Configuring wireless Ethernet with SuSE Linux 10.0

Alex and I were debating the pros and cons of various operating systems during our geekfest (working on my latest website project, in the pub) last weekend – he’s just bought a new Mac (and works with them all day), so, like most Mac users I know, he can’t see why anyone would possibly want to use anything else (not quite true, but that’s the gist of it). Meanwhile I sat down at his Mac and couldn’t even work the mouse properly to open up Firefox and pull some information off the ‘net. I complained that standard keyboard shortcuts didn’t work (I had to use the Apple key instead of control) and he said it’s because I only use Windows. I disputed that – I like GNOME on Linux – and the reason I like it is that it works like Windows, only better. It’s got a cleaner interface but most of the keyboard shortcuts that I know still work. But even Linux is not ready for complete newbies. It’s come a long way since I first used it back in 1993 – in fact it’s advancing at a tremendous pace – but even Linux Format magazine acknowledges this month that it needs to be approached “with an awareness that it takes time and patience to use properly”. Linux is not for everyone. I’ve got nearly 20 years of PC experience under my belt (12 years designing, supporting and implementing systems using Microsoft software), and I’m still struggling with Linux (although getting on much better since I spent last week learning a bit about Red Hat Enterprise Linux).

So, what’s the point of this rambing? Well, last night, after weeks of wrangling, I finally got a non-Windows operating system to connect to my wireless network. I gave up trying to do this on Solaris (after the Solaris NDIS wrapper toolkit failed to compile on my system and I couldn’t get a satisfactory answer to my post at the OpenSolaris.org forums) and instead went for a popular Linux distro (SuSE 10.0, which Novell very kindly sent me a copy of a few weeks back).

There are many reports on how to do this out there on the ‘net, but none of them worked exactly for me. What follows is what I did with SuSE 10.0 on an IBM ThinkPad T40, with a D-Link DWL-G630 PCMCIA card and a D-Link DWL-2000AP+ access point, configured to use WPA-PSK (TKIP) and proven to work using a selection of Windows clients.

SuSE 10.0 comes with packages for NdisWrapper (v1.2), wireless tools (v28 pre-8) and WPA supplicant (v0.4.4), I used YaST to check that these were all installed and located the netrt61g.inf, rt61.cat and rt61.sys files from the CD supplied with my network card. I don’t think the .cat file is required, but I copied them all to /tmp anyway.

Next, following the advice for installing NdisWrapper on SuSE Professional 9.2, I ran the following commands from a terminal window (logged in a root) to install the network card:

cd /tmp
ndiswrapper -i drivername.inf

In my case this was netrt61g.inf, and the response was Installing netrt61g. Next, I entered:

ndiswrapper -l

to check the status of the NDIS drivers and saw the response:

Installed ndis drivers:
netrt61g driver present

The next part is to load the module, using:

modprobe ndiswrapper

This doesn’t return a response, but using iwconfig should return details for a new interface (in my case it was wlan0). At this point, I hadn’t yet inserted the card, but all seemed fine with the card driver configuration.

I then used YaST to configure the new wlan0 interface (although I could have made the edits manually, YaST saves me from missing something). The instructions I followed used YaST to edit the system configuration (System, /etc/sysconfig Editor), although some settings need to be added into text files manually, so they might as well all be done that way:

  • Add MODULES_LOADED_ON_BOOT="ndiswrapper" to /etc/sysconfig/kernel
  • Add DHCLIENT_MODIFY_RESOLVE_CONF='yes' and DHCLIENT_SET_DEFAULT_ROUTE='yes' to /etc/sysconfig/network/ifcfg-wlan-wlan0

That should be it for a basic wireless Ethernet configuration (although it may also be necessary to set any other network interfaces to start on cable connection, on hotplug, etc., rather than at boot time). For those of us using a secure network, there’s still more to do as it’s necessary to configure WPA Supplicant. It should be as simple as configuring /etc/wpa_supplicant.conf, then issuing a few simple commands:

ifconfig wlan0 up
wpa_supplicant -Dndiswrapper -iwlan0 -c/etc/wpa_supplicant.conf -dd

Sadly, that didn’t work for me. Even now, I’m not sure that the contents of my /etc/wpa_supplicant.conf file are correct – that’s why I haven’t published them here; however it maybe useful to know that the package also includes command line (wpa_cli) and graphical (wpa_gui) utilities for troubleshooting and managing the interface. wpa_cli was pre-installed as part of the package on my system, but I didn’t get anywhere until I obtained wpa_gui from the latest stable release of wpa_supplicant (v0.4.8).

