I saw an article, What You Need to Know About Small Business Server “Aurora,” the Great Windows Phone 7 Debate, IE 9, and More, by Paul Thurrow in the October, 2010 edition of Windows IT Pro magazine about the upcoming Windows Small Business Server (SBS) code-named Aurora. The article first attracted my interest because I had deployed SBS 2003 in the past and found it to be a pain to install and counter-intuitive to work with. That was my impression as a Systems Engineer deploying Windows Server and the application servers like SQL, and Exchange. The unified “desktop” seemed to be a distraction. The application bundling made it attractive for small businesses but I didn’t know of any who could manage it without a Microsoft Solution Provider. But that was history.
Enter Windows Home Server (WHS), a consumer-class “server” operating system aimed at the home market. OK, so what are we serving at home? Media, basically. WHS is geared at making photos, video, music and documents available to XP or Vista computers in a home network. It provides the capability to schedule a computer backup, restore files, as well as share them. Also important to some is the ability to establish a remote control session on a member computer – think something like RDP. When establish a rule on your home firewall to allow remote connection, WHS will broker connections to your personal workstation.
This remote access functionality would enable a small business, with say five employees, the ability to connect back into the office to their workstations. This provides automatic computer backup to a central location and the ability to connect back in to their workstation to finish up some task that was left undone.
To summarize, we have a commercial product, SBS, targeted at the small business with five to 75 users, that requires the organizational capabilities provided by an Active Directory infrastructure and at the consumer end, the WHS product targeted at three to ten computers in a non-connected workgroup environment that provides computer backup, file sharing and remote connections. Small business Server is successful in its space but there are a lot of offices with three to five people that require similar capabilities but who are unable to support SBS financially or administratively.
Microsoft introduced Essential Business Server in November, 2008. This product used Windows Server 2008 as its base and included the other updated applications: Exchange, SWL Server, ForeFront Security and System Center. It was targeted at organizations with up to 300 users – SBS upgrade from the 75 user maximum. Well that effort sort of confused everyone and the product was dropped in June, 2010
Now to the second reason for my interest in Paul’s review of SBS “Aurora” – better than WHS and on a smaller scale than SBS. At least this is my initial perception of the product from reading reviews and press releases. I currently volunteer my time at Eastside Legal Assistance Program, a non-profit in Bellevue, Washington providing legal services for low-income families. The need continues despite a tough economy and reduced sources of funding. Part of my responsibility is to find continuing ways to improve staff performance and efficiency with little or no financial investment – read free or very close to free. If you’re interested refer to my series on the Microsoft Business Productivity Online Services suite.
So maybe, SBS “Aurora” was a possible solution that could bring in a Active Directory sort of infrastructure that would provide automatic computer backups, enforce organized file and printer sharing, provide remote connections to the office workstation and serve as a launch platform for an Online service offering like Exchange. Worth a look, would you agree?
What’s in it?
Let’s take a closer look at what’s in Aurora but first a slight digression. Windows 7 introduces us to the concept of the homegroup. What is a homegroup? According to Microsoft,
A homegroup is a group of computers on a home network that can share files and printers. Using a homegroup makes sharing easier. You can share pictures, music, videos, documents, and printers with other people in your homegroup. Other people can’t change the files that you share unless you give them permission to do so.
This seems to be the same type of computer group membership available in WHS, but now given a name, homegroup. We see file and printer sharing available but nothing else in Windows 7.
Aurora is based on Windows Server 2008 functionality.
It creates a domain with up to 25 users. You also get Remote Web Access (RWA) functionality but you’ll need to configure DNS and SSL certificates to get to the site across the Internet. Administration through the Dashboard can be delegated to other users in the domain. Once your computer is part of the domain, you get a “Launch Pad” application. The Launch Pad contains the following applications:
- Backup (This starts a backup but I haven’t found any granular control over the content.),
- Remote Web Access (You have to enable this on the server before you’re able to connect – chicken/egg.)
- Shared Folders, and
- Dashboard which requires the aforementioned administrator credentials to gain access.
Join the domain
Computers become part of the domain by connecting to http://<computername>/CONNECT to run an installation wizard. Prior to this, I created a standard domain user account called “Staff” but you can create the domain account later in the set up part when the wizard asks you for the domain credential. I attempted to run the installation wizard logged on as “Staff”, my standard Windows 7 user account on the local computer but was blocked. I needed to run this process as a local computer administrator type account. I logged on as “local_admin” and was then able to run the setup program successfully.
You’re asked to log in to the domain, so I logged in as “Staff”. Success! Reboot and you get the familiar CTL-ALT-DEL login screen of a Windows 7 domain member computer. Your first connection, creates your domain profile and asks if you want to transfer your Library (My Documents, etc.) content to the server. Of course, this is the reason for this! While it seems simple, I wonder how much hand holding is required in the typical small office.
Note to all sacrificing a perfectly good Windows 7 computer to Aurora, when it comes time to remove the computer from the domain, the Dashboard does the trick. Unfortunately, you need to logon to the client uninstall the connector software and then use Server Manger to change the system properties to assign it to a workgroup removing it from the domain. We’ve done this before.
