AiHua Information Technology Site

Over the course of the week I had an opportunity to have an information technology exchange with another organization in the area.  They showed us some great features of Microsoft Communication Server and I was quite impressed and knew I could do at least some features via open source software but wanted to know if it was possible to have a total replacement that is completely open source.  The short answer is “yes AND no.”  Yes you can replace it, but it takes a few open source components working together to do it.

The first question is “what does Microsoft Communication Server do?”  It’s essentially a version of MSN Instant Messenger on steroids, as it not only handles instant messages and collaboration within an organization, but handles phone calls and group conferencing.  As I looked around at the linux and unix offerings, I discovered Microsoft is actually late to the communications party.  Many of the projects discussed have existed for a long while and are quite mature and have been used extensively in business environments.

So to replicate an environment consisting of Exchange, Active Directory, and Communication Server an open source environment could use:

• OpenLDAP and Samba for PDC/AD type functionality and file sharing
• Asterisk (technically, a Microsoft setup *still* requires Asterisk or another telephony system so this is required either way)
• Zimbra for an Exchange like mail server (Zimbra has many technological advantages in it’s own right as well)
• Openfire which operates a Jabber (XMPP) server and integrates with Asterisk, SBS, and even SugarCMS to provide a robust contender to the MS Communication Server.

Not that there is anything wrong with choosing to go the Microsoft route, but we believe that people should be able to choose their solution, and this lineup of services offers another option for organizations.

We have added a page for Jobs and Internships which is accessible to the right.

Currently we have opportunities for:

• Local Chinese IT staff.
• Short and long term foreigners in IT and accounting.
• Work from home on virtual servers (linux/unix/open source).

Visit the Job’s & Internships page for more details, pay, and benefits.

We have been expirimenting with some open source routing software this week.  I have to say that I’m incredibly impressed with Untangle as a network solution, so much so that it went into operation on an old P4 desktop we had lying around.  It’s now serving as a VPN and web filter and doing quite well at it.  I’d thoroughly recommend the open source edition for any organization who’s fed up with spam, malware, time sink hole websites, and viruses.  It works best with a computer in the 1Ghz to 2ghz range with 1 to 2 Gigs of ram and 2 ethernet ports; however, it gets by quite well even on 500+ Mhz with 512 megs of ram with 2 ethernet cards.  It will also work within a virtual machine if setup properly.  We are happy to assist in the setup or consultation of routing and gateway solutions, use the contact page to the right for questions or to setup an appointment.

I want to take some time to point out that Hamachi is a vpn technology that makes remote access and administration quite easy.  It’s also free for personal use or for use by non-profit organizations!  I have been running some expiriments with this tech and it operates quite well.  I would like to try to integrate it into a gateway to bridge remote offices.  Give it a try by downloading it for windows, linux, and osx @ https://secure.logmein.com/products/hamachi/vpn.asp

Sometimes we just don’t want to allow every staff to use every program, there are easy ways to deal with this in Ubuntu.  One of my favorites is to assign programs to groups.  For example if we want to restrict who can use skype and pidgin within Ubuntu we can create a group called “im” for instant messenger.  I prefer to do this in LDAP as I can do it for the entire organization in one go, but you can create the group for the individual computer using the users and groups tool.  Next I do the following:

cd /usr/bin
sudo chown root:im skype pidgin
sudo chmod o-rx skype pidgin

This will make the above programs only accessible to root and user placed within the im group.  The sky is the limit as to how you want to authorize personnel to utilize their company resources,  but this approach will completely block access to the types of programs you don’t want company wide access to, such as accounting software (even if there is password protection for the financial database, the only people that should be able to execute the financial software should be authorized personnel).

We hope this article has been informative and helpful, as always you can enquire for use of our services through the contacts page on the right.

I’m often asked why I (Isaac) choose to implement PXE booting at the AiHua offices.  For those unfamiliar with the concept of PXE booting, it is a technology which allows computer administrators to remove the hard drives of all their client machines and only need to manage the software/operating system that exists at the server.

This affords a couple of advantages, first software changes do not need to be repeated for every computer on the network.  Second, the client hardware becomes expendable, a computer which dies due to hardware fault is quickly replaced by another computer, the employee only notices that the computer case changed.  All files and settings remain unchanged.  All files and folders are located centrally, making sharing and backup a trivial task.  Finally, there is significant cost saving as IT staff require less time maintaining and recovering individual computers, leading to less staff to salary and less overtime hours.

