INTRODUCING WINDOWS

Microsoft

+1CD-ROM

INTRODUCINGMicrosoft WINDOWSSERVER 2003

Jerry Honeycutt

Table of ContentsAbout the CD-ROM xvii

Acknowledgments xix

parti Overview1 Product Family 3

Meet the Family 3Standard Edition 5Enterprise Edition 8Datacenter Edition 10Web Edition 13

Compare the Features 14Check the Requirements 17For More Information 18

2 Business Evaluation 19Windows .NET Server 2003 Benefits 19

Dependability 20Productivity 22Connectivity 24Best Economics 26

Upgrading from Windows NT Server 26Upgrading from Windows 2000 Server 30For More Information 34

part ii What's New!3 Active Directory 37

Active Directory Basics 37Directory Data Store 38Active Directory and Security 39Active Directory Schema 39The Global Catalog 42

iii

iv Table of Contents

Finding Directory Information 43Active Directory Replication 43Active Directory Clients 45

Integration and Productivity 46Managing Active Directory 46More Productivity Features 47

Performance and Scalability 48Branch Office Performance 48More Performance Improvements 49

Administration and Configuration Management 50New Setup Wizards 50More Administrative Improvements 51

Group Policy Management 55Managing Domains 56More Group Policy Improvements 56New Policy Settings 57

Security Enhancements 59Forest Trust Management 59More Security Enhancements 60

For More Information 62

Management Services 63Managing Configurations 63Managing Security 65

Security Templates 65Software Restriction Policies 66Windows Update 67Software Update Services 68

Improving IntelliMirror 70Policy Management 72User Data Management 74User Settings Management 76Software Management 78Computer Setup Process 81

Using Command-Line Tools 82Command Shell 83

Table of Contents v

Command-Line Tools 83WMI Command Line 87

Understanding the Deployment Tools 88Remote Installation 89User State Migration 89Windows Installer 91

Using Remote Administration 92Third-Party Administration Tools 93Remote Desktop for Administration 93


Security Services 95Security Benefits 96Authentication 96

Authentication Types 97Internet Information Services Security 97Interactive Logon 98Network Authentication 98Single Sign-On 98Two-Factor Authentication 98

Object-Based Access Control 99Access Control Concepts 100Effective Permissions 101User Rights 102Object Auditing 102

Security Policy 102Security Configuration Manager 102Security Configuration and Analysis 103Security Analysis 103Security Configuration 103

Auditing 103Establish a Strategy 104Common Events to Be Audited 104Implementing Auditing Policy 104

Active Directory and Security 105Data Protection 106

vi Table of Contents

Encrypting File System 106Digital Signatures 108CAPICOM 108

Network Data Protection 109Internet Protocol Security 109Routing and Remote Access 110Internet Authentication Service 110

Public Key Infrastructure 111Certificates 112Certificate Services 114Certificate Templates 114Certificate Autoenrollment 115Web Enrollment Pages 115Smart Card Support 115Public Key Policies 115

Trusts 116Trust Direction 116Trust Types 116Trust Relationships 117Forest Trusts 118


Communications 121Easier Setup, Configuration, and Deployment 121

Network Diagnostics Features 122Network Location Awareness 123Wireless LAN Enhancements 124Routing and Remote Access Service Enhancements 126Connection Manager Enhancements 131

Internet Connectivity Improvements 133Internet Connection Firewall 133Network Connection Enhancements 134

More Network Access Options 135Network Bridge 135Remote Access Using Credential Manager Key Ring 136All-User Remote Access Credential 136

Table of Contents

Support for Internet Protocol over IEEE 1394 (IP/1394)Changes to Protocols

TCP/IP Changes and EnhancementsIPv6 Protocol StackKernel-Mode Processing of Web TrafficQuality of Service Enhancements

Improved Network Device SupportPermanent Virtual Circuit EncapsulationNDIS5.1 and Remote IMDISImproved Network Media SupportCardBus Wake on LANDevice Driver EnhancementsWake on LAN: Select Wake Event ImprovementsIrCOMM Modem Driver for IrDA

New Network Services SupportTAPI 3.1 and TAPI Service ProvidersReal Time Communication Client APIsDHCPDNSWINSIASIPSec

