Slashdot Mirror
Ask Slashdot: Uses For a Small Office Server?
ragnvaldr writes "I'm the 'IT guy' for an office of about a dozen people. And when I say IT guy, I mean I'm the only one here who can use google well enough to figure out how to make things work. We have a 500GB Mac server with a Drobo with 6TB of storage attached. So far all this server does is back up data, and I want to make it a little more useful. We also have a Filemaker server on it, which I have yet to learn how to use at all, let alone efficiently. Any suggestions to make this machine a little more useful?"
Porn server, of course!
Great minds think alike; fools seldom differ.
...you let a perceived need dictate a use, not the other way around.
Doorstop?
Seriously, data backups are crucial in every enterprise, even small ones. That's a *great* use for your server. Are you checking on your process by restoring files once per month? Once per quarter? I joined a bioscience center that had faithfully been making backups for half a year before I joined but five months of the backups had no data. So do check, please.
I have more questions about your backup methods than I can easily list here. Still, there are other good uses for *every* server. They can all:
1) Provide DHCP addresses
2) Offer NTP to keep the clocks synchronized
3) Provide comprehensive system logging (for all systems of concern)
4) Store and/or offer common utilities like print services
Ah yes, the good old "if you don't know, don't even bother asking just fuck off"! Thank god not ALL slashdotters are as worthless as you are, but that argument comes up waaay too often.
Yeah, I'm sure a 12-person office has an extra 100k sitting around for an IT guy.
W..w..W - Willy Waterloo washes Warren Wiggins who is washing Waldo Woo.
It sounds to me like you haven't identified a business need and are fishing for one. Wouldn't it be better to look at how the business operates and from there see if there is something that can be done more efficiently? If there is, then ask yourself how this server can be used to address that problem. A server can do a lot of things, but don't look at those things and try to force it on the business when the need doesn't necessarily exist. It may create more problems then it solves.
If what you are really looking for is something to play with, then Filemaker sounds like a great place to start. It could be your introduction to databases. Once you understand the power of databases, you may find areas of the business that might benefit from a database. But until you have the knowledge, you aren't in a position to implement and support one. Just remember, if you're going to play with something, don't do it on a production server. Backups are a real business need. Even if that is the only thing the box is used for, it is a perfectly good reason for its existence.
Use and study it as much as you can: knowledge pays for itself and OSX Server is not the same thing as a raw linux/bsd box. (And while you're at it: enjoy every single pixel of their Apache and Mailman admin interface OSX style, you'll miss 'em in real life!)
Why? It's doing backups, and it's a full-fledged Unix machine.
W..w..W - Willy Waterloo washes Warren Wiggins who is washing Waldo Woo.
It's generally better to start a project from "I want to accomplish [x], so what do I need?" rather than "I have [x], so what can I accomplish with it?" The first approach will be much more focused and more likely to succeed.
Second thing to keep in mind: you don't want to experiment on a production server. I don't care if the "production server" is only a backup server-- if you don't want to endanger your backups, then it's still a production server. This means you shouldn't do anything with this server until you've planned what you want to install on it, and you've already set up a test implementation and you know what you're doing.
Third thing to keep in mind: in current IT practices, it's often not worth it for a small company to do things for themselves unless they need to. You probably need a local file server and therefore also a backup scheme. Aside from that, things like web hosting, email, and chat are usually better handled by a big company that can afford a datacenter. If you do try to do email internally, make sure you back it up and have a plan for outages and disaster recovery.
All that aside, you could start with basic services: directory services, file sharing, email, etc. Filemaker has its uses, but let the use determine the tool. Don't go around pounding on everything just because you've found yourself a hammer. Define the job, and then pick the best tool for the job.
Make sure it is reliable before you get people to rely on it. Make sure both the computer and storage are on UPS and have good surge protection. Ideally you want the server to shutdown before it loses power. Also, make sure you have some sort of backup scheme in place. Tape backup, DVD, whatever, just make sure you can backup the data and restore. It's a really good idea to test your backups from time to time to make sure they can be read. Ideally you will also save your backups either off-site, or at least in a fire safe. Also, check that the server area doesn't get too hot as that can cause problems as well. Make sure you apply current OS patches. Ideally you will also have anti-virus protection. If the office has access to the internet, make sure you have at least a cheap hardware firewall, or better if you can, to protect everyone. Consider physical security. Do you lock the room with the server? Use cables to secure it? Document things in case you need to rebuild it.
