This action might not be possible to undo. Are you sure you want to continue?
The Windows Server 2003 family of operating systems consists of four editions, each designed with the particular needs of a different type of customer in mind. Although each edition is built on the same core architecture, editions differ in terms of scalability, services offered, and supported hardware platforms. The four editions of Windows Server 2003 are:
■ Windows Server 2003, Standard Edition ■ Windows Server 2003, Enterprise Edition ■ Windows Server 2003, Datacenter Edition ■ Windows Server 2003, Web Edition
Windows Server 2003, Standard Edition
This product is aimed at small businesses and departmental use within larger organizations. Some common uses of Windows Server 2003, Standard Edition, include: ■File and printer sharing ■Secure Internet connectivity ■Centralized desktop application deployment
Windows Server 2003, Enterprise Edition
Is the replacement product for Windows 2000 Advanced Server. This edition of Windows Server 2003 is built to meet the general-purpose needs of businesses of all sizes, and especially those that require a higher degree of availability and scalability. Enterprise Edition provides full support for Active Directory, including the ability to function as a domain controller
Windows Server 2003, Datacenter Edition
Is the replacement product for Windows2000 Datacenter Server. This edition of Windows Server 2003 is aimed at high-end data-processing environments consisting of business- and mission-critical applications demanding the highest levels of reliability, availability, and scalability. Datacenter Edition provides full support for Active Directory, including the ability to function as a domain controller ■ Provides symmetric multiprocessing (SMP) support for up to 32 CPUs on 32bitplatforms, with an absolute minimum of 8 CPUs ■ Supports a maximum of 64 gigabytes (GB) of RAM on 32-bit platforms ■ Supports clustering up to 8 nodes ■ 64-bit version supporting Intel Itanium platforms with up to 64 CPUs and 512 GB of RAM Unlike the other editions of Windows Server 2003, the Datacenter Edition is always preinstalled
Windows Server 2003, Web Edition
Represents an entirely new product in the Windows server line and is not meant as a replacement for any previous edition. Instead, the Web Edition is clearly aimed at Web service and hosting functions and does not provide the complete functionality found in other Windows Server 2003 editions. Web Edition can be made a member of an Active Directory domain, it cannot be configured to function as a domain controller. Similarly, Windows Server 2003, Web Edition, is not designed to act as a file or print server; it is limited to 10 inbound server message block (SMB) connections for the primary purpose of publishing content ■ Provides symmetric multiprocessing (SMP) support for up to 2CPUs ■ Supports a maximum of 2 gigabytes (GB) of RAM It is not positioned as a file, print, or application server, client access licenses (CALs) do not apply to Web Edition.
Windows Server 2003 Hardware Requirements
As with previous versions of Windows, Microsoft publishes both absolute minimum and recommended minimum hardware specifications for the various Windows Server 2003 editions.
Summary ■ The Windows Server 2003 family consists of four different editions— Standard Edition, Enterprise Edition, Datacenter Edition, and Web Edition. Each edition has different hardware, service, and application support capabilities to meet different business requirements. ■ Windows Server 2003 supports upgrades from both Windows 2000 Server and Windows NT Server 4.0 editions. For upgrades from Windows NT 4.0, Service Pack 5 or later must be installed or the upgrade will not be possible. ■ The Hardware Compatibility List (HCL) provides a list of hardware that has been tested and is known to work with editions of Windows Server 2003. All hardware installed in a server should be on this list to ensure maximum compatibility and, ultimately, availability.
■ The Microsoft Windows Upgrade Advisor is a diagnostic tool that should be run on a server prior to installing Windows Server 2003. The tool provides information relating to any hardware or software compatibility issues that might exist.
New Features in Windows Server 2003 Enhanced Administration Features The tool now provides the ability to select multiple objects simultaneously, and drag and drop them to a new location such as a different container or organizational unit (OU). By the same token, the common properties of multiple objects can also be changed at once— Active Directory Users And Computers now includes a new node named Saved Queries
New Security Enhancements Microsoft has ensured that the Windows Server 2003 platform is a step toward this vision. Some ways in which Windows Server 2003 works toward providing better security Internet Information Services This ensures that IIS is installed only on systems that actually require it and does not unintentionally present a security risk on systems where it is not explicitly being used. This approach helps to ensure that the upgrade does not present any initial security risks, giving an administrator features such as FrontPage Server Extensions, Active Server Pages, ASP.NET, the Indexing Service, server-side includes (SSI), and Web Distributed Authoring and Versioning (WebDAV) are disabled by default and must be individually enabled as required. Software Update Services Microsoft has introduced a new free tool known as Software Update Services (SUS). This server-based software is used to distribute security patches and critical updates in environments that include Windows 2000, Windows XP, and Windows Server 2003 systems.
