Matthew Buck’s Blog – Principal Engineer at RatwareUK

Using a Dell Optiplex fx160 with the Suse thin client pre-installed? Found a problem with SLED10 and rdesktop not connecting to a Server 2008 remote desktop connection? – Never fear, as we have had the same problem and our Linux Guru has investigated the best fix:

Along the way, we tried all sorts:

• Updating the rdesktop on SLED to 1.6 . SLED – didn’t like this.
• Installing Ubuntu Netbook Remix, which is a small OS which we though would fit nicely on the thin client’s 1GB of NVRAM – but we couldn’t rip out enough packages to get it small enough!

The solution: Ditch SLED. Its rdesktop doesn’t have the best resolution anyway. Install Debian LXde.

Here’s how!

Step One:

Download the following. You may find it easier to copy the second file to the USB stick from a Windows machine but you’ll need to use Linux or Mac for the first one;

• http://ftp.nl.debian.org/debian/dists/lenny/main/installer-i386/current/images/hd-media/boot.img.gz

• http://cdimage.debian.org/debian-cd/5.0.4/i386/iso-cd/debian-504-i386-netinst.iso

Put blank USB stick in Linux computer and make sure it isn’t mounted – you’ll probably need to use mount and umount to get this sorted.
Use dmesg to see what disk was just inserted – line near the end will mention something like /dev/sdX. Type:

zcat boot.img.gz > /dev/sdX

Unplug the drive and re-insert (or put into a Windows PC). Then copy debian-504-i386-netinst.iso to it
Plug into thin and boot. F12 usually selects boot device.

Step Two:

When you create the user Use full name = user and username = user
Select expert install.
Mostly just accept the default by pressing enter, except:

United Kingdom for country
British English keyboard
Don’t start PC card services

The next bit is the only non-obvious part of the whole process, IMO. Use guided partitioning and let it choose two partitions. Then before committing to disk delete both partitions and create one primary partition of 1GB – no swap is needed.

• Select default kernel (i686)
• Select targeted initrd
• Deselect all software tasks (Standard system is the only one selected by default)

You now have a bootable Debian in 371MB.

Step Three:

Login as root and do the following (# or $ is the command prompt, not something to type!)

# apt-get clean
# apt-get update
# apt-get install lxde

Just accept the warnings about swap space – you won’t be suspending to disk anyway.

# apt-get clean # apt-get install tsclient rdesktop # apt-get clean # reboot login as user

Open a terminal using the icon in the lower left of the screen $ xdg-desktop-icon install –novendor /usr/share/applications/tsclient.desktop . This will create you  a terminal server desktop icon!

Double-click the icon that appears in the top right.

Do the settings and save as CONNECT (or something similar). Don’t forget to set full-screen on the display tab. The TSClient window will go away.

(I had to reboot after this. Alt-F1 to get to command window followed by ctrl-alt-del should do it). You can check the connection using the quick connect button.

Step Four:

Now let’s configure the terminal server connection to autostart:

$ cd .config
$ mkdir autostart
$ nano -w autostart/tsclient.desktop

[Desktop Entry]
Type=Application
Exec=tsclient -x /home/user/.tsclient/CONNECT.rdp

Step Five:

Autologin and autorun didn’t work in combination for me. I’d suggest not using autologin but if you want to try it do this:

LOGOUT

On the login screen choose Actions (bottom of screen).

Configure the login manager Authenticate with root password.

Click OK a few times. On security tab enable automatic login and set the user.

Close and reboot (from the Actions button)

Now you have a thin OS installed on your flash drive which will boot automatically and start a terminal server desktop session to your Server 2008 without any fuss.

Could this new Draytek 2820 VOIP product be a further nail in the coffin for conventional telephony methods? Recently I implemented one of these, and at approximately £400 + VAT (including a couple of IP Phones), I have a fully functional local exchange, providing the usual functions such as; auto attendant, voicemail, hunt groups, call-logging, music-on-hold, conference calling etc. On each of the IP Phones you can set the voice compression method and from the IP-PBX you can swiftly implement upstream QOS, governing the VOIP system. After 2 months of constant use, I’m told that there is “no difference” to the quality of a conventional telephone line and no difference in the features of a conventional local PBX.

The Draytek is serviced by a 10Mbps/700Kbps Internet connection provided by Virgin Media, with a failover WAN2 USB Modem providing Orange 3G. It’s in a server room so it’s powered by an existing UPS, just like your conventional phone system should be.

