Outlook Web Access can be used to view or open any file in a shared folder on the servers in an office run by Small Business Server 2008.

Small Business Server 2008 improves many things about remote access to an office network. The main screen for Remote Web Workplace makes it easy to use Outlook Web Access or connect to an office computer, with nothing extraneous to confuse anyone.

Outlook Web Access in Exchange 2007 is so much improved that some people will use it instead of installing Outlook to access their Exchange mailbox. I just discovered another feature which is so good that it will figure prominently when I talk about SBS from now on.

There is a new "Documents" button in the Exchange 2007 version of Outlook Web Access.

Once it is configured, anyone can click on "Open Location" and put in the name of a shared folder in UNC format - \\ServerName\SharedFolder. The window on the right shows the name of the subfolders and files. At any point a location can be added to Favorites by clicking a button at the top. The folder names are shown at the top in a breadcrumb display to make it easy to navigate.

Most office users will be looking for files created in Word, Excel, or Acrobat. Double-clicking on a .DOC, .XLS, or .PDF file launches it in those programs, if they're installed on the remote computer.

Right-clicking on the file name provides the option to view the file in Internet Explorer or send it by email.

Documents cannot be saved directly back to the server - this is only a method to retrieve files.

This is extraordinary! I'm looking forward to introducing my SBS offices to this feature.

TECHNICAL NOTES

This feature is not enabled by default in SBS 2008; it has to be set up by opening Exchange Management Console with administrator privileges and opening Server Configuration / Client Access. Right-click on OWA and click on Properties to see the options for Remote File Servers. I was following the instructions in Eriq Oliver Neale's wonderful new book Windows Small Business Server 2008 Unleashed but found one error. When you click the Allow button, the only allowed entry is the name of the server, not the network path to a shared folder. (And don't use the FQDN for the server unless that's necessary for some reason - the presence of a period in the server name will cause it to conclude that you've designated a FQDN and you'll have to add the domain suffix in the next section of the window.)

There are a huge number of ways to tweak the behavior of various file types to prevent opening something or require the web viewer for something else. The defaults are just fine for small offices. Once I figured out what to put in the Allow dialog, it started working instantly, with the exception of the web viewer for PDF files. That's on the list of things to fix someday.

Labels: network, Office, Outlook, remote, SBS

posted by bruceb at 1/05/2009 12:05:00 AM | permalink

One glitch in the SBS 2008 migration nagged at me - it didn't make sense that the computers with the individual version of Windows Live OneCare were not reporting in to the SBS 2008 console, which tracks the security status of all the workstations on the network.

This is a sample of the new console for managing workstations in SBS 2008.

A handful of the computers running OneCare were able to get through and the server reported they were secure. I looked in vain for firewall exceptions for ports or services that were different on those.

It took a while to track it down, and in the end it wasn't the firewall after all.

Many things on a Windows Server network are controlled by "group policy," a very extensive set of rules that can be applied from the server to the workstations to control everything from network communications to your browser home page. There are thousands of settings that can be closely controlled with group policy.

Windows Server 2008 and SBS 2008 introduced hundreds of new group policy settings, but the workstations do not recognize them until new Group Policy Client Side Extensions are installed (Microsoft KB 943729). The group policy extensions are available through the Windows Update system but apparently are never offered as anything other than an optional update - ignored by OneCare and apparently ignored by WSUS, the system built into SBS 2008 to keep workstations up to date.

Sure enough, most of the computers had never installed the Group Policy Client Side Extensions. When the update was installed, the SBS 2008 console reflected their secure status about an hour later.

One more thing for the SBS migration checklist!

Labels: computers, domains, network, OneCare, SBS, security

posted by bruceb at 12/08/2008 12:06:00 AM | permalink

Let me leave a few notes behind about some of the glitches during the migration from SBS 2003 to SBS 2008. I don't have many answers but perhaps it will help someone to know that I'm able to commiserate with them. (Loyal clients - this is not aimed at you and it won't help you get your work done. I'll be back to general interest topics next week!)

As background: I was migrating an SBS 2003 server with a very basic configuration - no ISA, no use of Sharepoint, a single NIC and external firewall, and no particular pre-existing issues.

MIGRATION WIZARD

Microsoft provides a detailed guide to the migration procedure. (Have you noticed that Microsoft's documentation has been getting better and better lately? There's much less ambiguity about what to click next - each step is described in precise and accurate detail.) The guide was great.

SBS 2008 begins a migration when a USB stick with an answer file is inserted in the new server before the SBS 2008 installation starts. Several people have reported that the USB stick has to be present when the server is turned on or SBS 2008 is likely to miss it. After installation, the first and most important item on the SBS 2008 is the "migration wizard" that leads through all the steps required to be successful.

I was about two-thirds of the way through the wizard when I took a break and installed the Server 2008 updates that were waiting. When the server restarted, the migration wizard crashed with a mysterious error that proved impossible to fix. I researched it and got nowhere. I removed a couple of the updates that conceivably might have unsettled something and got nowhere.

The wizard never came back to life. Fortunately most of its steps only lead to help files that describe the process for actually accomplishing each task by going into AD or MMC consoles or the like. I think - I think - I was able to finish the migration and cover the remaining steps without the wizard. There is still room for some surprise glitch - I'm going to cross my fingers when I demote the source server.

MAIL MIGRATION

I expected the mailbox migration to be slow but was still surprised. The Exchange 2003 mailbox store was about 25Gb after I pruned and archived as much as I could from the biggest mailboxes. The mailbox move took just about ten hours.

PUBLIC FOLDERS

I had no luck moving the public folders, and didn't really expect to, given the reports I had read. That may have been the result of a pre-existing glitch on the source server - this server, like several other of my SBS 2003 servers, throws up an error message when I try to do anything to the public folders in Exchange Server Manager. I've researched that one, too; I've removed the SSL requirement from EXADMIN in IIS, and a few other things suggested in other places, to no avail. I exported the public folders to a PST and stored them for now, since public folders were not being actively used and may not need to be implemented at all on the new server.

BACKUP

The most mysterious problem involves the backup system. The firm had been using ShadowProtect to back up to an NAS and two rotated external Maxtor hard drives. The backup built into SBS 2008 looks like it will be just fine but it does not directly back up to an NAS. I connected a Maxtor drive, formatted it, and ran the backup wizard. Hmm. Error message at the very end.

Since the message says "Cannot configure backup schedule," I started trying every scheduling option - once a day, twice a day - as well as swapping in the other (identical) hard drive, and couldn't get anywhere. I couldn't find anything in the logs at all. I got the flavor that it might be caused by the server disliking the external hard drives.

