Windows Server 2008 Review

Windows Server 2008 Review

Windows Server 2008 is the most substantial upgrade to the Windows Server product line since Windows 2000, with a sweeping set of capabilities and a reengineered core that will usher in a new era of 64-bit server computing. Like its Windows Vista stable mate, Windows Server 2008 was in development an achingly long time, and some of its many features were originally slated for its predecessors, Windows Server 2003 and Windows Server 2003 R2. Unlike Vista, however, this lengthy schedule hasn't proven problematic. In fact, it's arguably worked to the product's advantage: This is a refined, mature, and stable operating system that will no doubt power server systems of all kinds for years to come.

Though Windows Server 2008 utilizes an evolved version of the Active Directory (AD) infrastructure that first debuted in Windows 2000, many of the features of this new OS are radical and revolutionary. Key among these major advances are Server Core, which provides a lightweight version of the server aimed at specific workloads, and Hyper-V, Microsoft's hypervisor-based virtualization technology. (This latter technology is currently available only in beta form; see below for details.) As befits a major Windows Server upgrade, however, Windows Server 2008 also includes a slew of smaller functional advances as well as key gains in scalability, reliability, manageability, performance, and security

Charting the changes: A look at new Windows Server 2008 functionality

Windows Server 2008 is feature-rich upgrade with numerous functional advantages over its predecessors. Here are some the changes in this release that I feel will have the biggest customer impact.

Componentization with a purpose
Microsoft has completely rearchitected Windows Server to be functionally componentized, a major change that has wide-reaching ramifications. At a high level, componentization allows for a more easily serviceable system, both for Microsoft and its customers. It also provides for a more secure and reliable system, because communication and dependencies between individual components is kept to a minimum.

More specifically, componentization enables some of Windows Server 2008′s most exciting new functionality, such as its image-based deployment facilities, roles-based management, and Server Core.

Server Manager
While previous versions of Windows Server featured separate management consoles for all of the various roles and features in the OS and, in Windows Server 2003, a simple Manage Your Server dashboard, Windows Server 2008 provides the new Server Manager. This is a true one-stop shop for daily management needs and is the only tool that many Windows administrators will need to use on a regular basis.

The MMC-based Server Manager provides a user interface for managing each installed role and feature on the system, including Active Directory Domain Services, Application Server, DHCP Server, DNS Server, File Services, Terminal Services, Web Server, and many others. It also includes numerous valuable troubleshooting tools like Event Viewer, Services, and Reliability and Performance utilities, configuration tools like Task Scheduler, Windows Firewall, WMI Control, and Device Manager, and the new Windows Server Backup.

What makes Server Manager even more useful is that each section of the console's UI gets its own dedicated home page, each of which includes information pertinent to the role or feature at hand, along with links to fix problems, get more information, and access other tools. It's a thoughtful, well-designed application, both logical and useful.

Server Core
Unlike previous Windows Server versions, most Windows Server 2008 product editions can be installed in two modes, the traditional GUI-based server we've had since Windows NT 3.1 and a lightweight new command line-based environment called Server Core. In this new installation mode, Microsoft has stripped out virtually all the GUI, so there's no shell (Start Menu, taskbar, Explorer windows, etc.), and little in the way of end user applications; such things as Windows Media Player, Internet Explorer, and Windows Mail are all missing, though a few GUI-based applications, like Notepad and Task Manager, are still available. For the most part, the only user interface you'll see in Server Core is a single command line window floating over an empty blue backdrop. It's the ultimate anti-demo.

So what's the point? Server Core is designed to reduce the attack surface of the server to be as small as possible. As such, a Server Core install is also more limited than that of a standard Windows Server 2008 installation. It supports just nine roles, including AD, AD LDS, DHCP, DNS, File, Print, Virtualization (Hyper-V), Web Server, and WMS, compared to 18 roles in the full server.

