About two years ago I inherited the voluntary IT Admin role at my church. My predecessor, a Microsoft Business Partner, left behind an Active Directory infrastructure consisting of an MS2003 server, 4 XP Pro workstations, XP laptop, permanently mounted projector used for Powerpoint during services (songs, sermon outlines), Panasonic copier/printer, and all the networking peripherals connecting the whole domain together wired and wirelessly. Having training primarily in Lotus Domino Administration and Development with a little exposure to Windows infrastructure at work, it took me a while to document and fill in the missing gaps of knowledge in maintaining an AD environment. In time I implemented some needed efficiencies, like printing cheques through Quickbooks, and moving a few functions to the cloud such as the church directory, tracking donations, and generating tax receipts (see ChurchEquip.com).
My first priority was to assume the worst and put together the essentials of a disaster recovery plan. I needed to get an image of the server, all the workstations, and implement an automated backup. Apparently, backups were previously done manually and sporadically and by the time I inherited the infrastructure, there was no backup for a good year. This was scary because a church is designated by the government as a charity (this is Canada) and there are many financial regulations related to maintaining records and annual audits. If you don't comply, you risk losing your charitable status. Finding the MS ASR backup to be a rediculously ancient method of backing up (you need a floppy disk?), I imaged everything using Acronis and setup a Carbonite.com online backup.
Learning the AD infrastructure was my next challenge. There are many sensitive files related to benevolence, counseling, payroll, and donations, and there are many volunteers and roles with varying degrees of access, so its essential to have a good handle on system security. Although I found it fascinating adding many of these Windows admin skills to my toolbelt, the whole system seemed quite kludgey and non-intuitive. The whole security aspect of a Windows domain is just way more complex than it needs to be. I found it incredulous how much effort was required to determine a user's total access to their PC and all the resources on the domain. I think the "Active" in Active Directory refers to the active administrators to maintain such a system. I had a DR plan which I was not comfortable with due to its complexity. Further, being in a volunteer position with limited hours to devote to maintaining the domain and vet all the all-too-frequent OS and application patches, I was actively looking for a simple alternative. There had to be a better way.
Enter Lotus Foundations. Naturally, through the yellowverse and Lotusphere 2008, I learned about the IBM's Nitix acquisition, a Markham, Ontario company, the same city where I work. I took the 2 day training course and was amazed by both its simplicity and power. Why MS allowed their system to evolve to such a complex, non-intuitive mess that is both hard to administer and hard to recover is beyond me. I convinced the powers that be to invest in a software-only Foundations license, selling the benefits of a solid, autonomic, and easily managed infrastructure. Another church in the same denomination had previously worked with Nitix to create a case-study which helped with the credibility.
Due to other priorities and tasks, I took my sweet time writing the migration plan over several months. I filled in my gaps of knowledge considerably by purchasing a not-for-resale version of Lotus Foundations software for myself, and installing it at home (see my previous postings). Having confidence through hands-on experience at home and with confidence in IBM support who beat all other industry support satisfaction levels, I was ready to upgrade the church's domain. It really went quite smoothly. I was moving to new (used) hardware so I could just set aside the existing server keeping it intact just in case I had to revert back. In a nutshell here was the process:
- Copied all data off the old server to a USB hard drive
- Searched all the workstations for data that the users may not have saved to network drives and copied this to appropriate directories on the USB drive.
- Disjoined the workstations from the domain. I also cleaned up the workstations deleting the old user accounts, running Windows cleanup, defragging the drives, and replacing the ancient Symantec AV with Kaspersky 2009 for Internet Security.
- Server Setup: Connected the new server with Eth0 (nic) going to the hub for the LAN and Eth1 going directly to the DSL modem. Installed Lotus Foundations from CD. The software found 3 drives, two of which I raided, and the third became a hotswap backup drive. It automatically figured out the network, found the Internet, and activated the firewall isolating and protecting the entire LAN. I was up and running in 20 minutes with the RAID building silently in the background while I continued configuring. Under File services, I configured the server as the domain controller. I turned on AV, and scheduled backup.
- Added user accounts and teams (aka groups) and set appropriate access and drive mappings.
- Joined the domain from each workstation and confirmed all the appropriate drive mappings were perfect.
- Setup the other resources like Projector (static IP) as well as the network printers.
- Reset the Logmein.com remote access for the key PC's so users could continue to access workstations from home.
- Copied data back from the USB drive into the appropriate team and individual file shares.
- Testing and backup.
(Post install: Made DNS changes to enable dynamic DNS resolution between the org's Internet Domain name and IP).