Consider information security: does everyone get access to everything?
Besides that, file servers tend to be very handy, even for small offices. Put any sort of shared resources you use on the file server instead of on individual PCs. Things like: document templates, form letters, contact lists, etc.
Beyond that, it really depends on your business doesn't it? I assume you bought Filemaker for a reason. Information sharing must be important somehow. You can use Filemaker as the heart of a lot of business applications. Would an internal web server be useful? Internal mail server? List server?
One more thing, teach people how things are intended to be used.
Help them out - make sure their PCs are properly patched, have anti-virus, and ideally aren't running as administrator.
much of left-wing thought is a kind of playing with fire by people who don't even know that fire is hot - George Orwell
Why would you replace a Unix server with a Linux server?
I do not read or respond to AC's. If you want a discussion, log in. Otherwise, don't waste your time.
if your company is more than ten people, you should try a wiki of course.
Set up a document versioning system to track changes.
Since I can't tell them apart, I treat all ACs as the same person.
I'm presuming this machine is for internal use only. If you need to host external services, such as a website, pay $1k for another Mini Server and use that exclusively for external facing services.
That being said, you could activate the Wiki function and produce a little company Intranet where people could post and update information. That's quite easy to do once you've enabled the WebServer (using Server Admin).
It's also easy to set up LDAP server, which will at a minimum simplify your account management. You could use Mobile accounts on each workstation, so that the workstation's data is local but is automatically both backed up to the server -and made available- if the user has to log onto or borrow another machine.
You could configure VPN for safe remote access (but that's a bit tricky.)
Right now the best book on OS X Server Admin is Daniel Eran Dilger's book. (http://www.amazon.com/Snow-Leopard-Server-Developer-Reference/dp/0470521317)
My experience as a SOHO user/administrator of Server going back to Tiger Server is that each version has gotten easier to use, but unless the out-of-the-box configuration is -exactly what you need-, it's worth paying a couple $100s to get an expert to fully configure the server initial setup, particularly the DNS. If the DNS isn't set up perfectly, a lot of stuff breaks in OS X Server. (I've used Mid Atlantic Consulting here in the DC area.)
Finally, you need to have an additional backup strategy that involves off-site/off-machine backups. Consider the recent tornadoes all over the US! I have a pair of USB drives and my plan is to monthly back up to one and swap it for the other stored at an offsite location (friend's house.) (Disclosure: I'm about 6 months behind doing that, one of the drives in an external exclosure died and I haven't gotten around to replacing it.)
Actually... I used to be an on-demand IT guy. I worked for a company that charged on billable hours. When something needed maintenance or a break happened, I would schedule some time to see them and take care of it. When my clients had a need, they'd talk it out with me and our business guy, we'd draw up a quote and then do the work. We'd also take care of necessary maintenance (again on demand).
It's actually a pretty good way to get the IT needs taken care of without needing to spend 100K... Or even 50K... If you're an office of about a dozen or so you could probably get by on less than 10K/year including hardware.
It worked out for me because I had a lot of clients, so I always had work to do... It worked great for my clients because (I like to think) that I did good work for them without costing them their profit margin.
Stonewall and obfuscate until they are willing to hire additional help or give you an obscene raise. Once they recognize your unique ability to set priorities, they will promote you to manager.
How is this insightful? The guy asked what things he he might be able to use a Mac server for his admitted skilset and you're telling him he's over his head and should hire a professional. And what exactly will he be hiring this professional to do? Man some geeks are so full of themselves they've gone 180 to stupid.
I think the most important thing you can do for your small company is to research and implement an off-site backup solution. Find one strikes the right balance of cost versus privacy/security for the business sector that you're in. So if you're using the Mac as a central place to back up the employees individual computers, or if you've made it the place where everyone saves all their files, that's a great first step. But it needs to be augmented with off-site backup.
I have seen too many examples of small businesses losing all of their data to theft or fire. I don't mean I'm reading about them on the web, I mean I hear these stories in person. I'm honestly amazed at how many times this happens, and having central backup or central storage alone isn't enough to mitigate the dangers.
Good luck, and happy Googling!
