A scalable, stable, secure software stack for small and medium-sized business network services is hard to develop in-house or integrate from piecemeal components. To integrate it all with a single sign-on for users requires even more work. Enter Novell’s new SUSE Linux-based OpenExchange, a packaged, full-featured, secure, all-encompassing operating environment.
At SUSE Linux Openexchange Server’s most basic level you’ll find the UnitedLinux 2.4.19-64GB-SMP Linux kernel, which is old but time-tested, stable, scalable, and reliable. It held up under our stress-testing, running four instances of SETI@home while loading four years’ worth of email into IMAP without even slowing down the Web-based interface under load. The system we used for testing was a Dell PowerEdge 2400 (dual 1GHz Pentium III CPUs, 1GB RAM, mirrored 36GB 10,000rpm SCSI-160 drives), a production server in a 50+-node network at a financial services company.
The operating system is a derivative of SUSE Linux and has all of the usual styling and administrative tools. Included in the package are tools for hosting a Web server (via Apache 1.3.26), email server (via Cyrus-IMAP), and user authentication and address book server (via LDAP). This functionality in itself is not revolutionary, but the way the pieces are integrated is. All of the network users can access these services through a beautifully designed Web interface with a single secure sign-on, making the whole operating environment into a valuable tool that reduces management overhead, user training costs, and platform dependence.
Compatibility
While it may not be possible for some companies to switch away from Windows on their desktop machines, it is possible to keep those nodes just as they are and still take advantage of the functionality of Openexchange.
We tested Windows ME, 98, and 2000 desktop machines with Openexchange and had no trouble getting them to work seamlessly with its services. By using Samba as a Windows domain controller, each Windows desktop was able to authenticate to LDAP. Although it’s an added step to the process, the end result is the same sort of authentication that a GNU/Linux, *BSD, or Solaris machine would do by going directly to the LDAP server. In other words, your desktop machines can use Windows or any operating system that is LDAP-aware.
We didn’t test Microsoft Outlook, but we did test Mozilla Mail, Evolution, and Outlook Express. All worked perfectly with email and contacts. In general the email server worked quite well.
|
|
|
| Click to enlarge |
Client interface and tools
The client interface to SUSE Linux Openexchange Server is elegantly designed and easy to navigate, greatly resembling PHProjekt in terms of interface layout and functionality.
The screen shot says it all — everything is easy to find and use. If you’d like to try it out for yourself, Novell offers an online demo.
Two features of the client interface that aren’t immediately obvious are the Documents and Knowledge sections. A sysadmin can easily turn either one into a FAQ and direct users to it when necessary, saving him the trouble of repeating the same information over and over. The Knowledge section is also useful as a repository for tips and tricks related either to the company or to the sysadmin specifically. For instance, you could store company rules and policies there, or you could save your configuration files and software installation procedures with it. The Documents section can also be used to store form or example letters for employees to use for standardized correspondence on company letterhead.
You don’t need to perform any major configuration at the clients to work with Openexchange. You just have to have your server set up properly to authenticate clients, and each client must have a JavaScript-enabled Web browser installed on it. We tested with Firefox, Mozilla, Internet Explorer, and Opera, and found no rendering errors in the Web portal.
Caveats
Although we felt that Openexchange was a great product overall, there were a few minor things we disliked about it:
- The installation procedure requires an unusual and nonsensical insertion order for the CDs, and no DVD is offered. This makes an unattended install impossible while making the entire procedure a time- and attention-consuming ordeal.
- Installation involves putting the base system on first, then going back later and adding ancillary tools and and extras — again, inconvenient.
- You can’t edit configuration files until the entire system is as you want it; in other words, you must install everything with system defaults and then go back and edit them later.
- Webmin, our preferred services administration tool, is not installed by default, although it is available on the CD set.
- By adding LDAP users, YaST can destroy the Python-LDAP package, making the system unbootable.
- Editing the Samba configuration from the command line also resulted in a broken Python-LDAP package.
It’s also worth noting that the manual is required reading for a proper installation. SUSE Linux has always been intuitive to experienced GNU/Linux users, and generally easy to install, set up, and configure, but there are many “gotchas” that, if you don’t RTFM, you won’t know about until it’s too late.
Openexchange’s old 2.4-series kernel isn’t going to support much P4- or AMD64-era peripheral hardware. While you certainly don’t need to worry about video or sound drivers, you may find yourself digging around in the parts bin for an old network card that will work with the 2.4.18 kernel. Serial ATA hard drives are totally out of the question.
