Topic: Evaluating SME

[rgmhtt]

I am still running an NT server as a PDC.  I want to get off it already. I was even ready to give up on netlogins by userid and go with a SAMBA workgroup.  I was also looking for an email solution to replace my Scalix CE with integrated spam filtering and discovered SME.

I run Centos 5.2 on a lot of systems and am just a little concerned about stepping back to Centos 4.  Centos 5 has enough problems with IPv6, going back to 4 will mean more IPv6 issues, amongst other things.

So if I can get a few questions answered I can figure out if I go with SME or do my own SAMBA workgroup with something like amahi.org and say Zimbra for email/anti-spam...

First question is DNS server.  I run my own zone master, I need IPv6 and DNSSEC.  Do I have to run DNS on SME, or what functions do I loose?

DHCP:  Do I need to run DHCPD on SME, I do see it is optional.  What functionality is lost?

WINS:  Is there a WINS function?  Can I have workstations on other subnets?

Is there any mechanism to migrate my NT PDC information to the SME PDC database?  I read the Samba paper that seems to indicate: NO!  and that Samba cannot be an NTdomain's BDC and get promoted to PDC (though once I thought I read it could be done).

Changing SME IP address.  Is the IP address for an SME server fixed for the life of that server?  Can I install on a test net, get it all going, turn off my NT server, move the SME server in its place and give it the old NT server's IP address to SME?

What IS the email package?  What is it based from?

Well this gets me started thinking....

[janet]

rgmhtt

I run Centos 5.2 on a lot of systems and am just a little concerned about stepping back to Centos 4.

Use sme8beta3, it is well advanced and standard "out of the box"  functionality is there & working.

First question is DNS server.  I run my own zone master, I need IPv6 and DNSSEC.  Do I have to run DNS on SME, or what functions do I loose?

sme has its own DNS server for local web requests. It looks up root DNS servers.
You can run you own DNS server if you wish, as that I assume is related to publishing your domains DNS records, which sme does not do.

DHCP:  Do I need to run DHCPD on SME, I do see it is optional.  What functionality is lost?

The sme DHCP server dishes out IPs to workgroup workstations. You can enable sme to do that or have another DHCP server (eg router) on your network if preferred.
sme will do it quite well.

WINS:  Is there a WINS function?  Can I have workstations on other subnets?

sme has a built in WINS server. I believe you can add other local subnets as additional networks in one of the server manager panels.

Is there any mechanism to migrate my NT PDC information to the SME PDC database? 

I don't believe so.

Is the IP address for an SME server fixed for the life of that server?  Can I install on a test net, get it all going, turn off my NT server, move the SME server in its place and give it the old NT server's IP address to SME?

You can change the IP anytime without upsetting anything. sme reconfigures itself correctly.

What IS the email package?  What is it based from?......and say Zimbra for email/anti-spam...

qmail & qpsmtpd & clamav & RBL

I STRONGLY suggest you use sme "as is" as all the services have been tightly integrated and do work very well together. You will have upgrade problems if you change major components.

[David Harper]

Welcome to the forums

Mary has done a great job getting you started, so I'll just add a few things:

First question is DNS server.  I run my own zone master, I need IPv6 and DNSSEC.  Do I have to run DNS on SME, or what functions do I loose?

AFAIK SME Server doesn't do IPv6. What exactly do you need this for?

WINS:  Is there a WINS function?  Can I have workstations on other subnets?

You can add other subnets as trusted local networks with access to SME resources.

Is there any mechanism to migrate my NT PDC information to the SME PDC database?

I would suggest using the Lazy Admin Tools. You can prepare a CSV input file with the existing usernames etc. and then feed this into lat-users, thereby creating all of your users with one command.

What IS the email package?  What is it based from?

Well this gets me started thinking....

If you use IMAP with your clients, and Funambol to synchronise contacts/tasks/appointments between Outlook and the server, you can get something that will be reasonable for most users. Webmail is provided by Horde, which is built in to SME Server.

Alternatively, you could look at the Zarafa contrib.

[rgmhtt]

rgmhtt

Use sme8beta3, it is well advanced and standard "out of the box"  functionality is there & working.

This is good to know.  Will I have to rebuild with each beta or will yum update move me from beta to beta to production?