In addition to file and printer sharing, Aurora extends this to automatic computer backup, file recovery and the automatic addition and recognition of additional hard drives. This is called Drive Extender and it is a RAID technology available in WHS. With the standard two disks under the hood, you get drive mirroring. With additional drives, comes additional RAID capability to spread the entire load over all of the drives. I haven’t done this but my source tells me it acts like a RAID5 array. Repair a drive, it recovers; remove a drive and it rebalances the files across the remaining drives.
“Aurora” allows the administrator to schedule computer backups and users to share files. I didn’t find a way to selectively backup files or folders. To restore files, I found it necessary to logon to the target computer as the administrator in order to access the management console to perform the operation.
Aurora assumes you’re going to install it behind a home-like broadband router, like you’d get from a cable or DSL Internet provider, and it doesn’t assume that it will be providing DNS or DHCP services. To set up the server for Remote Web Access, you‘ll need a router with UPnP capability. A wizard will try to do this for you. If your router/firewall does not have the UPnP capability you can do this manually by opening the following TCP ports to the server:
- 25 – SMTP,
- 80 – HTTP,
- 443 – HTTPS,
- 987 – SharePoint,
- 1723 – VPN, and
- 3389 – RDP
As mentioned, previously, you’ll need a digital certificate.
I downloaded the bits from the Microsoft Connect site and used HYPER-V to create a virtual machine to test. The install ation program required a VHD 360GB disk. Make sure you specify what it asks for but make sure you create a dynamically expanding VHD. You get the following drive configuration:
- C: 60GB System,
- D: DVD drive,
- W: 90GB Users,
- X: 90GB client Computer Backups
- Y: 90GB Company
- Z: 90GB Shadow Copies.
You provide a name for your Company, Domain, Sever, and Administrator Login/password. The domain name follows Windows best practice of making the internal domain different from what it is known on the Internet (contoso.local vs contoso.com).
There are two management consoles in Aurora: the Dashboard and the Windows Server 2008 Server Manager. Aurora also has the ability to enforce Group Policy.
The Dashboard reminds me of the WHS, “user-friendly” administrator console. It consists of the following sections:
- Computers and Backup, Server Folders and hard Drives, and
Of these, I found Users the most interesting. You use this section to create a user, change a password, set password policy and change user account properties.
This section is arranged in tabs:
- Level of Access (Administrator or Standard user),
- Shared Folders (specify level of access to the Company share (Full, Read Only, No Access),
- Remote Web Access ( Checking the appropriate object allows access to computers, Shared Folders or Home Page Links)
- Computer Access (Allows the user to access their workstation or any other computers that show in the list).
The Server Manger MMC contains the following sections:
- Active Directory Certificate Store
- Active Directory Doamin Services (Users & Computers and Sites & Services)
- File Server (Share and Storage Management)
- Network Policy and Access Services (Network Access protection – NAP)
- Web Services;
- Default Web Site,
- Mac Web Services
- WSS Certificate Web Services
During the review, I didn’t get too deep in the Digital Certificate area. It looks like Aurora provides a self-signed PKI infrastructure. Nevertheless, I ran into a problem using Remote Web Access to connect to a workstation or the Aurora server from a non-domain computer. The Remote Web Access capability is implemented as a web site that acts as a gateway to the computers behind it. I was able to establish a connection to the website by accepting the Certificate warning in the browser but was blocked from connecting using the RDP client because of a problem verifying the certificate.
As I mentioned, it was easy to backup a member computer from the client and server side, however; I didn’t find any controls to set granularity.
Using the Dashboard, I was unable to backup the server. The backup wizard could not find an acceptable device. I created a network connection to a share on another server as well as a mapped drive to the share. Couldn’t do it. Using Server Management, I was able to create a scheduled as well as an immediate backup to the shared resource on another computer. I found that I had to create the same login/password identity on the target server as I had on the Aurora server. Apparently, the backup uses mutual authentication in the process.
As of the announcement on 11/24/2010 Aurora is now Small Business Server 2011 Essentials and another beta id due out in January 2011. I’m thinking that this could work in very large household or a small office that needs the organization provided by an Active Directory domain infrastructure and that would like to utilize some of the “cloud” services like the Business Productivity Online Services (BPOS) Exchange/SharePoint or the new Office 365. I don’t think that the average office technical guru is going to be able to set this up and manage it, so it’s an opportunity for the Solution Partner network that is currently supporting Small Business Server.
If you’re interested in testing these products for yourself, they’re both available on the Microsoft Connect website. You’ll need to sign-in with a Windows Live ID and then visit the Windows Home Server and Small Business Server pages to access the pre-release code.
Drive Extender (data duplication & storage pooling) is dead. It will not be in the 2011 release. It seems as though there were some data integrity problems as Microsoft began to scale this out to a larger production environment. There seem to be many alternatives available in the low-cost NAS space from 3rd party manufacturers. Hardware always trumps software!This posting is provided “as is” with no warranties, guaranties or any rights whatsoever. All content is based on the author’s experiences and opinions and is not intended to influence the actions of the reader.