To do this, I needed to add the gcc (v4.0.2), gcc-c++ (v4.0.2) and qt3-devel (v3.3.4) packages to my installation, then compile and install wpa_gui using:

PATH=$QTDIR/bin:$PATH
make wpa_gui
cp wpa_gui /usr/sbin

Only after typing wpa_gui -iwlan0 was I able to scan for an AP and locate the available networks:

wpa_gui scanning for networks

Then I could connect using the appropriate WPA key:

wpa_gui scanning for networks

wpa_gui scanning for networks

The connection doesn’t last long (it drops a few seconds after the 4-way handshake shown above), but at least it seems I have a working configuration (if not a stable one…).

So, it wasn’t easy. In fact, I’d say that wireless support is one of Linux’s weak spots right now, not helped by the fact that the device manufacturers generally only support Windows. Even now, I have some issues – like that my connection drops and then I can’t re-establish it – but I think that might be an issue with using Windows drivers and NdisWrapper. At least I know that I can get a connection – and that’s a step in the right direction.

Why open source software is not really free

There’s a common misconception that open source software is free – as in doesn’t cost anything – and conversely that proprietary software is expensive.

I’d often wondered how this was aligned with the sale of packaged distributions of free software (it turns out I’m not the only one – a UK trading standards department were also confused by the sale of Firefox CDs – thanks to Slashdot via Slashdot Review for causing me to laugh out loud about that one…). Actually, it turns out that open source software is only free as in free speech – not as in free of charge. Sometimes it is free of charge too, but the two most common open source licensing models (GNU and BSD) do not prohibit the sale of “free software”.

GNU (a recursive name – GNU’s Not Unix) is a project, started by Richard Stallman in 1984 to create a free Unix clone, managed by the free software foundation (GNU/Linux is the kernel developed as a result of that project). GNU’s definition of free software says in part:

    • The freedom to run the program, for any purpose (freedom 0).
    • The freedom to study how the program works, and adapt it to your needs (freedom 1). Access to the source code is a precondition for this.
    • The freedom to redistribute copies so you can help your neighbor (freedom 2).
    • The freedom to improve the program, and release your improvements to the public, so that the whole community benefits (freedom 3). Access to the source code is a precondition for this.
  1. “Free software is a matter of the users’ freedom to run, copy, distribute, study, change and improve the software. More precisely, it refers to four kinds of freedom, for the users of the software:A program is free software if users have all of these freedoms. Thus, you should be free to redistribute copies, either with or without modifications, either gratis or charging a fee for distribution, to anyone anywhere…

    …’free software’ does not mean ‘non-commercial’.”

The GNU general public license (GPL) encourages free software, but all enhancements and changes to GPL software must also be left as GPL. In effect, the software is free to enhance, but not necessarily free to purchase.

Where code is derived from the University of California at Berkeley BSD project, a separate licensing agreement applies. Many commercial software vendors prefer to use the BSD license, because it lets them wrap open source code up in a proprietary product. As Linux Format magazine paraphrased this month, “In a nutshell, the BSD licence says, ‘do what you like with the code – just don’t claim you wrote it'”. The BSD code would still be free, but the developers don’t have to release all of the source code for the entire product.

Whilst I’m writing about non-copyright licensing agreements, it’s worth mentioning creative commons. Not limited to software products, this is a licensing alternative to copyright for all creative works, building on the “all rights reserved” concept of traditional copyright to offer a voluntary “some rights reserved” approach.

I’m really interested in the rise of Linux as an alternative to Windows; however it’s not about stripping out software purchase costs. Purchasing a version of Linux with a predictable development cycle and a support entitlement (e.g. Red Hat Enterprise Linux or Novell/SUSE Linux Enterprise) can be just as (or even significantly more) expensive as a copy of Windows and management costs need to be considered too. For as long as the majority of IT organisations are geared up to provide almost exclusively Windows support, Linux support costs will be higher too.

A quick introduction to Linux for Windows administrators

Linux penguinI’ve written previously about my various attempts to cross-train in Windows and Unix. Recently, I began running Sun Solaris 10 x86 on one of my machines, more recently I’ve installed SUSE Linux 10.0 and this week, I’m attending a training course to learn about Red Hat Enterprise Linux.

