Windows XP Pro as Client/Server Help

[ucfswimmer]

OK, I've got the following setup:

DSL Modem -> Linksys 4-port Router -> SMC NIC (Server) -> Intel NIC (Server) -> Dell 16-port Switch -> 3 Computers.

All computers are running Windows XP Pro.

Right now they are set up more like a peer-to-peer network, with file-sharing enabled and all have an IP of 192.168.1.x with a default subnet of 255.255.255.0

What I want to have is to have the one computer (the server) to be set-up like an actual server. I want to be able to install a program like Corel Wordperfect on JUST the server, and have any of the other computers connected able to run this program remotely from their computers. I also want to be able to give and filter i-net access to these other 3 computers through the server.

I have some experience setting up peer-to-peer networks, but not client/server networks. What do i need to do to set this up so that the other 3 computers are logging into the server to access stuff and so that the server will be able to give internet access to the other 3 (do i need to use the IP of the server as the proxy address on the other computers so they can access the web?)

I've got a lot of questions, but I just wanted to get this out, and hopefully get some responses. I need to get this done by Monday, so ANY and ALL advice will be needed and welcomed. =) Thanks guys, I know I can count on you...


~jeff~

 

[Kingslayer]

Basically what your looking at is called Terminal Services. Using the server to hold and run the apps, and the server to do the actual work.

You cant do it with XP. The server will need at the minimum Win2000 server.

 

[ucfswimmer]

hmm, this is a problem. stupid question even though i probabaly already know the answer, but is there any way at all to do this with XP? I checked under Administratve -> Services and I found a service called Terminal Services, do I just need to start that up? Or how about with XPs Remote Assitance, will that help? And what OSes DO allow Terminal Services?

And how about the 2nd part of the question? Getting i-net access to the other computers?


Also, is terminal services required for users to "log-on" to the server when they first turn on their own computers? Sorry for the multitude of stupid questions, but like I said, I'm more used to peer-to-peer stuff than this client/server stuff. Thanks a lot.

~jeff~

 

[Kingslayer]

Terminal Services and Terminal server are two entire different things.

Terminal services lets you control other computers in your network.

Terminal Server is what you want. The ability to have all the apps stored and run on the server, not the local machine.

And as I stated before you will need any flavor of 2000 or NT server.

I'm sorry if I misled you with my initail reply. I have a new baby and sleep is about nil. It's obviously affecting my attention to detail.

 

[ucfswimmer]

Well then I probably just ended my networking career before it even started.

I recommended Windows XP Pro to these people, because I wasn't smart enough to ask the right questions in order to better recommend a solution for them.

So now I'm in a bit of a bind.

Too big things they need to do: edit forms in Corel (to be accessed by all 3 clients) and to access a database program (either through SQL or Abacus) by all 3 computers (sometimes simultaneous working on one record at a time [but not the same field]).

With XP Pro they can do the database part (because they'll need a seperate server/client database program I know). But as far as Corel is concerned, would it be better to install it seperately on each computer and set up a file share on the server that all clients have access to, or better to find a copy of Windows 2000 Advanced Server w/ Terminal Server and go with that instead?

Edited due to warez/cracks policy

No, we don't talk about "bootlegged" software in these forums. The forum guidelines explicitly states this and is probaly the most stressed topic within our guidelines. Become VERY familiar with them VERY fast.

Jon
Forum Moderator

~jeff~

 

[Kingslayer]

I recommended Windows XP Pro to these people, because I wasn't smart enough to ask the right questions in order to better recommend a solution for them.

Actually everything can be salvaged. Nice thing about XP is that it's a host operating system. It wants control. You just bought them three servers....

Too big things they need to do: edit forms in Corel (to be accessed by all 3 clients) and to access a database program (either through SQL or Abacus) by all 3 computers (sometimes simultaneous working on one record at a time [but not the same filed]).

You can install SQL server on one of the XP machines and make the others access it.

With XP Pro they can do the database part (because they'll need a seperate server/client database program I know). But as far as Corel is concerned, would it be better to install it seperately on each computer and set up a file share on the server that all clients have access to, or better to find a copy of Windows 2000 Advanced Server w/ Terminal Server and go with that instead?

Give Microsoft Access a try. By the sounds of this office they'll need or already have Office XP anyways.

I would just install Corel on them all and go with the file share anyways. It will make things like backup better that way you will have a rollback when they screw up or delete the file, which they will. Trust me, they will.

Your lack of sleep really got you here bud

~Jon~

Microsoft just recently changed their licensing process. Unfortunetly I took 6 weeks vacation at the time so I'm behind the times when it comes to Server licencing. Some programs like SQL have client licenses that need to be purchased, but everything else your doing sounds like a go with just a normal purchase of 2000 Server. And just get 2000 Server. The only difference between Server and Advances is the ability to run 8 CPU's and to do clustering. Hardly worth the extra money it would cost you for something you won't use. Everything else is the same.