If you think macs are overpriced, you havent seen the price of that drobo boat anchor.
It isn't that at all. I've worked in the field and taken plenty of calls from guys like this. Guys who thought, yeah, I know just enough to be dangerous, let's see what I can do. Then he's sitting there, no backups, no duplication of media, nothing to keep his ass out of the frying pan, and then he's on the phone to me because he's got some hot project that he needs the system for and it suddenly becomes my priority to unfuck the mess he's in.
Either way, he should call the pro. It's cheaper if he calls before he fucks everything up beyond belief.
You non-science, non-engineering types, especially in IT, love to exaggerate and use pontificating language. You clearly don't mean "fucks everything up beyond belief" because it's a meaningless phrase that you picked up from your stupid colleagues in IT. "nothing to keep his ass out of the frying pan" -- is that really necessary? Get to the point and move on.
How hard are backups? rsync, RAID, different storage media, onsite and offsite backups, and cost / benefit analysis to defend the choices. Some of it will be subjective (the "benefit" of something is obviously difficult to gauge and liable to debate). You could suggest some points of reference. That's what every good scientist and every good engineer I've met does -- because they know their worth is not limited to learning some quirks about programs. They design and build stuff. They often debug it. The bad ones constantly overstate their worth and present themselves with a really irritating know-it-all attitude. The bad ones think that by communicating their ideas and helping others out, they are risking job security. The good ones help others learn how to learn. The good ones demonstrate that they know their stuff and understand their worth is not rooted just in knowledge or wisdom, but also in interpersonal skills, often overlooked or downplayed in STEM fields.
I used to be like you in high school. I had worked at a few Fortune 100 companies as a coder / sysadmin type and I didn't realize my douchiness until I left the field in college for computer science, electrical engineering, physics, and chemistry. I know my comments sound a bit harsh, but maybe my tone may make you reevaluate how you behave.
Firstly, (and most importantly) read the documentation: http://www.apple.com/server/macosx/resources/documentation.html
Secondly, you can set up a wiki server pretty easily. It is extremely useful for self-help and internal process documentation. Easy to add videos, screenshots and keep the documentation up to date.
Thirdly, if you don't have an office collaboration server, you can also run your own Jabber server.
Both Wiki and Jabber services have their own documentation at the aforementioned link.
If you don't know what AltaVista is (was), get off my lawn.
An organization of 12 people is not going to need much in the way of centralized "IT" services, so keep it simple. You don't want to create more work than necessary and your company likely wants to keep the overhead of IT low at this stage. Back up their laptops/workstations to the server and provide core services like file shares, print shares, DHCP, and authentication. Use cloud services to provide things like Exchange, SharePoint, and what not if you need them. Then just make sure you are backing up any data that is solely hosted on the server. Always, always, always have two verified copies of everything, and try not to keep them in the same location.
Call the pro?
Call him for what? If you don't have a problem and you "call a pro" you're going to get a solution you didn't need for a problem you didn't have.
You have this backwards. First he comes to slashdot to figure out how to make it useful, once he's done that only THEN can we tell him to hire a pro.
Admittedly there are many people who follow your model of thinking. They invariably end up spending the rest of the year figuring out where all the money went while reading their emails on an iPad sitting next to their computer.
It's rare to see such a combination of technical experience, and familiarity with the realities of implementing a solution in a small business environment.
Usually you can only get one or the other from any particular individual. This is solid advice and a good starting point. It should be modded up.
It is a miracle that curiosity survives formal education. - Einstein
Until you try to do a softwareupdate -i -a via ssh and it hangs on iTunes (due to EULA acceptance GUI). Why is iTunes installed by default on OS X Server?
There's nothing wrong with doing things oneself, if one does them right.
I frequently have to pick my jaw off the floor when I look at what professionals have done. Which, mind you, isn't always the fault of the professionals, but can be because those professionals aren't mind readers and don't now what's so obvious to a company's manager that he never tells them. Or a manager who has to stay within a budget, and orders a half-assed job. Or a manager who can't write contracts and don't have anyone technical enough to verify specs.
Sure, I just as often have seen internal snafus, where someone hacked up something terrible.
That's "just as often", not "more often".