I'd like to talk to the person who thought it would be helpful to write: "If this problem persists, contact the person who provides you with technical support." It made me irritable.

ShadowProtect claims that the current version will back up SBS 2008 servers. With any luck I'll be able to install that and never know the answer to this one.

PHONE PASSCODES

This isn't a glitch, just something to warn your users about. By default, Exchange 2007 enforces a new passcode requirement on Windows Mobile phones (and iPhones) syncing with the server. Users are forced to set up a four-digit password that will be tapped in every time the phone is used. I'm sympathetic to all the reasons that this is an important security measure, but I'm also sympathetic to the desire to keep my job and not be fired by the attorneys who began flipping out immediately. It's possible to turn the requirement off in Exchange Management Console / Organization Configuration / Client Access / Windows SBS Mobile Mailbox Policy, which then allows it to be turned off on the phones. The iPhone balked and refuses to relax, even after the policy was changed, which apparently is a known glitch.

SERVER CERTIFICATE

I was determined to allow my users to continue to use the familiar URL for remote access, even though it didn't match the naming scheme preferred by SBS 2008. The email domain is www.bigfirm.com, say, and my users have been reaching RWW at www.bigfirmnet.com for years. I have a GoDaddy SSL certificate for www.bigfirmnet.com and heck, I just like it. Plus I've got migrations coming up where I know it will be difficult to work with the web hosting company to set up a subdomain and MX records for the primary domain name.

The Internet address wizard insists on getting the primary address and only allowing RWW to be reached at the same address with a prefix - remote.bigfirm.com or something like it. I had to work around that by lying to the wizard that the primary domain name was bigfirmnet.com, which (in Advanced Settings) would then let www.bigfirmnet.com be the remote access address.

When that was in place, then I could set the primary email addresses back to @bigfirm.com in Exchange Manager / Organization / Hub Transport / Email address policies / Windows SBS Email Address Policy.

ONECARE

Windows Live OneCare has been a trusted friend but it does make me a little crazy sometimes. SBS 2008 expects to get feedback from each workstation about its security status and apparently OneCare isn't set up to let that happen. So far I haven't found the firewall port or other hack that will let the workstations report in, so they're all showing in the server console as "unknown." I can't even find a definitive statement that it's possible or impossible with the standalone version of OneCare. I'm not going to install OneCare for Server so I may just not get good feedback in the console until we switch to Trend Micro. I was hoping to procrastinate on that - everyone has been used to OneCare for a long time - but change happens.

DRIVE MAPPING

Drive mapping is supposed to be accomplished in Group Policy now. I was comforted that other people online said they had trouble with it, because I couldn't make a mapped drive appear on a workstation no matter what I did in Group Policy. After a fruitless half hour of researching and trying things, I put the nice simple logon script in the folder and assigned it to everybody. I feel kind of crude, but it works.

SHARED PRINTERS

Another little headache - it was easy to install 64-bit drivers for network printers and share them from the server. At least, it was easy once I stopped clicking on the "Add printer" button and getting an "Access denied" message when it tried to set up a TCP/IP port. Right-click in the Printers folder and click on Run As Administrator / Add printer - ah, that's intuitive! Sheesh.

Out at the first workstation, I was reminded forcibly that there were no 32-bit drivers around, so I downloaded the corresponding 32-bit drivers for a few of the printers (a couple of HP Laserjets and a Toshiba copier) and went to add them on the server using Additional Drivers on the Sharing tab. The server thought that was a terrible idea - it never agreed that the 32-bit drivers corresponded with the 64-bit drivers. (I read somewhere that it was known problem with some HP drivers but I had the same epxerience with the Toshiba drivers.) So I parked the 32-bit drivers where I could get to them, went back to the workstation, and browsed to the 32-bit drivers when the workstation tried to connect to the shared printer and rejected the 64-bit drivers. Nope! The workstation also didn't agree that it was a match. It was the closest match, trust me - these were the identical 32-bit and 64-bit drivers for the same model running the same PCL level.

Fortunately, we already had reason to be running a Windows XP virtual machine on the second server with Hyper-V. I've shared all the printers from there and I bet it's rock solid.

A migration is a complex project! I think it went smoothly. These are the kind of glitches that happen constantly, every day at every level. Some of them will happen to me the next time, others will come up that are brand new. It's the nature of IT today. With luck I'll bring good instincts and a lot of experience and use them both the next time I come to your office!

Labels: computers, domains, mail, Microsoft, mobile, network, OneCare, printers, SBS, security, software

posted by bruceb at 12/05/2008 12:09:00 AM | permalink

Let me give you a quick overview of the kind of issue that makes it fun to be a consultant.

When you go to a web site where any personal information is going to be exchanged, you're likely to see the web site address change from http:// to https://. The data is encrypted (has a "Secure Sockets Layer" or SSL) and is reasonably well protected against eavesdroppers. You'll see it at banking sites or almost anything involving money or payment, as well as on web sites for access to company networks and other places where data should be confidential.

When you go to http://www.wellsfargo.com/, the bank's web server presents its security certificate from a known certificate authority, a big company that has done some checking to ensure that the server actually belongs to the company whose name is on the web site. Your browser examines it and agrees that it looks authentic, then it does some cryptographic things that convince it that the certificate was really issued by the big trusted authority. When it's satisfied, it proceeds automatically to https://www.wellsfargo.com/ and shows you a happy padlock icon in the address bar.

Until recently, SSL certificates were only used by big companies: they were expensive, required annoying paperwork, and the whole process was technically difficult.

Small Business Server 2003 wanted remote users to log into its great Remote Web Workplace over a secure SSL connection but couldn't saddle small businesses with the headache of buying expensive certificates, so it used a workaround. By default an SBS 2003 server presents a "self-signed certificate." Essentially the server vouches for itself and tells your browser that it's safe and trustworthy.

That sounds a bit flaky but it worked well enough for a long time, until security concerns began to trump everything else. Business people began buying Windows Mobile phones to sync their Outlook folders over the air and for a while it was possible to convince them to accept the SBS server's self-signed certificate, but it got harder and harder to accomplish - it required finding the right tool to install the certificate on the phone and the manufacturers were nervous about giving people access to the depths of the phone's operating system to do that. Now it's almost always impossible.

Meanwhile Microsoft began to add new security warnings to Internet Explorer as part of its hardening over the last few years. Now when you go to a site with an SBS 2003 certificate, you get this ominous warning:

If you go past the scary warning to the company's RWW site, you get the unhappy red IE address bar instead of the happy padlock:

Fortunately, a few companies began offering inexpensive SSL certificates with a minimum of fuss. GoDaddy.com offers SSL certificates for only thirty dollars per year that are accepted by most computers, phones and other devices. SBS consultants began to work out elaborate documentation for installing them on SBS servers. Many consultants made it a standard part of setting up a server running SBS 2003.