 

[su root]

I saw on pricewatch you could buy a 5-client CAL for Windows 2000 Advanced Server for as little as $117

CAL = Client Access Licence
When you buy Windows 2000 Server, you get 5 CALs. That basically allows for 5 people to connect to the server. You purchase more CALs to allow more people to connect to the server. That $117 is to allow 5 more people to connect to your server.

Windows 2000 Server w/ 5 User Licence CALs goes for anywhere from $690 - $931
http://www.cnet.com/software/0-806340-1204-1503478.html?tag=pdtl-list

Windows 2000 Advanced Server w/ 25 User Licence CALs goes for anywhere from $940 - $3787
http://www.cnet.com/software/0-806340-1204-1503474.html?tag=pdtl-list

Piracy is bad. It pushes up prices for people who actually buy it.

 

[ucfswimmer]

So the database part is cool either way with Windows XP Pro or Windows 2000 Server. With the other applications however, we'll just install them on each computer and setup a file share on the server so they can all have access to the forms. Other than for terminal server, is there any other major reason to go with Windows 2000 Server? I did find a place where you could get the CD, cd-key and 5 CALs for $600 OEM. That's a pretty good price, but is it necessary?


And does anybody have any help for the 2nd part of my question? Enabling internet access on the other 3 clients.

~jeff~

 

[Kingslayer]

Enabling Internet Access on the other 3 clients is easy. Get them a broadband account (with a static IP, you'll see why in a minute). Setup a router, a 16 port switch (to allow for further growth) which your going to need to file share anyways, and they'll all have internet access through the LAN.

The other reason to go with 2000 server is if they decide to put up a website and/or email you'll have most of the tools you need already to support that. That is why you want the static IP address. Makes DNS resolution a hell of a lot easier.

 

[ucfswimmer]

well it's a law firm, and they probably will never put up their own web site or mail server or anything, just something thats exclussively for the 2 things i mentioned and internet access. i undersand why they would want a static IP for that, but they wont be doing that...however they may want to start up a VPN or just have some way to remotely access the server from their home PC. i recommended VNC or PCAnywhere for that to them. What do you think of that?

 

[su root]

if they're going Win2k Server they can use Terminal Services for remote access to the server.

 

[Kingslayer]

I don't think he wants them screwing with the server. I work for 100 attorney's. Most of them are the last people who should be touching a computer.

 

[su root]

That's true.. if it's locked down correctly, you could get away with it though.

 

[ucfswimmer]

kingslayer is right about that...they are seriously not computer literate in the least. im looking for something that could be set up once and have it work for them initially..im not looking to maintain the network for them, they plan on hiring someone for that later on, but its not going to be. What great practical experience this has all been.

~jeff~

 

[su root]

I would definately suggest doing more research before proposing anything, time permitting. There's nothing like buying a bunch of stuff and finding out it won't do what you want, and that you can't return it. I've seen people do that before... not pretty

 

[64026402]

With only the 3 clients to serve a server/client domain based network is overkill.
Setup a file server with some power.

Connect the internet to the server. Get a good firewall. You can use the built in if you wish but Zone Alarm is easier to configure for specific problems. I don't recomend a router on this setup. It creates to many security problems if connected to the network. The security can't be raised high without interfering with the lan.

Connect to the network with a different NIC. Set the internet share on the first connection. Then the 3 users can be controlled and safe on the internet. Just run the network wizard one at a time.

Unless the Corel program is Multiuser the you will install on the individual machines and access the mapped drive or folder for the files on the server.

Setup the SQL database on the server.

This is not a true server client relationship but unless your thinking about a lot of expansion then it should work well.



Note: Client/Server domain based networks are primarily to limit access from one client to another because they can only use the server. You can still have some of this contol on a peer to peer network but it is hard to administrate with large networks.
4 computers is not very big.

 

[Kingslayer]

With only the 3 clients to serve a server/client domain based network is overkill.
Setup a file server with some power.

This is all fine and good until the next network guy comes along and talks them into getting a domain name and putting up a website. This is a business, the chance of the website in the future is good. As are other upgrades as it grows. Thinking inside the box and thinking only in the present will kill a network administrators career.

Connect the internet to the server. Get a good firewall. You can use the built in if you wish but Zone Alarm is easier to configure for specific problems. I don't recomend a router on this setup. It creates to many security problems if connected to the network. The security can't be raised high without interfering with the lan.

