Executive Summary:
Microsoft’s newest server operating system, code-named Longhorn Server and officially named Windows Server 2008, offers several advantages over the Microsoft Windows Server 2003 operating system. Microsoft Windows Server 2008 includes a 64-bit architecture; a pared-down installation option called Server Core; and Active Directory, Group Policy, and Terminal Services improvements.
|
Sometime early next year,
Microsoft will release
Windows NT Server 6.0,
once known as "Longhorn
Server" and now as Windows Server 2008. Will you
love it? Well, that depends:
Are you looking for a revolution, or just a bit
of evolution?
When it comes to Windows 2008, think
more Darwin and Wallace, not Marx and
Lenin. As with its two predecessors, Windows Server 2003 and Windows Server 2003
R2, Windows 2008 offers some nifty new tools
and innovations, as well as fixes for some old
irritations. However, Windows 2008 doesn't
have the kind of paradigm-busters that
we saw in Windows 2000 Server—which
means that the new OS will be relatively
easy to incorporate into an existing Windows server environment. Unfortunately,
Windows 2008 lacks solutions for some of its
earlier sibling's most significant annoyances
(as did Windows 2003 and Windows 2003
R2). Although Windows 2008 offers many
new technologies, I only have space to cover
a few of its features.
Vista Benefits
Whether you love it or hate it, Vista—Microsoft's newest desktop OS—is the most secure
version of Windows yet. Windows 2008 builds
on Vista's code base, so it inherits Vista's security. In addition, Windows 2008 benefits from
Vista's improved functionality.
64-Bit Is It!
Perhaps the most comprehensive change in
Windows 2008 is an architectural one: 64 bits.
The default processor architecture is now
considered to be 64 bits; 32 bits is pure legacy.
According to Microsoft, Windows 2008 is the
last server OS that the company will offer for
32-bit processors.
Good or bad, you might ask? Wonderful,
I'd say! Yes, 64-bit code is somewhat larger
than the corresponding 32-bit code, but the
AMD64/EM64T chip architecture makes for
easier low-level coding for programs—which
means that developers are more likely to
produce solid code. And even better, 64-bit
architecture frees us from the 4GB address
space and lets Windows grow to 16TB. Because
loading what is essentially the desktop version of Windows 2008—"64-bit Vista Ultimate"—on
a desktop generates a Windows Task Manager
report that Windows is using 1.08GB before
you even start running applications, busting
out of the 4GB limit seems like a very good
idea. And since Exchange Server 2007 already
requires 64 bits, perhaps Windows 2008's 64bit–centricity isn't such a shock.
Server Core
By far, the feature with the single biggest "wow"
factor in Windows 2008 has to be Server Core.
Working with various versions of UNIX and
Linux over the years has made me wish for a
Windows version that's only loosely connected
to its GUI. On a UNIX/Linux server, you can fire
up the GUI just long enough to run a graphical
administration tool, configure the server, then
turn off the GUI. This approach gives you a
server that uses less RAM, needs less CPU power,
and is more secure (simply because less software
equals fewer places for exploitable bugs).
With Windows 2008, I got my wish, to
a certain extent. The Windows 2008 beta
gives you the option of installing either the
full-blown version, or installing Server Core. When I installed Server Core, the installation
was lightning quick. I installed Server Core as
a virtual machine (VM) on a system that was
already fairly busy, and I was stunned that the
entire installation took only 11 minutes, start to
finish, and used just 200MB of RAM.
In addition, Server Core runs on some
downright skinny hardware. Although I don't
suggest that you run a production Server Core
system on a 256MB system, it is possible. Considering that Vista won't even install on a system with less than 512MB of RAM and won't
run worth a darn on a system with less than 1.5GB, I find it eye-opening for Server Core to
show just how much we willingly give away in
computing power in order to have a GUI.
But once you see the Server Core desktop,
you might beg to trade that computing power
to get your GUI back—Server Core's desktop
is nothing more than a command prompt
window. Server Core lacks about 80 percent of
the Windows GUI and completely lacks .NET.
Server Core also can't use Windows PowerShell, although it can use some PowerShell
commandlets.
Before you quit reading right here, using
Server Core isn't as bad as it sounds. You can
use several methods to administer a Server
Core system. For example, you can hunker
down and use the command prompt. Over
the years, Microsoft has added more and
more command-line administrative power to
Windows. Server Core offers several new Call
Level Interface (CLI) tools, making CLI-based
administration more reasonable.
And GUI addicts, fear not—you can still
click to your heart's content. Just fire up a
Microsoft Management Console (MMC)
remote-management snap-in on a full-blown
Windows 2008 system to remotely control your
Server Core system.
Server Core can't do everything that full-blown Windows 2008 can; for example, it
can't host an Exchange server or a SQL Server
machine. It can, however, be a DHCP, WINS,
DNS, or Microsoft IIS server (although without
ASP.NET support); a domain controller (DC);
and a file and print server.
Why use Server Core? Two reasons. First,
as I've said, Server Core runs on much lighter
hardware than the full-blown version of Windows 2008 does. Thus, Server Core might make
more sense as a VM in production than the
complete version makes. Or, Server Core might fit on an inexpensive bit of computer hardware, making a server in a branch office more
feasible than a server requiring more silicon
and iron might be. Second, a smaller software
base offers fewer places for bugs to crop up
that would allow malicious users to attack and
exploit a Server Core system—which Microsoft claims will prevent Server Core systems
from needing patching as often as full-blown
systems. All other things being equal, less
software means better security (which, I think,
is why Microsoft didn't include .NET in Server
Core). And although some of you will disagree
with me, I think Microsoft should keep .NET off Server Core. The .NET platform is a hefty
bit of software with its own security subsystem—adding it to a "minimalist" version of
Windows 2008 that's designed for sturdiness
would defeat the purpose of Server Core. The big question is: Will Server Core sell?
And the answer depends on just one thing:
price. Microsoft says that when you buy a
copy of Windows Server 2008 Standard Edition, Enterprise Edition, or Datacenter Edition,
you'll have the option of installing either the
complete or Server Core version of the software. If so, Server Core is doomed. Why would
someone pay thousands of dollars for a server
OS, then install its reduced-function version?
My prediction is that Server Core will die on
the vine—which would be a shame. Microsoft
should think seriously about making Server
core the Windows 2008 "low-price alternative."
Active Directory Changes
The first change that Windows 2008 brings to
Active Directory (AD) is a new name, Active
Directory Domain Services. ADDS alters Windows-based domains in several ways: read-only DCs (RODCs), fine-grained password
policies, and AD snapshots.
Before I discuss what's new in Windows
2008 AD, let me point out what's not new:
improvements to forest restructuring tools.
Windows 2008 still offers no easy way to merge
forests, pluck a domain from a forest and make it a new forest, merge two domains, or perform
any of the other tasks that mergers, acquisitions, and reorganizations require.
Read-only DCs. Windows 2008 has a new
sort of DC called a read-only domain controller
(RODC), which might be the OS's second-biggest change after Server Core. Recall that prior
to Win2K, domains had just one server with a
read/write copy of the domain accounts—the
server called the primary domain controller
(PDC). All the other DCs had just read-only
copies of the domain accounts; they were
called backup domain controllers (BDCs). In
Win2K, all DCs became equal, with every DC
being a read/write DC.
Previous
Register