SBS 2008 still begins with a self-signed certificate but a wizard is included in the initial setup checklist to help purchase a third-party certificate.

The wizard wasn't helpful to me in a migration where I already had a domain name with an existing certificate. I found myself burrowing deeply into IIS and feeling my way through the process. I was successful but it took some interesting tricks to get everything to work correctly.

The experience exposed another interesting feature of Exchange 2007. If a company runs the web site http://www.bigfirm.com/, it can set up http://remote.bigfirm.com/ as a subdomain that leads to their internal company network. Set the company's MX record for incoming mail to http://remote.bigfirm.com/ and give that address to the business people for remote access. SBS 2008 has wizards to help get the domain names registered and set up in Exchange.

Then if a business person goes home and sets up Outlook 2007 for an Exchange Server at http://remote.bigfirm.com/, Outlook will configure itself automatically with the settings to connect over the Internet to Exchange Server at the office. It's not necessary in that case to configure the deep proxy settings that have been required until now to set up Outlook for RPC over HTTP. Microsoft thinks the technology is so cool that it blessed it with a new brand name, "Outlook Anywhere." (SBS 2008 does some of the magic to accomplish that, thank goodness - otherwise it requires deep surgery in ADSIEDIT and the Exchange command line console.)

That works fine, I'm sure, but I used a different naming scheme when I bought domain names for all my SBS clients for their remote access. SBS 2008 does not like that arrangement one little bit. And it's only easy to set up a subdomain and manipulate MX records if you have full DNS control over the ISP for http://www.bigfirm.com/. A small business will frequently have set up their web site with small hosting companies and web site designers that are, shall we say, not always easy to work with.

You see what I mean, I'm sure - it's fun!

Labels: domains, IE, Internet, mail, Microsoft, mobile, Outlook, phone, remote, SBS, security

posted by bruceb at 12/03/2008 12:46:00 AM | permalink

More notes on the new release of Small Business Server 2008.

Small businesses have more options than ever before as they grow to 5-10 people and begin to think about adding a server or two. Some businesses will be able to reduce costs by using a hosted mail service and only using a server onsite to share files and printers to a small group. But that won't be right for all businesses - SBS 2008 has across-the-board improvements in an already impressive product and it will still be the right choice for many offices looking to step up to a new level of technology as they grow, as well as for offices ready to migrate from an old server that's ready to retire.

Microsoft Small Business Server 2003 was the first polished release of a complex suite of products tied together with various wizards and limitations designed to make it easier to manage. It combined Windows Server 2003, Exchange Server 2003, and Sharepoint, plus ISA Server (a complex firewall manager) and SQL Server for LOB database applications.

One of the best features in SBS 2003 was a management console that brought together virtually every administrative tool that an IT person might need, from a variety of places - Microsoft Management Consoles for various network services (DNS, DHCP, Active Directory, Group Policy), Exchange System Manager, IIS, and more, plus specialized screens for easy access to all the housekeeping necessary for users, computers, monitoring, and other tasks.

The new management console in SBS 2008 does not cover as many services as the SBS 2003 console. Instead, SBS 2008 requires far more use of the individual administrative tools built into Windows Server 2008. The SBS Console is, however, deceptively simple - it was the center of most of my setup chores and will cover 95% of the day-to-day network administration.

The redesigned consoles for Server Manager and Exchange Management Console aren't as visually pretty but they've been extensively reorganized to make them easier to use.

Make no mistake, though: although I keep talking about how easy it all is, the reality is that Small Business Server has never been easy enough for a non-technical person to set it up correctly. The IT world is getting more complex and SBS 2008 reflects that - I had to visit some very deep places indeed to accomplish a pretty straightforward migration.

Labels: Microsoft, network, SBS

posted by bruceb at 12/02/2008 12:05:00 AM | permalink

I spent the weekend migrating a 20-person law firm to new servers running Microsoft Small Business Server 2008. If I did my job right, the first impression on Monday morning will be that very little has changed - folders with firm documents will open up, Outlook will show mailboxes full of mail, and people will get to work. (Crossing fingers. Knocking on wood.)

In the next few weeks I'll tell you about some of the things that have made a very positive impression so far. Without making a big deal about it, Microsoft has developed a consistent look for many of its screens for administrators, just like the ribbon bars that first appeared in Office 2007 and are now being used for many Microsoft programs. It's a clean, intuitive layout.

The first improvement that will really be noticeable at the law firm will be when the attorneys connect remotely to the new server. Here's a screen that will be familiar to many of you - the first screen that appears when an Small Business Server 2003 user goes to the web site for remote access. It's not bad, except that the only choice that anybody ever clicks on is Remote Web Workplace. All the rest of the words and choices are superfluous.

This is the same screen in Small Business Server 2008.

After logging on, these are the choices in SBS 2003.

There's nothing wrong with that, but again, only two things matter - access to Outlook, and remote access to an office computer. The rest rarely matters to anyone trying to get their work done. Here's the same screen in SBS 2008.

The same design choices carry through to all the screens that I will see as the administrator. There are a lot of new places for me to look for things and a lot of new things to learn, but the design changes will hopefully make it easier to absorb.

Labels: Microsoft, network, SBS

posted by bruceb at 12/01/2008 01:35:00 AM | permalink

I'm posting a bit slowly this week. Small Business Server 2008 was released on November 12 and I'm getting ready for my first migration of an existing SBS 2003 server to the new platform - trying to learn the quirks ahead of time and getting my first glimpse of the server software. I'll be telling you more about what to expect but one thing jumps out already: Outlook Web Access is a beautiful thing with Exchange Server 2007. It's fast and elegant and works just like Outlook 2007. (You'd have the same experience with Microsoft Online Services.)

Testing involves a few other tricks that are new to me. I've got a big server running behind me that's running Windows Server 2008, the latest server software from Microsoft. An interesting fact: roughly 99% of the code is identical between Windows Vista and Windows Server 2008. Literally 99% - that's a figure from Mark Minasi, who gets accurate information about things like that.

Windows Server 2008 has a feature named "Hyper-V," software that lets the server host "virtual computers" - computers that believe they're running Windows XP or Vista or server software, say, and are completely convinced that they're doing it in a metal box that belongs to them. They have no knowledge that they only exist as files being run by some other computer.

So I've got a copy of my own SBS server running in a virtual session on a different server, and I'm doing all kinds of irreversible things to it while I test the migration to SBS 2008, secure in the knowledge that my real server - the metal box - is sitting over on the other side of the room completely untouched by all of it.

