Home Server Projects
I've always been interested in installing servers for home use. The ability to customize Linux based servers to the degree that surpasses what is economically available from any other source makes Linux the obvious choice. Linux also offers the home user more latitude in that it will support practically any other desktop operating system with basic services.
Tuesday 24 July 2007, 7:29 AM
Its been quite some time....and Now Debbie has some sisters
At this point my 2 to 3 week experiment has gone way over time but things are still progressing although the pace has slowed considerably. Biggest problem is getting time to work on Debbie and her sisters.
I've been doing some configuration tests with NFS and Samba trying to find the best mix of settings and permissions to allow both server systems equal access to the shared folders. I don't want Linux to override Windows and vice versa. So I've been playing with the server and a couple of Debian client boxes I set up and a couple of Windows clients, one running XP Pro and the other Win98SE.
I've also been toying with the idea of running some services like streaming content on a second subnet and perhaps over 802.11G wireless instead of the main wired 100 baseTX network. Especially since my son seems to think that Internet "radio" hiphop with music videos and Youtube is way cooler than real radio or broadcast TV.
First time I've felt like there's a bandwidth squeeze inside the house, usually my complaint is with the service coming into the house from the phone company.
Speaking of the phone company, we've been getting hit with pretty nasty thunderstorms with Ark building torrents coming down for hours but not days! Service from the phone company has been non-stop except when the power went out completely for very short periods. Then it didn't matter since the CPUs were off anyway. This leads me to a totally unscientific observation, Debbie and her two sisters didn't even hiccup when they got "dumped" by a couple of short power outages. Systems came right back up and didn't need any intervention on my behalf to fix themselves. The Win98SE box required a reload and the Win XP Pro box had to have chkdsk run to fix some clobbered sectors.
Thursday 5 July 2007, 5:01 PM
Kraken, buried at sea. Long live Debbie!
With the posting I did yesterday I hope to have buried Kraken at least in consideration as an alternative server for my backwater bay.
For a product that supposedly offers "new" features and advantages to the computer and media consuming public I was marvelously under-whelmed. The second biggest reason to use a home server, that of backup for the other systems on the local subnet, failed in my case miserably.
I doubt very much that I will bother to do a forensic postmortem simply because it was supposed to be a almost finished product and wasn't. Yes I could spend a lot of time and fix all of the problems and yes I know how to fix the backup problem. I'm not on Microsoft's payroll. If I'm going to expend that much effort, its going to be on something I OWN, from the top of the mast to the keel.
But this started out as a user test and to be entirely and brutally honest, Debian (Debbie) failed as well as Kraken (Windows Home Server). But I expected Debian (and all other Linux distros) to fail simply because the Linux programmer's universe hasn't bothered to approach the consumer market except in specific targeted devices. Nobody writing Linux applications sees anything profitable in generic Home appliances. A Home Server is still fairly general purpose and not that much different from any other desktop, NAS or computer. All of the profitable Linux appliances are specific purpose devices, set top boxes, DVR's, DVD players etc.
I'm going to continue working on and writing about Debbie simply because it does fill a need I have here for a generic file and media server. When its done I hope to be able to release the "cookbook" I used and hopefully a distro variation.
Wednesday 4 July 2007, 5:10 PM
Kraken running? yes. Nice beasty? no.
Well I've been running Kraken (Windows Home Server) enough to know that I really don't like it much. Yeah you figured that out a couple of weeks ago, right? But I had to give it a good crack at changing my mind.
If you've read and followed the server specifications and you have everything fairly up to date, meaning you are running Windows XP and Vista and NTFS partitions on all of your client computers, then Windows Home Server might work very well for you. If you are like me and you've pushed the Win9X and the Win2K licenses off on your kids or heavens-to-betsy you're running (shudder) Linux! Well then it won't. It doesn't even come close. In fact its reason d'etre, systems backup, does not work, at least on my fully legitimate, up-to-date-with-Windows-Update XP Pro SP2 P4 system.
The hot off the DVD burner, not ready for prime-time, Windows Home Server Release Candidate 1 is a fairly tightly focused package that I think misses the point of offering inter-operable services. Microsoft has to wake up to the fact that a lot of their customers are still running much older versions of their software. The last statistic I saw was that XP Pro was still only running on about 35% of ALL Windows boxes out there. The bulk of the computers were running either Windows 9X or Windows 2000. This tight focus will dis-enfranchise some of the still very large numbers of Windows 9X/Win2K users that haven't upgraded (and won't) and the part-time Linux users that see wide-open possibilities with Linux-based multi-media applications. I count myself in both camps.
Basically the server offers secured folders, public folders and backup services. I know Microsoft touts remote access and remote serving to and from Internet locations as a special function of this product BUT, technically that's a service that comes with Server 2003 and Windows XP and Vista. So its not really a product feature of WHS.
First off the limitations, and they are many.
1) Only Windows XP Pro and Vista OS equipped computers are supported, no Win 9X, 2K or NT 4.0 need apply. Support for Linux I didn't expect but it would have smart for Microsoft to do that at least through Samba.
2) Only NTFS partitions are supported. Come on! Why not FAT and FAT32? Don't give me any BS about security. Microsoft is using workgroup and not Domain security.
