Welcome to 

    mickyj.com

   


















     

   
 

    

    


Worldwide release for SBS 2008 was November 12th 2008.

 

Yes the cougar is here.

 

For support use the SBS 2008 newsgroup.

For links to important information about SBS 2008 please look here

 

For information about SBS 2003 please refer to this page

 

The rumors were flying around and I wrote the following pre release.

 

SBS 2008 RTM 21/8/08

 

Firstly to help the rumors and the dispelling thereof, backups are natively supported only to disks (no tape). They are image based backups. There is no ISA, SBS 2008 will not support 2 NICs in fact, RRAS is basically gone and the only firewall built in, protects against internal attacks like Sasser and Blaster. (Time to buy an external hardware firewall).

 

SBS 2008 is only 64 bit (As Exchange, one of the major components is only 64 bit) and there is no license for Outlook included.

 

There are still Standard and premium versions and user based or device based Cals but now they are handed differently. SBS still supports up to 75 users but if you get that big, you should be looking at EBS (essential business server).

 

The interface looks a little like home server and many of the design features from the home server remote access portal and wizards, have come through to SBS 2008.

 

SBS 2008 maximum ram supported is still based on the limits of Standard Windows server (64bit) so therefore, it can support 32 Gb. The minimum is 4 Gb and 60 Gb HDD. I would recommend a minimum 8-10 Gb ram.

 

Still with me and want to know more ?

 

Lets dive a little deeper.

 

Microsoft is focusing on ease of use but as you can see from my list, is omitting some of the features that made previous versions attractive. This will be an upgrade headache if you used those features. (And I am one of those people who loves ISA server and Tape backup).

As mentioned in brief, the new version is 64-bit only and includes Exchange Server 2007, SharePoint Services 3.0 and WSUS (Windows Server Update Services) 3.0 as standard. If you purchase Premium you get SQL Server 2008 and a license for a second server (which can be 32-bit). This second server could also be your terminal server or another file server etc.
 

For anyone who has installed Vista, home Server or Windows Server 2008, you will understand that following in their footsteps
the install for SBS 2008 is easier than before, and that wizards are now scenario-based rather than task-based.

The first big change is that tape backup support is no longer built in. The new backup system only supports external USB or FireWire drives. You can still elect to use third party backup software but disk has some huge advantages. Imagine backing up every 30 minutes and no one on the network knows it is happening ?

Microsoft has said  that this is because external drives are cheaper than tapes, and that most SBS users have moved to hard drive backup in any case. This is true unless you have a lot of tapes. However, tape advocates point out that tapes are more robust in transit and safer for archiving. Personally I’ve had problems with the cheapest bus-powered external drives, mainly because of the power being inadequate, people dropping them or bad sectors. I am a little concerned about AD recoveries. It looks like you must use NTbackup to create a file based copy if your AD if you need to a recovery. This would be separate to your normal backup medium as those disks are specially formatted and I doubt would be much use in an AD recovery scenario.

The other big missing item is ISA Server, Microsoft’s firewall and proxy server. This is a bigger deal. ISA is a complex but sophisticated product that requires two network cards to be installed. It provides extra security in conjunction with an external firewall, and numerous features for publishing internal servers and services. It is great for reporting and logging users activities or controlling access to some websites. Due to legal issues surrounding ISA, Microsoft had to remove it from the SBS 2008 feature set.
 

If you want ISA, think about buying SBS 2008 premium and using your second server with an ISA standard license or look at
the new multi-server bundle called Windows Essential Business Server 2008 (EBS), which does include ISA.

So what do you do if you have a full-works, dual-NIC SBS 2003 box and want to upgrade? There’s no in-place upgrade, because this is 32-bit to 64-bit; and the disappearance of ISA means you have to rethink your network architecture, or upgrade to the aforementioned EBS. Jeff Middleton is working on a Swing Migration and Migration looks like the only way to save the day.

Along with the Standard version of Exchange 2008, you drop the use of Public folders however, most of the other items we have grown to love in SBS are still there.
 

So there are two versions. What will it look like ?



One server or two servers. SBS premium will break out onto two boxes the SQL component or any additional server you want to run. Ultimately, if we all had lots of money, this would be a great Blade setup. Unfortunately for most of us it will be a not to green power chewing two server setup.

Remember, the SBS 2008 box will only be single NIC (There are reports of a hack out there already that will enable two NICs but that is unsupported)
This means you need to select the role of the second server in premium carefully.

