Microsoft created Windows Server 2003 Small Business Edition
(WSBE) to make life easier for small businesses that need big business
computing solutions. Rather than having to purchase and install multiple
programs, Microsoft also streamlined the installation process. Here’s what you
need to know to deploy WSBE.

First things first

Before you start, make sure have you WSBE CDs in hand, are
sitting at your server console and ready to do a full installation of this
product including Windows Server with Active Directory and Exchange.

To get started, insert the first CD into your server and
turn it on. If you’ve ever installed a Windows Server before, the first few
screens will look mighty familiar as they’re Microsoft’s typical screens that
tell you which drivers are being loaded for the installer (Figure A).

Figure A

Driver information for the setup process

Once all of the drivers load, the Windows installer asks you
to make a decision: Press [ENTER] to Install WSBE, [R] to launch the repair
console to repair a damaged server installation, or [F3] to exit the
installation. I’ll assume that, for this article, you want to perform an
installation. After you make this selection, you’re asked to accept the terms
of Microsoft’s ever-so-generous license agreement.

Next, like a typical Windows Server install, you’re asked to
create a partition for the new server and can allocate as much space as you
like, up to the maximum amount available on your disks (Figure B). For this installation, I’m installing WSBE onto a 4-GB
partition on a system with a 1.6 GHz Pentium-M processor and 256 MB RAM.

Figure B

Decide how much space you want to allocate to WSBE.

After decided how much space to allocate to the server
installation, you can choose either NTFS or FAT for a file system type. These
days, anything less than NTFS isn’t usually a good idea because of the security
features inherent to NTFS and missing from FAT. Moreover, Active Directory
requires an NTFS partition for its database. Subsequent to you making this
selection, the text portion of the installation completes and you get a pretty,
familiar GUI.

The GUI portion of the installer

Most of the questions asked at the beginning of the GUI
portion of the WSBE installation are pretty standard, such as regional
selections including language, currency, and keyboard language options.

The second screen in the GUI asks for your name and company
name followed by a screen requesting the now-ubiquitous 25-character product
key. Following the entry of the product key, choose a name for your server and
assign an initial password for the administrator account as shown below in Figure C.

Figure C

My sample server is named WSBE – original, eh?

The next screen—the date and time—probably doesn’t seem
important, but is can be, particularly if you are running Exchange and/or your server
is a domain controller. If the time or time zone on the server is not set
correctly, Active Directory has synchronization problems, and your users might
claim that e-mail date and time stamps are wrong. Lesson: Even for something
seemingly innocuous like the date and time, be careful and make sure to check
the time zone! After this set of screens, Windows completes the initial
installation and the system automatically reboots.

After the reboot…

Once you log into the server after the reboot, the next part
of the installer is launched, which is where the additional applications,
including Exchange and SQL Server, are installed and is also the utility that
helps you configure Active Directory and other server components. See Figure D for a snapshot of this
utility.

Figure D

The installer tells you exactly what it plans to do

Before you get to the good stuff, WSBE wants to know some
information about you such as your phone number, fax number, address, etc. This
information—shown in Figure E—is used later on to help configure components.

Figure E

WSBE wants information about your company.

Domain information

The next step in the installation starts the domain and
Active Directory portion of the configuration. You are asked three questions:

  • The full internal DNS domain you’d like to use
  • The NetBIOS name you’d like to use
  • The name of the server

The only one you have to fill in is the first one, as the
NetBIOS name is generated from your internal DNS name, although you can
override it if you want and use the machine name that was specified during the
initial installation.

There’s a reason that the default name specified in the
internal DNS domain box ends with .local rather than .com, .edu, .org, or
.whateverelseyoumayuse. In most cases, you probably don’t want to use the same
internal and external DNS name spaces. Since .local is not used anywhere in the
Internet, you don’t have to worry about overlap. Down the line, when you
install Exchange, you’ll probably be happy that your DNS namespaces don’t
overlap and your DNS mail-exchange records will work. If you overlap name
spaces, mail routing becomes tricky sometimes.

For this example, I’ve named the internal domain
example.local and accepted the default NetBIOS name of EXAMPLE as shown in Figure F.