The SIP provider is Draytel. They provide a host of telephony services. In this case; providing 5 simultaneous SIP Trunks (5 lines) including 2500 UK land line minutes for just £19.99 + VAT per month. That’s a better deal than BT and you aren’t tied to their ridiculous local exchange programme, which prohibits you from taking your phone number when moving your office. When this client moves, they’ll simply ensure broadband is present and then plug their Draytek router in. No reconfiguration, no costs, no downtime – phone and Internet moved simultaneously.

This small router provides support for up to 30 extensions, the next model up provides 100. Are products like this going to signal the death of conventional telephony?

I’ve been speechless for a while, because Dell have outdone themselves with their new thin client – the Optiplex FX160. Basically, thin clients don’t need hard drives. They run a local operating system such as Windows XP Embedded from solid state flash media. This flash media may only be around 2GB in size – just large enough to hold the operating system image. This makes the thin client very fast and very robust.

The 160’s are supplied with an embedded image providing a cut-down XP desktop with immediate support for Remote Desktop Connection, VMWare and Citrix. A quick modification to the image via a deployment server and you’re booting straight into your virtual environment. The units are fast, ultra-small and have a really low carbon footprint. Once more, this new thin client and a strategy of virtualisation takes away the need to “rebuild” systems on failure. There’s less to go wrong and no maintenance required. There’s more consolidation, security and control.

Dell Optiplex FX160 is now RatwareUK’s thin-client deployment of choice and a perfect partner when virtualising a network and desktop streaming. At approximately £270 + VAT per unit, this product is extremely cost-effective.

If I could have a pound for every time I’m meeting a new client and they ask “Can we have a wireless network, instead of a wired one?” we’d be a) rich and b) doing a serious mis-service. If everyone was as familiar with the words “virtualisation” as they are with “wireless” we’d be very happy. I guess it’s because people have wireless networking thrown at them by TV adds, ISPs and their savvy, computer-addict children. Why can’t people request virtualisation?

Today RatwareUK decided that, unless there was a specific technical circumstance against it, virtualisation was from now on, going to be the preferred solution we push to SMEs. VMware, memory and processing power have come a long way since I used to run Linux through a VM window on my home PC almost a decade ago. Now VMware is a credible and widespread solution, providing a multi-server deployment on minimal hardware and revolutionising IT support, security and provisioning. Within an SME context it consolidates everything and gets rid of the need for complex restoration processes and the constant up-hill support battle present on a multi-OS client environment. Virtualisation kills the need for complex group policy work, scripting and client upgrading. It pools your resources and configuration into one place.

I’m unsure what’s next for virtualisation. Maybe transferring your virtual machine solution from your office, to your hosting company’s cloud?

Hello again. I felt guilty about not blogging here in a while and using twitter too much, so I thought I’d do a quick blog containing some pictures of the work we’d been busy with recently…

The above as pictured is unfinished, however it shows our ability to provide a high end, complete infrastructure install. The building was being renovated, so we installed 66 CAT5e points, one Avaya IPO phone system and two Dell PowerEdge servers providing virtualisation and redundancy. The complete package, all wrapped up in a RatwareUK custom server cabinet.

Network Installation

IT Relocation Case Study

OK, so this weekend I find myself in the situation whereby I’ve got a POP3 account that I need to check regularly whilst I’m on the move. At RatwareUK we’ve got a BES solution, so I thought about creating a forwarder on the target email server to my principal email address which would push it through MSExchange and via BES to my blackberry. I hate email forwarding though – and it’s probably unwarranted – but I’ve got hangups from dealing with companies whose email aliases are setup on an unfathomable web of forwarders. I guess I’m biased but I try to avoid them at all costs! Using my Blackberry, I wanted to connect directly to my additional POP3 mailbox:

Introducing LogicMail – free, open source – I’m impressed. Implementation took around 2 minutes and I did it directly from their website on my Blackberry. I’ve now got a fast and reliable POP3 client which allows me to relay out through an SMTP server of my choice. The client also integrates with my Blackberry address list and has a host of settings to customise identity etc.

Pull technology will never be as fast or reliable as Push and we all know BES is the best at this. However, LogicMail provides a really good and painless alternative solution. It got me thinking about future blog posts. I think one day I’ll have to do a post detailing BES vs Windows Mobile.

At RatwareUK every customer comes to us with a different set of problems. Every business is different, we know this. We’re different too. It would be easy to roll out a template that 75-90% fits their requirements, but we’re perfectionists. A solution that fits with the client’s business as well as creating new depth and scalability is what we’re after. This is why last week, when we were designing a wide area network, myself and a couple of engineers worked on a Saturday to discuss and configure the VPN and servers.