It's an interesting and mindbending world. I'll have more to tell you when I'm swimming in shallower waters.

Labels: computers, SBS

posted by bruceb at 11/25/2008 01:21:00 AM | permalink

That rumbling you feel is a seismic shift in the field of security software. This will affect every single one of you and cause major changes in the entire industry.

Microsoft announced today that it will deliver free antivirus and anti-spyware software for all Windows computers, beginning in the second half of 2009.

Windows Live OneCare will be phased out and it will no longer be sold after June 30, 2009.

From the press release:

"Code-named "Morro," this streamlined solution will be available in the second half of 2009 and will provide comprehensive protection from malware including viruses, spyware, rootkits and trojans. This new solution, to be offered at no charge to consumers, will be architected for a smaller footprint that will use fewer computing resources, making it ideal for low-bandwidth scenarios or less powerful PCs. As part of Microsoft's move to focus on this simplified offering, the company also announced today that it will discontinue retail sales of its Windows Live OneCare subscription service effective June 30, 2009."

Here's the Microsoft press release, and the post on the OneCare blog. There are a few more details in this interview with Microsoft's senior director of product management.

As far as I know, this is completely unexpected. No one seems to have had a clue it was coming. There have been rumors about an imminent new version of Windows Live OneCare; now there's no word whether it will ever be seen. When Microsoft officially released Small Business Server 2008 last week, one of its features was a new product, Windows Live OneCare for Server, and central management for up to 25 workstations running OneCare. To me, that was one of the compelling features of the new SBS, but it is now dead on arrival; it should not be installed and will not be supported after June 30, 2009.

I can easily imagine that Microsoft is frustrated. Windows is frequently blamed for the onslaught of viruses and malware but computer users around the world have resisted buying subscriptions to security software for a variety of reasons: they can't afford it; they don't understand that it's necessary; they don't keep it current or they never activate an expired trial subscription; or their computers are underpowered for the security suites that are currently available. It's a particular problem outside the United States, where the percentage of unprotected computers is much higher. The press release suggests that Microsoft particularly wants to provide protection for emerging markets and the new low-powered netbooks and OLBCs.

Microsoft claims that it will deliver new software (not a repackaged version of OneCare) which includes only the security protection, with the simplest, least intrusive, and smallest footprint possible. It will not be automatically included with every copy of Windows but it will be free and presumably so easy to obtain that it might as well be built-in.

I assumed that Microsoft had not done this up to now because it would be attacked as "anticompetitive" by the other security software companies. Apparently Microsoft thinks it can avoid those claims - or who knows, maybe it thinks it's the right thing to do and is willing to see how it plays out. Norton, McAfee and the rest will have to adapt - maybe by criticizing Microsoft's software, maybe by adding value to it with other features, maybe by exiting the field and finding something else to do.

ONECARE SUBSCRIBERS: Do not let your subscriptions lapse! OneCare will be fully supported and updated through June 30, 2009 and we will have much more information before then about our options. If your subscription expires on April 30 and you have to pay $49.99 for two months of updates, I'm going to insist that you renew without hesitation. I don't want anyone running a PC without current anti-malware protection - this is not an excuse to procrastinate!

COMPUTER BUYERS: If you buy a new computer, get it protected! If you have to pay $49.99 for OneCare and you don't get a full year out of it, so it goes. You'll get three months or six months or eight months, and that's just fine. Or get another product, I don't care. As long as your security, backup and update needs are covered, I don't care - but this is not an excuse to procrastinate.

[Update 11/20: It's likely that Microsoft will keep OneCare updated for the entire subscription term. See this post and watch for more information to follow.]

A few more points:

Microsoft Equipt was the ill-fated subscription package bundling OneCare with Microsoft Office 2007 Home and Student Edition, sold only through Circuit City. Microsoft never committed to it, Circuit City is defunct, and Equipt is being withdrawn from the market.

How could this major decision be made with so little notice that it kills a key feature of a major product launched last week? Is the SBS team angry, embarrassed, or resigned?

OneCare includes features that its users depend on - printer sharing, backups, system maintenance, attention to Windows and other Microsoft updates, control over the firewall, and control over startup programs. Everything that needs attention is reported by a single icon, and necessary actions are described in a consistent interface. If OneCare is discontinued, will something else be developed to provide those functions? Don't tell me that products from third parties will take over - I'll cry, really I will.

Will the new software run on servers? Small businesses really need easy software to protect servers and provide centralized security management. The choices now are difficult and expensive.

This is a remarkable change that will affect all of us. I hope it's for the better but boy, are there a lot of questions left to be answered. More to come!

Labels: computers, Microsoft, OneCare, SBS, security, software, Vista, WinXP

posted by bruceb at 11/19/2008 12:05:00 AM | permalink

I am happy to announce that Microsoft formally unveiled Microsoft Online Services today.

I am a Microsoft partner authorized to sell and support Microsoft Online Services. I expect to set up many of my clients with Exchange Online for their mail. If you're interested, please call me or drop me a note! I do not need to be in your geographic area to assist you with this.

This is the first big step by Microsoft to deliver online services directly to customers, part of its effort to redefine the entire company and move some of your data to the online cloud. I've already written up the background information you need to understand Microsoft Online Services - click here for information about where this comes from and how it fits in your world.

Basically, each Outlook mailbox is hosted by Microsoft for a monthly fee. (An Outlook "mailbox" is the term for the entire set of Outlook folders, including contacts, tasks and calendar.) The hosted Exchange service allows you to connect to your Outlook folders in a variety of ways:

• MULTIPLE COMPUTERS  The same Outlook folders can be displayed on multiple computers at multiple locations. You can use your Outlook folders seamlessly from a desktop computer at the office, a desktop computer at home, and a notebook computer on the road, and Outlook is always up to date at all locations.
• MULTIPLE LOCATIONS  Office workers can be linked together and share Outlook folders even if they are in different offices.
• WEBMAIL  Outlook folders can be accessed online through Outlook Web Access - full access to all Outlook folders presented in Internet Explorer, like other webmail services.
• PHONE  Windows Mobile 6 devices can sync email, calendar, and contacts over the air continuously.
• SHARING  Calendars and address lists can be shared with other people in the office.
• SECURITY  Microsoft provides virus and spam filtering.
• REDUCED COSTS  Microsoft is responsible for backups, database maintenance, security updates, and upgrades.