 

The first thing you notice about the SBS 2008 console, is how much it looks like Home Server. The catch cry's of

“Dramatically simplified server and PC backup technologies”
“New monitoring across server and client PCs”

sound like Windows home server. Microsoft are leveraging what they learnt and including it in SBS 2008. It is only fair as WHS, EBS and Windows 2008 server now includes a form of RWW.

Also note, the console is not using IIS so it is far more stable !

The console is also single use. You can't have hidden windows behind and you can't run the console 2x.



Some new things to note, SBS 2008 also includes one year trial subscriptions to a couple of new MS security and management services…

  • Forefront Security for Exchange Server Small Business Edition

  • Windows Live OneCare for Server (120 days)

MS is also promoting integration with Office Live for Small Business.
 

All the normal things are there:

  • Remote Web Workplace

  • SharePoint Services (Search now works without SQL server)

  • Windows Server Update Services

  • Shared Fax service (I am unsure if this supports Fax 2.0)


With ISA Server gone, the main benefit of SBS 2008 Premium has been reduced to the SQL Server.

SBS 2008 Premium offers a couple of nice additional things

  • SQL 2008 Standard, not Workgroup (Yay) (And it includes SQL 2005 and SQL 2008)

  • Can install SQL 2008 on a totally separate Database server

  • You can buy standard or premium Cals, reducing your costs


Windows Small Business Server 2008 was designed for small businesses. It was designed to work with existing technology, build on Microsoft best practices, and deliver a comprehensive network at an affordable price. This is much the same as SBS 2003 but the world has changed and Microsoft would love every server to be setup secure and correctly so the wizards now do more behind the covers.

You can have virtually anytime, anywhere access to your business desktop; including e-mail, files, business applications, and more through Remote Web Workplace (much nicer than in 2003, more like WHS)


You can easily share resources and equipment, such as Internet access, printers, and fax machines using the new enhanced wizards.

Lets look a bit more under the hood.

The server boots up and asks you to select an administrators name. That's right, the user "Administrator" is not necessarily going to exist. you elect what name you want to use. Then there is the password. 8 Characters and complex by default. A green tick lights up when you meet the required level of complexity. Handy.

Then you get greeted by the new consoles.

The time to set this up from scratch is about 3 hours. You actually spend about 5 minutes clicking various things on 5 screens during setup (Domain name, server name etc) and then you are done (The oobe is very quick). SBS 2008 will automatically locate any routers (even across different subnets and IP ranges). The wizard automatically inserts ".local" on your domain name. (You can change this with an Answer file).

The first thing the server wants to do is get updates off the internet. This is great as this will mean all servers will start with a level playing field.

You setup your internet address with a wizard that helps you buy a domain name and configure your DNS records. There is even a built in Dynamic DNS client in SBS 2008 so you do not need a static IP. If the domain name you select is in use, it will prompt for alternatives and the wizard will arrange to have an email sent back to you with your domain password and keys. Nice !

The wizard can not help you if you have multiple domain names but we can manually tweak that later.

With the wizard you can setup email smarthosts (No need to crack open the Exchange System Manager).

Something else nice to note, you can change the server name (including on the RWW screen) with a Wizard, not a registry hack !

Something new, as with IE7 and Vista, SBS 2008 only likes real certificates. The days of SelfSSL are numbered. You need third party trusted SSL certificates (Maybe godaddy at $20 Per annum ?).

This change helps stop DNS poisoning (DNS cache poisoning is a technique that tricks a Domain Name Server (DNS server) into believing it has received authentic information when, in reality, it has not. Once the DNS server has been poisoned, the information is generally cached for a while, spreading the effect of the attack to the users of the server). You now need to export and transport the certificate to the remote end, you can't get it from the website. (you can take a package home to setup Outlook over RPC).

Would you believe, there is a wizard to purchase a certificate. It generates some coded text for you to send of to your cert provider.

Now lets look at User templates (now called User Roles). You can retrofit a role to an existing user using the wizards. With the Roles wizard you can repoint "My Documents", change disk quotas and gain granular control of IIS sites a user can access and that includes RWW and OWA. Very cool.

Speaking of RWW, not only can you setup your own shortcuts but you now have a section allowing you to change your Password in the AD. RWW also no longer uses RDP through port 4125. It uses 443 which will work better in hotels and the link. The connect to my computer can point specifically to a computer and there is lots more to find when you dig around.