What follows might be useful for anyone thinking of making the switch (or just picking up some new skills). I should stress that I’m a Unix/Linux newbie (unless you count some Unix systems programming back at uni’ in the early 90s) so these notes are probably incomplete and I might come back and edit them later. I don’t intend this to be a guide for integrating Linux and Windows either – more of a quick conversion for Windows administrators starting to work with Linux. Also, whilst these notes are based on Red Hat Enterprise Linux 4, they should hold true for most recent Linux distributions (I’ve tested them on SUSE Linux 10.0) and they shouldn’t be too alien for other Unix variants (although the commands may be a little different).

Whatever the Linux distribution, the kernel is controlled by kernel.org. This is the part of the operating system based on the original work by Linus Torvalds. The differences between Linux variants come at the next level with the various utilities added as part of individual distributions, including the graphical environments (e.g. GNOME and KDE).

Some vendors (e.g. Red Hat and Novell) have split their products into a free-to-download version with frequent upgrades and rapid adoption of new technology (e.g. Fedora, SUSE) and a more stable version with predictable release cycles and a subscription-based licensing model including support (e.g. Red Hat Enterprise Linux, SUSE Enterprise Linux), aimed at corporates who need to maintain standards. Some distributions also include utilities for keeping the system up-to-date (although these may also require an appropriate entitlement).

Installation of a Linux system is generally straightforward. The major distributions make life easy with bootable CDs and DVDs and comprehensive setup/installation routines (e.g. YaST). Having said that, if problems are encountered, they are not always easy to resolve (it took me considerable time to resolve a recent issue with installing SUSE 10.0 on an IBM ThinkPad).

Once installed, Linux can be used in either command line interface (CLI) or graphical user interface (GUI) mode. Unlike modern Windows operating systems, the Linux GUI is separate from the operating system itself and it is possible to run several CLI and GUI sessions (called virtual consoles) simultaneously. By default Ctrl-Alt-F1 to Ctrl-Alt-F6 are CLI user virtual consoles, whilst Ctrl-Alt-F7 will run a GUI interface. Multiple GUI sessions can be started using the startx command.

The Linux root user is analogous to the Windows administrator but (largely because Linux expects users logged in as root to know what they are doing) Linux doesn’t tend to issue “are you sure?” prompts and so it is far easier to perform something destructive by mistake when logged in as root. Although it’s also good practice to run as an unprivileged user in Windows, this should definitely be the norm in Windows. Many GUI applications (and some CLI ones) allow for escalation of privileges (in a similar manner to the user access protection feature in Windows Vista).

As for Windows (with command, cmd, wsh and soon msh), Linux has a variety of shells/command interpreters available for use. Linux distributions use the Bourne-again shell (bash) by default but may also ship with other shells including the original Bourne shell (sh), C shell (csh) and Korn shell (ksh).

Linux uses the X Window system for GUI operation; however X Window doesn’t dictate the look and feel – it is simply an application that provides the ability to draw on the screen. X Window is a client/server application, with the X server handling the monitor, keyboard and mouse and various X clients interacting with the X server. Examples of these X clients include the display manager (handling logins), the window manager that controls the look and feel (e.g. Metacity, KWin), the desktop environment (e.g. GNOME, KDE) and a variety of other x client applications (file browsers, web browsers, terminals, etc.). The two main X Window systems are XOrg and XFree86.

Linux has a system of runlevels, similar to the Windows concepts of recovery console, the various safe modes, and normal operation. For Linux, the runlevels are:

  • 0 – shut down.
  • 1 – systems maintenance (single user mode).
  • 2 – multi-user (no file sharing).
  • 3 – multi-user with file sharing (effectively a running system without a GUI).
  • 4 – not implemented.
  • 5 – (default) fully running.
  • 6 – reboot.

The init runlevel command is used to switch between runlevels but beware that some Unix versions will use different runlevels (e.g. init 5 will power off a Solaris system).