Microsoft has put together a very robust service that will be used by businesses of all sizes, including big enterprises that want to outsource their mail. It is best suited for small businesses if they fit within these parameters:

• The company has a domain name for mail, or wants to begin using one.
• There are a minimum of five email users.
• All computers are running Windows XP Professional or Windows Vista Business (or Ultimate), and all computers have Microsoft Outlook 2007 (or are prepared to buy it).
• The company is not set up with Small Business Server, which already includes Exchange Server. (It's possible to combine service from Microsoft with the onsite Small Business Server but I'm not sure the benefit would justify the cost for very small businesses.)
• In addition to the $10/month cost per mailbox, there will be some setup costs. You don't want to set this service up without assistance! As with anything new these days, I'm learning about hundreds of quirks and potential pitfalls as I set up clients. Call me before you sign up!

Here's Microsoft's press release about the new services, which include Sharepoint and other online services.

Other companies also offer hosted Exchange mailboxes which might be better matches for some people. I'll write more about those soon. Start to think about the advantages of having access to your Outlook folders from anywhere!

Labels: business, mail, Microsoft, mobile, Outlook, SBS, web_services

posted by bruceb at 11/18/2008 12:05:00 AM | permalink

Microsoft rushed out a critical security update today that should be installed without delay on every Windows computer. It will have been installed overnight on Wednesday on many computers.

Please make sure this update is installed on your computer!

If you use Windows Live OneCare and it is green on Thursday, the patch was installed.

Otherwise, please check your computer! Go to Windows Update and check for updates. If any critical updates are listed, install them.

This is discussed in Microsoft Security Bulletin MS08-067 ("Vulnerability in Server Service Could Allow Remote Code Execution (958644)").

Apparently a vulnerability was privately reported to Microsoft, which realized it was "wormable" - capable of propagating across multiple computers very quickly. There was already evidence that it was being exploited in the real world, raising the spectre of a global attack like the SQL Slammer Worm that had a devastating impact in 2003.

The security problem, and the patch, apply to virtually every version of Windows. I'll be patching servers tonight. It may not be a direct threat to many of you but it's difficult to evaluate that, since details of the exploit are not being published for obvious reasons. As near as I can tell, it does not get through firewalls but once it's inside a network it can spread to any unpatched system with printer sharing turned on, which is virtually every computer.

Windows Live OneCare was updated to stop the exploit this morning, and I assume the other security vendors have issued updates as well. But don't count on security software - get the patch installed!

Labels: SBS, security, Vista, WinXP

posted by bruceb at 10/23/2008 09:45:00 PM | permalink

Microsoft Small Business Server 2008 will be released on November 12. Veterans of SBS 2003 are finding many things to like in the new version; I'll have more to say about it in the next few weeks. Here's an early look at the features and changes in SBS 2008.

At about the same time, Windows Live OneCare will be upgraded to version 3. If you already use OneCare, the new version will presumably be sent to you automatically, it will restart your computer, and it will cause enough glitches that I'll be busy on the phone for a few days. I don't have any details about the new version yet but I'll keep you posted about what to expect.

(Loyal OneCare users - I've spent some time in the last few days with the latest security suites from Symantec/Norton, ZoneAlarm, and TrendMicro. Trust me - OneCare is the very model of decorum and politeness and looks angelic by comparison.)

The big news for Windows Live OneCare is the addition of Windows Live OneCare for Server, which will be included with SBS 2008 as an optional choice for security. The new server product will provide simple virus and malware protection, which in itself is a welcome addition for small businesses.

But apparently it will also allow up to 25 workstations to be managed centrally and covered by a single OneCare license, which is good news indeed! I've needed better monitoring and management for my clients' computers. It also allows the data on the workstations to be backed up centrally, which might be sufficient to protect the Outlook .PST archives that are piling up everywhere. Here's some info about the new server product.

Pricing is pretty reasonable:

• OneCare for server only: $189.95/year
• OneCare for server plus a "site license" (apparently up to 25 workstations): $399.95/year.

There is a big caveat, though - OneCare for Server will only work with SBS 2008. I can't install it on my clients' existing SBS 2003 networks.

In my mind, this is a big selling point for an upgrade to SBS 2008 as we replace aging SBS 2003 servers!

Labels: domains, network, OneCare, SBS, security

posted by bruceb at 10/23/2008 12:37:00 AM | permalink

Access everywhere! Lots of interesting services are being set up to make it easy for you to have access to files, folders, photos, and computers from anywhere, whether it's working on an office computer from home or bringing up pictures from your home computer on a mobile phone.

The latest entry comes from Dell, strangely enough. Dell just introduced Dell Remote Access, a ten dollar per month service for a number of tasks loosely related to "remote access." It's designed to be extremely easy to use. You'll install some software on the computer to be controlled; the software will run continuously and periodically check in with Dell Server Central Command. Then when you go to my.dellremoteaccess.com and log in, you can control your computer remotely as if you're sitting in front of it. That's not all, though! You can stream music and photos to your remote device or upload files to the computer running the Dell software. Plus one more interesting feature that I haven't seen before - you can send a link to someone by email that gives them an encrypted connection to a folder on your computer, so they can look at pictures, say, with very little fuss.

Here are a couple of places where people say nice things about the new service. The people saying those nice things work for Dell. Haven't seen much feedback from the real world yet.

That's pretty cool stuff, and you might want to try it, but I'd offer two thoughts before you jump in.

This is an increasingly crowded field. You have alternatives to choose from at a range of prices, with simple or difficult interfaces, and with similar or different features. You can jump into whichever one gets your attention first - just be aware that's what you're doing. LogMeIn will let you run its software and connect remotely to a single computer for free; its paid subscription adds very easy file transfers and the ability to email a link to a single file on your computer. GoToMyPC is slightly more expensive and aimed more at business users. Windows Live Mesh is a free service from Microsoft that will let you connect remotely to a number of computers, along with file and folder sharing and syncing and more to come; it's a little complicated to get started but might be worth the learning curve for its extra capabilities. Windows Home Server sets up remote access and photo sharing along with its file storage and backup features. Businesses running Microsoft Small Business Server already have remote access to their office computers using Remote Web Workplace.

Which leads to a point that gets more important all the time. A new program or service requires a commitment! Do not install programs or sign up for services on a whim! Each program will require time to learn its features and its quirks; it will require periodic attention to keep it up to date when security issues inevitably appear; if it's a good choice, it will require time to figure out where it fits in your life or your business. You'll likely have another web page address to memorize and another login name and password to add to the notes you can never find when you need them.

There are exciting new services out there! Choose them wisely and stick with the ones you choose so you can make them work for you. If you flit from one new thing to another, installing programs and abandoning them quickly,  you'll wind up talking to me about why your computer is slow and programs are crashing. You'll be depressed when I click on your Start menu and nod my head sadly and give you an economics lesson in the cost of cleanup versus the cost of a new computer.

With that in mind, get connected remotely! You don't have to leave computers behind any more.