If PostgreSQL and Cyrus are not your favorite tools to use with LDAP and IMAP, you’re going to have to learn to like them if you go with Openexchange. While it’s probably possible to use other databases and email servers, implementing them in place of the existing technologies would be difficult to accomplish and hard to maintain and manage (SUSE’s online update tool won’t recognize third-party packages, so you’ll have to update them by hand).
Exchange this
Most corporate desktop machines are currently running some version of Microsoft Windows, using Exchange and Active Directory as a primary method of achieving similar functionality to what is described above. The trouble is, attempting to make and keep Exchange and Windows secure is a hassle that any Windows sysadmin is all too familiar with.
Microsoft Exchange is “dirtier” than its competitors, requiring constant maintenance in the form of daily garbage collection and frequent security updates. Exchange is tightly integrated with and totally dependent on the proprietary Windows-only Active Directory, and can’t use NIS, LDAP, or Radius to authenticate. In contrast, Openexchange uses LDAP, which is supported by Solaris, GNU/Linux, and Free/Open/NetBSD — the client machines are not limited to one operating system.
After testing this product for six months prior to this review, we believe that OpenExchange is “absolutely!” a replacement for Microsoft Exchange in small/medium businesses, especially those that have Internet-connected networks and those who need Internet email access. Its functionality, security, stability, reliability, and platform-independence trump the shortcomings of Microsoft Exchange.
Aside from being a good Exchange replacement, Openexchange also provides an all-encompassing, easily licensed, inexpensive server software stack for small/medium business networks. Although it does have its annoyances with installation and setup, the functionality and features it offers are unmatched with any single software solution. In other words, it’s not just a replacement for Exchange — it’s a replacement for Windows, Exchange, and Active Directory, while providing Outlook-like functionality and adding in various extras like Web forums, online chat, and other collaborative functions.
Discuss this article or get technical support on our forum.
| Purpose |
Collaboration/groupware, Web, LDAP, Samba, and email server |
| Manufacturer |
Novell |
| Architectures |
x86 |
| License |
GNU General Public License |
| Market |
Small/medium businesses |
| Price (retail) |
From U.S. $144 to $1,319 or more depending on the level of support and services needed |
| Previous version |
4.0 |
| Product Web site |
Click here |
Copyright 2005 Jem Matzan.
Improvements over 1.0
The first major improvement to Vidalinux OS 1.1 is the revamped installer. It still uses Red Hat’s Anaconda tool, but all of the stray references to Red Hat and Gentoo are gone, replaced by Vidalinux and their excellent logos and graphics. In the previous version I had some problems with VLOS’s implementation of Anaconda, but it seems as though the developers have spent time and effort fixing most of the problems and bugs. There is now a package selection screen where you can deselect certain packages that you might not want, and you can create users and set passwords during the installation rather than after the system is up and running. On a fast system, total install time is about 20 minutes.
The kernel has been upgraded from the 2.4 series to 2.6.9 with special patches from the Vidalinux developers to “enhance desktop performance.” Although I didn’t notice any revolutionary gains in performance over a standard Gentoo system, the kernel as supplied by the VLOS team supported everything except the sound chip on an Intel D915GUX motherboard — a real challenge for modern distributions because of the novelty of the onboard components. I did have some trouble with our Dell Inspiron 3800 laptop system, which, during installation, popped up dozens of warning messages pertaining to the disk_dos.c file. Despite those problems, the operating system did install and ended up working quite nicely on that system.
Available builds
The VLOS Web site claims that there is a downloadable AMD64 edition, but no torrents were offered for this build in the download area. There is, however, a commercial AMD64 edition available for purchase. Other editions include i686, Pentium4, and AthlonXP. I tested the i686 edition, as the laptop test system is only a Pentium 3, and the only problem I found with it was in /etc/make.conf, which incorrectly listed the processor architecture as P4.
There are only a handful of ISO mirrors for VLOS 1.1. The project tries to push bittorrent as the primary method of acquiring the download edition, but every time I tried to download the torrents, the tracker was unavailable. Even leaving our bittorrent client open for an entire day yielded no download progress. Fortunately the ISO mirrors were responsive and quick; just the same, I’d like to see the VLOS team pay better attention to their bittorrent seed count.
The commercial version has no governing license restriction preventing it from being redistributed, but it is not available for download from the Vidalinux Web site. Buying the commercial version gets you a CD copy of the full operating system, extra programs, and support directly from the developers through their Club Vidalinux Web site and private IM server. The commercial version does contain proprietary software in the form of browser plug-ins for Flash, Java, and RealPlayer.
