Smallbizserver.Net > Windows Small Business Server 2003

Current Articles | Search

Articles from Subscriber articles

How to restrict users from sending and receiving internet email

How to restrict users from sending and receiving internet email
By Mariette Knap :: 0 Comments ::

:: Server issues, Exchange Server 2003, SBS 2003, Subscriber articles, SBS 2003 R2, Securing your SBS 2003 network

You may need to block sending and receiving internet email for some users because of a company policy. I had a customer who asked me to implement this for a group of users who were abusing the companies email system and there was no need for those users to send and receive email outside of the domain. By following the procedure in this article you will be able to block the ability to send and receive internet email but retain mail inside your domain.

How to add an additional Domain Controller from a remote office to the SBS domain - Part 3

How to add an additional Domain Controller from a remote office to the SBS domain - Part 3
By Marina Roos :: 9 Comments ::

:: SBS 2003, Subscriber articles, Branch offices

When the branch office server has successfully joined the SBS network and when replication has succeeded, there are still a few steps that will need to be done on the SBS server as well as on the Branchoffice server to finish the Branch Office setup.

In this third part of the series "How to add an additional Domain Controller from a remote office to the SBS domain" we will review some common events and errors that will always appear whenever a SBS server is rebooted. Those can be safely ignored, as long as no other errors or warnings show up after both servers are fully up and running. The Directory Services event log is very important and it should not show any errors or warnings on the remote Branchoffice server ever. It will also have the steps to create an email alert when the RRAS VPN connection is down.

The next step will be to modify the SBS Windows XP Firewall GPO so it will include the remote subnet in a few settings. We will then modify the Default Website in IIS to include the remote subnet. You will have to mind though, that each time you would need to rerun the CEICW wizard, you will have to correct the IIS settings manually again.

If you have run the SBS BPA tool on a SBS server that has the Windows 2003 SP2 installed, you will have been noted to adjust a few registry settings for the TCP/IP service. It is a good thing to make those same changes on the remote Branchoffice server as well and the complete steps will be described.

RRAS on a SBS server which has ISA 2004 installed, is behaving a bit different from a common server without ISA. This is because most settings in RRAS are being dictated by ISA 2004 and there are not many settings you can change without it being reset by ISA every time the ISA services are being restarted. This also has consequences for WINS and DNS and the behavior is being described as well as some solutions. You will have to realize though, that when you browse the Network Neighborhood from the SBS network, you will never see the remote machines appear. In the remote office however, you will see the SBS machines appear in Network Neighborhood. This is totally due to using this kind of site-to-site VPN connection with RRAS and ISA 2004.

The last page has a graphical overview of the ComputerWorks network with the public and private IP's that have been used in this series of articles.

The contributions from Justin Crosby from Microsoft CSS were very valuable for the last chapter and I want to thank him again.

These steps are covered in the following chapters:

How to install BlackBerry Enterprise Express on a SBS 2003 Premium

How to install BlackBerry Enterprise Express on a SBS 2003 Premium
By Mariette Knap :: 8 Comments ::

:: Remote Access, Server issues, Exchange Server 2003, ISA Server 2004, SBS 2003, Third party solutions, Subscriber articles, SQL 2000, BlackBerry

Installing BlackBerry Enterprise Server Express on a Small Business Server 2003 Premium (SBS 2003) is not as easy as it looks. The documentation from BlackBerry is not complete and difficult to understand. I have decided to write documentation with all screenshots for this installation. My customer has an excisting SBS 2003 Premium SP1 (not R2) so we will install a new SQL 2000 named instance and create a BES service account that will run the BES software.

This document assumes that you have downloaded the Black Berry Enterprise Express software from the BlackBerry website. Before we can install the BESExpress software there are several things we need to do on the SBS 2003 Server. Most import step is that we create a BES service account that will run the BlackBerry Enterprise server.