And at least Centos 5 has decent IPv6 support.  Not good enough for Shorewall6, as the Shorewall developers point out you need at least FC9 to get stateful iptables support.  I am told Wall6 works on Centos 5.  Since I don't plan on using SME as a gateway, this level of ip6tables functionality should be enough.

The sme DHCP server dishes out IPs to workgroup workstations. You can enable sme to do that or have another DHCP server (eg router) on your network if preferred.
sme will do it quite well.

In other words, no special dhcp options to support any special DYNDNS features?

sme has a built in WINS server. I believe you can add other local subnets as additional networks in one of the server manager panels.

Great.  With my 'home' network (really a lab with ~10 vlans), I need WINS.

I don't believe so.

Hey what is with this forum?  'Quoting' does not provide nested quotes.  What is this a reply to?  Oh, migration from WinNT; David gave me an answer to this question...

qmail & qpsmtpd & clamav & RBL

What for anti-spam?  Just RBL?

I STRONGLY suggest you use sme "as is" as all the services have been tightly integrated and do work very well together. You will have upgrade problems if you change major components.

I have ENOUGH other projects where I have to do MAJOR integration.  I need my mail and SMB domain to be as 'plug N Play' as possible.

[rgmhtt]

Welcome to the forums

Too many forums, too many listservs.  ARGH!!!   

Mary has done a great job getting you started, so I'll just add a few things:

And I thank Mary for all of her answers.  They are very helpful.

AFAIK SME Server doesn't do IPv6. What exactly do you need this for?

I have a /48 native IPv6 delegation for my home lab.  I am working on moving all of my network to IPv6 to learn the barriers and report to IPv6OPS at IETF.  (I have been with IETF since '93).

I would suggest using the Lazy Admin Tools. You can prepare a CSV input file with the existing usernames etc. and then feed this into lat-users, thereby creating all of your users with one command.

What is Lazy Admin Tools and where do I get them?  I assume they run on WinNT.

If you use IMAP with your clients, and Funambol to synchronise contacts/tasks/appointments between Outlook and the server, you can get something that will be reasonable for most users. Webmail is provided by Horde, which is built in to SME Server.

All users are POP (A few still on Eudora, all migrating to Thunderbird.  Oh one Outlook diehard).  Occational Webmail.

Alternatively, you could look at the Zarafa contrib.

I saw that beta in my research.  What is this?  Zarafa releasing a 'free' version?  But it does not seem like I need the features Zarafa offers for my users.

[David Harper]

Your need for IPv6 may, unfortunately, be a deal breaker, at least until SME 8 comes out. But then Windows NT doesn't support IPv6 either, so I guess SME 7.x is still better than NT if you are keen on ditching it ASAP.

What is Lazy Admin Tools and where do I get them?  I assume they run on WinNT.

http://wiki.contribs.org/Lazy_Admin_Tools

LAT is not a migration tool, but it can batch add users, groups and file shares (ibays) programmatically using input files. After this, I suggest you install an SCP client (e.g. WinSCP) on your NT server and start moving stuff across that way.

All users are POP (A few still on Eudora, all migrating to Thunderbird.  Oh one Outlook diehard).  Occational Webmail.

I figured you were using Exchange ~5.5. SME Server will have no difficulty with these setups - there is no need for Zarafa, which is essentially an Exchange replacement and well above the required feature set.

[CharlieBrady]

What is Lazy Admin Tools and where do I get them?

You didn't think of asking Google? Sheesh!

[rgmhtt]

Your need for IPv6 may, unfortunately, be a deal breaker, at least until SME 8 comes out. But then Windows NT doesn't support IPv6 either, so I guess SME 7.x is still better than NT if you are keen on ditching it ASAP.

Per Mary's comments, I am installing SME8b3; at least for a trial. I have one box whose USB ethernet is not supported in Centos 4.7, but is in 5.2.  I do have a test box I can put SME 7 on as well.

If you are wondering about running SME through a USB ethernet dongle, my current winNT server has been untouched since '96 on '95 hardware...

I just like to know if SME 8 will update through the betas to production via yum or only through reinstalls. If the later, and maybe anyway, I will do the first step of the NT conversion via SME 7.

http://wiki.contribs.org/Lazy_Admin_Tools

LAT is not a migration tool, but it can batch add users, groups and file shares (ibays) programmatically using input files. After this, I suggest you install an SCP client (e.g. WinSCP) on your NT server and start moving stuff across that way.