Free from the daily tasks of maintenance and programming, we set up a projector, meeting desk and proceeded to discuss and design a company’s network – literally – on the wall. We found this workshop approach was extremely productive. As engineers we were actively learning and implementing new skills and our combined rigour and ingenuity was poured into the new system. We then continued bench-testing the system and it was eventually deployed the following week. It was a complete success and the customer was provided with a system that worked precisely the way they wanted it to. You’d be surprised, but this sort of forward thinking is discouraged in some organisations. I certainly, would not work for any other company.

I’ve just come across a great new video from Microsoft which details the advantages of Windows Mobile deployment on Exchange. Check out Windows Mobile Video for more information!

If anybody needs any advise concerning Windows Mobile deployment at work, please do not hesitate to contact us.

This week, several clients have contacted RatwareUK after purchasing a blackberry-style BT Broadband Anywhere bundle. See the following link BT Broadband Anywhere .

Many customers believe this is a plug and play solution that can be used at their business to give staff access to email whilst on the move. This is not the case. The product above is for home use only. It is linked to a residential BT Hub (which they provide) and it uses BT’s independent mail servers supplying a btconnect.com (or similar) email address. It will not link up to your company’s exampledomain.com or your company’s mail server.

To compound matters, BT are also accidentally sending out residentially configured phones to customers requesting them for business use!

In a nutshell: Rolling out compatible mobile devices which staff can use to access their company email is more complicated. Considering Windows Mobile devices specifically; if you have Microsoft Small Business Server, or Microsoft Exchange Server you have to complete the following steps:

1. Purchase 1 or more Windows Mobile Devices with GPRS connectivity. (See BT Business Product as one example – there are many more).
2. Install Exchange SP2
3. Install ActiveSync 4.2 or higher
4. Enable mobile services for users
5. Configure your company’s firewall and web services
6. Install a secure certificate on the device
7. Configure Windows Small Business Server 2003 for MSFP
8. Configure device synchronization
9. Test the deployment

If anybody requires any assistance with remote working solutions, please do not hesitate to contact us. We’d be more than happy to advise. Remember, don’t just dive in on what looks like a good deal.

Hope this helps!

Matt

According to a report from IronPort called “2008 Internet Security Trends” it would appear that if 2007 was a bad year for spam – 2008 will break the record again!

One interesting statistic I found on the internet was from the European Unions Internal Market Commission, which estimates that junk email costs internet users 10billion Euros per year worldwide. For small to medium size businesses, this figure may seem like an incomprehensible fact. However, consider with me for one moment what happens in your business when just one spam email enters your company.

1. Spam email finds its way through your company’s internet gateway. At this point the rogue email will take up a small percentage of the costly bandwidth allocated to your company by your ISP. If the spam e-mail contains an attachment, it will take up even more bandwidth. This reduces the bandwidth available for incoming/outgoing emails, surfing the internet, remote workers, VPN tunnels connecting branch offices… etc.
2. The spam e-mail then penetrates your company’s mail server. If the rogue email is addressed to an invalid user, your company’s mail server will then attempt to reply to the spam sender saying the address has failed. This takes up more processing time and bandwidth. If the rogue email is addressed to a valid user, your mail server will deliver it into that user’s mailbox. Again, taking up more processing time. Remember, if your mail server is also your main domain server – it has other things to do with its time – like serve files and manage print jobs!
3. The end user eventually receives the spam in their inbox. Inevitably, the user will then delete the email. However, when deleting it, due to human error, they often miss legitimate emails because they are caught in a sea of rogue ones. Also, sifting through spam emails takes up an employee’s time and the quality of the spam email is most likely undesirable.

The above is a rather crude view summarising the knock-on effect of one spam email entering your company. However, it’s worth remembering, as imagine the human and computer processing time taken up by 500 spam emails a day, not to mention the drain on bandwidth.

At RatwareUK, we have our own mail relay server. In a nut-shell, this means that spam can be filtered off-site and legitimate emails can then be passed through to your company, thus completely saving on a company’s bandwidth and human/computer processing times. Not only will our relay server eliminate spam, it will also scan all inbound emails for viruses!

If you are receiving 500 spam emails a day, knocking those out of the equation will definitely allow your server to perform daily tasks faster and save bandwidth. For more information, visit our Anti-Spam Services page.