How to add an additional Domain Controller from a remote office to the SBS domain - Part 2

How to add an additional Domain Controller from a remote office to the SBS domain - Part 2
By Marina Roos :: 0 Comments ::

:: SBS 2003, Subscriber articles, SBS 2003 R2, Branch offices

In the first article of the series "How to add an additional Domain Controller from a remote office to the SBS domain" we have configured the SBS server and prepared it for a new additional domain controller. In this second article we will configure the Windows 2003 server that is located at the remote office so it can be joined to the SBS domain and promoted.

We will want the new server to be running DHCP, WINS and DNS, so these services are going to be added. We will configure RRAS so it will have a persistent VPN connection to the SBS network. DCPROMO will be run so the server is becoming an additional Domain Controller in the SBS network. We will correct the network adapters configuration, configure DHCP server and correct DNS server. Then we will check if the replication has completed and enable remote desktop so we can RDP to this new Domain Controller from within the SBS network.

The third article will have the finishing steps that will need to be done to complete the remote office setup. These steps are different for the SBS server and the additional Domain Controller.

I would like to thank Brian Desmond, Directory Services MVP, for his valuable additions, in particular about the DHCP event 1056 and the add new subnet in Active Directory Sites and Services (part 1).

The following chapters are included in this article:

How to add an additional Domain Controller from a remote office to the SBS domain - Part 1

How to add an additional Domain Controller from a remote office to the SBS domain - Part 1
By Marina Roos :: 5 Comments ::

:: SBS 2003, Subscriber articles, SBS 2003 R2, Branch offices

In this series of three articles (the first article has been published, the other two will follow later) we will explain step by step how to add a DC that will be serving clients at a remote location to the SBS network. The remote DC will be connecting through a VPN connection to the SBS. There are several ways to establish this VPN connection and it all depends on the hardware and software.

Hardware VPN from remote router to SBS router: this is a very stable connection and will always be up so the remote server and its clients will be connecting to the domain from boot, but the SBS server should only have one network adapter and thus can't be running ISA.
Hardware VPN from remote router to a second SBS router that is directly connected to the internal SBS network: this is also very stable but can only be done if the SBS network has multiple public IP's and if the SBS internet device is capable of routing the several public IP's to different internal IP's. The SBS server can have two network adapters and can have ISA installed. Javier (SBS-MVP) has described the layout of this kind of a VPN connection here: Javier's SBS Wonderland : Site to Site VPN while keeping ISA in the Mix: http://msmvps.com/blogs/javier/archive/2004/12/08/23045.aspx
An article with the complete steps to create such a branch office connection will be published soon.
Software VPN from remote DC to SBS:
1. on the remote DC we could create a VPN connection just like you would normally do that on a remote client machine to connect to the SBS network. The disadvantage of this kind of a connection is, that the remote DC needs to be logged in to start up the VPN connection.
2. we can use RAS on the remote DC to create a persistent VPN connection to the SBS server which will automatically start when this remote DC is rebooted and doesn't need to be logged in. This will only work when the SBS has two nics and ISA 2004 installed. Disadvantage of this kind of a connection is that it will take a little while after a reboot before RAS will connect automatically to the SBS with a dial in on the remote DC, which will give some warnings in the event log. Another disadvantage is that although the remote network will see all machines in its Network Neighborhood, the remote machines will NOT be visible in the SBS internal Network Neighborhood. This will mean you will have to map a drive manually if that is needed, as the browse won’t show the remote machines.

I would like to thank Justin Crosby from Microsoft CSS for additional investigation he has done to help me write these articles.

The first article will describe the steps that will need to be done on the SBS server to prepare for a remote additional domain controller. The second article will describe the steps that will need to be done on the remote Windows 2003 server up to including the joining and promoting this server to an additional DC. The third article (not yet available) has the steps that will need to be done after the remote DC has successfully replicated and will include some fine tuning on the SBS server as well as on the remote DC.

In this article we will show the steps to prepare the SBS server for a remote additional Domain Controller where the SBS server has two network adapters with ISA installed and it includes the following chapters:

Page 1 of 13

First Previous [1] 2 3 4 5 6 7 8 9 10 Next Last