Whereas Windows systems store configuration information in a plethora of locations (registry, file system, Active Directory, etc.), Linux generally uses a series of text files; however, just like in Windows, these may be spread all over the file system. This is probably the most confusing element for an administrator converting from Windows and the following is a list of likely locations from the file system hierarchy in which to find information:

  • Home directories (/root, /home/username).
  • Binaries (essential in /bin, non-essential in /usr/bin, third-party in /usr/local/bin).
  • System binaries (essential in /sbin, non-essential in /usr/sbin, third-party in /usr/local/sbin).
  • Foreign file system mountpoints (/media, /mnt).
  • System configuration (/etc).
  • Temporary files (/tmp).
  • Kernel and bootloader (/boot).
  • Server data such as logs and spool files (/var, /srv).
  • System information (/proc, /sys).
  • Libraries (essential in /lib, non-essential in /usr/lib, third-party in /usr/local/lib).

Everything in Linux is represented as a file – even hardware (files within the /dev and /proc directories – note that files in /proc are memory-based, rather than disk-based). Hard disks use a naming convention with hd representing an IDE hard disk and sd representing a SCSI hard disk. This is followed with a letter to distinguish the first disk as a, second disk as b, etc. Finally, partition numbers are indicated with a numeric suffix, so /dev/hda1 is the first partition on the first IDE disk. The partition table can be listed with fdisk -l.

Although Linux does support directory services and other authentication mechanisms using pluggable authentication modules (PAMs), some local users and groups will inevitably be required. Users may be created using the useradd command and groups with groupadd. Each Linux user has a numeric user identifier (UID) – root is always 0. Users are associated with one or more groups (a primary group and optional secondary groups), each of which is identified by its group identifier – the GID. User information, including name, UID, default GID, home directory and shell, is stored in the /etc/passwd file. Group information is stored in /etc/group. Even though the passwd command is used to change a password, passwords are not actually stored in /etc/passwd – instead they are stored as a password hash in /etc/shadow, along with details of when the password was last changed and the account expiration policy. System-wide account expiration policies can be defined in /etc/login.defs.

Unlike in Windows, Linux filenames are case sensitive. Linux, in common with other Unix variants, uses a discretionary access control permissions model with the concept of owner, group and others, controlled using the chmod command. Each of these can be marked with read, write or execute flags, as well as special flags (set user ID, set group ID and sticky) and another flag which indicates if a file is a directory.

For regular files, read means examine the file contents, write means modify the file contents and execute means run the file as a command. For directories, read means list directory contents, write means add or remove files and execute means change directory into the directory and view its properties.

When talking about file permissions, they are often expressed as a 3 (or sometimes 4) digit number. If these numbers make no sense, think of each set of permissions (special, owner, group and others) in binary:

Linux file permissions

4+2=6, so 0666 (usually written as 666) is -rw-rw-rw-. Similarly 4+2+1=7 so 0777 (777) is -rwxrwxrwx. More commonly, 0644 is -rw-r–r–.

Standard Linux file permissions are 0666 (-rw-rw-rw-) for files and 0777 (drwxrwxrwx) for directories although these are masked with a umask such as 0022 to remove the unnecessarily high permissions for group and others (0022 would make 0666 become 0644 and 0777 become 0755).

In common with other systems that use Kerberos authentication (including domain-joined Windows PCs), time synchronisation is critical to Linux systems. It’s not so important that the correct time is used, so much as that all the systems agree on a common time, but in any case the date can be set using the date command and Linux systems also have support for the network time protocol (NTP).

Linux uses TCP/IP as its networking protocol suite. Network devices are named by type and a numeric instance number. Ethernet is eth (eth0, eth1, etc.), token-ring is tr, fibre channel is fddi, dial-up and ADSL are ppp and localhost or loopback (127.0.0.1) is lo. In some circumstances, more than one connection may run using the same piece of hardware, for example Ethernet (eth0) is used for an ADSL connection, but ppp0 will be the connection tunnelled through the Ethernet link. Virtual network devices can also be created, e.g. eth0:1. It’s worth noting that changes to interface configurations will not become effective until an interface is deactivated and activated again. This can be performed from the command line using ifdown interfacename and ifup interfacename.

Linux printing is usually achieved using the common Unix printing system (CUPS); however, just as in Windows there is support for local and networked printers, with a variety of drivers, Printing is one area which is often easiest to configure using the GUI.

Recent versions of Linux include a kernel feature known as secure Linux (SELinux), which replaces the traditional discretionary access control model described earlier, with policy-based mandatory access controls which enforce security within a defined context. As SELinux is relatively new feature, many applications and services are not aware of it and whilst disabling SELinux is discouraged, it can be set not to enforce policy (although violations will still be logged to /var/log/messages). Another security feature that should not be alien in principle to Windows administrators is the built-in packet filtering firewall, administered using the iptables command.