Additional New FeaturesChanges to the Winsock APIWindows Sockets Direct for System Area NetworksRemoval of Legacy Networking ProtocolsRemoval of Obsolete RPC ProtocolsCommand-Line ToolsStrong Authentication for Services for Macintosh

For More Information

Terminal ServicesTerminal Services BenefitsClient Features

Improved User InterfaceClient Resource Redirection Features

vii

136137137140143143144144145146146146146147147148149150151154154162166166167167167168169170

171171172172174

viii Table of Contents

Client Deployment Options 175New Server Features 176

Improved Server Management 176Additional Management Features 177Enhanced Security 178


8 Internet Information Services 181Web Application Server Role 181New Request Processing Architecture 182

HTTP.sys 183WWW Service Administration 184

Worker Process Isolation Mode 185Application Pools 185Isolation Improvements 186Improved Robustness 187Worker Process Restarts 190IIS 5.0 Isolation Mode 190

New Security Features 191Locked-Down Server 191Worker Process Identity 193IIS Runs as NetworkService 193Improvements to SSL 193Passport Integration 194URL Authorization 194Delegated Authentication 195

New Manageability Features 196XMLMetabase 196IIS WMI Provider 199Command-Line Administration 199Web-Based Administration 200

New Performance Features 200New Kernel-Mode Driver 201Caching Policy 202Web Gardens 202ASP Template Cache 202

Table of Contents ix

Large-Memory Support 203Site Scalability 203

New Programmatic Features 204ASP.NET 204ExecuteURL 204Global Interceptors 205VectorSend 205Caching of Dynamic Content 206Reportilnhealthy 206Custom Errors 206Unicode ISAPI 207C0M+ Services in ASP 207

Platform Improvements 20864-Bit Support 208IPv6.0 Support 208Granular Compression 208Quality of Service 208Logging Improvements 209

File Transfer Protocol 209Improved Patch Management 210For More Information 211

9 Application Services 213Simplified Integration and Interoperability 213Improved Developer Productivity 214Increased Enterprise Efficiency 216Improved Scalability and Reliability 217Efficient Deployment and Management 217End-to-End Security 218For More Information 218

10 Windows Media Services 219Fast Streaming 220

Fast Start 220Fast Cache 220Fast Recovery 221

Table of Contents

Fast Reconnect 221Dynamic Content Delivery 222

Server-Side Playlists 222Advertisements 223Edge Delivery 223

Industrial Strength 224Extensible Platform 225For More Information 225

11 File Services 227File Service Benefits 228

New File Service Features 228Improved File System Infrastructure 230

Virtual Disk Service 231Volume Shadow Copy Service 232Distributed File System 233Other File Serving Improvements 235

Enhanced End User Experience 235Shadow Copy Restore 235Improvements to Offline Files 235WebDAV Redirector 236

Lower Total Cost of Ownership 236Better Utilities Improve Availability 238For More Information 239

12 Print Services 241Print Services Benefits 241Print Services Improvements 242Print Services Manageability 244For More Information 246

13 Clustering Services 247Clustering Overview 248

Microsoft Cluster Technologies 248Protection Against Downtime 249Purposes and Requirements 249

Windows Clustering 250

dHiHi

Table of Contents xi

General Improvements 250

Installation 252

Resources 255

Network Enhancements 256

Storage 257

Operations 259

Supporting and Troubleshooting 261

Network Load Balancing: New Features 262

Network Load Balancing Manager 263

Virtual Clusters . 263

Multi-NIC Support 264

Bidirectional Affinity 264

Limiting Switch Flooding Using IGMP Support 265

Server Cluster Architecture 266

Shared-Nothing Cluster 266

Local Storage Devices and Media Connections 266

Virtual Servers 268

Resources 270

Resources and Dependencies 271

Failover Policies 273

Preferred Node List 279

Network Load Balancing Architecture 280

How Network Load Balancing Works 280

Managing Application State 281

Detailed Architecture 282

Distribution of Cluster Traffic 284

Load Balancing Algorithm 286

Convergence 289

Remote Control 290


14 Multilingual Support 293Global Business Challenges 294

Enabling a Multinational Enterprise 296

Multilingual User Interface 296

Options for Multinational Enterprises 296

xii Table of Contents

Multinational ImprovementsMultilingual User Interface

Supported Software and PlatformsWhat the MUI Can Do for You

Deploying a Multilingual EnterpriseConfiguring Server PlatformsConfiguring Desktops