All this was accomplished between 10 AM and 4 PM and I was not moving quickly either. Being my first migration, I expect if I were to do it again, I could accomplish it in half the time. The plan was the most important thing of course. I've now got a revised template I can use for other organizations that want to make the switch.
A quick side note: As everyone who has installed an OS knows, after you install, there are always patches and upgrades that need to be downloaded and applied. This can easily triple the install time for a Windows OS which seem to have a never-ending stream of updates and updates to updates. With Foundations, after installing the OS, it went out to the Internet and found a new release. Since the core Linux OS is so small (only a few hundred MB) their methodology for updates is replace, not patch. Clean, reliable, simple. The entire new OS was downloaded and installed with a single click in 10 minutes. After rebooting the server, the previous OS is available if you choose to revert to it, again with a single mouse click. How cool is that!
Additional functionality I'll be deploying over the next little while include the Domino add-on server, as well as the VMWare add-on, both included in the base price. I've also got a Quickr server I'd like to integrate somehow with the same accounts. Need to research that one.
Onward and upward.
|
Bye Bye Complex Microsoft Server. Hello Lotus Foun...
|
Finally, 6 months or so after taking the two day Lotus Foundations workshop and purchasing an NFR (not for resale) server software package for business partners, I got the incentive to deploy my first home server. Why a home server? Well, besides getting experience which I'll use in time to actually make money selling this technology (along with my Domino Applications of course), I have some very real needs at home for a server. My needs are not that much different than a typical SMB. Let's look at my starting point. I think my current situation is very typical: Two PC's in a workgroup, plus my work laptop which I connect to the wireless router when I am home. Before my 4 kids became computer savvy, I had just the one computer and kept all my important files on it (pictures, accounting records, email archives, MP3's, etc.). Life would have been simple except I'm a paranoid freak about backup, always have been. My backup media has gone from floppies, to QIC tape drives, to Iomega ZIP, to external USB drives and now, since life is too busy, I landed on using an online backup service from Carbonite.com for the past 2 years. But with 70+ GB of personal data and growing, plus the extra workstation and anticipation of more coming within the next year (netbooks for the kids? Don't tell them), I just dread the thought of a mega-long restoration and bandwidth issues I'll experience if/when my main hard drive dies and I have to restore from the cloud. In addition to my backup/restore concerns, we also need a much more disciplined process to keep the files for each kid, my wife and I separate. Beyond that, what a pain it is to manage passwords on two or more computers without central management. So, I figured its time to do it right and have a central server to manage all that. I have the know how, let's do it. Lotus Foundations as a package meets all my requirement for the perfect home server...not just for SMB's. I can't think of an easier system to deal with. Will I install the Start components (Domino/Notes) or the VMWare goodies? Probably eventually. But first things first. I need to get a system up and running, create user accounts, move my files over, and ensure backup is running.
So off I went last Saturday to my local computer store within walking distance and I found a nice duo core system for $429.99. Its not the latest, greatest, but more than meets my needs. I won't detail the specs here because that's all relative to your personal needs and economic priorities. It was bundled with Windows Vista Home so my first question to the sales guy was how much can you knock off if I don't need Windows. I got $80 off, more than I was expecting. Wow! 20% off! I felt like a rebel. My receipt clearly states "NO WINDOWS - less $80". I showed that around at work proudly.
The store had to build my system, possibly due to my no-Windows request and I brought it home yesterday. This AM I burned a new Lotus Foundation CD and popped it in. Within 20 minutes I was up and running. But then I thought, "Hey, let's go all the way and get a second hard drive and RAID it". Why be just safe, when I can be paranoid safe? So back to the store I went again and bought 2 more identical SATA drives plus one external drive housing. My plan is to use the second drive as a mirrored RAID and the third drive, in the external housing, as my iDB backup drive. The external drive has both USB 2.0 and eSata connectors. Nice! This is my first computer with SATA and wow, what a difference that makes for ease of installation. Snap it it, turn it on and its online.
Once I booted up again, Lotus Foundations saw the new drive and asked me if I want to use it as my iDB backup drive or add it to the RAID. I chose RAID and that's where we're at right now. Foundations is spreading the data from my original install across both drives. I'm not sure how long this is going to take...seems like it might take a few hours based on the 10 minutes it took to get to 4%, but the ease of setup more than compensates.
More to come...
Update: 30 Day Lotus Foundations Trial
|
My New Lotus Foundations Home Server
|
Ratings
23
|
Title
|
Most Recommendations
|
Most Comments
|
Most Visits