Labels: computers, Internet, Microsoft, mobile, phone, photos, remote, SBS, software, web_services

posted by bruceb at 10/21/2008 01:36:00 AM | permalink

T-Mobile introduced the first cell phone based on Google's Android operating system to much fanfare a few days ago. Although Android has some interesting features and much promise, I don't expect to see anyone holding the T-Mobile G1 in Sonoma County for a while, since T-Mobile is a fringe player with limited coverage up here (and certainly no connection anywhere nearby to its high speed 3G data network).

Android is a work in progress; comparisons to the iPhone are inevitable and at the moment Android comes up a bit short, but it's early to make any decisions. In this first iteration, Android is tied in very closely to Google's online mail, calendar and contact services, which are fully integrated and reportedly work smoothly. It's not as smooth for everyone else, since the integration is thin or nonexistent for other sources of mail and there is essentially no support for other calendar/contact programs.

In particular, businesses should be aware that there is no support for ActiveSync, the software that connects a mobile device to an Exchange Server. A Google Android phone is not currently a good choice for an office using Small Business Server. It's the same situation that an SBS user faces with a Blackberry - a solution for email can be cobbled together from forwarded messages and BCCs and the like, but it is clearly a kludge compared to the true integration provided by a Windows Mobile phone or an iPhone running ActiveSync. (It bears repeating that using an iPhone with ActiveSync causes it to suck battery power so fast it actually makes slurping noises.)

There's one other design decision for the T-Mobile device that has caused a fuss - instead of a standard headphone connector, they chose an oddball, mostly proprietary "ExtUSB" headphone connector that requires a weird dongle for every kind of headphone or earbud except the terrible earbuds that come with the phone. No one knows why but everybody hates it.

Somebody - Google or a third party - will likely make the financial arrangements with Microsoft and write an ActiveSync connector for Android, and the other carriers will be releasing their own Android devices with different hardware designs. We'll talk more about it then.

Labels: Apple, audio, Google, mail, mobile, phone, SBS

posted by bruceb at 9/29/2008 12:05:00 PM | permalink

Small Business Server 2008 is nearly here! The final code was released to manufacturing yesterday. I wrote an overview of SBS 2008 last month.

Here's an exhaustive rundown of the specific differences between Small Business 2003 and Small Business 2008 - not the marketing materials but the nuts and bolts details for SBS specialists and consultants. There are some things on there that are very appealing - they're directly addressing many of the quirks in SBS 2003 that deserved attention. I'm looking forward to getting my hands on the final product!

Labels: SBS

posted by bruceb at 8/22/2008 01:23:00 AM | permalink

Tough week! Here are the kind of things that fill my days. And bear in mind, these are all stories about software and services that I love dearly - this is the good stuff, these are what I recommend because they're better than the rest!

Client with hosted Exchange mailbox at 1and1.com. Mailbox doesn't connect this morning, so no incoming or outgoing mail. Try it from a different computer, try Outlook Web Access - nothing works. Call tech support in India and get through without delay. "Very sorry! That server is down. The experts are working on it." Any idea when it will come back? "No, I'm sorry. But the experts are working on it." It's been down a day and a half now, still no word.

Putting Jungle Disk on a Windows Home Server for online backups. The process to sign up for Amazon's online storage system is not completely straightforward but I've done it before, I know about the "Access Key ID" and the "Secret Access Key," so I'm in business in short order, except the Jungle Disk software delivers an error message, error 403, "NotSignedUp." There are a few dozen lines of gibberish in the detailed error message but it's clear that Amazon doesn't think the service is set up correctly yet. Log in to the Amazon Web Services portal and there's a message about problems with payment for the account - payment that was set up on an Amazon credit card. Hmm. Spent half an hour wrestling with payment options, putting in one good credit card after another and getting more error messages about payment problems, and just about gave up - I was actually drafting the note to the client about the failure when Amazon showed the service was working just fine, thanks, even though I hadn't actually changed anything for a while. Jungle Disk started doing a backup. What was that about?

Setting up Live Mesh to transfer large files between people working in several locations. Installed it on the client's desktop and laptop, created a folder, it started syncing all over the place, everything was automatic and swell, great stuff! Set up Windows Live IDs for three employees, shared a Live Mesh folder with employee number 1, went to that employee's computer and clicked on the invitation to Live Mesh that appeared promptly in the mailbox. Web site pops up inviting me to "Connect," then "Sign In," then displays a message that Live Mesh is only available in the US and they're happy to put me on a waiting list when it's offered in my country. I looked around. It looked a lot like the US where I was standing. I poked around in the Live Mesh forums and found a suggestion that the Windows Live ID account information needed to be updated with the correct country information so I went over there and found it was completely hosed - no matter how many times I picked "United States" and clicked Apply, the front page would stubbornly complain that no country had been chosen. I could change it to the Virgin Islands - that worked fine! It was only the US that it ignored. I dropped it, wrote off the hour that had been spent fussing with it, went back a couple of hours later, and everything worked right away, Live Mesh installed immediately, no issues at all.

Client with a SonicWall firewall/router and a Small Business Server that hadn't been set up to use Remote Web Workplace or the other features that make SBS so lovable. There were a few odd networking settings on the SonicWall but nothing alarming. I set up port forwarding on the ports that make SBS do its tricks (80, 443, 4125) and bang! the network went down, all Internet traffic stopped, the workstations couldn't connect to the server, couldn't browse or ping anywhere. Spent an hour and a half backing out of anything that I might conceivably have touched, nearly gave a credit card number to SonicWall tech support, when it came back up. Two days later I set up port forwarding in what I swear was exactly the same way and it works like a charm. I still don't have any idea what that was about, but it scared the hell out of me.

Tried to buy licenses online for StorageCraft's remarkable backup program, ShadowProtect. Everything went perfectly, right up until the final "Finish" button when I was told that the billing address for the credit card didn't match the information on file at the bank. Just for fun, I tried three different credit cards at two different addresses - all of them plausible choices, not trying to pull anything. Same message each time. (Just for fun, I logged in to my bank's web site and confirmed that there were six or eight "pending" charges showing on the various cards. They went away eventually.) Couple of days later, went back and the transaction went through immediately. (And this story doesn't really count, because after I dropped them a note that night, the company immediately put me in touch with a reseller who would have sold me the licenses, then had one of the company's business manager follow up with a phone call to make sure the problem was resolved. Nice folks, great software, great support.)