Because Server Core is still Windows Server 2008, all of the familiar GUI-based management tools will work just fine remotely against this server. What won't work, in addition to the missing roles, is anything that requires a true GUI or the .NET Framework. This cancels out some key Windows Server 2008 functionality, unfortunately, including ASP .NET: Server Core's Web Server role is pretty much static only, supporting only older, non-.NET technologies like ASP.

My expectation is that Server Core will prove hugely popular as an infrastructure (AD, DNS, DHCP, file, print) server and as a low-cost, low-end Web server. It's a product that should compete well with Linux-based solutions.

BitLocker Full-Drive Encryption
BitLocker is a full-drive encryption solution that first debuted in Windows Vista as a way to protect data stored on easily lost and stolen executive notebook computers. It requires TPM 1.2-based hardware to store encryption keys and can be configured via Group Policy.

On the server, BitLocker is particularly valuable for machines stored in branch offices, because those servers are often less well physically protected than the machines back in the home office. If a thief walks off with a BitLocker-protected server, they won't be able to access any of the data stored on the system's hard drives. BitLocker also works really well with some of the other technologies discussed here to create a truly secure and useful branch office solution. (See the RODC section below for an example.)

Read-Only Domain Controller
Read-Only Domain Controller (RODC) is new functionality that allows administrators to optionally configure the AD database as read-only, where only locally cached user passwords are stored on the machine and AD replication is unidirectional, rather than bidirectional.

For more stuff pls visit http://www.systechblog.com/

So why would you want to do this? Today, many organizations are installing servers in branch offices and other remote locations, and these servers often connect back to the home office using slow or unreliable WAN links. That makes AD replication-and even authentication-an arduous and lengthy process. With RODC, the server is typically set up and configured in the home office, shipped to the remote location, and then switched on. From then on, only the user names and passwords of users who hit the server locally-and not the administrator account-are cached locally on the server.

Like BitLocker, RODC is an excellent solution for physically insecure remote servers. Indeed, if you combine RODC with other new Windows Server 2008 technologies like BitLocker and Server Core, you can configure the most secure remote server possible. That way, even hackers who gain physical control of the server can't take over your network. And removing the stolen RODC from your AD is as simple as checking a switch: Only those users who logged on to that machine will need to change their passwords. You won't have to institute an organization-wide emergency, because most users' accounts will not have been cached on that machine.

RODC is somewhat limited in that it can only support a subset of the roles and functionality normally supported on Windows Server 2008. For example, RODC-based servers can support technologies such as ADFS, DHCP, DNS, Group Policy (GP), DFS, MOM (Microsoft Operations Manager), and SMS (System Management Server).



Internet Information Services 7
The new Web server in Windows Server 2008 is driven by a major new update to Internet Information Services (IIS). Like the server itself, IIS 7 is completely componentized so that only those components needed for the desired configuration are installed and, thus, need to be serviced. It sports a drastically improved management console, supports xcopy Web application deployment and delegated administration, and is backed by a new .NET-based configuration store, which replaces the previous, monolithic, configuration store.

Terminal Services
Terminal Services (TS) sees some major changes in Windows Server 2008. The new TS RemoteApp functionality allows admins to remotely deploy individual applications to desktops, instead of entire PC environments, which can be confusing to users. These applications download and run on user desktops and, aside from the initial logon dialog box, function and look almost exactly as they would were they installed locally. This functionality requires the new Remote Desktop client, which shipped in Windows Vista and can be downloaded for Windows XP with SP2 and above.

TS Gateway lets you tunnel TS sessions over HTTPS outside the corporate firewall, so that users can access their remote applications on the road without having to configure a VPN client. This is particularly useful because VPN connections are often blocked at wireless access points, whereas HTTPS rarely is.

TS gets a few small but useful changes as well. These include TS Easy Print, which makes it easy to print to local printers from remote sessions, 32-bit color support in TS sessions; and seamless copy and paste operations between the host OS and remote sessions.

Windows Server 2008 Review
Anuj-Sharma(System Administrator) http://www.systechblog.com

For more stuff pls visit http://www.systechblog.com/