SME Server I believe I have come across the best all-in-one server solution for even a Linux newbie: SME Sever. SME Server is a CentOS-based Linux distro targeted at small and medium-sized businesses. Ease of use is a high priority, and as a result all management and administration is handled through an elegant, secure web GUI. Here is a list of features: Ridiculously simple installation procedure - no Linux experience necessary Automatic software RAID 1, 5, and 6 construction at installation time Effortless administration via secure web interface Sharing of a single Internet connection between multiple computers A network firewall to protect against Internet intruders A secure and robust email server, which includes virus/spam filtering and webmail File and print sharing with Windows, Linux, and Mac clients Windows domain compatibility, including floating profiles Full LDAP support for contact sharing Web application server, including support for MySQL, Perl and PHP Simple, secure VPN remote access via PPTP Supported languages: Deutsch, English, Español, Français and Italiano, with more on the way Complete binary compatibility with the leading Linux server distribution (CentOS, RHEL) And much more... Since it is based on the Linux operating system, virus infection is not a consideration and the installation should last as long as the hardware its running on. Also, it is released under the open source GNU GPL software license so it is totally free in its complete form. And of course, it is a full-on Linux distro, you can always add more software and/or functionality to your server should you posses the desire and knowledge to do so. All SME Server requires is at least a Pentium1 with a minimum of 128mb RAM. I personally recommend at least a 500MHz CPU with 256mb RAM or greater for best quality of service under load. Of course, the more workload is placed on the system, the higher its specs should be. Two HDDs are required for a RAID-1, three to five for a RAID-5, and six or more for a RAID 6.
I'm curious as to how you actually use this server. It looks like it runs a server with no X/GUI so you adminstrate the server remotely via web interface I guess? Or do you adminstrate with a GUI and then switch to CLI to run the server?
You set it up with an easy-to-use ncurses-based ASCII GUI, but once it's installed the system itself is CLI only. However, after the initial setup all interaction is performed remotely via the encrypted web GUI, so there's no reason to use the CLI unless you want to.
Here's a few pointers about deploying SME Servers. People accustomed to setting up Windows domains will already be familiar with some of these tips: Due to more anti-competitive practices by Microsoft, Windows XP Pro clients don't like joining Samba domain controllers. You must patch the registry before they'll join your SME Server. The registry patch is already included on your SME Server; the path is HTTP://[I]SERVERNAME[/I]/server-resources/regedit/ The XP system will require a reboot before the patch will go into effect. Windows XP Home clients cannot join a domain at all, sorry. All other versions of Windows should have no problems, however note the caveat above regarding XP Pro. Don't forget, only a Domain Admin can join a machine to the domain. Floating profiles are typically more trouble then they're worth, since Windows has a nasty habit of corrupting profiles. Unless you have a very compelling reason to do so, don't use floating profiles. SME Server is a Linux system and as such makes a pretty decent firewall in a pinch. However, if you are interested in a robust, dedicated firewall appliance you should be looking at other free distros like IPCop, m0n0wall or pfSense instead. They are designed to act as a firewall, so they have many more firewalling/routing features and capabilities than SME. When a Windows client signs on to a domain controller, it executes a file called netlogon.bat. Using this batch file to automate certain things on your network, you can seriously cut back on 'sneaker administration' such as mapping network drives, synchronizing the system clock, and perhaps other things like clearing out IE's cache/cookies. You can edit the Netlogon.bat as an administrator - it can be found using the following path: \\SERVERNAME\netlogon\ By default, domain users will have "User" privileges on the domain as well as any machine they log into. If you want to delegate Administrator privileges to certain users, create a group with the description "Domain Admins" and add those users to it. For elevated privileges on the local machine without elevated privileges across the domain, try adding a group with the description "Power Users". A nice way to give your users easy-access to webmail, change their password, etc is to build a simple front-page for your SME Server (see the attached image below for an example). I may add more tips and tutorials later if time allows. -AT
SME Server 7.0 released Version 7.0 of SMEserver has been released as of July 1, 2006! The new release represents the culmination of months of hard work by numerous developers and beta testers and is sure to impress those that select it as their server distribution. SME Server 7.0 features: Type Distribution Feature Alignment with Source Packages * Completely aligned with CentOS 4.3 (2.6.x kernel) and Mitel packages * Packages which come from CentOS 4.3 and Mitel are used unmodified * All other packages taken from stable upstream repositories (e.g.atrpms) whenever possible * Packages for CentOS 4.3 and RHEL 4.3 can be used unmodified | Type System Feature Hard Disk improvements * Automated installation as RAID * 1 disk: One-way RAID1 mirror * 2 disks: Two-way RAID1 mirror * 3-5 disks: RAID5 * 6+ disks: RAID6 * NOTE: All disks must be the same size in 7.0 Type eMail Feature Secure eMail * POP3/SSL, IMAP/SSL, SMTP/SSL * SMTP AUTH over SMTP/SSL Type eMail Feature Webmail Upgrade * Horde/IMP3 based Webmail Type eMail Feature qpsmtpd enabled * SMTP reception via qpsmtpd * Loads of plugins available, many enabled * Full user/domain filtering to block mail to invalid user/domain combinations * Many other mail sanity checks - see /var/service/qpsmtpd/config/plugins * Lots of other plugins also exist - see /var/service/qpsmtpd/plugins/ Type eMail Feature Antivirus eMail scanning * Virus scanning with ClamAV * Virus laden mail rejected during SMTP transaction * Automated pattern files download * Engine download via yum (see Software installer) * Optional weekly/daily filesystem scan * Optional quarantining of infected files during scan * Plugins for plenty of virus scanners exist - see /var/service/qpsmtpd/plugins/virus/ . aveclient - Kaspersky bitdefender - BitDefender check_for_hi_virus - clamav clamav - clamav clamdscan - clamd hbedv - AntiVir kavscanner - Kaspersky klez_filter pattern_filter uvscan - McAfee Type eMail Feature eMail Attachment handling * Attachment blocking - e.g. to block EXE, ZIP, PIF, ... * Attachment conversion from TNEF or UUENCODE to MIME Type eMail Feature Spam Assassin * Spam filtering with SpamAssassin * Automatic tagging with X-Spam-Status: header * Optional filtering to junkmail folder * Optional Subject tagging * Selectable tagging levels * Optional rejection during SMTP transaction of spam exceeding a configurable level Type User Accounts Feature Pseudonyms * Pseudonyms panel: * Ability to send (e.g.) support@domain1 and support@domain2 to different places * Can enter pseudonyms of pseudonyms Type Distribution Feature Contribs and Updates distribution * Yum based software installation * Standard/safe yum "channels" enabled * Additional channels can be enabled from the panel, and others added to the db and then enabled/disabled
