed.
Ability to add multiple users at once. 44

23. Creating users
45
Creating users
46

24. Creating users
47
Creating users
48

25. Creating users
49
Creating users
50

26. Creating users
51
Creating users
52

27. Creating users
Demo
53
Connecting workstations
2 parts
Server
– Create accounts for computers on server.
Workstation
– Establish basic workstation connectivity.
connectivity
– Browse to web page.
– Follow wizard.
– Enter details.
54
– Reboot.

28. Workstation limitations
Wizards only support Windows 2000
Pro or XP Pro.
Windows 98 does work but has major
limitations.
Can t
Can’t use passwords > 14 characters
with Windows 98.
Can connect Macintosh machines.
55
Connecting computers - Server
56

29. Connecting computers - Server
57
Connecting computers - Server
58

30. Connecting computers - Server
59
Connecting computers - Server
60

31. Connecting computers - Server
61
Connecting computers - Server
62

32. Connecting computers - Server
Demo
63
Connecting computers -
Workstation
Connect workstation to network
network.
Boot workstation.
Open browser.
Type in
http://servername/connectcomputer
Follow prompts. 64

33. Connecting computers - Workstation
65
Connecting computers - Workstation
66

34. Connecting computers - Workstation
67
Connecting computers - Workstation
68

35. Connecting computers - Workstation
69
Connecting computers - Workstation
70

36. Connecting computers - Workstation
71
Connecting computers - Workstation
72

37. Connecting computers - Workstation
73
Connecting computers - Workstation
Demo
74

38. Configuring Faxing
Need at least 1 fax modem on server
server.
Faxes are sent from desktop just like
printing to printer.
Need to determine method of
delivering faxes – printer, email, file.
Can save faxes into intranet.
75
Faxing - outbound
Fax modem
SB server Destination
Source
76

39. Faxing - inbound
Sharepoint
Printer Fax modem
E mail SB Server Source
Mailbox Store
Folder
Destination 77
Configuring faxing
78

40. Configuring faxing
79
Configuring faxing
80

41. Configuring faxing
81
Configuring faxing
82

42. Configuring faxing
83
Configuring faxing
84

43. Configuring faxing
Demo
85
Configuring Monitoring
Server can produce health reports
reports.
Server can produce usage reports.
Reports can be emailed or printed
automatically.
y
Report can be emailed externally.
Alerts can automatically be triggered
and detailed forwarded for attention.
86

44. 87
Monitoring report - ctd
88

45. Monitoring email alerts
89
Configuring Monitoring
90

46. Configuring Monitoring
91
Configuring Monitoring
92

47. Configuring Monitoring
93
Configuring Monitoring
94

48. Configuring Monitoring
95
Configuring Monitoring
96

49. Configuring Monitoring
Demo
97
Configuring Backup
SBS backup only supports tape and file
backups.
Additional programs like Arcserve and
Veritas will backup to DVD as well.
SBS backup doesn’t do SQL very well.
SBS backup only backs up entire mail
store, not individual mailboxes. 98

50. Configuring Backup
99
Configuring Backup
100

51. Configuring Backup
101
Configuring Backup
102

52. Configuring Backup
103
Configuring Backup
104

53. Configuring Backup
105
Configuring Backup
Demo
106

54. Configuring Groups
Configure security groups to secure
data.
Configure distribution groups to share
email information.
107
Configuring Groups
Demo
108

55. Configuring User
templates
Use if create users of a certain type
often.
User templates are basically disabled
users.
You can apply a template to user after
they have been created.
Applying a new template to user over
writes existing permissions.
109
Configuring User
templates
Demo
110

56. Email options
Use ISP mail server to hold emails
emails.
Retrieve them from ISP via POP3.
Send them to ISP via SMTP.
Use SBS and Exchange server to
handle emails SBS server performs
emails.
the job of sending and receiving.
111
Emails – via ISP
Internet
ADSL Router Message
SB server
Workstation ISP Mail Server
Workstation reads emails from ISP via POP3
Workstation emails saved to SBS
Workstation sends emails via ISP and SMTP
Advantages Disadvantages
-No need for static IP -User must have Outlook open to receive
-ISP can do filtering -Need to maintain individual email settings
112
-Independent collection -Can’t use OWA to send externally

57. Emails – via SBS
Internet
ADSL Router Message
Port 25 - open
SB server
Workstation
Mail sent directly to SBS from Internet
Workstation sends / receives from SBS
Advantages Disadvantages
-Emails received constantly -Must have static IP address
-Can use OWA to send/receive -Need to configure domain / MX record
113
-Can control setup from server -SBS subject to spam
Intelligent Mail Filter
Free add on to Exchange server to
automatically place spam into user junk mail
folder.
Unable to fine tune, set a tolerance level at
server.
Automatic updates of filtering now available
with Exchange Service Pack 2 + some
configuration.
Only works when SBS set to receive emails
directly from the Internet. 114

58. Intelligent Mail Filter
115
Sharepoint services
Internal web site that is at
http://companyweb/
Contains several types of items
– Document and picture libraries
– Lists
– Discussion boards
– Surveys
116

59. Companyweb
117
Sharepoint services
Document and picture libraries
– Web pages that make it easy to view
upload and organize documents.
– Can create many different document and
picture libraries.
118

60. Sharepoint services
Lists
– Web pages containing posting by network
users.
– Can create announcements, help desk,
links, vacation calendar.
119
Sharepoint services
Discussion boards
– Web pages that can poll users on the
topic of your choice.
120

61. Sharepoint
Demo
121
References
http://www.microsoft.com/windowsserver2003/sbs/techin
http://www microsoft com/windowsserver2003/sbs/techin
fo/productdoc/default.mspx - SBS Documentation
http://www.microsoft.com/windowsserver2003/sbs/evalua
tion/trial/default.mspx - SBS 2003 Trial version
http://www.microsoft.com/downloads/details.aspx?Family
ID=537ac5b3-9ac2-4667-916b-
ID=537ac5b3-9ac2-4667-916b-
99928bca9f70&DisplayLang=en – SBS 2008 Trial version
http://www.microsoft.com/windowsserver2003/sbs/techin
fo/training/handonlab/default.mspx - SBS Hands on lab
122