The router will have absolutely no bearing on the way the LAN operates. It's on the opposite side of the hub/switch. The router is there to secure the LAN from the WAN. Again this is a business, and that's no place for a second rate software firewall. Zone Alarm my work fine for your home network, but it has NO place in a business. That router will create NO security issues if connected to the network. It's there to INCREASE security. Again, this is NOT a home network, and thinking like it is will also end the administrators career.

Connect to the network with a different NIC. Set the internet share on the first connection. Then the 3 users can be controlled and safe on the internet. Just run the network wizard one at a time.

Again this is fine for a cheap unsecure home network. This is not a home network. Running the network wizard sets the lowest security settings. This is a law firm. I would like to see their faces when you tell them that their files are under the lowest default security. With this setup, all they need to do is sue/prosecute/defend on little script kiddie and upset him and he will have a hay day with this lacksidaisical setup.

This is not a true server client relationship but unless your thinking about a lot of expansion then it should work well.

That's the problem with this solution. It leaves no room for expansion. There will be expansion. They may say there won't be now, but there always is. Think outside the box.

Note: Client/Server domain based networks are primarily to limit access from one client to another because they can only use the server. You can still have some of this contol on a peer to peer network but it is hard to administrate with large networks.
4 computers is not very big.

This couldn't be further from the truth. Client/Server are only used to limit access from one client to another if they are setup that way. They can easily be configured to communicate fully with ANY machine on the network. It is, in fact, easier to control on large networks as you have tools that you dont have in a peer to peer network. Security profiles controlled and managed from the MMC, permission settings, and Active Directory. You don't have these tools in a peer to peer networks.

I'm sorry if I sound crude, but the home network mindset does not have it's place in this. This is a professional business. Not someone sharing his internet connection when his game buddies come over. I help administor 350 computers in a 5 county network. I do not do things half-assed. There is no place in a network to do it that way. It just makes administrating it a pain and securing it a joke.

 

[64026402]

Your not harsh. Just missinformed.

This is all fine and good until the next network guy comes along and talks them into getting a domain name and putting up a website. This is a business, the chance of the website in the future is good. As are other upgrades as it grows. Thinking inside the box and thinking only in the present will kill a network administrators career.

A website would be hosted somewhere else and has nothing to do with how you run the network.
You don't want you business network running a website.

The router will have absolutely no bearing on the way the LAN operates. It's on the opposite side of the hub/switch. The router is there to secure the LAN from the WAN. Again this is a business, and that's no place for a second rate software firewall. Zone Alarm my work fine for your home network, but it has NO place in a business. That router will create NO security issues if connected to the network. It's there to INCREASE security. Again, this is NOT a home network, and thinking like it is will also end the administrators career.

Only an amateur would hook a router to a business network. Every computer would need to have a software firewall on max security which would kill file sharing. Having an internet server allows all the security up front so the network can operate unhindered.
A store purchased router has very poor security and is not so easy to control.
This is basic you should know this.

Again this is fine for a cheap unsecure home network. This is not a home network. Running the network wizard sets the lowest security settings. This is a law firm. I would like to see their faces when you tell them that their files are under the lowest default security. With this setup, all they need to do is sue/prosecute/defend on little script kiddie and upset him and he will have a hay day with this lacksidaisical setup.

The network wizard automatically turns on the firewall on any computer connected to the internet.
The XP firewall is considerably more powerfull than the router firewall.
You can set everything manually but this can save time.
You apparently know very little about the network wizard.

That's the problem with this solution. It leaves no room for expansion. There will be expansion. They may say there won't be now, but there always is. Think outside the box.

Expansion in this configuration is not limited by any means.
But if there are plans to have 100 computers then administration becomes the issue. But at that time you could change to a domain based network without loosing the present network.
Doing such a network now would be a lot work without any real benefit unless you want each computer in a seperate domain which doesn't make any sense.
You don't seem to grasp the concept of why people use this.

It is, in fact, easier to control on large networks as you have tools that you dont have in a peer to peer network. Security profiles controlled and managed from the MMC, permission settings, and Active Directory. You don't have these tools in a peer to peer networks.

That is the point. The administrative tools that help a large network are superfluous on a small network.

When you help administer the 350 computers I hope you use better judgement than shown here.

You keep my fingers moving.

 

[ucfswimmer]

Wow guys, this is what I was looking for...I like this.

Now you are both actually right.

The problem with this situation is that I am a computer aficiando with only home networking and peer-to-peer networking experience. This job is for a professional law office. So there's a bit of a dichotomy at work here. An amatuer attempting a professional job (I'll admit it.)

But while I am an ameteur, I do know a few things and I also know these people's situation.

The office as it stands now is one firm, one lawyer, one paralegal (his wife) and one secretary, so it is a very small firm to say the least. The office they are in now has very limited room for expansion as far as more partners goes (I think they have one extra room) so I don't forsee them getting much larger. And while I don't want to cut my feet out from underneath me or limit their growth potential, I almost definately do not see any need for them have a website which will be hosted from their own server.