3) Computers must not be active members in an Active Domain. This is the first restriction that makes any sense. It screws up the sharing mechanism used in WHS to have conflicting local security policy on the client.
4) All logons that will need to have access to the Windows Home Server backup functions must have valid backup rights on the supported client computer. The account you use to install the WHS connector has to have the backup and restore capabilities. Other accounts will have access to the WHS. This is normally not an issue but I have some severely limited user accounts that are setup without backup or restore capability to deliberately prevent my kids from doing that behind my back.
5) The client logon used on the client computer must be programmed into the Windows Home Server user applet. This is the same restriction seen in workgroup logons to allow easy sharing to occur. If you've used XP Pro SP1 or later, you've dealt with the logon box each time you connect to a share on some other system. That's gone with WHS shares.
6) First backups are of entire partitions, this obviously is for the restore functionality, but it enforces an all or nothing mentality. I never could get it to work properly on my XP Pro system either manually or automatically. Even after I did the suggested fixes to my partitions, it still didn't work. It would not backup the C drive (system/boot) and it would not backup the F: drive, a compressed NTFS partition. The only partition it would backup was D:, a NTFS partition I first created on Windows 2000, go figure!
7) It will not backup a NTFS compressed partition, and I assume that would include an encrypted partition since they use the same software mechanism. This I consider absolutely asinine. If you've gone through the trouble to compress or encrypt the files on that partition, why can't you back them up?
8) What I also find really annoying is that the system could not find one of the two drives that are supported on a PCI IDE card on my XP client. In addition, neither of the two drives can be identified by looking at the WHS backup applet. No drive letters. No indication that they are there. You need to understand that the "discovery" agent used to find partitions to backup runs on the CLIENT computer. The client computer knows what partitions are there and presumably can access and serve those files and partitions up to the server for backup but no it doesn't work that way!
9) The WHS as I noted earlier did not support the NIC adapter that was on my DELL Celeron CPU board. Actually it only supports one NIC, the Realtek 8169. I would suspect that either this product will have more drivers installed before it goes public or it will only be available as a configured and setup system from OEMs.
10) It has only 14 video adapter drivers from ATI, Via and Intel. So I guess we know who's aching to get product out the door using this software! That's usually not as much of a problem but it would have been nice to had at least the generic Microsoft VGA and XVGA adapter drivers just to get the system up and running. Video after the system is up and running is not so much an issue. Lucky for me I had an Intel video adapter on the CPU board.
11) It has absolutely nothing that couldn't be delivered even on a Windows XP, 2K or Linux workstation except the duplicate file control and that might be scriptable with some file comparison utility. The only advantage is the "instant" connection mechanism to the server and that can be delivered in a logon script.
I never could get to the "bare metal" restore function test since the backup function never worked right. Likewise an incremental restore from the backup wasn't possible.
What does work right? The public folders and the private folders work quite well. The user account structure works well and is easy to use. Once the accounts are setup, the only password needed is the Administrator account password to open the Administrative webpage. Users once logged onto their usual computer have access to the public folders almost immediately.
One item that will cause a little confusion is that there are two different security policies for passwords. Passwords for accounts that are used for Internet access to the WHS use a "strong" policy but the internal password policy is weak. Either you have to create new user names set with policy-matching passwords or change the internal password policy to match the external policy and reset all the passwords to make them much stronger for internal use. This will maintain connectivity and not require changes to security settings on shares and file permissions but I don't suggest that.
Using a new strong password with a new user name for remote access perhaps allows for tightened security and could conceivably improve security above the usual possible in workgroups or local group policies. With one account set for access from outside only and another with access only on the inside, it might prevent some forms of attack. Adding VPN and IPSEC to the requirements for external access will provide a secure connection from remote Internet locations.
The remote access capability is there, it just doesn't seem to work right. I did get it to setup a DDNS URL on a service that Microsoft evidently has provided for the duration of the RC1 test. But there doesn't seem to be anything that allows the user to set up incoming VPN connections through the administration webpage. Now if I go to the Win2K3 Server and logon there I can set up a VPN account and VPN connections on it but I'm not sure if they can be attached to through the client interface on the client computers. This function as far as the user is concerned doesn't really exist. I'm not interested in doing VPN debugging for Microsoft without an employment contract.
The software in the WHS seems to assume that it has a connection to a UPnP router that connects to the Internet. Since I'm running a real firewall that is not running UPnP on the router functions, remote access does not work. There were no messages that were meaningful that the user could have utilised to open ports up in those cases where the router wasn't a UPnP router or was a user adjustable firewall. Yes I remember this is a USER test but with all the other issues I had with the WHS software I wasn't really interested in exposing my home systems to potential trouble for the sake of the Beta test.
Looking at this "product" from a User point of view as it stands today as a RC1, I would not recommend it to anyone not already conversant with the feature set of Windows 2003 Server. A lot of the functionality of Win2K3 is still there and it will make a very good stand-alone server for a home environment or even a small home office assuming those features remain in the final product but I wouldn't count on it. It could be improved considerably with a large number of consumer-friendly wizards. But its not ready for the consumer market, not by a long cannon shot. WHS needs to go back into drydock and add more planking and sails. This buccaneer says "Kraken gets the black spot! arrgh!"
