Microsoft removes beating heart from WHS, crushes it.

November 23, 2010

Extremely irritating news today. Microsoft is taking a product I love and killing it. First the news came that the new version of Drive Extender would be neutered of its ability to have its disks read without the need of WHS (an important disaster recovery option, IMO), and now it seems that the Drive Extender “feature” will be removed entirely. I say “feature” because I (and most other WHS users, I would assume) consider Drive Extender to be the whole thing that WHS is, not some feature to be discarded. This simply amounts to Microsoft tactfully killing the product.

Years ago I examined all the options and came to the conclusion that RAID was just too much trouble in terms of a way to achieve redundancy in file storage. I was considering software raid options, but then lo and behold, I stumbled upon Windows Home Server, which provided a dead simple solution for extending and creating redundant storage without the need to match disk sizes and without the worry of needing to replace a controller with an identical version should it fail. I was completely sold.

Now I just feel left in the cold. Microsoft, if you plan to kill this product, please at least just have the decency to look me in the eye and tell me.

If you feel passionately about this please visit this connect link also.

Windows Home Server v2 (VAIL), my initial reaction

April 30, 2010
  1. Please bring back some way to read the files on a disk from a non-VAIL machine! This is an important disaster recovery technique and a major selling point of V1 (Connect┬áLink – Please Vote)
  2. Please consider adding the option for a second authentication factor to the remote access site login. (Whether it be MS or 3rd party provided through add-ins) (Connect Link – Please Vote)

I’ll tally some more detailed feedback as I look more into the changes. As it stands though, I’m a bit too disappointed with the changes in Drive Extender to install the Preview in its current state. I hope Microsoft reconsiders its deprecation of major features that contributed to the platform being attractive in the first place.

TwoFactor WHS addin published

May 11, 2009

I’ve published the first release of my Windows Home Server addin, which allows for two factor authentication for the WHS remote access website via the Yubikey hardware token. The plan is, in the future, to also support some software based tokens. Maybe I’ll even whip up an implementation of OATH HOTP for a few devices if I can’t find suitable open source solutions.

Let me know what you think of the addin, and please submit any bugs or feature suggestions. I’m interested in the community auditing the code for security flaws, as I’d like this to be as sound as possible.

YubiKeys arrived!

April 28, 2009

My yubikeys have arrived. I’ve got the authentication working against yubico’s validator, and have done some POC tests. Now I just have to iron out the configuration steps in the add-in and then I should hopefully have a solution ready.

Initial version for WHS add in almost done

April 26, 2009

Mostly just waiting on those yubikeys to arrive. Also need to snazz up the graphics a bit. My plan is to finally turn on the remote access on my home server for RDP once I get this working. Hopefully the WHS community at large finds this useful too. Will host the code on codeplex, but may also just make the secondary auth pluginnable so that others can extend the authorization schemes it supports.

A road to two-factor auth for WHS

April 21, 2009

I love Windows Home Server very much, and recommend it constantly. I did a lot of research before settling on a backup solution and I can confidently say that WHS meets and exceeds all my requirements. What I wanted was centralized storage and backup, and what I ended up with was that in spades, plus a whole lot more besides.

One of my favorite features that I didn’t even know I needed is the remote access support in WHS. I can log on to my server remotely, download and upload files, view photo albums, and even make proxied remote desktop connections into my home pcs/mediacenter. BUT, this brings me to my main complaint about WHS. There is no built-in support for strong authentication. If I’m exposing all my data and machines to the internet at large, I want a lot more than a keyloggable password standing in the way.

So, I’m working on an add-in that will enable some two-factor auth models, and I will be recording my efforts here. My solution will revolve around introducing a model to enable requiring a one time password in addition to the remote access acount password, and initially I will be suppporting OTPs furnished by the yubikey token. The yubikey is a cheap hardware OTP token that uses all open source software in the backend.

I already have most of the prep-work done for this project, and am just waiting for my yubikeys to arrive. I’ll be detailing more of my solution as I go along, and I’ll be publishing this project on codeplex once I can do some concrete testing and stabilization, and I hope it will help the community improve authentication on the WHS platform.