On the other hand. They do want a professional job with the 2 most important aspects being 1) It works, & 2) It's easy to use. Now the hardware has already been purchased, with the exception of their actual Internet connection and the router.

They have their server as described above (P4 2.4B, 1GB ECC DDR, 3X40GB HARDWARE RAID 5) with XP Pro, a wired office, a 16 port switch and 3 clients all with XP Pro.

Again, the biggest things they'll be using the computers for is to manage their client database (accessible from all 3 workstations) and to create forms and word documents with Corel Wordperfect (again from all 3 workstations).

Topology wise, I'm still thinking the same thing... Wall -> DSL Modem -> Router -> Server (with 2 NICS) -> 16-port Switch -> 3 workstations.

They are probably going to go with DSL over cable for the better deal that it is, and because cable in that area, when they will be using it, will be very congested.

The router will be there to protect the server from script kiddies on the internet and will only have to be configured to allow incoming VNC connections or pcanywhere (so that they can remotely access their computers from home).

the server will then share its internet connection with the other 3 workstations connected to the switch (through ICS or manually configured?)


The server will then be able to filter internet connections to the 3 workstations...but now I need to know how to do this, and if i manually configure the IP of the NIC connected to the LAN, which IP and subnet will I use, since the other NIC will also have its own internal IP because it's behind the router?

So thats the first question there.


Second question. Do I set-up the server with XP Pro and use it like a file share...OR...do I suggest to them that they need to spend an additional $600-$1000 for Windows 2000 Server in order to benefit from Terminal Server?

The more I read what you guys write, the more I think about it and the more specific this is getting...I think if I can get those 2 questions answered that you guys will have saved me (I hope)...Thanks again everyone. I REALLY do appreciate all this.

~jeff~

 

[Kingslayer]

Originally posted by 64026402
Your not harsh. Just missinformed.

No I'm not missinformed. And I honestly think your overstepping your knowledge in this area.

Originally posted by 64026402
A website would be hosted somewhere else and has nothing to do with how you run the network.
You don't want you business network running a website.

Once again the home network mentallity is showing. Every decent business in the world runs their own website. Do you think Microsoft lets PowWeb run their servers? No, they are in house. Small businesses everywhere host their own websites on their business network. You talk like it's a sin yet it is 100% commonplace. They do the smart thing and hire people with more than home network knowledge to run and secure them.

Originally posted by 64026402
Only an amateur would hook a router to a business network. Every computer would need to have a software firewall on max security which would kill file sharing. Having an internet server allows all the security up front so the network can operate unhindered.
A store purchased router has very poor security and is not so easy to control.
This is basic you should know this.

Routers are hooked up to business networks everywhere. Have you ever seen a decent size network? Software filewalls are worthless. They are easily bypassed. Routers are not. A decent router (again, not this cheap home network stuff) can be a more effective firewall than any software firewall could ever be. If you need a higher lever of security, get a hardware firewall, but I don't see this company springing for it. But if he gets a good Cisco 800 series router, it will be more secure than Zone Alarm could ever get it.

If the software firewall is killing file sharing, then you haven't configured it properly. Hello, put the IP's of the other local machines in it's record so it doesn't hinder traffic from them....

Originally posted by 64026402
The network wizard automatically turns on the firewall on any computer connected to the internet.
The XP firewall is considerably more powerfull than the router firewall.
You can set everything manually but this can save time.
You apparently know very little about the network wizard.

I have plenty of experience with the network wizard. My level of experience in it has told me that it is grossly inferior to anything hardware based. You apparently know very little about networking period.

Originally posted by 64026402
Expansion in this configuration is not limited by any means.
But if there are plans to have 100 computers then administration becomes the issue. But at that time you could change to a domain based network without loosing the present network.
Doing such a network now would be a lot work without any real benefit unless you want each computer in a seperate domain which doesn't make any sense.
You don't seem to grasp the concept of why people use this.

All the more reason to do it right the first time, and not half *** it from the start with a peer to peer network. Not only is the room for growth built in, but he learns to do it the right way. There is only one reason why people use peer to peer in this type of situaton. They haven't a clue as to how to adminisitor a domain type network.

Originally posted by 64026402
That is the point. The administrative tools that help a large network are superfluous on a small network.

When you help administer the 350 computers I hope you use better judgement than shown here.

You keep my fingers moving.

Administrative tools such as this are as equally useful on 3 computers as it is 300. Why drop that level useage just to support an unsecure, poorly designed, poorly implemented, peer to peer network with a limited growth?

My judgement is fine. My domain is running strong. 99.9% uptime. My users are happy. I have room for growth. This network is a model for other agencies in my area. Agencies switching from peer to peer...