There is an old tongue-twister: Betty bought a bit of
butter, but the butter Betty bought was bitter, so Betty bought better butter to
make the bitter butter better. Well, the Microsoft Windows Server 2003 R2 is
certainly a big improvement on the 'R1' release of the same OS. And the
reason is simple. Remember all those features you were wishing you had for the
past three years? Things to monitor what kinds of files users are placing on
your file servers; the ability to find out who has what stored and where and how
big it is; make your Windows and UNIX servers logon users with a single set of
credentials and so on? The R2 finally answers those wishes and adds all these
facilities for the first time to the Windows Server OS family. But the R2 is not
exactly a full OS by itself --- it is actually an add-on. Before installing the
parts that make the OS 'R2', you need to install the original OS and its
SP1.
Price: $502 (Standard Edition through Open License) |
Meant For: Network administrators |
Key Specs: Facility to manage branch office file servers, identity integration with UNIX servers, more reports across the board |
Pros: Increases manageability and monitoring capabilities of Windows servers |
Cons: None |
Contact: Microsoft Corporation, Gurgaon Tel: 4158000 E-mail: amitkum@microsoft.com |
R2 features task-based consoles like the file server MMC above. Select a task to launch wizards and get assistance |
Roll out
Once you have your target R2 server up with the Server 2003 and SP1 installed,
you're ready to go for installing R2. We've tested the R2 installer with
both a domain configured already on the server and a later ADS installation and
both run without problems. Installation is a single step and like installing
some piece of application software. All it asks for is your permission to start
installation and the update process finishes in a few minutes. Reboot you're
ready to go.
Server roles
One of the first things you'd notice is the set of spanking new roles you
can add to your server. The reverse subjects 'file server' and 'print
server' roles were present earlier in one combined 'file and print
server.' The split into separate entities becomes clearer when you see their
respective management consoles. Now, it is possible to manage storage on your
SANs, replication of your DFS setup and share files with UNIX and Macintosh
systems very easily by installing the relevant options during the file server
role setup. The print server role similarly lets you manage printers and deploy
them on the Active Directory the server is a part of. You can also manage the
drivers for your printers from here. Similarly, you have the 'Sharepoint
Services' role which sets up a Sharepoint Website with remote server
administration similar to what's been available with the SBS 2003.
Active Directory
The ADAM (Active Directory Application Mode) lets the system administrator setup
credential mapping between various token (the Windows NT mode) and authorization
(Active Directory mode) stores for ASP.NET applications. The ADAM setup in R2
requires you to know beforehand what applications you're giving permissions to
and where they are located (URL). You can configure ADAM to pull the
authorization information from a remote stores as well (for which again you need
to have the URN information handy). You cannot provide a generic configuration
or mapping but require precise information about the store provider and the
consuming application.
There is also a new console in the ADS set, and this is to
manage Federation Services (ADFS). What this does is, it allows you to use
single sign on for applications in the same Web user session. Federation takes
the 'trust relationship' principles so far in use with Windows domains some
steps further. You setup claims on what you need from the remote authentication
system and then you can also setup trusts that let you provide authentication
services to remote systems. This configuration is stored as a 'trust policy'
which can take advantage of ADS replication to propagate among different stores
in your organization.
New in reporting
Something that even we in the Labs have been wanting to see in Windows for a
long time has been the ability to see who has gobbled up all the space on the
file server. We also want to know what kinds of files people are storing on them
and restrict them from placing certain types of files. All this was a
complicated task in Windows server OS so far, requiring administrators to write
WMI scripts and setup various scheduled tasks. In R2, all one needs to do is use
Quota Manager. The old Quota Manager only allowed you to specify drive/volume
wise quotas and then see upto what percentage of it a user has used up. The
R2's Quota Management Console lets the administrator perform all kinds of
auditing and find out to what extent the users are in sync with those policies.
For the first time, you can setup quotas by path (this means you can atlast
setup quotas on a single share directory!). File screening (the ability to limit
file types) lets you create your own file groups by extension and then give it a
friendly name. The reports can be scheduled to run at predefined times and saved
to a disk location or sent on by e-mail.
Windows components
Some of the components (like ADAM and the SAN manager) don't come as part
of server roles. They need to be installed as optional Windows components from
Add/Remove Programs>Add/Remove Windows Components. As you browse through the
list of components here, you will notice quite a few new ones as well. It is
however a little cumbersome to manage your installation media while doing this,
since certain components require your original Windows media and the others the
R2 disc.
New in licensing
R2's license is great news for the power virtualizers. Traditionally, your
Windows licensing policy covered all copies of the software that you had in your
stock. But, with R2, MS has changed the policy to contain only running instances
of the OS. This means, if you have ten virtual servers deployed, with only two
of the running, the old model would require you to have ten licenses plus one
(host OS). Under the new regime, you only need two (running instances) plus one
(host). This means, the number of irons you can deploy them on as well as the
number of ready-to-run virtual machines can be greatly increased.
Bottom Line: A great upgrade with lots of new
features, this update is a boon to administrators looking for better ways to
manage the system without needing to look to third party software.
Sujay V Sarma