You can now archive group emails into a SharePoint Library (Don't forget, Exchange 2007 does not have public folders .... by default). You can also make security groups that can only email internally. There are no more global mailboxes in the pop3 connector and a new 5 minute check. Pop3 now goes through SMTP and IMF etc.

You now have a Vista Widget that you can push out that gives access to SBS tools (OWA etc).

In the new console there is a network tab. You can see the status of all workstations here. You can see their A/V, Security and other related items here. It will show servers and workstations (XP and Vista). You can sort by Computers and devices (e.g. fax machines etc).

You can also see the connectivity section, this has the wizards in it that we ran at the start to get everything working, and more. (Remember, no firewall or Dual NIC in SBS 2008. The server firewall is simply a tool to protect from internal attackers like slammer etc. It is not an external firewall).

VPN through the Wizard is pptp. Without ISA and setting up a CA on your server will likely make L2TP an ugly exercise. Wizards open ports on your upnp routers to allow emails to flow etc. The pop3 connector still exists and now ... one new wizard ..... the Fix my network wizard. Fantastic.

The fix my network wizard analyses and fixes 70 common errors. (Includes AD and DNS). You can also select what changes are made, incase you deliberately broke you network and don't want it to fix something.

Windows 2008 server (and SBS 2008) now has advanced quotas. You can set quotas on Shared folders (not per server volume) and it can do protocols. All the NTFS, share permissions and Quotas are accessible again via a wizard. You can elect to monitor access or simply deny access, right down to file types like Mp3 files. You can link DFS to Quotas and then you control your part of the world.

You can now modify how RWW works, blocking users, exposing links and changing the images. WooHoo.

Backup has vastly changed. Yes, it no longer supports tape drives (use a third party application) it backs up to an image on a drive. You can now restore to dissimilar hardware and can virtualise. You can do 30 minute snap shots and stick it onto USB hard disks. The backup prepares the drives and during the process, even tells you to label the drives. For the snapshot to work, your databases need to be VSS aware (MYOB, Access, Outlook PST files etc). You no longer backup a file or a folder. It is a full partition backup without selections. This is where AD recovery will have to change (Command line backup to file). I would recommend 2, maybe 5 USB drives in a rotation. Another smart item, in SBS 2008, you don't need to safely eject the USB hardware. Now anyone can change the backups! You need to be aware that the backup disk needs to be 1.5 times the size of all the data storage on the server. Also note that the SBS backup will not allocate a drive letter to the backup drive.

Notes:

SBS 2008 now needs certified drivers.

Office Live can now use public facing websites and workspaces to distribute documentation to all staff, including remote.

One thing that I did not like was that SBS 2008 loads down into one partition from installation. Thankfully there are wizards to move things around later (Exchange data files, SharePoint, Wsus, User Shares, Folder redirection etc).

SBS is still licensed by Processor sockets, not cores. This is a good thing.

There is a patch that allows a second SBS server in your existing domain for 21 days. This helps you get to the start of your migration. (the default is 7 days).

IPV6 is installed and IPV4 can not be removed.

Now it is even more important to look into PowerShell
Using PowerShell and the way SBS 2008 installs itself, you can actually script installations that always come out the same. you can move data files around, install items and make customizations on the fly.

Not only has the RDP in RWW changes ports, companyweb is now on 987.

Reporting has also been enhanced. There are the 2 standard reports and then you can add your own reports. There are Archives of reports now available. Reports also now contain restart times. A small thing but something I really like.

There is also the status of Server and clients available at a glance (for the firewalls, Antivirus and updates.

NOTE: SBS 2008 on a network will Autopatch clients. Don't get caught off guard.

 

So who is the target for this ?


The Windows Essential Server solutions includes

Essential Business server and Small Business server and then home server (WHS). EBS and SBS will be marketed together.

WHS is great for remote access and backups for 1-2 person company.

EBS and SBS look the same so that learning one, leads easily into the next.

Per capita, Australia sells SBS at a rate second only to the Dutch. On average SBS in Australia sells with 16 licenses (the rest of the worlds average is 11). All up, Australia is the 4th biggest seller of SBS in the world.

Microsoft have created the perfect solution with EBS and SBS, from 1 server (SBS STD) to 2 servers (SBS Premium) to EBS Standard (3 boxes) to Premium (4 boxes).

The target is anyone with 2 users to the top end of EBS (300 users).

The sweet spot (as far as cost goes) will be anyone above 11 users.




 

 

 

 

 

    

 

     ( )

 

 

 

 

                                                             This page was written and designed by Michael Jenkin 2011 © (Best viewed at 1024 x 768)