So that’s it – a quick introduction to Linux for Windows administrators. To find out more, I recommend installing one of the free distributions and giving it a go for yourself. For help, try one of the following:

  • whatis commandname.
  • commandname --help.
  • man commandname (manual pages for many commands).
  • info commandname (texinfo pages for some commands).
  • Files in /usr/share/doc/packagename.
  • Website for the Linux distribution in use (e.g. Fedora, Debian, etc.).
  • The Linux documentation project.

If all else, fails, there’s a whole load of information that can be found by searching Google.

GRUB error 18 when installing SUSE 10 on an IBM ThinkPad

A few days ago, I finally managed to solve a problem that had been preventing me from installing SUSE Linux 10.0 on my IBM ThinkPad T40 for the last couple of weeks. My problem was, that the first stage of setup ran with no difficulties at all but after the initial reboot I was greeted with the following error:

GRUB Loading stage1.5…

GRUB loading, please wait…
Error 18

GRUB error 18 means “selected cylinder exceeds maximum supported by BIOS” but as the disk is the original one supplied with the PC, I thought that was unlikely to be an issue. There is, however, another variable in the equation with when using a ThinkPad.

Rather than supplying recovery CDs with its notebooks, Lenovo (IBM) positions its ThinkVantage software products as a differentiator and a reason to charge a premium price for its hardware – actually, my ThinkPad is by far and away the best hardware I have access to – comparable Dell machines have been very poorly built, although the HP (Compaq) and Fujitsu-Siemens equipment that I use has been pretty good. Part of the ThinkVantage product range is the rescue and recovery with rapid restore software, combined with the Access IBM key which uses a hidden partition on the disk – the Access IBM pre-desktop area or hidden protected area (HPA).

It was this hidden partition that caused me difficulties. There are three options for controlling access to the predesktop area in the BIOS – secure, normal and disabled. Normal (the default setting) allows changes to the pre-desktop area but the contents are hidden from the operating system whilst secure prohibits all user- or software-initiated changes and disabled makes the pre-desktop area visible and reclaimable for use.

After trying various pre-desktop area BIOS settings I noticed that the amount of disk space available to SUSE varied between 34.2GB in secure mode and 37.2GB in normal mode. It seems that even with the normal selection in BIOS, SUSE setup had been able to detect the full disk, and had installed the kernel on a section of the disk reserved for the pre-desktop area (which was then unavailable at boot time – causing the GRUB error).

In summary, if installing SUSE (or any operating system I guess) on a ThinkPad, set the predesktop area to secure before commencing installation – Sharad Popli has more information about this in his SUSE Linux, WinXP and Access IBM on the ThinkPad T43 article. I now have SUSE installed, but have a corrupt HPA. Thankfully my PC is still under warranty so Lenovo are sending me some recovery CDs without charge (my experience of their technical support has been excellent).

Overall, I was impressed with the SUSE setup – very straightforward compared to my earlier experiences of installing Unix and Unix-like operating systems. I also know (from my limited tinkering with Sun Solaris) that I like the GNOME desktop – let’s see how I get on with using the product over the next few weeks (and how it stacks up against the competition, as I’m attending a Red Hat Enterprise Linux course all of this week).

How to (radically) change the Windows XP graphical user interface

Earlier today, I saw one of my colleagues running what looked like the new Windows Vista graphical user interface on his Windows XP PC and it turned out to be one of the many visual enhancements available from CrystalXP.Net. I haven’t installed any of them yet, but may well give them a go soon as it looks like there’s some really impressive Windows interface customisation available, along with artwork based on Tux the Linux penguin and other mascots.

New domain name – markwilson.it

A few weeks back, I registered a new domain name for this blog, along with my other IT-related activities. markwilson.co.uk will still remain in place (and will be the primary domain name, so as to preserve my Google PageRank) but over a period of time (as some page re-writes will be required) the IT-related content will also be made available at markwilson.it.

The .it top level domain is intended for Italian sites but as, in English, IT is also an abbreviation for information technology, it makes sense to register it for my IT-related activities.

EuroDNS
It’s the first time that I’ve used the EuroDNS domain name registration service and I’m pleased to say that the process was extremely smooth (despite La Naming Authority Italiana‘s insistence on the use of a written contract, which delayed things for a while). EuroDNS were able to send me the contract electronically (together with an English translation) and I was able to send the signed copy back in electronic form too. Something else I found (which is extremely important as domain name registrars are generally notorious for poor support) was that, after the application had gone into a black hole at La Naming Authority Italiana, EuroDNS were helpful and responded to my e-mails to get things moving again.