New Administrative Tools and Utilities Group Policy Tools Server Management Tools Command-Line Tools Automated System Recovery Shadow Copies of Shared Folders
■ Windows Server 2003 provides a number of enhancements to existing administrative tools, including drag-and-drop and multiselect in Active Directory Users And Computers. ■ New security features in Windows Server 2003 include changes to the default settings of Internet Information Services, which is not installed by default. The Microsoft Software Update Service (SUS) makes managing network security easier by allowing an administrator to test and then automatically deploy critical software updates and security patches to network clients. ■ Windows Server 2003 includes a variety of new administrative tools and command-line utilities. Tools such as the Group Policy Management Console and Resultant Set of Policy make it easier to effectively manage, plan, and troubleshoot Group Policy settings. New command-line utilities such as Dsadd.exe make it possible to automate repetitive tasks and make it easy to manage servers remotely, especially over slow connections.
■ Active Directory is the directory service of Windows Server 2003. A directory stores information about network objects such as domains, OUs, users, computers, and groups in a hierarchical manner. A directory service makes this data available to network users and services. Windows Server 2003 Active Directory consists of both logical and physical components. The logical components of Active Directory include domains, trees, forests, and organizational units. The physical components of Active Directory include sites and domain controllers. ■ When planning an Active Directory implementation, companies need to consider the domain structure to be used, how OUs will be organized, how sites will be defined, and more. The needs of specific companies will dictate the design. ■ Windows Server 2003 introduces a new feature known as universal group membership caching, which provides greater flexibility in the deployment of global catalog servers. While universal group membership caching does not handle the same functions as a global catalog server, it can make user logon faster and reduce replication across WAN links in sites where deploying a global catalog server might not be feasible.
Key Terms Global catalog server A domain controller that stores a read-only copy of all Active Directory objects within a forest. Global catalog servers are used to respond to directory-wide queries, authenticate users when a UPN is used during logon, and hold universal group membership information. Universal group membership caching A new feature in Windows Server 2003 that allows a domain controller to cache universal group membership information, thus reducing the need for a global catalog server to be contacted during the user authentication process. Software Update Services A free server service used to centrally manage and deploy security patches and critical updates to Windows 2000, Windows XP, and Windows Server 2003 systems. Automated System Recovery A new Windows Server 2003 service designed to automate the restoration of the operating system and configured settings in the event of a server failure. Automated System Recovery does not restore user data as part of the process. Functional level The level to which a Windows Server 2003 domain or forest
is con-figured based on whether Windows 2000 or Windows NT 4.0 domain controllers are still in use. The functional level of a domain or forest affects the ability to use certain new Active Directory features in Windows Server 2003.
basic input/output system (BIOS) On PC-compatible computers, the set of essential software routines that test hardware at startup, start the operating system, and support the transfer of data among hardware devices. The BIOS is stored in read-only memory (ROM) so that it can be executed when the computer is turned on. catalog An index of files in a backup set. domain In Active Directory, a collection of computer, user, and group objects defined by the administrator. These objects share a common directory database, security policies, and security relationships with other domains. In DNS, a domain is any tree or subtree within the DNS namespace. Although the names for DNS domains often correspond to Active Directory domains, DNS domains should not be confused with Active Directory domains.
certification authority (CA) An entity responsible for establishing and vouching for the authenticity of public keys belonging to subjects (usually users or computers) or other certification authorities. Activities of a CA can include binding public keys to distinguished names through signed certificates, managing certificate serial numbers, and handling certificate revocation. common name (CN) The primary name of an object in a Lightweight Directory Access Protocol (LDAP) directory, such as Active Directory. The CN must be unique within the container or organizational unit (OU) in which the object exists. Component Object Model (COM) An object-based programming model designed to promote software interoperability; it allows two or more applications or components to easily cooperate with one another, even if they were written by different vendors, at different times, in different programming languages, or if they are running on different computers running different operating systems. Denial of Service (DoS) attack An attack in which an intruder exploits a weakness or a design limitation of a network service to overload or halt the service so that the service is not available for use.
DHCP service A service that enables a computer to function as a DHCP server and configure DHCP-enabled clients on a network. DHCP runs on a server, enabling the automatic, centralized management of IP addresses and other TCP/IP configuration settings for network clients. distinguished name (DN) A name that uniquely identified an object by using the relative distinguished name for the object, plus the names of container objects and domains that contain the object. The distinguished name identifies the object as well as its location in a tree. Every object in Active Directory has a distinguished name. A typical distinguished name might be: CN=MyName,CN=Users,DC=microsoft,DC=com. This identifies the MyName user object in the microsoft.com domain. Distributed File System (DFS) A service that allows system administrators to organize distributed network shares into a logical namespace, enabling users to access files without specifying their physical location and providing load sharing across network shares. dynamic-link library (DLL) A program module that contains executable code and data that can be used by various programs. A program uses the DLL only when the program is active, and the DLL is unloaded when the program closes.