Set up Netgear Rangemax USB wireless adapters on three workstations. Windows XP doesn't have any builtin drivers so the CD is required, and the CD doesn't have the drivers stored separately - the Netgear software has to be installed, which of course demands to take over control of the wireless settings from the perfectly adequate Windows XP wireless controls. The next morning, no one can get online, all the networking is mucked up, I have to travel onsite and get the stupid Netgear software to stop popping up with its incomprehensible dials and control panels and graphs. I couldn't find any way to get the Netgear software to hand control back to Windows - that required removing and reinstalling the software to get the startup dialog to appear again so I could check the box telling the Netgear software to get out of the way. Once I did that, the connections were immediately rock solid.

And so it goes. This is the good guys, the cream of the crop - I've also had battles with spyware and rootkits and the rest. Some weeks are more tiring than others. Back to the news soon, I promise!

Labels: backup, computers, file_sharing, hardware, Home_Server, mail, network, SBS, software, web_services

posted by bruceb at 8/21/2008 01:15:00 AM | permalink

ActiveSync is the technology from Microsoft that connects a mobile device to Exchange Server. For businesses running Small Business Server, it is ActiveSync that makes a Windows Mobile-based device so compelling - over the air syncing of Outlook mail, calendar & contacts.

Apple licensed ActiveSync for the new generation of iPhone, making it more appealing for businesses.

Blackberry devices don't run ActiveSync and cannot connect to an Exchange Server directly. That's why I've written frequently about the difficulty of setting up a Blackberry in offices running Small Business Server.

This web site announces a third party plugin for Blackberry devices that uses ActiveSync to sync with Exchange Servers, claiming it will be available this month.

That would be great! It's been overdue for a long time.

Will it work? Is this company for real? Will it suck the battery dry like ActiveSync does on the iPhone? Will it void the warranty on the Blackberry? Stay tuned. No one knows.

Labels: mobile, Outlook, phone, SBS

posted by bruceb at 8/06/2008 12:01:00 AM | permalink

Let me tell you a scary story.

When we plan our backups, the idea is to have a duplicate copy of our data on something separate from where it is normally stored and used. In theory, it is unlikely that both sources will fail simultaneously.

Even very small businesses would be devastated by a loss of data or an extended network outage. On Monday I had a simultaneous failure of a server and the primary backup device. We were dealing with the potential loss of a lot of data and a long outage indeed.

The firm will live on because there was a secondary backup device.

The moral of the story is: if your data is business critical, pay attention to your backups and use more than one device to hold them.

Fortunately the call this Monday morning does not happen frequently. The server running Small Business Server 2003 in a small law office was not responding.

• The firm's Internet connection runs through a second network card in the server, so no one had Internet access. (That used to be the preferred way to set up Small Business Server. The proliferation of inexpensive firewall devices has changed that and SBS 2008 will not support that setup; instead it will assume that small businesses have a SonicWall or Snapgear firewall/router or something like it.)
• Firm documents were completely inaccessible. Individual My Documents folders could be opened (they're stored on the server but a local copy is stored on the individual workstations using "Offline Files") but they're rarely used - everything important is in the shared "Company" folder.
• Outlook is running in cached mode so all copies could be opened, but of course no mail could be sent or received.
• Specialized programs run from the server were unavailable - Abacus, Timeslips.

A very bad thing.

The server is aging and a little underpowered, running on a single IDE hard drive. The symptoms made me think that the hard drive had failed. I got a replacement and stood ready to restore the server from the backup image.

I could not open the file folder where the backups were stored.

The primary backup device was a Buffalo Terastation Pro II, less than a year old. I've set up several of them, I use one myself - 1Gb network attached storage, with four 250Gb hard drives running in a RAID5 array, meaning if any one of the hard drives fails, the box continues working with no interruption other than a beep to remind you to change the bad drive.

I hooked up my notebook, set the IP address within the range being used by the Terastation - and I couldn't open the file folder on the Terastation.

I opened Internet Explorer and got a login screen to the Terastation's web interface but it would not finish loading the main screen so I could use any of the Terastation's built-in tools.

The next two hours were spent trying to talk to the Terastation - confirming IP addresses, checking firewall settings, hooking the Terastation up to my office network in case it wanted a working DHCP or WINS server, trying to do soft resets, pulling various combinations of the hard drives, and a lot of other things. At the end of that time it threw up a "Kernel error" message on its little LCD screen and nothing I did gave me any hope that it would recover. Sure, I'll call Buffalo for warranty support tomorrow but that wasn't going to help a law office that was completely down.

We had also been doing backups to external hard drives on Thursday night, and swapping between two external USB hard drives every Friday.

I was able to use the external hard drive to restore the server to life as of Thursday night at midnight. Documents created or edited on Friday are lost but Outlook is completely up to date - all changes on Friday were synced from the offline copies, and Exchange Defender delivered all mail that arrived while the server was down.

Do you appreciate why I was sweating? If we hadn't had that second backup device, we'd have been left staring at each other with nothing to do but sharpen knives - seppuku in my case, murder in my client's case.

I've got some Small Business Server clients that are not currently using two different backup devices. I'll be contacting them to urge them to buy more external hard drives or an NAS or whatever will provide extra redundancy.

If you've got a single external hard drive for your computer, get another one and rotate them.

If you're backing up onto CDs, buy an external hard drive and start using it for backups - and occasionally keep backing up onto the CDs!

Look into online backups, but also use a local device.

Backup backup backup! I hate losing data!

My guess is that the hard drives in the Terastation are just fine and the failure is deeper in the hardware. (The Terastation was working at least until Friday night. There was no indication of a power surge or something else that took out both the server and the Terastation. This is a very weird coincidence.) A Google search turns up lots of complaints about the Terastation. I take that with a grain of salt because every device has generated a score of complaints that could be turned up in a Google search.

There is a part of this story that is full of magic and light and goodness. The software used by this client is StorageCraft ShadowProtect, and it is just swell. I'll tell you about it someday.

Labels: backup, computers, hardware, network, SBS

posted by bruceb at 8/05/2008 01:40:00 AM | permalink

On the assumption that my choices are endlessly fascinating to an ever-growing number of people - really, really bored people - I've added a page with details about the hardware and software that I use here at the high-tech headquarters of bruceb consulting. I'll try to keep it up to date. Heck, my computers are happy - you could do worse than follow my example in precise detail.

Click here for all the prurient details!

Labels: audio, backup, broadband, bruceb, computers, file_sharing, hardware, mobile, phone, photos, printers, SBS, security, software, video, web_services

posted by bruceb at 7/30/2008 01:02:00 AM | permalink

Windows Search 4 was released last month as an upgrade to Windows Search 3.01 (Windows XP) and the built-in search capability in Windows Vista. It is an important upgrade for every Windows user; it will be pushed through the Windows Update system soon. Here's more information about Windows Search 4.