The Porthole utility
Porthole is a GTK-based frontend for Gentoo’s Portage software management system, very much like (and nearly identical to) Debian’s Synaptic. Portage by itself is very easy to learn and use, but it must be run from the command line. The assumption is that VLOS is aiming to avoid all command line interaction and become as user friendly as possible. Despite that goal, I found the Porthole utility to be more difficult to use than plain Portage. In the previous edition of Vidalinux, Porthole would request the root password in order to use Porthole — a necessary step, due to restricted permissions on the use of Portage. VLOS 1.1 has removed the GNOME su tool, so the only message a user gets is one that informs them that they won’t be able to sync the Portage tree or install or remove any programs. The way around this is to open up a command line shell, su to root, and run Porthole from there. Alternately you can log into GNOME as root and run Porthole from the GNOME menu. Neither of these solutions is particularly user friendly, and they more or less negate the need for Porthole at all. You can still use Portage from the command line, if you prefer.
On both test systems, Porthole failed to correctly update all of the installed packages. It could sync properly, but it had trouble with everything else I tried to do with it. By the time I were done messing with Porthole, the laptop system was unbootable and nearly unfixable, still did not have all of the updated programs, and somehow managed to install an old 2.4 kernel source tree without our permission. All this from trying to upgrade the system and install the proprietary ATI video drivers. I were able to fix most of the damage from the command line, but I’m fairly convinced that this debacle would not have happened (or have been as bad) if I’d used plain Portage to begin with.
Porthole still needs a lot of work to make it a relevant tool for newer users. Gentoo veterans probably won’t find any value in Porthole, as it’s far easier to type emerge -puD world than it is to select the requisite options from a drop-down menu and click a button. If I have any suggestions as to how to fix this, they are:
- Put the GNOME
su utility (or some reasonable equivalent) back in and prompt users for the root password so that the command line is totally out of the equation
- Make a common upgrade setup (preferably
emerge -uD --newuse world, as recommended by a Gentoo developer) instead of making users select emerge options
- More buttons, less menu interaction
- Integrate the terminal output into the utility, or make it impossible to close the window while Porthole is running — closing this window messes up the whole program until it is restarted
- I found some command line errors relating to
pycrash and gpm
Included programs
The download edition is pretty slim — aside from the standard GNOME ancillary programs, the only major applications it includes are Novell Evolution and Mozilla. You can certainly add more programs through Porthole, but some of the builds (such as the Ximian edition of OpenOffice.org, which was included in the previous version of VLOS) take a long time to complete, even on a fast system.
The answer to this hassle is the commercial edition, which includes such GNU/Linux desktop standards as The GIMP, Audacity, OpenOffice.org, and the neat little Gdesklets applet that adds OS X-like dock functionality to the GNOME desktop.
GNOME 2.8 is the only desktop environment included with the download edition of Vidalinux OS 1.1, and all of the graphical applications that come with it are GTK-based. Qt-dependent programs can of course be added manually through Porthole. KDE 3.3.1 and some Qt-based programs such as K3b are included with the commercial edition of VLOS 1.1.
The GNOME and Anaconda themes are beautifully designed, although they don’t look quite as much like Apple OS X’s Aqua as the previous version of VLOS did.
Summary
If you’re interested in Gentoo but decidedly against long compile times and a lengthy, text-based manual installation procedure, Vidalinux OS 1.1 is the operating system for you. It looks nice, installs quickly, and although the download edition doesn’t include many desktop applications, you can add any of Gentoo’s more than 8300 packages through Porthole.
Aside from the difficulties with the laptop system, the failure to install the proper sound module for the (very state-of-the-art) Intel motherboard, and the inconvenience of Porthole, I didn’t experience any major bugs, stability issues, or problems with Vidalinux OS 1.1. If you’re a moderately experienced GNU/Linux user looking to switch to a modern, upgradable, GNOME-based distribution that does not involve RPMs, or if you want to get into Gentoo without the steep learning curve, Vidalinux OS 1.1 is worth trying.
Discuss this article or get technical support on our forum.
| Purpose |
Operating system |
| Manufacturer |
Vidalinux.com (Spanish language) |
| Architectures |
x86 (optimized for i686, P4, and AthlonXP), AMD64 (commercial version only) |
| License |
GNU General Public License, although some included packages may be proprietary |
| Market |
Desktop users |
| Price (retail) |
Download edition is free, the full commercial version is U.S. $30 |
| Previous version |
Vidalinux 1.0 |
| Product website |
Click here |
Copyright 2004-2006 Jem Matzan.
Copyright 2008. All content items belong to their respective authors.