Considerations for Multilingual ApplicationsFor More Information

part 111 Getting Started15 Deploying Windows .NET Server 2003

Upgrades Compared with New InstallationsUpgrade ConsiderationsNew Installation Considerations

System RequirementsHardware Compatibility

Running a Preinstallation Compatibility CheckChecking Drivers and System BIOSInventorying Non-Plug and Play DevicesMass Storage Drivers and the Setup ProcessUsing a Custom Hardware Abstraction Layer FileUnderstanding the ACPI BIOS for an x86-Based ComputerUsing Dynamic Update for Updated Drivers

Important Files to ReviewDecisions to Make for a New InstallationChoosing a Licensing ModeInstalling Multiple Operating Systems

Reasons to Install Only One Operating SystemRequirements for Installing Multiple Operating SystemsFile System CompatibilityMultibooting with Windows NT 4.0Encrypting File System

Choosing a File System

297298299300301302303304305

309309310310311313313313314316316316317318318319321323324326327327328

—«*

Table of Contents xiii

Reformatting or Converting to NTFSNTFS Compared with FAT and FAT32Understanding NTFSPlanning Disk PartitionsRemote Installation ServicesOptions When Partitioning a DiskWorking with Dynamic DisksWorking with Volumes, Mirrors, and StripesTypes of Multidisk Volumes on Dynamic Disks

Configuring NetworkingIP AddressesName Resolution

Planning for Your ServersFor More Information

16 Upgrading from Windows NT 4.0 ServerUpgrade PathsVerifying System Requirements

System RequirementsDisk Space ConsiderationsHardware CompatibilityService Pack 5 or LaterCompatibility Resources

Choosing to Upgrade or RefreshReasons to UpgradeReasons to Perform a Clean Installation

Understanding Server RolesMember ServersDomain ControllersStand-Alone Servers

Active Directory ConsiderationsNew Features for Active DirectoryCompatibility with Windows NT 4.0

Upgrading from a Windows NT DomainPlanning and Implementing a Namespace and DNS InfrastructureDetermining Forest Functionality

329

330

332

332

334

335

335

336

337

337

338

339

340

341

343344346347347347348348348349349350350351351352353355356357359

xiv Table of Contents

17

Upgrading the Windows NT 4.0 or Earlier Primary Domain Controller

Upgrading Any Remaining Backup Domain Controllers

Converting Groups

Converting Groups and Microsoft Exchange

Using Converted Groups with Servers Running Windows .NET Server 2003

Installing Active Directory Client Software on Older Client Computers

Raising Domain Functional Levels

Raising Forest Functional Levels

Domain Controllers

Working with Remote Installation Services

Deployment Resources

Renaming Domain Controllers

Working with Domain Trust

Trust Protocols

Trusted Domain Objects

Nontransitive Trust and Windows NT 4.0

External Trust and Windows NT 4.0

How Some Windows NT Tasks Are Performed inWindows .NET Server 2003

Support for Existing Applications

Best Practices for Active Directory

Application Compatibility


Upgrading from Windows 2000 ServerGetting Ready to Upgrade

Active Directory Preparation Tool

Application Directory Partitions

Supported Upgrade Paths

Hardware Requirements

Test Tools and Logs

Running the Upgrade Process

Install Active Directory on a Member Server

Upgrade the First Domain

Upgrade the Remaining Domains

Completing Postupgrade Tasks

359360

361

362

362

363

364

365

366

367

368

368

369

369

369

369

370

371

372

373

375

376

377378

378

379

380

381

382

383

383

384

384

385

Table of Contents xv

Raise Forest and Domain Functional LevelsUse DNS Application Directory Partitions


18 Testing for Application CompatibilityCollecting an Application Inventory

Collecting InformationReporting Information

Testing for CompatibilityGathering Information About ApplicationsUsing Compatibility Administrator

Creating Compatibility FixesUnderstanding the Application Compatibility ProcessCreating Compatibility Fixes

Distributing Compatibility FixesLocal InstallationRemote Installation

Compatibility Testing During DevelopmentUsing Application VerifierTesting for Logo Compliance

Application Compatibility ChecklistFor More Information

385386386

387388389390391393394395396398399399400400401403404408

Index 409

INTRODUCING WINDOWS

Documents

Transcript of INTRODUCING WINDOWS