A feature-complete Windows Vista CTP (build 5308) is available for download

A couple of weeks back, I blogged about the imminent release of the next Windows Vista community technology preview (CTP). It turns out I was premature – my source obviously didn’t know about the x64 driver problems which delayed the release, but build 5308 is now available for registered beta testers to download from Microsoft Connect.

Interestingly, Microsoft still don’t seem to have written off the idea of a second beta, but the February CTP is feature complete. Quoting from the e-mail I received “This build is not beta quality but is being provided as a preview of our progress towards Beta 2. It should allow you to confirm the many bugs fixed since the last build and best of all, you can begin to explore the full Windows Vista feature set as we are now feature complete!”.

John Howard’s moving to Redmond – Good luck John

Yesterday evening, I bumped into Microsoft UK’s John Howard (not to be confused with the current Australian Prime Minister). For the last year and a half, I’ve known John as an “IT Professional Evangelist”, covering a variety of Windows infrastructure topics, but anyone who’s seen him present on virtualisation will understand it is one of his main interests.

Back at the end of January, John had told me that he’s moving to Redmond to join “Corp” and take up a position as a Program Manager in the Windows Virtualisation team and whilst it wasn’t the biggest secret in the world, he did ask me to keep quiet until it was all confirmed. Well, it’s confirmed – John’s published the news on his blog, so it’s okay for me to talk about it now!

It’s a big move, selling up in the UK and moving the whole family to North-West America, so I’d like to wish John all the very best for that, to say thanks for all the help and advice – and thanks for being a friendly face around Microsoft UK.

I still can’t say who’s stepping into John’s shoes but I worked it out for myself at a recent event so it’s not that difficult. Purely by coincidence, I was idly wondering a couple of months back if there were any positions vacant in the IT professional technical evangelist team at Microsoft UK (it sounds like a great job to me), but I didn’t see the post advertised externally and I’ve not been back at Fujitsu for long so I plan to be staying put for a while – anyway, I’m an unofficial Microsoft evangelist right here!

As for John’s blog – a lot of what he’s doing will be Microsoft confidential; but he did say that, together with his colleagues Ben Armstrong, Mike Sterling and Mike Kolitz he’s hoping to start a Virtual Server team blog – along the lines of the Exchange Server team blog (you had me at EHLO) or the Internet Explorer team blog (IEBlog). I guess that will be the space to watch and catch the latest details on the development of the Virtual Server hypervisor technology.

Tesco’s VoIP service

You can buy everything in the supermarket these days. Last night I was doing our grocery shopping in Tesco (I hate the fact that they make so much money, that they are alleged to be anti-competitive, that I find their customer service to be appalling, and that the shelves are half empty after the weekend, but for some reason I still shop there for the grocery items that we don’t buy locally – generally in person rather than online) and I came out with two Tesco Internet Phone voice over IP (VoIP) handsets…

Tesco Internet Phone
…So there I was, back home, groceries packed away, with some new toys to play with. I’ve been avoiding VoIP up until now but the Tesco deal included two USB handsets and £10 of call credit for £30 (i.e. £20 net), with promises of 2p a minute call charges to fixed phone lines and selected international calls, free calls to other Tesco Internet Phone subscribers and just 10p a minute to mobile (cell) phones. I reckon that at those rates we ought to be able to save some money on our daytime calls (probably not in the evening though) and my wife should be able to call me for free, whenever I’m at my PC and connected to a broadband Internet connection (anywhere in the world). I’m sure Skype is just as competitive but I was put off Skype a few years back when I used it for instant messaging (in addition, SkypeIn and Skype Voicemail are subscription-based, whereas the Tesco Internet Phone offering includes a land line number and voicemail with no ongoing fees, just pay-as-you-go call charges).

Installation of the software was easy, although I found it strange that the phone software was downloaded from the Internet even when installation was launched from the setup CD. One minor complaint would be that I needed to change the capitalisation on the default foldername and program group names but apart from that I just needed to decide whether or not I wanted a desktop icon.