'Cause quite frankly, the "professionals" can be quite incompetent too, and often are. They hire people based on the demand for work they get, and are legally obligated to fulfill a contract and give a customer what he asks for, not what he needs. The professionals are the ones who ask the customer "what browser do you use?" and then proceed to code a project for that browser, and are the assholes responsible for why so many companies are still at IE6. Who uses authentication that works for the test user, but won't work for remote users, or the sysadmin who doesn't use Windows. Who foists upon the customer completely idiotic platform requirements (including both OS versions, JVM versions and network specifics). Who take shortcuts, including hardcoding and incorrect assumptions.
Because robustness was never a consideration; just getting the job done and move on. Hell, if it breaks, it's a good chance they get hired back to fix it!
In short, professionals are dangerous. What you want are experts. And most professionals aren't; they are consultants on a H1B or in-between real jobs, who know just enough to be dangerous, working for profit, not pride.
In this case, I too think the OP should leave well enough alone, but not for your flawed reasons.
If a system is already used for backups, it is one of the most important systems the business has. It should be treated as blessed, and not to be messed with, only replaced when that day comes. It's so critical that it deserves the "legacy" stamp from day one, no matter how modern it is at that point.
Do not look for unused capacity on critical systems. There is a chance that you break them, but also the reverse risk that what you implement itself becomes critical to the business, and that higher demand on the existing system will break your new functionality.
Do you really want to be responsible for restores not working the day lightning strikes, because your app needed a patch that invisibly broke backups? Or do you want your app to become a favourite of managers, and then suddenly become sluggish or not work at all once someone decides to back up the new Hawaii or Europe office during what's business hours for you?
Also, untangling two critical functions running on the same system without business impact can be a daunting task, which is best avoided.
tl;dr: Don't mess with critical systems. This is not the unused capacity you are looking for. Move on.
Agreed. Apple techs are far from "worth their weight in gold". First off, they have specialized, niche skills (if they have them at all), secondly, they are fat.
You know why they are fat?
Because they don't have to DO anything!
I own both a 4 disk Drobo and a 5 disk Synology. The Drobo is bonehead easy to setup and use but it is also really damn slow. It's ok for backups but that's about it. The Synology is more involved to setup but it is a quantum leap faster than the Drobo. Once the Synology is setup it's day to day care and feeding is pretty minimal. I'm doing Time Machine backups to the Drobo and using the Synology for long term archiving of images. I'm a photographer and these days it is nothing to go out and shoot for two days and come home with 50GB or even 100GB of images.
Sig?! Sig?! We don't need no stinking sig!!
RAID is not a backup solution. RAID will simply increase the reliability. I've had many raid 5 arrays fail and loose everything. There are many ways of backing up data and RAID is not one of them.
I agree. But RAID is a place to start.
There are a zillion GUI front-ends for rsync-based backups for OS X. Most of them are even free. Some of them handle backing-up Time Machine backups (Sparse Image files). Then there are industrial-strength backup systems like the ones from TOLIS (full disclosure: I haven't used these. I just know they exist). But, I think with a 10-person office, you probably can get by with something that is rsync-based (rsync is a very powerful UNIX "file/folder synchronization" utility that has been around since dirt. Rsync is included with OS X. Like all UNIX utilities, it is actually a command-line creature; but as I said, there are MANY GUI "front-ends" for rsync for OS X. Checkout this and this list. Let me know when you get through all those, LOL!
Now, let's talk about what MEDIA to backup to: In this day and age, pretty much the only reasonable thing to backup a hard drive to is another hard drive. Nothing else makes sense, cost and speed wise. You have a 6TB Drobo. What RAID mode is it being used in? Let's say it is in RAID 1. That means it will have 50% of its actual capacity, due to the "mirroring". Ok, so that's roughly 3TB (nevermind the formatting overhead). If it is in RAID 5 mode, the Drobo will have roughly 2/3 of its 6TB (or about 4TB). I'll assume you are NOT running RAID 0, 2, 3, or 4. Nor do I personally like any of the RAID levels above 5, because they are either relatively less safe, and/or have sort of "cumulative" storage and performance penalties as the array size grows. If you are doing a lot of random-writes to your server, then RAID 1 (straight mirroring) will give you the best overall performance, at the cost of less storage overall. See this article for more details than you probably want to know right now.