File Transfer Protocol (FTP) An application layer TCP/IP protocol designed to per-form file transfers and basic file management tasks on remote computers. FTP is a mainstay of Internet communications. FTP is unique among TCP/IP protocols in that it uses two simultaneous TCP connections. One, a control connection, remains open during the entire life of the session between the FTP client and the FTP server. When the client initiates a file transfer, a second connection is opened between the two computers to carry the transferred data. This connection closes when the data transfer concludes. flexible single master operations (FSMO) Active Directory operations that are not permitted to occur at different places in the network at the same time. File Replication Service (FRS) The service responsible for ensuring consistency of the SYSVOL folder on domain controllers. FRS will replicate, or copy, any changes made to a domain controller’s SYSVOL to all other domain controllers. FRS can also be used to replicate folders in a Distributed File System (DFS). fully qualified domain name (FQDN) An unambiguous DNS domain name that indicates its location in the domain namespace with absolute certainty. Fully qualified domain names differ from relative names in that they can be stated with a trailing period (.)—for example, host.example.microsoft.com.—to qualify their position in relation to the root of the name space.
globally unique identifier (GUID) A 128-bit number that is guaranteed to be unique. GUIDs are assigned to objects when the objects are created. The GUID never changes, even if you move or rename the object. Applications can store the GUID of an object and use the GUID to retrieve that object regardless of its current distinguished name. Group Policy Object (GPO) A collection of Group Policy settings. GPOs are essentially the documents created by the Group Policy snap-in. GPOs are stored at the domain level and affect users and computers contained in sites, domains, and organizational units. In addition, each computer running Microsoft Windows Server 2003 has exactly one group of settings stored locally, called the local GPO. Group Policy The component within Active Directory that enables directory-based change and configuration management of user and computer settings, including security and user data. You use Group Policy to define configurations for groups of users and computers. With Group Policy, you can specify policy settings for registry-based policies, security, software installation, scripts, folder redirection, remote installation services, and Internet Explorer maintenance. Internet Information Services (IIS) Software services that support Web site creation, configuration, and management, along with other Internet functions. Microsoft Internet Information Services include Network News Transfer Protocol (NNTP), File Transfer Protocol (FTP), and Simple Mail Transfer Protocol (SMTP).
Lightweight Directory Access Protocol (LDAP) The primary access protocol for Active Directory. LDAP version 3 is defined by a set of Proposed Standard documents in Internet Engineering Task Force (IETF) RFC 2251. master boot record (MBR) The first sector on a hard disk where the computer gets its startup information. The MBR contains the partition table for the computer and a small program called the master boot code. master file table (MFT) A special system file on an NTFS volume that consists of a database describing every file and subdirectory on the volume. Message Digest 5 (MD5) A 128-bit hashing scheme developed by RSA Security Inc. and used by various Point-to-Point (PPP) vendors for encrypted authentication. Network Address Translation (NAT) A technology that enables a local-area net-work (LAN) to use one set of Internet Protocol (IP) addresses for internal traffic and a second set of addresses for external traffic. Network Basic Input Output System (NetBIOS) An application programming interface (API) that can be used by programs on a LAN. NetBIOS provides pro-grams with a uniform set of commands for requesting the lower-level services required to manage names, conduct sessions, and send datagrams between nodes on a network.
organizational unit (OU) An Active Directory container object used within a domain. An OU is a logical container into which you can place users, groups, computers, and other OUs. It can contain objects only from its parent domain. An OU is the smallest scope to which you can apply a Group Policy or delegate authority. primary domain controller (PDC) In a Windows NT domain, the server that authenticates domain logons and maintains the security policy and master data-base for a domain. In a Windows 2000 or Windows Server 2003 domain, running in mixed mode, one of the domain controllers in each domain is identified as the PDC emulator master for compatibility with down-level clients and servers. Remote Access Server (RAS) Any computer running Microsoft Windows Server 2003 that is configured to accept remote access connections. Security Accounts Manager (SAM) A Windows service used during the logon process. SAM maintains user account information, including the list of groups to which a user belongs. security identifier (SID) A unique number that identifies a user, group, or computer account. Every account on the network is issued a unique SID when the account is first created. Internal processes in Windows refer to an account’s SID rather than the account’s user or group name.
Simple Network Management Protocol (SNMP) A network protocol used to man-age TCP/IP networks. In Windows, the SNMP service is used to provide status information about a host on a TCP/IP network. Windows Internet Name Service (WINS) A service supplied with Microsoft Windows server operating systems that registers the Network Basic Input/Output System (NetBIOS) names and Internet Protocol (IP) addresses of the computers on a local area network (LAN) and resolves NetBIOS names into IP addresses for its clients as needed.
This action might not be possible to undo. Are you sure you want to continue?
We've moved you to where you read on your other device.
Get the full title to continue listening from where you left off, or restart the preview.