There are some dissadvantages to consider as well, primarily in the consideration that another point of failure has been included.  If the server has broken down, then no computers are able to perform their work.  This risk is minimized by regular backup schedules and the use of high availability services (typically a group of servers and storage arrays).

How would I recommed the small to medium sized organization implement their network?  If the organization has less than 5 computers then I would suggest using standard technologies; however, if more than 10 computers then diskless booting begins to have an effect.  By the time their are 50 to 200 computers diskless begins to really shine (particularly with a 1 Gig network and network attached storage solution).

AiHua can provide expertise in setting up diskless networks.  We presently have experience with building custom diskless, LTSP, freeNX, and DRBL.  Each has advantages and dissadvantages that we can help you navigate through and pick what would be best for your organization, if any is viable at all for your situation.  See the contact page for details.

When I first arrived in China at the AiHua offices in 2005, I must confess that I did not know very much about open source software.  I was working in graphic design and web design at the time (cobbler’s son’s wear no shoes).  I was given an additional task by our general director to start paving the way for another team member who had been selected to pioneer using Linux as the desktop of choice for NGO’s around the province of Yunnan.

Unfortunately that team member never made it to our offices; however, with a Mandriva CD in one hand and an OpenSuse one in the other, myself and my national collegue James began learning the ins and outs of linux and other open source software.  I had tried Linux in 1995; however, it never really stuck with me back then.  Nearly 19 years later, it had evolved into a very usable and very powerful operating system.  I became more and more hooked as I discovered this was the silver bullet our office needed!  No longer did we have to fumble with anti virus software, firewall software, and complicated backup strategies.

Eventually I landed on Ubuntu as my distribution of choice because of it’s ease of use and great multilingual support.  While many staff were apprehensive at first, it has met with more and more praise for it’s stability, ease of use (Gnome interface), and veritable immunity to viruses.

Now, 3 years after becoming a linux administrator, I can’t ever see myself going to any other system.  The power and flexibility is unmatched, and all of it offered legally at absolutely no cost!  This is why I’m a vocal open source proponent and for the foreseeable future will remain so: because it improves organizations and saves money… and every bit of efficiency that can be eaked out saves money for use in charitable work!

As AiHua primarily serves organizations working in developing nations, we are frequently asked about whether equipment should be purchased locally, in a regional hub (like Hong Kong, Bangkok, or Singapore), or as many expatriates ask, should equipment be purchased in one’s home country.  There are many factors, but as a general rule I say one should try to purchase locally.  Provincial headquarters or a capitol usually have equipment for sale, or with some connections can get needed equipment.

The advantage to using local equipment is often that it allows for easier maintenance and warranties from vendors.  If purchased overseas there is no guarantee that equipment will be fixable provincially, or even at a capitol, sometimes it must be sent to Europe or North America to be repaired at considerable cost and downtime.

The caveat in equipment purchasing strategy is that Apple/Macintosh can be double the cost outside of North America, so if Apple/Macintosh is an absolute neccessity, then the only real option is to purchase there.  However, for most work in developing nations, an Apple/Mac isn’t neccessary so very capable networks can be designed around commodity hardware and open source solutions.

We nearly hit the six months worth of non interupted uptime mark for a DRBL server that was built for one of the Bless China International locations.  This means that until today when a day long power outage unfortunately forced me to shut it down before the battery gave up, there has been no downtime for six months!  There were 5 departments using the server everyday, all day long to boot from, access their files, and access the internet.

This sort of reliability speaks volumes about the quality of open source software and it’s practicality for office use.  The calls for service during the past few months were few and far between and primarily consisted of questions about how to make a spreadsheet row longer or how to change text background colors.  I’m saddened that I didn’t get to see how long it would hold out for, but I believe all those uptime calculations about Unix and Linux that are put out every year now!

I recently came across an article HERE that discusses new anti piracy measures Microsoft has begun taking to combat piracy in China (which is estimated to be 90%).  It brings me great relief that we use linux systems as they are ethical, free, and don’t contain virusses or malicious software designed to steal sensitive information.  I’d encourage everyone currently using pirated software to either purchase legitimate copies or moving/migrating to open source/free software (particularly one of the free linux or unix variants).  In the case of the latter, please see our services and contact pages for assistance converting your office.