Re: Looking for advice on general layout for my SBS.
- From: NHponds <klconklin@xxxxxxxxx>
- Date: Thu, 13 Sep 2007 09:07:40 -0700
On Sep 13, 11:06 am, Job Andersson
<JobAnders...@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote:
Hi,
I have set up a SBS and its time to add users/groups.
This is the first time Ive set up something like this and I would really
like to have some advice before I go beoynd a point of no return.
This is what we have:
SBS 2003 R2, configured as a local domain (server.local).
Exchange Server, configured for local domain... for obvious reasons.
Sharepoint Intranet.
1* VPN Gateway (Netgear VPN), hooked up to server.
2* VPN Client switches (they are still not configured and/or in place).
BackUp
The VPN router has the external Ip, and is the "gateway" I guess.
The server is connected to the router and clients on the same office were
the server reside are connected to a switch which is connected to the router.
Server and clients have local IP's distributed by the SBS server DHCP service.
The company:
3 Offices.
About 15 users spread out over all offices.
Service office is on a highspeed 1Gb Ethernet connection.
1 office is on a 2Mb line, the other on a 8Mb line.
Current Situation:
SBS is running in the "main" office. Clients connect through it by SBS DHCP
to the internet. They are not logged into the domain yet, that is ... no
domain users are created yet.
Our e-mail and webdomain is managed by our ISP.
I think thats about sums it up.
--------------------------------
DOMAIN
Eventually our plan is to take control of our "real"/external domain name
and add it to our SBS.
- Will this be a problem since it is already configured as a local domain?
- Is there some simple way to just add that domain to our SBS and make it
work with Exchange just like that? A Wizard or something like that.
--------------------------------
VPN
What are the alternatives for the 2 other offices to connect to our server.
Our VPN router/gateway will be configured to recieve connections from the
other office's VPN client routers.
All offices need to be able to access Intranet, servershares and the
exchange server.
- How can we connect the clients of the two "external" offices to login to
the SBS server domain as domainusers?
- Will there be a severe slow-down for the external connections on 8Mb, 2Mb?
- How much data is generally sent between server and client, except for when
the user specifically saves a file to the server.
--------------------------------
"HOME" DIRECTORIES AND SYNCHRONIZING DATA
I want to have a home directory for each user. These directories are created
by default when I add a user as I understand it. But they are not mapped by
default to a network drive. Is this a GP setting?
- Is it possible to make for example 'H:\' to always be mapped to a users
Home directory when a user is created?
When we setup user accounts many of our users have laptops. How do we make
sure that the files that are saved to "My Documents" also end up in the users
home directory on the server?
- Whats the best way to go; reroute the location of "My Documents" to
\\server\users\username or "h:" if this is the default mapped driver - or to
somehow (with the synchronizing agent maybe?) automatically synch My
Documents with the users server home directory?
--------------------------------
MISC
Id like the server to control AV and such. Is it a good idea to somehow have
a AV (Avast in out case) schedule clients scans that reports back to the
server through VPN connections (the external offices)?
I know this thread is very general and unspecific. I am working as a student
consultant and I learn as I go, and my work is more oriented towards learning
Microsoft Server Technology than making money. I hope no one thinks it is
rude to post a unspecific thread like this, but I rather ask than make a
misstake - and books only takes me so far and are extremely unspecific and
not very helpful. I will be very greatful for any kind of feedback that could
help me! If you have read a good book or article that you think will help me,
please share it with me.
Regards,
Alot here but here is one of my customer layout
30 users, 3 locations
SBS at main location,
NIC 1 (WAN Connection) Connect to the Gateway firewall / router
(192.168.0.X)
NIC 2 (LAN Connection) Connect to local LAN (192.168.16.1)
VPN Routers need to Connect WAN IP to the local LAN (I Use SonicWall
TZ170 because of the optional port) (192.168.16.3)
add route to the SBS for remote office (cmd)
remote office 1 route entry
Route add 192.168.17.0 mask 255.255.255.0 192.168.16.3 -p
remote office 2 route entry
Route Add 192.168.18.0 mask 255.255.255.0 192.168.16.3 -p
Remote Offices
remote office 1 network 192.168.17.x
remote office 2 netwok 192.168.18.x
The VPN Firewalls will know what to with 192.168.16.x traffic throught
the VPN to the SBS, all other is sent to isp gateway by vpn router
If you run SBS Pre edition, you will need to update the ISA server LAN
to include 192168.17.x and 192.168.18.x as local or the remote office
IP traffic will be denyed by the SBS
GROUPS,
Great way to control access to data,
Catorgize your data by departments
setup groups to access the data (Read / write / modify)
add members to the groups users can be part of more than one group so
a manager / owner can have access to all
I would read more into user and groups in the hellp files
example
data, (HR, ACCOUNT AP, ACCOUNT AR, SALES......)
Group name, members, data access
HR , HR Employee 1, read / write /modify to hr folder --- HR Employee
has complete access to all data in HR folder
ACC AP, AP employee 1, read / write /modify to Accounting AP folder --
AP Employee 1has complete access to all Data in AP folder
ACC AP, Owner, READ read / write /modify to AP folder -- Owner can
only read but not change data in the AP folder
You can get even deeper in the group memberships and data access, but
start here
EMAIL,
leave your email at the ISP but use the wizard that came with the SBS
and setup Exchange and use the pop3 connectors in exchange to collect
the mail.
.
- References:
- Looking for advice on general layout for my SBS.
- From: Job Andersson
- Looking for advice on general layout for my SBS.
- Prev by Date: Re: Firewall choice for SBS2003
- Next by Date: Re: ISA 2004 on SQL2000 NOT MSDE
- Previous by thread: Looking for advice on general layout for my SBS.
- Next by thread: Firewall choice for SBS2003
- Index(es):
Relevant Pages
|
