General Openfire Questions

I’m looking at implementing a Server 2003 network at my church. Looking at a domain controller, Active Directory, and primarily using it as a file share machine. The server is pretty much spare parts right now, using a Dell Optiplex G110 as a base. Pentium III (I haven’t booted it in a while, so I’m not sure the speed) and 512 MB RAM. The network will only be about 5~10 computers. One is a Mac that will be set up to be able to authenticate against AD. Currently I’m an MCSE student so this was a good opportunity for me to get hands-on practice, but because of that it is also limiting me to the software I have available, and will need to know how to use for my certification exams. While I have Server 2003, we do not have access to Exchange Server 2003, or Live Communications. So, I’ve been looking for other options. I hope I’ve found one here. Unfortunately, I currently do not have the time to look through all the documentation, though I’ve seen a lot that looks very promising.

  1. Considering my current restrictions, would Openfire be a good alternative to Live Communications for instant messaging and chat?

  2. As this seems to essentially use/be Jabber, has anyone had experience with a Mac (OS X, fully updated) and iChat connecting to Openfire; hopefully on a Windows server? If so, what are potential complications I might be looking at?

  3. Are there any recommendations, assuming the answer to 1 & 2 aren’t ‘not possible’ or something, in setting up this server that hasn’t been covered in some of the basic tutorials and guides? Really just interested in personal experiences on this one.

  4. Would using this with VPN be recommended? It’s not necessary, but I think it would be a nice perk.

Unfortunately, our focus at school is on Security, rather than Messaging, so there’s an entire side to this I’m learning about on my own. Meanwhile I’m hoping to have a basic demo for my church done within a few weeks. I know I’m asking a lot of this poor computer, but unfortunately it’s what I have.

Well. I’m running Openfire for ~150 users on Celeron 2.6 GHz and 256MB RAM. But it is dedicated only to Openfire and has minimal linux OS on it. In your case Windows will take some of the resources, so it will be less for the Openfire and Java. And Java is very memory hungry So, i think CPU will cope, but you can run out of memory. Or not. Hard to tell. Depends on general system load, users number. I’ve seen reports here about high memory consumption on Windows based systems, though i have never had such problems on my linux OS.

  1. Yes. Openfire is a good alternative for OCS (Office Communications Server), though it doesnt have all those integrations with the other MS products, but it does the main job - allows users to communicate.

  2. Usually it is fine. I can only remember that someone was complaining recently about iChat multiline messages aren’t being send normally through Openfire. I think it was stripping the newline characters. But it is hard to tell whether it is Openfire or iChat bug. We dont have many OS X developers right now.

  3. If you need VPN, then you can use it. Personally, i think using SSL is enough. Though you probably won’t have money for certificates purchase, so using the self-signed SSL certs is a security drawback, but still better than just plain connection. SSL will encrypt messages. Though it is still recommended not to exchange any sensitive information (like passwords, etc.) via messaging.

For everything you are wanting to do, I just don’t think that machine is going to get it done. Not to mention, its old, so it probably has a pretty short life span left. You also need to think about the age of the hard drive. If this is going to be a file server, the last thing you want is a hard drive failure. With an old machine like that, it could be more problems than what its worth when you are trying to use it in a production environment.

I bet you could get the church to by a new server. You can get something that will fit your needs for not alot of money if you already have a license for your OS. Something like this is what I would recommend given your budget. Also, don’t forget a backup stratagy! =04&kc=pedge_t105

Thank you both. I know the server isn’t going to hold up very well currently, however if I can get a few basics in place for a decent demo, then I might be able to petition later for an updated server.

1. Yes. Openfire is a good alternative for OCS (Office Communications Server), though it doesnt have all those integrations with the other MS products, but it does the main job - allows users to communicate.

I’m certainly glad to hear it! I’m really not looking for full integration, just being able to message. I’ll be using something else for an email server if it’s something they insist on, however I think right now they would mostly like this to help clear up mishaps, such as an incident that occured before where they spelled my husband’s name wrong through miscommunication.

Thankfully, my top concern right now is as a small file server, though if I can get this up and running then it might be the selling point.

Oh yeah, Certs - Unfortunately yes, we can’t afford a third-party cert. Primarily since this is a small and intimate group setting, I was just going to do my own certificates. This will likely be done elsewhere, since I don’t think adding being a CA to this server is a wise idea with all I’m pushing it to do in the first place.

Hopefully once I’ve got a demo working, I can do a TCO for both this poor computer and a newer one. Though thankfully Server 2003 itself isn’t as heavy as a program as it may seem. While we have better CPUs at school, we load onto virtuals which are confined to 512MB RAM as well, which right now is my only spark of hope that this will pan out. Hopefully with a few month’s usage they will have gotten used to the system and will be looking to upgrade to something that will be a little more stable.

Talk about computers getting cheaper and cheaper. Though of course, what cost me $2000 to build my husband’s computer, I did better and paid only $1000 for a massive upgrade/build to my computer (okay, so the only thing not upgraded was the hard drive), and now can find a kit that’s better than my computer for ~$400.

I’m actually looking at an external drive backup solution, likely using a few small drives in the event that one fails. What I’m eventually hoping for (not relying on it exclusively, still doing external backups) is having a raid 5 array. Though of course, if you have a recommendation (besides using tape) I’m more than glad to hear it. This is by far the largest task I’ve taken up, and I appear to be the only one at the church who has this level of tech experience. I know, at this point that’s not saying a lot.

A raid is great as it protects against a drive failure, however it doesn’t protect you against data loss. I think an external drive would work out fine. You could always use nt backup to create backups. I personally don’t like file based backups, and recommend to my clients an image based solutions. (, like acronis, storagecraft, etc…)

A self signed ssl cert is fine. There is no advantage with using a 3rd party ssl cert for internal apps. A self signed ssl cert will encypt the same as a 3rd party one. 3rd party certs are primarily used when offering external access that require encryption, convenience, and verification that the site being visited is confirmed.

CatalystChilde wrote:

Hopefully with a few month’s usage they will have gotten used to the system and will be looking to upgrade to something that will be a little more stable.

Hopefully it won’t broke after they have gotten used I still remember i was starting with some really old junk PII and 64MB of RAM. Was running fine for years 7/24.

About the certs. As speedy said, self-signed should be fine for the internal server. And you dont have to generate them elsewhere. Openfire generates them automatically, so you only have to enable SSL in the Security Settings. Unless you prefer to generate your certs with your tools.

I’ll pretty much be setting up the certs with a virtual Server 2003 to get experience with their Certificate Authority system. It’s part of the Security Design Microsoft examination, so this is more practice than anything else.

I’ll have to look into some of those. I may do a full image backup as well as windows backup (Fridays are dead, so perfect time to do them) then have scheduled differential backups with windows backup.

Anyhow, this is a little off the topic of Openfire, so I guess I’ll just thank you both once again here. lol You’ve both been very helpful.