Figure F

Internal domain naming information

Network adapter selection

Remember that WSBE 2003 includes powerful routing and remote
access functionality meaning that you don’t necessarily have to have a separate
hardware router on your small network. You do need to have multiple network
adapters to support this capability. The next screen in the installation asks
you to select the network adapter that will access the local network. In Figure G, notice that I have selected
the first Ethernet adapter—at 172.16.1.101—as the one that will be attached to
the local network. Later, the second adapter will be configured to access the
Internet. It’s using a private address right now since my test machine is set
up in my lab.

Figure G

The first network adapter will connect to the local network.

After network adapter selection, the Microsoft DHCP server
is installed to provide dynamic IP addressing to your clients.

Next, to make sure your IP address is set up correctly and
is static, which it must be, the installer asks you to set the server’s LAN IP
address, subnet mask, and default gateway. My selections are shown in Figure H.

Figure H

Local network adapter configuration

Security

Let’s face it…Microsoft isn’t the first company that comes
to mind when you utter the word security, unless your sentence starts with an
expletive. The next step in the installation asks if you want to have the
system automatically log in when you boot (Figure
I
). Ok, if you’re in a small office with just trusted people, sure—this can
make life easier. If you’re not, though, don’t do this as your log has full
administrative rights to the system.

If you do want to allow the system to automatically log in,
type the administrator password in the box. Otherwise, select Log On Manually. Click
Next.

Figure I

System logon information

After this step, it takes up to 30 minutes for the server to
run through your selections and configure the server (Figure J). During this time, the server will reboot, but the installation
will continue on. Once this part is done, you’ll move on to application
installation.

Figure J

The server configuration progress screen

Component installation

With the initial server installation and configuration under
your belt, you’re ready for the icing on the cake: the additional applications
that give WSBE some guts. Note that I am using the Standard Edition of WSBE, so
SQL Server is not available, but I will be installing the server tools and
Microsoft Exchange server. Figure K
shows you the initial installation screen.

Figure K

The component selection screen

Everything in WSBE is configurable, including the
destination paths for each component and some dependencies. The next screen
provides you with details on where each component or dependency will be
installed and provides you with an opportunity—see Figure L—to adjust the location. For this example, I’ll use the
defaults.

Figure L

Use the Change Folder button to change the location of a component.

The server component installation process takes a little
time and also presents you with a pretty status screen like the one in Figure M.

Figure M

The server components installation dialog box

When the process is complete, your server will restart.

The “to-do” list

Congratulations! At this point, you have a functional WSBE
server running Exchange and Share Point portal services. After the obligatory
Windows reboot, WSBE pops up a To Do list, just like the one in Figure N, detailing the next steps that you should take to complete this server’s installation. The to-do items are explained below in greater detail.

Figure N

After installation, a number of tasks still remain.

View Security Best Practices

This to-do item features a detailed list of steps you should
consider taking to secure your newly installed server. For example, components
of this item include configuration of the included firewall, an analysis of
user names and passwords, and other bits and pieces that make for a more secure
server. This is mostly a list of documents outlining steps, rather than a
wizard that walks you through the various steps.

Connect To The Internet

This starts a wizard that walks you through your networking
configuration, including firewall and Web site settings. The wizard asks for
your Internet connection type—dial-up or broadband, how you connect to your ISP
(whether through a local router or via a direct connection), the networking
configuration information from your ISP (including DNS server addresses and the
IP address of the default gateway), and information on which connections belong
to your ISP.

Yeah, a lot of this seems redundant since you did some of it
during the installation, but if you ever need to change things, this is a good
place to do it. The part that is most important in this step is the firewall
configuration. Via this step, you can enable or disable the firewall and then
select what services you want to allow. If the service you need to add doesn’t
appear on the list, you can add it if you know its TCP and/or UDP port number. See
Figure O. In Figure P, notice the ability to allow/disallow specific Web
services to be accessible from the Internet.

Figure O

The firewall configuration step; here, e-mail is allowed into the server

Figure P

The Web services configuration window

The next step in this item is to create a server SSL
certificate either locally or by making use of one from a trusted issuing
authority.

