This is
just a summary and doesn't enter into specifics about each decision made, and is not intended to offer criticism about any product rejected. No assumptions should be made about testing procedures, which were extensive and time-consuming. I left the corporate world fifteen years ago because I hate report writing so much
This is just a round-up of what we discussed on our private forum (which ran to fifteen pages). E&OE
The server is required for browser-based email, contacts, shared calendars, file storage and intranet-like activities with no exposure to the public internet (remote access provided via a 'hardware' VPN in the router). User base consists of 17 members of a voluntary organisation and two small business users. A decision was made to avoid 'public cloud' where possible.
1. Initial 'quicklist'a. MS SBS (if it still exists)
b. Apple OSX server
c. SME8
d. Zentyal 3.2
e. Ubuntu Server
f. Clear OS
g. Appliance (QNAP/Synology/Zyxel/Buffalo etc)
1.1 Initial Select/Reject to look at in-depth1a. MS SBS: Bloated, complex licencing1b. Apple OSX Server: Lack of affordable and compelling hardware to run it on. The better hardware is ridiculously expensive.1c. SME8: Open source so low acquisition cost (plus suitable donation), large selection of suitable hardware, seemingly well-supported and documented, slow release cycles so probably stable. Browser-based routine admin, other additions possibly complex?
1d. Zentyal 3.2: Open source and commercial versions, reasonable documentation, Ubuntu-based so possibly LTS versions? Easy GUI interface for routine admin. Other additions possibly complex?
1e. Ubuntu Server: Well-supported, LTS and commercial support available. Steeper learning curve than we really have time for.1f. Clear OS: Easy GUI install and admin, but paid-for downloads/additions which could increase, and would make our trials potentially expensive. Reviews are less favourable than SME/Zentyal.1g. QNAP and Synology: Appear to be the two best supported by way of add-ons and thriving communities. Very easy browser-based admin, webserver/fileshares/mySQL etc by default.
Zyxel and
Buffalo seem to be trailing some way behind.
2. Initial testing2c: SME8Initial install on all three HP PCs failed (2x P4 32-bit, 1x Core2 64bit) and the machines would not boot the first time. The community forum responded quickly with suggestions and reports of it working fine on their similar hardware. We then installed an old version (7.6) and upgraded to 8.0 and all went as expected. Further research suggests this isn't an uncommon situation on HP gear with the version of CentOS underlying SME8. Testing continued, this being considered a reasonable 'work-around' for the rare occasion the server might need rebuilding from scratch.
A stack of add-ons ("contribs") were added, following the generally-good instructions on the website. The exact commands required to install the add-ons were almost always given, making this part of the process a simple matter of 'copy and paste' in a terminal window. The general requirement to reboot after each add-on became tedious, and attempts to just skip to the next and do a reboot later caused an issue with a rolling Apache error at the next reboot. Lesson learned, we switched to the second test PC and performed the reboots after each add-on. This time no errors were observed.
Adding users, creating shares (i-bays) and user groups was simple in the browser. Fetching mail from the existing mailserver was straightforward and no mis-directed mail resulted.
The default groupware is Horde with Kronolith for calendaring. This was almost universally disliked by the users, with the user-interface being considered "generally too busy". Setting default colours for each user's calendar was also a sticking point with most. The Dimp add-on improved things slightly, but the calendar entry screen was particularly disliked by younger and older users. The interface does have a slightly "20th century" feel about it, and lacks the minimalist 'shine' of more recent interfaces such as Google Calendar, etc. Interestingly Horde offer a much more up-to-date version, and most of the users felt it would be suitable judging
only by the available screenshots on the Horde website. It's not known if Horde 5 will ever be integrated into SME, but presumably that would be in SME9 at the earliest which is some years off.
The other option, Roundcube, was liked by everyone, but several sticking points quickly came to light. The calendar doesn't allow sharing beyond 'invites' and so was rejected by all users. Further, we have yet to be successful importing either a calendar or address book (we tried ical and vcard as well as CSV files) and none imported at all.
Attempts were made to install Zarafa, but these failed. The instructions at this time are more complex than we have time to learn. The situation with Sogo was similar. It's also unclear whether the non-free version will work (depending on what/where you read, the free version only covers three users.)
We tried the eGroupware contrib on SME next, as the specs appear to cover more than we need. Both the 1.4 and 1.6 versions were installed at different times via the Contrib instructions. All modules worked with the exception of the built-in mail client, which displayed a blank screen. eGroupware remains a potential groupware solution, pending further investigation of the email client issue experienced.
Initial Conclusion: SME8 in all respects was a generally easy-to-use server, thanks to the way instructions are written (no assumption of expertise), and the community being responsive to requests for help (if none can be found in the extensive archive of information). SME is short-listed but the groupware situation remains open to further investigation.