Oh, I guess I read too much into your earlier comment about LAT.  I ASSuMEd you meant I could run it on my WinNT server to BUILD the CSV file of users.  Seem to recall that there IS such a utility in the NT resource kit???  Boy it has been YEARS since I touched that beast; got the CD around here somewhere.

Don't need WinSCP; all the data on the server fits easily on one 8Gb USB thumb drive!  Pull it all down on a client then upload on the server.  Plus I can do it in a way to retain creation/modification dates.

I figured you were using Exchange ~5.5. SME Server will have no difficulty with these setups - there is no need for Zarafa, which is essentially an Exchange replacement and well above the required feature set.

No.  I am running Scalix on Centos 5 for mail right now, and not using its Exchange connector.  I don't like the way it upgrades, I have broken it a number of times.  Or the Centos tomcat updates break Scalix.  So this time around, I am looking hard at alternatives.  I searched both the Centos and Fedora lists for past discussions then asked again on the Centos list.  It was an old message that sent me here before I got responses to the new posting.

[rgmhtt]

You didn't think of asking Google? Sheesh!

Sure did and did not find ANYTHING about running it on WinNT, which was my mistaken read of David's reply.

I got the URL of http://wiki.contribs.org/Talk:Lazy_Admin_Tools via google before David provided it.

So this URL points to LAT for SME 7.  What about for SME 8????

[janet]

rgmhtt

Will I have to rebuild with each beta or will yum update move me from beta to beta to production?

Probably there will be yum updates. Worst case is that you would need to upgrade via CD.
Again this is beta so no absolute guarantees, but previous betas upgraded to production OK, either via yum or via CD. Again there is usually no need to have to do a compete reinstall, as one or the other or both upgrade paths will be available.

In other words, no special dhcp options to support any special DYNDNS features?

If you are referring to updating an external dynamic host provider like dyndns or yi etc, sme does support those, and there is the very good ddclient contrib to keep your dynamic IP updated at your dynamic host provider site.

If you are referring to support for different types of internet connections ie cable, adsl etc PPoE etc, then there is support for the different popular types of services.

What for anti-spam?  Just RBL?

Left out spamassassin rejection & filtering, and executable content pattern matching filtering, on top of qmail, qpsmtpd, clamav & RBL (RHSBL & DNSBL).
Very little spam gets through sme.

[rgmhtt]

rgmhtt

If you are referring to updating an external dynamic host provider like dyndns or yi etc, sme does support those, and there is the very good ddclient contrib to keep your dynamic IP updated at your dynamic host provider site.

If you are referring to support for different types of internet connections ie cable, adsl etc PPoE etc, then there is support for the different popular types of services.

No.  I am referring to the way that MS implemented AD to do DYNDNS updates and Samba's copying of same.

I have tested one Samba server implementation that implemented this even for a simple workgroup.  The server provided DHCP services for the clients and registered them to what ever workgroup name you created which was also the DNS domain.

Full use of the product required clients to get their DHCP lease from the server which made for an interesting challenge for clients on different subnets....

Of course none of this is really needed for an NT-style domain login setup that SME provides.

I run my own nameserver for my domain:  htt-consult.com with my ISP and a friend being secondaries.  My ISP has delegated the reverse lookup in-addr.arpa domain to me so I can maintain the reverse (I have 64 public addresses for my home lab along with my RFC1918 addresses and that iPv6 /48 delegation ).  But I do not run a DYNDNS at this time.  I expect to have DNSSEC FINALLY working next month, as well as AAAA RR for my hosts.

[cactus]

So this URL points to LAT for SME 7.  What about for SME 8????

Since SME Server 8 is still in beta no contribs are build and released through the SME Contribs repository channel, this will be the case until the first release candidate will be available as beta is not stable enough to build the code on, things might change to much. This is also why you are not adviced to use it in production and might also answer your questions on upgrading. Since it is beta there is no one who will assure you that future upgrades will be problem free...

[steever]

You didn't think of asking Google? Sheesh!

  good ol' Charlie!

[rgmhtt]

  good ol' Charlie!

And like I replied, Google helps a lot.  But it does not always give you all the information you seek.  Particularly if you are seeking information that does not exist!

 

[steever]

I was referring to Charlie's newbie friendly comment.