windows 2003 sbs concerns

My company's website and email are hosted by a third party web server. We also have two in-house servers. One, a Windows 2000 machine, is mainly a file server - it's used for employee access to several programs and files through the network. The other one is a WinXP Pro machine, and is set up as with IIS as a web and ftp server for web utilities, reports, and documents, which are mainly accessed by employees - both in-office, and at home or on the road.

I would like to consolidate all these functions (web, file, program, ftp, email) into an in-house, new Windows 2003 SB server machine (which I have not purchased yet).

Here is a breakdown of functions I need for a new server, and questions/concerns that I have:

* Function as a web server - anyone should be able to access the company website from the internet.

* Function as an email server - be able to set up company email accounts using company domain (e.x. bob@mycompany.com) - employees will be able to keep their existing company email addresses; they will just be set up on the new server instead of the third party server as of now.

* Function as a file server - Employees will be able to connect (e.x. map a network drive) to the new server and be linked to several company-essential applications and files.

* Function as a terminal server - select employees will be able to login to the server remotely from home or on the road like they are doing now to the win2000 machine.

Now, how hard would it be to setup DNS on the new server (for web and email use), and switch it over from the third party server we are currently using?

Also, what's the deal with CALs for Windows 2003 Server? I'm assuming only the office machines will need them. How much time would it take to setup a client (WinXP or 2000) machine to be able to connect and communicate with the 2003 server through the office LAN?

Any additional information that you think is important would be appreciated.
vitanzaAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

snowsurferCommented:
You can do all of this with SBS.

Lets address your issues.  

Here is a breakdown of functions I need for a new server, and questions/concerns that I have:

* Function as a web server - anyone should be able to access the company website from the internet.

This is no problem.  You do have a security concern however, you are now letting people connect directly to your server for webpages.  This is also the server that houses all of your confidential business data.  This is the catch 22 with SBS.  It has tons of cool features but does introduce some security risks.  It does come with ISA server depending on the version you buy.  While ISA server is a good firewall, it does not function as well as it could when it is on the same servers as what it is trying to protect.  if you can put in a second server and use ISA on that, you should.  Then you can publish your web sites to it and help protect yourself a little more.  I would also look at a hardware firewall like a Cisco PIX.  You can get the 501 for less than 500 dollars.  This as well as the ISA server will help protect your email as well

* Function as an email server - be able to set up company email accounts using company domain (e.x. bob@mycompany.com) - employees will be able to keep their existing company email addresses; they will just be set up on the new server instead of the third party server as of now.

This is no problem.  You are going to change your MX record to point to the external interface of your internet presence.  This may be your PIX firewall or your ISA server.  You are going to need a static IP address from your ISP.  You can do it with dynamic address and a company like dynamicdns to keep track of your dns, but I dont reccomend it.  Once your MX record is changed mail will start flowing to you.  You of course need to make the apporpraite rules in your firewall to allow the traffic through.  I would then import your users PST files from Outlook into Exchange.  If they are using outlook express, upgrade them to Outlook (included with sbs)and then import the PST files.


* Function as a file server - Employees will be able to connect (e.x. map a network drive) to the new server and be linked to several company-essential applications and files.

No Problem, nothing fancy here.  Login scripts and mapped drives

* Function as a terminal server - select employees will be able to login to the server remotely from home or on the road like they are doing now to the win2000 machine.

You will need to purchase the correct amount of Terminal Sever CALS.  These are different then they were in 2000.  Windows 2000 and XP included a free TSCal for connecting to Windows 2000 Terminal Servers, that is goine with 2003.  Depending on how many users you have you may want to keep your 2000 Terminal Server.  Then you dont have to buy CALS

Now, how hard would it be to setup DNS on the new server (for web and email use), and switch it over from the third party server we are currently using?

You wouldnt set this up as an external DNS server.  There is no reason for this.  You will have DNS installed by default for internal use.  You just configure forwarders.

Also, what's the deal with CALs for Windows 2003 Server? I'm assuming only the office machines will need them. How much time would it take to setup a client (WinXP or 2000) machine to be able to connect and communicate with the 2003 server through the office LAN?

You can by device CALS or user CALS.  If you buy a device CAL than only one device can connect.  If you purchase a USER cal, then that user can connect from wherever.  So if the user has a laptop and a desktop, buy a user cal.  If the user only has one device then just by a device cal.  No matter what you still need Termsinal Server CALS

Hope this helps

0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
shard26Commented:
What snowsurfer said was pretty much on the money.  I do have a few things to add.

with SBS 2003 you can not set up Terminal services in application mode.  That means your stuck with admin mode whick only allows 2 connections at a time.  By default only admins can log in but you can change it to allow other none admin users access if needed.  Now thats not recommended unless you lock it down using GPO's and loopback mode. setting up loopback and GPO's can be tricky so I would practice before going live.  The good news if you leave it in admin mode it doesn't track CALS so you won't need to purchase any.

Also like snowsurfer said the 501 pix is a great choice.  Just remember that the 501 is not like the other pix's out there that just keep track the amount of internet connections you have.  It tracks your mac's so it only lets by default 10 mac's access to the internet.  If you want more then that you will have to buy more licenses.  That means if you have 15 stations the first 10 stations to go to the internet wins. The other 5 are out of luck until you restart your pix's.

Hope that helps
0
vitanzaAuthor Commented:
thanks guys....

I have one more question - if I get user CALs and one of the users is no longer with the company, can I simply "switch" or "rename" that CAL so a new employee/user can use it?
How exactly do CALs work? Is it a small program that must be installed on each machine? Or is it simply a code or password that must be entered?
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows Server 2003

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.