Upon launching the phone software, I needed to let my firewall unblock tescoip.exe but that was a simple click when prompted by the firewall software (the two PCs I used had either Windows Firewall or Zone Labs Integrity Client installed) and then (somewhat confusingly) register online (not as part of the setup wizard) to get a phone number and a password. Although the instructions had led me to believe that I would get a choice of numbers with a local area code based on the supplied post code, in practice it’s not quite that straightforward. Tesco don’t yet support multiple numbers on a single account, so I had two separate account registrations running in parallel to get consecutive numbers for myself and my wife. That worked but, for some strange reason, the process provides four-digit area codes (UK area code prefixes are generally 3 or 5 digits) and none of the towns local to me (Northampton, Wellingborough, Bedford or Milton Keynes) were offered. The closest I could get was Luton (normally 01582, but 0158 according to Tesco), which I believe is still classified as a local call from our area (Bedford – 01234), but not for my family and friends in Northampton (01604). Once the registration process was complete, the account required activation, using a link in an e-mail, following which I could finally complete the setup wizard and connect the USB handset.

Everything looked good until I made a test call between my two Tesco Internet Phone accounts and spent the next hour trying to work out why I could make a call and hear the phone ring, but then there was no-one there when I picked up the call. After playing with firewall settings on the client and my ADSL router (creating various rules to allow UDP port 4569), I found that the issue was much simpler than that – the setup routine had simply left the volume for the soft phone turned right down to zero! Once I had sorted that out, I successfully connected to the test line (*70001234) and set up my voicemail (*123) but was still having problems when I tried calling between my two Tesco Internet Phone accounts (the phone stopped ringing at the receiving end but was still ringing for the caller). That turned out to be a mismatch on my voicemail settings, where the delay before diverting is set both in the phone software and in my online account details.

Tesco Internet Phone

The Tesco Internet Phone service is based on Firefly from Australian VoIP operator Freshtel (not to be confused with Firefly mobile). Using the system is relatively straightforward and calls can be made using either the soft phone on the PC or the USB handset. Status can be set (online, busy, away or invisible), notifications shown when contacts come online (as for many instant messaging clients) and contacts can be either other Tesco Internet Phone users (with status), or normal phone numbers (invisible status). The phone software itself is actually Virbiage Cubix, skinned to Tesco’s design and I’m sure there are other themes available as Virbiage have published a Cubix Skinning Guide.

From my point of view the jury’s still out on Tesco’s VoIP service. The installation routine could do with some work, the online help is patchy (at the time of writing) and the call quality seems a bit tinny (but that happens with cheap handsets on fixed phone lines too)… we’ll see how I get on over the next few weeks. Right now the first disappointment is that my Vodafone
mobile (cell) phones report connection errors when dialling my VoIP number (it works from a BT fixed line though).

For those who want to know a bit more about VoIP, the BBC has an article on making calls over the ‘net. For the more technically inclined, try the general VoIP information and reference. Finally, here’s the press release from last months launch of the Tesco Internet Phone service.

A look at what’s coming in Exchange 12

At last week’s IT Forum ’05 highlights (part 2) event, Microsoft UK’s, Brett Johnson gave a presentation about the next version of Exchange Server (codenamed Exchange 12). Microsoft is positioning Exchange 12 around three “themes”:

  • Control for the IT professional: e-mail is a mission critical system; e-mail systems are too complex and expensive to run (involving too much firefighting and very little proactivity); management tasks are tedious and are not automated.
  • Inbox value and access for the information worker: users want to access all of their communications easily; mobile devices are increasingly common; calendaring is frustrating (especially when finding resources).
  • Active protection in a security situation: security is a top concern (make it secure by default); unsolicited commercial e-mail (UCE) and viruses compromise the e-mail experience (filter these using less CPU cycles); regulatory compliance is critical in many industries.

Exchange 12 is still work in progress, so the feature set is by no means set in stone; however beta 1 has been released to a limited group of testers (although I haven’t used my copy because the non-disclosure agreement would stop me writing about it – the information in this post is all from the public domain). The main enhancements for IT administrators included with beta 1 include:

  • A new administrative console, based on the MMC v3.0, with a simplified hierarchy and an actions pane.
  • A scriptable command line management shell (codenamed Monad).
  • Automatic client detection and configuration (no more MAPI profile generation).
  • New server roles.
  • 64-bit optimisation.