But, I digress... Let's say you have this running in RAID 1. This means that your Drobo is effectively 3TB. That's very convenient; because the world has 3TB drives now. So, here's what you do: Go and get two (to start) 3TB EXTERNAL drives (preferably FireWire 800 (if the server supports FW800. I'm assuming it doesn't support Thunderbolt). Format these as HFS+ (journaled). Name them the same (but not the same as the Drobo, just for confusion's sake). Now, you effectively have two 3TB "backup tapes" that you can "rsync" your Drobo to.
"Rotate" these at whatever frequency you desire (not less frequency than once per week). Take the "new" backup OFFSITE (Monday evening is easy to remember. That way, you can bring the "old" backup into the office on Friday morning, swap it with the "new" backup, and take it home with you on Friday night when you go home. Assuming your business is an 8-5 M-F type thing, set your rsync "incremental" backups to start late in the evening, every evening, like around 11pm (that way, people leaving late aren't a problem). If all goes well (and it should, because backup-to-harddrive is rarely a problem), your drive should be backed-up by the time you return in the morning. If you want to be extra safe, you can even rotate your drives every day, but that is a lot of wear-and-tear on the power and FireWire connectors on the drives; but is the safest overall. Swapping the drives every day also keeps rsync from having to to a BIG backup the first time the drives are swapped; because it won't have to "catch up" for the whole time the "returning" drive has been "away". But DO know that you probably will start having connector problems in a year or two. Big deal. You can replace the drives every freakin' MONTH and still be money ahead over a tape-changer (and
Your mac mini has a lot of juice for a tiny little box, and cycles you don't use disappear into the ether. May as well be using it as much as you can.
I'll second that ratio. I used to work in an office of about 150 users, with 3 dedicated I.T. guys, and by that I mean helpdesky kind of roles. The server admin was handled by contractors, and later on my unit (sister company). For the most part, a properly designed network almost runs itself. Spend a little more money on infrastructure and you'll save it tenfold in support and maintenance time/costs.
The truly difficult part is transitioning from random donated gear to a properly conceived system. A lot of small business owners refuse to accept that spending a little more money on good gear can save them much more in employee efficiency and decreased downtime. It usually takes 3 big disasters, preferably involving the loss of irreplaceable personal data, to hammer the point home, because they all think they're immune to catastrophic crashes, or viruses, or just plain old Shift-Delete stupidity. It happens to everyone, and as the I.T. guy, you have to be a master manipulator to not get blamed for other people's cheapness.
-Billco, Fnarg.com
we (IT consultants for small-mid sized companies) aren't all like that. In fact doing that in a former life it was my policy to make sure they had the proper access if they chose to utilize it or hire another consultant. After all, it is their equipment - however I did leave them a caveat in the "red binder" I left with them that said "if you don't know what you're doing and insist on doing it yourself without a knowledgable person to do it for you, please research it completely" with a line that said something to the effect of 'fixing a catastrophe that could have been solved with a few keystrokes might cost significantly more'. That said, I left them the option of a VPN they could initiate for remote assistance should they require it (usually moments notice for emergencies was welcomed) sooner than the time it would take for me to travel to them. Only once did certain companies opt to not call me (or someone else) and end up with snafu. After the first time they learned their lesson and either called for help or ask for training on how to fix things themselves. I was a fan of teaching them some of the more routine stuff that didn't require extensive education which was mostly db or more complicated administration stuff.
And I say this as an IT guy myself.
You can put together all the fancy features you like. I don't care what they are, what is important is what the business can benefit from.
So you need to do two things:
1. Don't speak to us. Speak to the people in your company who are driving the business.
2. Stop thinking in terms of "clever things I can do with the server" and start thinking in terms of "things I can do that offer a tangible benefit to the business". 99 times out of 100, those things will fall into one of four categories:
a. Bring money in - either directly or indirectly.
b. Save money.
c. Reduce risk.
d. Make life easier for someone else in the business.
B and C are relatively easy. A is seldom found in IT; D often requires people to change the way they work. Getting people to change the way they work is generally very difficult, so unless the benefit is so absolutely vast that even the most deluded, stuck-in-the-mud person would see huge benefits to it before you've even finished explaining your idea, you may well be wasting your time. If you have an idea that offers only small benefits but requires significant changes to how people work, forget it.