2d: Zentyal 3.2The 32-bit installs went smoothly but resulted in a rather 'clunky' server which was mostly very slowand at times unresponsive. We abandoned it in favour of the 64-bit version on the Core2 machine, which felt responsive, though never particularly quick. Add-ons are a mouse-click in the broswer interface, and we were quickly up and running. Webmail was broken out of the box, and the forum had a bug report on how to fix it (although it was allegedly fixed in our version). The instructions assume a medium level of expertise, with no indication of the commands required to mend it. We disabled the webmail after several hours failing to fix it. Zarafa was installed with a couple of clicks, and worked straight away. In the client browser, it never felt particularly fast, though all users really liked the interface and functionality, particularly the "webapp" version. After two hours, we'd failed to find a way to import our existing calendars and address books.
We asked a question in the forum, but ten days later have seen no reply. We opted to test the commercial service and asked a reasonable pre-sales question of the Zentyal commercial arm. Ten days later, we've had no reply. Our concerns are whether this is the level of service we'd also have after handing over our €500 for commercial support.
Initial Conclusion: There's much to like about Zentyal, but concerns about what we'd do in a crisis remain. For that reason Zentyal was rejected.
2g: QNAP/SynologyFor the purposes of our trials, we used a borrowed QNAP TS-112. All the QNAP offerings have a broadly similar browser-based interface and the same facilities, although multi-disk options with RAID, faster processors, more memory are available which would be more suitable if we go this route.
Installation was very easy and largely automated. We were up and running and adding user accounts within ten minutes. The browser interface is attractive, intuitive and generally 'obvious'. A web server, mySQL database, Samba sharing etc are all present. Add-on 'QPKG' packages are selectable for adding all kinds of extra options. A built-in backup facility exists that will backup to locally attached USB disks and that proved easy and reliable, backing-up files in their native format straight to the external disk. Other more complex options exist for backing up remotely.
There is a mailserver add-on, but with no fetchmail-like functionality, so this potentially exposes the QNAP relay to the internet with associated threats that we may not be expert enough to deal with. Like others, there is no compelling groupware offering.
Initial Conclusion: We liked the QNAP alot. It offers us everything SME8 does as a fileserver but with a 'prettier' UI. If a groupware package was found however, it would be less attractive from the mailserver point of view (ie the security risks of exposing the relay to the outside world).
3. Considerations, comparisons and potential selections3.1 Security:All remote access is via a 'hardware' VPN device. That device is now obsolete, so the decision to either replace it with a more modern device or utilise a server-based VPN has been looked at.
"Out of the box" SME8 supports PPTP and the QNAP the same protocol via their own hosted service. Beyond that is more complex and the learning curves come back into play. That said, SME8 has an OpenVPN contrib that
appears straightforward.
Selection for security: Hardware VPN (or SME8 with further research)
3.2 Groupware:Neither SME8 or QNAP offer a compelling groupware.
Gmail with Google Calendar was tested by half the users and was universally liked. However, following our previous experience where we relied on Google services that were either withdrawn at near-zero notice or folded into Google+, the unanimous decision to "not go there again" was made.
Atmail is an email and calendaring service that is available to us via our web hosting provider as part of our public internet hosting package. To date, we've never used it beyond using one mailbox as a "catchall" for collection by our own mailserver. Several extra mailboxes were created and tested by a selection of users and was liked enormously. The clean browser interface was easy to understand, attractive, and calendars were created and shared easily, with the desired option of having each users calendar entries in a different colour. This remains a viable option, although our general dislike of having our data in third-party hands remains.
Selection for groupware: Atmail on web host
if we cannot find a locally-hosted alternative.
3.3 Mail serverIn the event a groupware package is found (see 3.2) then a mailserver will be required. Both SME8 and QNAP have suitable mail servers, although only SME8 has a 'fetchmail' option. This is considered important as our mail is collected in a 'catchall' mail box and collected via IMAP to save us from having a publicly-visible relay and the potential security issues that presents.
Selection for mail server: SME8
3.4 Disaster recoveryBackups are different on each server, but similarly easy to use and reliable. SME8 has a restore bug, but it being addressed by the development team and we see no reason why it should be a negative point at this stage.
Assuming reliable backups exist, both options can be got back up and running fairly easily within half a working day. SME8 has the advantage that the replacement server (assuming a total hardware failure) can be pretty much any PC available to us. QNAP has the potential to take longer given the proprietory hardware. Assuming suitable hardware is still manufactured, then realistically the down-time would be 48 to 72 hours to allow for hardware acquisition and data restoration. It was generally felt that if the QNAP route were taken, then two mirrored devices would offer the best solution. The cost of the devices is such that two twin-disk QNAPs would be similar to the single server for SME8.
Selection for disaster recovery: Either would be acceptable.
3.5 All other functionality:All other required functionality is available on both SME8 and QNAP and is similarly easy to use - webserver, fileshares, users and groups, reliable backups (pending SME8 DAR upgrade).
Selection for all other functionality: Either would be acceptable.
4. Further work4a: SME8Add and test OpenVPN
Investigate absent email client screen in eGroupware
Final sweep checking for web-based groupware that will run
4b: QNAPFinal sweep checking for web-based groupware that will run
Research and test device mirroring
4c: Hardware VPNCheck what's currently available
5: Final decision??????