Saturday, February 02, 2008

Windows Home Server: What's inside..

I couldn't resist trying out Windows Home Server recently, so I sent off for the 180day eval DVD set and it arrived the other day.

Interestingly, a lot of the useful features are quite straightforward to implement on a normal Windows XP or Vista workstation, or on Linux if you're that way inclined.

A Domain Name and SSL Cert.

Access to the server remotley is under SSL encryption in your browser, thanks to a server SSL Certificate.

Enabling internet functionality on the server results in your own SSL Cert being automatically provisioned by GoDaddy, and it would appear that its actually granted to the home-server DNS name you set up, and not just * - interesting. More interesting is that my trial server dies in 179 days, but my free SSL cert will last until 2013 8-) -- ironically, this is of course tied to, and therefore it's impossible to pay a DNS provider for any DNS name anyway because MS own that - so no free lunch here 8-(

I'm also surprised that the product doesnt offer some sort of certificate based two factor authentication - say a private certificate based set of folders that would not open without password and installed certificate perhaps?

AV Protection

Nope! - a brave move for a product that is essentially based on Windows 2003 server with some changes, You will be asked to open ports 80, 443 and a few others to enable RDP to your clients on your home network. To leave this for any period of time without a supported AV product installed and working is not a smart move- especially with all your data loaded on there.

OneCare would have been a nice build-in for this, but clearly not. At the time of writing Avast! have a WHS aware AV product. -so there are options already.


I call it X-Raid, but there are other names for it, this is essentially a form of 'RAID' that creates redundancy by spreading your data, and (I'm assuming) parity for it around over the disks you have installed, despite them being different sizes - nice, though there have been many comments on the forums saying that the server 'balances' between disks all the time especially if you hit it with a heavy upload of files - I suspect a later patch from the mothership will set this up so it only happens at set time windows for example.

This is 'software' RAID whatever way you look at it, and it will never really compete with a hardware based controller with caching etc, that you find in commercial servers, and I wonder if a hardware option would be better given many OEM's have spun WHS dedicated hardware already...

I've yet to add more than a single disk to my WHS, so a more in-depth comment on this will arrive here later once, I've seen it at work.

Hacking already!

While at Tech-Ed I spoke to several MS staff regarding WHS and external network storage - many of us (including me) already invested in Home NAS devices (mine is a Synology CS107), which have redundant RAID on SATA disks already, and WHS's efforts are therefore less appealing to me - Sadly, MS told me a the time that there is no support for NAS'es, but as always, I set about working out how to share the folders on the NAS via the site regardless- my interest in WHS is remote access and backup primarily for now.

In actual fact , once you realise that a shared folder in WHS is resident on the D: drive of the server (your primary disk, 2nd partition if you have just the one ), and the neat folder interface is supplied by some ASP.NET in IIS on the machine, it becomes a little easier.

From what I can see, the actual interface shares the folder contents via some server-side code which cleary we probably cant force to show a non-local network share. (after all we're asking for 'share forwarding' something that windows cant do anyway).. except in IIS...

It is possible to create virtual directories in IIS to point to network locations, and this appears to work nicely as it does on any other windows IIS box.

Sniffing around in the iis folders gave away how to add some links to the WHS web page:

  • Set up a virtual directory in IIS pointing to your remote system, I selected 'always validate the authenticated users credentials' which uses the user you logged in as (make sure they have a matching username and pw on the remote server, or NAS)
  • Ensure you enable 'Read' and 'Directory Browsing' ,then click 'Directory Security' then click 'edit' and remove anonymous access! - select 'basic clear text auth' - if you enter via SSL I think you're encrypted anyway?
  • Copy WHS the c:\Inetpub folder somewhere as a backup, first before interfering..
  • Edit c:\inetpub\wwwroot\remote\default.aspx and locate the line with

if (Has3rdPartyWebsites)

<%if (Has3rdPartyWebsites){ %>

(remove it, along with the corresponding <%} %>bit as well at the next paragraph)

  • Edit c:\inetpub\wwwroot\remote\websites.aspx and add a few lines like this (one for each link)
  • Where 'name' is the link name, uri is the path to the virtual dir you created (I put mine under remote), and imageUrl points to something pretty - like the graphics in the images folder)

When you click the links you do get the ugly IIS folder list, but there are 3rd party apps to make this look nice, and I'm not giving up just yet on adding it to the folder tab in the main site 8-)

If you're listening MS: Remote storage (E.g NAS'es) would be a nice supported feature, especially if you then consider making the WHS an embedded device with LOW power consumption and no moving parts 8-)

More on WHS later as I'm not done, with 178 days remaining, though I must say all it's done is made me think that my 'unslung' Linksys NSLU2 (Which uses a 1/10th of the electricity of my WHS) is capable of most of the functions I need, I may need to explore this further - if I do I'll post what I've built - think 'embedded WHS' with Linux 8-)

We have to be mindful that WHS is targeted at the average consumer, and for that it's a great solution, especially looking at the fine examples from the OEM market (HP, Tranquil etc), I suspect the geek movement are busy as we speak moving features onto this platform ..

1 comment:

nintendo ds r4 said...

Thanx for the valuable information. I was looking for something like this. Keep posting. Will be visiting back soon.