(Printer-friendly display)

The Road to M$ Recovery

Before we continue, let's make something very clear. If you're looking for a good, old-fashioned Microsoft-bashing, this isn't it no matter how much you pretend it is. A lot of useful functionality has come out of Redmond -- not necessarily good or right -- but most definitely useful and almost always used as a yardstick for what users expect from their software applications. In the grander scheme of things, we simply discovered that Microsoft's priorities were much different than ours... and that's what the rest of this page is all about.

My two dominant personality traits are curiosity and independence -- the latter being a much nicer way to say "control freak". And so the story begins...

If I recall correctly, we installed our first Linux server in 1999. In the beginning, it was just something new to play with... but after we actually managed to get Samba up and running, we started using Linux for a few of our core network services like DHCP -- Internet connectivity was through a PAT-capable Cisco ISDN router with a single permanent IP address. We then decided we were long overdue for our own registered domain name -- so on August 17, 2000, theotherbell.com was born. Little did we know that this was the beginning of our worst nightmare as well as a highly enlightening experience.

Our Internet connectivity was great, but our ISP starting experiencing a lot of down time in the area of support services (DNS, POP servers, etc.) so we went through frequent periods where we could connect, but we couldn't check e-mail or surf the web. What made the most sense was to set up a  cache-and-forward DNS and install our own mail server. While we're at it, we may as well put up our own web site -- after all, we do have a domain name, right?

If you can't beat them...

A terrible attitude, yes... but one that led us fast and furious down the Microsoft path far enough to realize that Redmond Way is full of pot-holes and paved with not-necessarily-noble intentions.

For our new mail server, we chose Exchange because of its groupware capabilities, our previous experience with Microsoft products (our lack of experience with mail servers) and the belief (misconception) that we could get all the help we needed from Technet and the Microsoft news groups. Of course, this required the installation of an NT domain controller... and since all of Microsoft products are so "tightly integrated", we may as well put DNS and IIS there as well. Before we knew it, we were well on our way to making deposits in the Gates International Bank.

To make a long story short...

We were already in the habit of maintaining our software -- keeping up-to-date with service packs, driver updates and OS upgrades. So, we thought we were well prepared to maintain our new server environment. To prove how wrong we were, here's an annual break-down of the number of security bulletins released by Microsoft for the last couple of years:

Granted, not all of the security bulletins applied to our environment... but if we wanted to run a tight ship, we had to actually look at each and every announcement to determine whether we were at risk. The light finally dawned when I realized I had a new morning routine: grab my coffee, check to see not if but how many new vulnerabilities were reported while I was cutting z's, evaluate whether we had been hacked while I had my head turned for a few hours and prepare to install my precious hot-fixes.

Stop the ride, I want to get off...

I can't describe the sense of dread I felt when I realized I didn't have the slightest idea of how to proceed. After endless hours on Google, a colleague recommended I take a look at qmail. My first thought was "yeah, but what about all those shared contacts, folders, tasks and calendars we've gotten so accustomed to?". Then came the sad realization that for the amount of electronic stuff we had accumulated, maintaining paper would have been easier and less time-consuming than maintaining our current environment.

qmail was just the beginning... on January 2, 2003, we yanked the network cable on the W2K PDC and reconfigured our workstations as members of our new Samba domain. A day later, we reconnected the W2K server as a lowly member server. For more information on the approach we chose and how we met our new requirements, see our configuration.

(Printer-friendly display)