Subsequently, you can either enable or disable mail to and
from the Internet. If you want a local mail server only, disable Internet e-mail.
If you enable Internet e-mail, you can either route all mail using separate DNS
lookups for each recipient for each message or you can forward all mail to your
ISP’s SMTP server for delivery. See Figure
Q
. When possible, I highly recommend forwarding mail to your ISP’s mail
server. You’ll use up much less of your Internet bandwidth, and your server
won’t be as busy processing mail.

Figure Q

Decide how you want to send your Internet e-mail.

Even more! Your WSBE-based mail server provides a number of
different ways for your users to receive e-mail (Figure R). First, you can use an included
connector that attaches Exchange mailboxes to external POP3 accounts. And
second, you can just use Exchange directly, either with or without your ISP
being in the middle.

Figure R

Configure your e-mail retrieval method.

The next e-mail configuration steps ask you to verify your
external DNS name—in my case, I used example.com and set up a mail schedule,
which you need to do if you use the POP3 connector option or decide to have
your ISP hold mail until you pick it up. The default pick-up schedule is every
hour.

You are also asked which attachment extensions you want to
allow and disallow to your e-mail server. This step is important as it can
directly affect how much time you spend managing your server. By default,
Exchange severely limits what can be attached to incoming messages, so if you
need to allow something, look for it on the list provided.

Once you’re done, the configuration is updated and your new
settings take effect.

Configure Remote Access

Your new WSBE server also acts as a Virtual Private Network [VPN]
or dial-up remote access server, allowing you to securely access your files,
folders, e-mail and other resources from anywhere. I don’t have a modem in my
server, so I only get an option to set up VPN services when I click this option
in the To Do list.

The first step in the VPN configuration is to provide the
full Internet name of your server. Be sure to provide the external DNS name for
your server and not the local name. In my case, this would be WSBE.example.com,
not WSBE.example.local.

That’s it!

Activate Your Server

Microsoft requires that all new servers be activated within
14 days of installation or they’ll stop working. Clicking the options starts
the familiar “Let’s Activate Windows” wizard.

Add Client Licenses

The title for this option is a little misleading as it also
includes the ability to transfer client license from another WSBE server or to
reactivate client licenses after you make a significant hardware change to the
server.

To add licenses, you need to enter the 25-character product
key that came with your license order. You can activate these licenses either
over the phone or over the Internet.

To transfer licenses, you must use the telephone option
presented in this item and call Microsoft for help.

Add A Printer

This is pretty self-explanatory and lets you add shared
printers to your server to be used by multiple users.

Add Users And Computers

This wizard allows you to add new users and computers to
your domain by using a simple wizard. With this wizard, you can create the
users login account, e-mail mailbox, home folder, define his group memberships,
configure his SharePoint access, and enforce disk quotas.

The wizard works on the basis of templates. Templates for
normal users, remote users, power users, and administrators are supplied out of
the box and you can also create your own custom templates. For an example, I’ll
create a new Power User using a template, as in Figure S.

Figure S

Create a new power user using a template.

Once you select a template, you can either apply it to
existing users or create a new user by following the simple instructions on the
screen. I created a new user named ScottLowe and applied the Power User
template.

That’s all there is to creating a new user. The template
idea makes this management task very simple.

Configure Monitoring

One of the new features in WSBE is the Configure Monitoring
option that lets you set up alerts and provides you with server performance and
usage reports.

The first screen in this wizard asks you to pick what kind
of reports you’d like to receive via e-mail. You can choose performance and/or
server usage reports which will also show up in the server management utility;
see Figure T. On the next screen,
type the e-mail address to which the reports should be sent.

Figure T

Decide what kinds of reports you’d like to receive.

The monitoring wizard also lets you send usage reports on
business units to the appropriate manager, if you like.

Another very useful feature is the ability to more
proactively manage server events such as low disk space, stopped services, and
performance threshold violations. You can configure your server to send you an
immediate alert when one of these events happens as shown below in Figure U.

Figure U

Configure your server to send an alert.

Configure Backup

The final option on this server is the ability to backup
your data, which is a critical task! Make sure your server has a tape drive big
enough to hold all of your data, and follow the steps in this wizard to get it
going.

That’s all there is to it

Small Business Server 2003 is definitely a full-featured
product, but Microsoft has made a serious attempt at usability by providing you
with an easy To Do list that walks you through the important steps. The
installation is easy and familiar and seamlessly sets up complex environments
like Active Directory.