The five Exchange Server roles for Exchange 12 are:

  • Edge server – located within an organisation’s DMZ, the edge server is analogous to the current smarthost/mailsweeper role, but actually performed on an Exchange Server.
  • Client access – similar to an Exchange Server 2003 front-end server, acting as a proxy and managing connections for Outlook web access (OWA), Outlook RPC over HTTP and Windows Mobile connections.
  • Mailbox – where the data is stored.
  • Hub transport – allows a level of security policy separation; e.g. to prevent certain groups of users from receiving e-mail from the Internet.
  • Unified messaging – no longer just something to talk about. This really is voicemail in the Inbox.

Combined with the automatic client configuration, this role-based model simplifies deployment and management, reducing cost and complexity.
Exchange 12 architecture
In common with most of the Longhorn Server range of products Exchange 12 will be available in 64-bit editon only. Microsoft’s rationale for this is that over the last 10 years since Exchange Server 4.0, we’ve seen:

  • An increase in e-mail traffic.
  • An increase in e-mail message sizes.
  • Larger attachments (and a greater number of them).
  • More unique client devices per user.
  • A growing use of calendaring.
  • More granular security rights.
  • More users per server.

All of this adds up to a need for more memory (improved stability and more “elbow-room” for the operating system allowing new functionally) and a larger cache (increasing performance, enabling further server consolidation and reducing the cost of large mailboxes).

64-bit computing delivers reduced cost and complexity with reduced input/output to bigger, cheaper disks allowing more databases per server. Some are quoting a 70% performance increase over 32-bit systems. Continuous database replication with local or clustered log shipping means that maintenance activities can be moved from nightly to weekly and a new content indexer allows for efficient multi-mailbox searching with a low CPU impact and fast re-index.

Secure messaging is facilitated by protecting messages in transit and at rest. Intra-organisational e-mail is encrypted by default and signed by default. Business-to-business (B2B) integration requires no special client requirements, with automatic Exchange 12 to Exchange 12 gateway encryption. Messaging policies can be used to enable corporate, regulatory and litigation compliance with: transport rules for journalling, archiving, encryption and routing; storage rules for e-mail retention; and multi-mailbox searching.

From a client perspective, as for previous versions of Exchange, although legacy clients can be used, Outlook 2007 (previously codenamed Outlook 12) will provide the richest experience. OWA has an Outlook “feel” and like previous OWA versions offers many of the Outlook features, but is really a reduced-functionality client for hot-desking. There’s also access for Windows Mobile devices, and Outlook by phone – allowing a user to call into Exchange and control their e-mail using speech or touch tones to interface with an auto-attendant.

Having seen some of the Exchange 12 functionality demonstrated to me, I’m impressed. Just a few points that jumped out for me were:

  • The client interface is a bit like Windows Live Messenger (in style), but obviously still looks like Outlook.
  • OWA is fast, and looks to be even better than in Exchange Server 2003.
  • The out of office assistant (OOOA) can be set on a time period, so it will know when you expect to be back in the office and turn itself off again.
  • Contact properties include a map to the address (a feature borrowed from Mozilla Thunderbird) as well as the organisational hierarchy (or “steps to heaven” as it is known in Microsoft, demonstrating just how hierarchical Microsoft is).

The unified messaging looks great. In the demonstration I saw, Microsoft UK’s Ewan Dalton left a voicemail in an mailbox and the system picked up his caller ID to say who it was from, leaving a voice clip attached to the message. Where caller ID wasn’t available, the message was from “Anonymous Caller”. Upon playback, audio notes could be added in the message body. Later, he called into the unified messaging server again, using voice-activation to report that be was running late and so to move his first appointment, to clear the calendar until a specified time and to append a voice message to the meeting cancellation(s). The attendant (predictably) had a north-American accent, but coped admirably with Ewan’s Scottish tones and although beta 1 only includes voice activation for calendar, beta 2 will include e-mail too. Pretty soon I will be checking my e-mail as I drive down the M40 towards Slough… then maybe I won’t spend the first hour of my day in Outlook.

Exchange builds on the Exchange messaging platform (which has been around since 1996 now) and the significant improvements in Exchange Server 2003 SP2, to provide even more options for enterprise messaging and communications. I’m particularly pleased to see edge services (dropped from previous releases) and unified messaging (which has been talked about for years, but looks like it will finally make it into the product). I haven’t seen a product roadmap (in terms of timelines, or further enhancements in the next release) but I expect to see organisations putting this technology into production from 2007 onwards.