For the first time, Windows Search 4 can be installed on servers running Windows Server 2003 or Windows Home Server. This gives businesses an important new tool for finding information but there is one new trick to learn.

Many offices with Small Business Server have almost all important business files in a shared folder on the server, which is mapped to a drive letter and is universally referred to by its letter - "The file is stored on the N: drive." Normal people in small businesses don't have to be aware that the file is really in something like \\sbsserver\Company.

When the server is running Windows Search 4, it compiles an index of the business files. When a user with Windows Search 4 searches for something in the shared folder on the server, the server does the work of searching its index and providing the results. The search is completed nearly instantly and it is consistent for all users.

(The underlying technology is referred to as "remote query" or "remote index discovery." A computer with Windows Search 4 responds to a search query from a remote computer by consulting its own index and sending the search results. This works between any computers with Windows Search 4, not just searches on a server - a Vista computer can do a remote query on a shared folder on another Vista computer, etc.)

This is a significant improvement over Windows Search 3.01, which required each individual computer to compile an index of the files on the server. That created a lot of network traffic and search results were uneven - there was always a question of whether an individual computer's index was up to date or complete.

Note the requirement for this to work: Windows Search 4 must be installed on the server and on the workstations. As far as I know, the only way to tell if it has been installed is to look in Add/Remove Programs.

Putting this to use requires a simple technique for searches.

HOW TO USE WINDOWS SEARCH

SEARCHING OUTLOOK AND FILES ON YOUR COMPUTER

Use the toolbar by the clock (Windows XP) or the search bar above the Start button (Vista) to search files stored on your own computer and everything in Outlook.

SEARCHING FILES ON THE SERVER - WINDOWS XP

Open the folder with the business files. (Example: open My Computer and click on the N: drive.)

Click the Search button and do the search from Windows Search on the left.

SEARCHING FILES ON THE SERVER - VISTA

Open the folder with the business files. (Example: open Computer and click on the N: drive.)

Use the Search bar in the upper right corner of the window.

As far as I know, there is no way to do a single search that covers Outlook and files in a shared folder.

Now go find something interesting!

Labels: network, Outlook, SBS, search, software, Vista, WinXP

posted by bruceb at 7/28/2008 01:43:00 AM | permalink

Two weeks ago, Microsoft announced new services that might drastically change the email technology used by small businesses. Let me give you some background, then give you some information about Microsoft Online Services - a way for a small business to have its Outlook folders stored online by Microsoft.

Companies running Exchange Server for Outlook reap tremendous benefits. For example:

• The same Outlook folders can be displayed on multiple computers at multiple locations. You can use your Outlook folders seamlessly from a desktop computer at the office, a desktop computer at home, and a notebook computer on the road, and Outlook is always up to date at all locations.
• Calendars and address lists can be shared.
• Outlook folders can be accessed online through Outlook Web Access - full access to all Outlook folders presented in Internet Explorer, like other webmail services.
• Windows Mobile devices can sync over the air.

It's a rich environment.

Traditionally that has required a small business to run its own Exchange Server (included with the Small Business Server suite). A small business does not strain Exchange Server, which is remarkably robust and frequently troublefree, but make no mistake - it is fiercely complex and problems can happen. I dive for the phone to pay Microsoft for support when there's a problem with an Exchange database.

Microsoft developed a community of partners - big companies offering "hosted Exchange" mailboxes. A small business would pay a monthly fee to the big company to have the Exchange database stored online for all the business users. Outlook works completely smoothly with that arrangement; for the users, there's literally no difference between that setup and having the Exchange Server down the hall. The responsibility for backups, database maintenance, security updates, and upgrades is shifted to the big company.

Until recently, small companies mostly stayed away from hosted Exchange accounts. The big companies were unfamiliar (heck, the whole concept was unfamiliar), and the prices were just high enough to dissuade business owners from moving away from traditional standalone copies of Outlook. (I set up several people with individual hosted Exchange accounts, offered by 1and1.com, but even those were tough because people weren't familiar with the concept.)

Two weeks ago Microsoft announced the details of Microsoft Online Services. Microsoft is bypassing its partners and offering hosted Exchange services directly. Pricing is still not cheap - $10 per user per month for 1Gb of mailbox storage space, with more space available at a cost for oversized mailboxes. But it comes with Microsoft's name behind it and it comes at a time when people are being bombarded with references to storing things "in the cloud." People are becoming familiar with the idea of having important data stored online.

As always, there are a lot of details to process. You can see from the chart that there are many levels of service, and other services in addition to Exchange. I've been testing the beta and there were kinks getting things set up. It's possible to integrate this service with an existing onsite Exchange Server, and it's possible to migrate from an onsite server to the hosted service, but there will be some technical hurdles to make that work.

Meanwhile the partner community is reeling, feeling betrayed, because this puts Microsoft in the position of competing with them directly and even potentially taking customers from the partners. Microsoft has set up an elaborate commission structure to try to soothe them but there is a lot of bitterness out there. I don't think that will slow things down but be alert for yet another round of Microsoft-bashing.

This might be one of those moments that changes the standard setup of computer services for a small business. The demand is already there for universal access to email, calendar and contact lists; this responds to some very real needs being expressed by every business. I expect to be talking about this with many of my clients that do not presently have a server.

Even more interesting, there are consultants in the Small Business Server community who wonder whether this will be such a compelling alternative that they should not recommend Small Business Server 2008. It could be that a small business will have a server onsite to do nothing more than file and printer sharing, and all the other company technology will be online services.

There are changes ahead! This is another one that deserves some attention. Here's more information about the presentation of Microsoft Online Services at the Microsoft Worldwide Partner Conference in early July. There's a demo at the MOS beta site. Here's an overview of Microsoft's step into this space. It's interesting stuff!

Labels: business, mail, Microsoft, mobile, Outlook, SBS, web_services

posted by bruceb at 7/23/2008 01:52:00 AM | permalink

Small Business Server is aimed at businesses with 5-25 computers. (Its license allows it to be used for up to 75 computers but it's time to look at moving to the next step when you get above 25 or so.) It can be tempting to save a buck by having a well-meaning friend set it up instead of hiring a consultant.

Here's a story that illustrates why it's important to get someone involved that has experience with SBS. In this case, consultants were called in to look at an SBS setup done by the business owner with a little help from Dell. They discovered there were no backups, there was no security on the Internet connection leading into the server, port 3389 was open, all users were logging in with domain administrator privileges, and two out of three hard drives in the RAID array were not working. It's a recipe for a disaster that in many cases would quite literally shut the doors of a small business.

If you're considering Small Business Server, it should be set up by a specialist. When it's done right, monthly maintenance costs are minimal - but don't try to avoid that up-front cost!

Labels: