Microsoft made some major inroads with the release of Windows Server 2003. This version of Windows Server became the flagship version, since it proved to be stable and reliable, and was available in a number of different configurations. It became even more reliable when Microsoft released version R2.
Now, with the release of Windows Server 2008 (WS08), Microsoft is making more inroads, as this version provides much more robust and integrated capabilities. Built with a foundation on Windows Vista, WS08 includes many of the features that made this client operating system the best of breed in the marketplace. But, WS08 is a server operating system; as such, its market is not the home user, but businesses and organizations everywhere. This is why the primary audience for this book is the system administrator, whether you are a generalist who is responsible for all system administration tasks in your organization or whether you are a member of a system administration team within a large enterprise.
Our advice to you is pay attention to the structure of this book! It covers both migrations for existing networks and new network installations. With our previous books, we have developed a proven methodology for server system implementations as well as system administration. This methodology relies on careful planning and selection of feature sets, comprehensive preparation, and testing and then, finally, deployment of the selected feature sets. When you use this approach, you will have a better-than-average chance of having a flawless implementation that will run smoothly and that will operate as expected. Too many operators rush into installations and implementations without proper planning and then need to rely on troubleshooting books to try and repair or patch the systems they implemented without proper guidance. This is not that type of book! This book outlines detailed explanations of each new feature in Windows Server 2008, and then it provides guidance on how to implement them. Because we do not work for Microsoft, we do not need to provide information for every possible installation situation. Instead, we provide known recipesrecipes that are proven to work when you want to use a specific feature set. If you use the recommended approaches we outline, then you will meet some very specific goals that will provide some very compelling benefits.
Weve gathered feedback on our approaches through the delivery of multiple courses and conferences over the past few years as well as through direct interaction with customers. This feedback proves that when system administrators rely on our administration practices, they finally gain control over their schedule and dont work in reactive mode all the time. In many cases, they only work overtime for very special situations, not on a regular basis, like many administrators do today. Isnt that a worthwhile goal?
Resource Pools vs. Virtual Service Offerings
In addition, this book outlines a new approach to the delivery of IT service offerings. This approach is based on virtualization, now that virtualizationthe ability to run a guest operating system (OS) or a virtual machine inside a host OSis a core element of the new datacenter. This approach was popularized by manufacturers such as VMware, Citrix, and Virtual Iron, as well as Microsoft themselves through the delivery of a series of different products aimed at supporting the ability to run virtual machines. In this approach, service offerings, or the services your end users interact with, are delivered inside virtual machines. Hardware systems are only used to run the virtualization services, or hypervisor, that expose resources to the virtual service offerings. As you will see, this approach liberates the service offerings from their dependency on hardware and provides the foundation for a dynamic datacentera datacenter where you can allocate resources as needed to meet the demand of the moment. In addition, using virtualized service offerings will enable almost any datacenter to have a simplified disaster recovery and business continuity strategy. This approach revolutionizes the way IT administrators have managed service offerings in the past and lets them look to the future, with a greater breadth of possibilities.
NOTE Hyper-V, the new integrated virtualization engine in Windows server, is not included in the original release of WS08. Instead, it has been marked for availability after the market version has been released. You will need to download the virtualization components from the Microsoft web site at http://downloads.microsoft.com.
New Feature Listings
OK. Now that we have laid down our approach, lets get to it. The very first thing you need to do when examining a new operating system is to understand its new feature set. Next, you need to wade through the sometimes hundreds of new features in order to identify which ones apply to organizations of your size and structure. Once this is done, you need to identify which of these features you want to implement, when you want to implement them, and how you will proceed. This is the structure of this book. In this chapter, we begin by laying out the general categories of the new WS08 feature set and then go on to examine each new feature in depth, identifying who it applies tosmall, medium, or large organizationsas well as laying out a recommended timeframe for implementation of this feature. Each feature is laid out in a grid that covers core elements. This chapter is also available online on the companion web site (www.reso-net.com/livre.asp?p=main&b=WS08) so that you can integrate it into your own technical architecture documentsdocuments you will create in support of your planned WS08 migration or implementation. We recommend that you read this chapter carefully, mark those features you think apply to your organization, download our document, and remove or at least indicate which features do not apply to your organization. This will greatly facilitate your implementation and set you well onto the path for migration or new network design.
NOTE Actually, the very first step you should address when changing server operating system is to review your business objectives to make sure that the selections you make will be in line with your business needs. How to do this is beyond the scope of this book, but we have written a series of articles on the subject of developing an enterprise architecture and identifying business requirements. You can find these articles at www.reso-net.com/articles.asp?m=8 under the Architectures heading. This should greatly assist you in outlining what you need to gather in terms of information about the business before you proceed.
Microsoft Windows Server 2008: The Complete Reference; Copyright 2008, The McGraw-Hill Companies
Build the Windows Server 2008 Network
Networks of all sizes require specific features and
functionalities to provide support for
the organizations that use them. As mentioned earlier, this book addresses the needs of organizations of all sizessmall, medium, and largein terms of the networking functionality you can draw from Windows Server 2008. But to do so, it is important to begin with the establishment of some core principles. Two principles in particular are essential at this point:
- A common definition of the meaning of small, medium, and large in terms of networking and network functionality
- A common definition of the various functions any network requires and an identification of where WS08 adds new or enhances existing functionality
The latter will help you understand where you can see gains with the addition of Windows Server 2008 to your existing network. If youre building a brand-new network, youll find that WS08 can support almost any networking function and provides an excellent means to support team productivity for any size of organization.
Organization Size Definitions
WS08 has been designed to respond to the needs of organizations of all sizes, whether you are a company of one working in a basement somewhere or whether your organization spans the globe, with offices in every continent. Obviously, there is a slight difference in scale between the two extremes, but for the purposes of this book, it is important to provide a definition of what is meant when we address the needs of small, medium, and large organizations. Each of these is defined as follows:
- Small organizations are organizations that include only a single site. They may have several dozens of workers, but given that they are located in a single site, their networking needs are fairly basic.
- Medium organizations are organizations that have more than one site but less than ten. The complexities of having a network with more than one site address the networking needs of medium organizations.
- Large organizations are organizations that have ten sites or more. In this case, organizations need more complex networks and will often rely on services that are not required at all by the two previous organization sizes.
Small organizations have all of the requirements of a basic network and will normally implement a series of technologies, including directory services, e-mail services, file and printer sharing, database services, and collaboration services. Even if the organization includes a very small number of people, these services will often be at the core of any networked productivity system. For this reason, it is often best for this type of organization to use Windows Small Business Server 2008 (SBS08), because it is less expensive and it includes more comprehensive applications for e-mail and database services. Nevertheless, some organizations opt for Windows Server 2008 anyway, because they are not comfortable with the limitations Microsoft has imposed on the Small Business Server edition. For example, it is always best and simpler to have at least two domain controllers running the directory service because they become automatic backups of each other. SBS08 can only have a single server in the network and therefore cannot offer this level of protection for the directory service. This is one reason why some small organizations opt for Windows Server 2008 even if it is more costly at first. However, realizing this business need, Microsoft is releasing Windows Essential Business Server 2008 (WEBS) as a multi-component server offering for these organizations. WEBS is made up of three server installations:
- Windows Essential Business Server Management Server To manage the WEBS network as well as worker collaboration and network services centrally.
- Windows Essential Business Server Security Server To manage security, Internet access, and remote-worker connectivity.
- Windows Essential Business Server Messaging Server To provide messaging capabilities.
Medium organizations face the challenge of having to interconnect more than one office. While small organizations have the protection of being in a single location, medium organizations often need to bridge the Internet to connect sites together. This introduces an additional level of complexity.
NOTE Secondary sites may or may not have administrative personnel on site. This adds to the complexity of working with and managing remote sites.
Large organizations have much more complex networks that provide both internal and external services. In addition, they may need to interoperate in several languages and will often have internally developed applications to manage. Large organizations may also have remote sites connected at varying levels of speed and reliability: Integrated Services Digital Network (ISDN) or dial-up. From a Windows standpoint, this necessitates a planned replication and possibly an architecture based on the Distributed File System (DFS). For this reason, they include many more service types than small or medium organizations.
This book addresses the needs of each organization type. When core networking features are addressed, they will apply to all levels of organizations, since best practices for network service implementations should be used no matter which organization size you have. Interconnection issues will address the complexities of medium and large networks, and finally, advanced network functionalities will address the needs of very large organizations. If you find that your organization does not quite fit this trend, rely on the information provided for the other organization types to supplement your networking configuration requirements.
Microsoft Windows Server 2008: The Complete Reference; Copyright 2008, The McGraw-Hill Companies
Common Networking Functions
WS08 includes features and functionalities that support almost every conceivable networking service. But not all of these functionalities are new or updated in Windows Server 2008. It is, therefore, important to first establish a common vocabulary on standard networking services and then identify where WS08 brings new features and functionalities to help draw a graphical map of the new WS08 features. This will provide you with a simple graphical layout of the new Windows Server 2008 feature set.
Small organizations or networks that include only a single site will often include a basic set of networking services. These services tend to focus on the following:
· Domain Services Using Active Directory to centrally store and manage all user accounts makes sense in organizations of all sizes. The alternativeusing workgroup practicesmeans having to manage multiple security account databases, one on each server or workstation, in fact. Active Directory is so simple to use that it simply does not make sense to use anything else.
NOTE Active Directory Domain Services (ADDS) relies on the Domain Name System (DNS) to operate. Therefore, any installation of ADDS will require at least one server running the DNS service. Note that in small-scale ADDS installations, you are automatically prompted to perform a simple DNS installation.
- File and Printer Sharing Storing documents centrally has always made sense because you only have to protect one single location. Every organization has a use for central file and printer management, even if new collaboration features offer a better way to manage documents and have teams interact.
- Collaboration Services With Windows SharePoint Services (WSS), organizations can have teams interact with each other through a Web-based team structure. Since almost all organizational activity takes the form of a project, using team sites and collaboration services only makes sense, especially since WSS is so easy to install and manage.
- Database Services Windows SharePoint Services relies on a databasein this case, the Windows Internal Database, which is, in fact, a version of SQL Server Embedded edition.
- E-mail Services Most organizations also rely on e-mail services. Though Windows Server 2008 does provide the simple message transfer protocol (SMTP) service, organizations usually opt for a professional e-mail service, such as that provided by Microsoft Exchange Server.
- Backup and Restore Services All organizations will want to partake of Windows Backup to protect their systems, both at the data and the operating system level. The new Backup tool in Windows Server 2008 provides protection for both.
These often form the basic services that most organizations require. Optionally, even small organizations will also rely on the following services:
- Firewall Services Any organization that has a connection to the external world through the Internet will want to make sure they are completely protected. The only way to do so is to implement an advanced firewall service.
- Fax Services Windows Server 2008 can provide integrated fax services, freeing organizations from needing a conventional fax machine.
- Terminal Services Terminal Services (TS) provides the ability to run applications on a server instead of on the users workstation. The advantage of this is that organizations need to manage applications only in one central location. In addition, with Windows Server 2008, the use of TS applications is completely transparent to end users, since it appears as if they are working off the local machine.
CAUTION Terminal Service applications are not appropriate for mobile or disconnected users because they do not offer any kind of offline caching. Therefore, when a user is disconnected, they do not have access to TS applications.
- Hyper-V This is a core service of the new datacenter. It supports the virtualization of all other service offerings. This service is installed on all hardware, and all other services are installed within virtual machines.
- Network Access Services (NAS) With the proliferation of home offices, more and more organizations are relying on network access services, such as virtual private networks (VPNs), to let home workers access the corporate network over common home-based Internet connections.
- Deployment Services With the advent of new Windows Deployment Services in Windows Server 2008, many organizations will want to take advantage of this feature to automate the installation and deployment of Windows XP and Windows Vista machines. Larger organizations will definitely want to use these services to deploy servers as well as workstations.
- Windows Server Update Services With the proliferation of attacks on systems of all types, organizations of all sizes will want to make sure they implement a system for keeping all of their computersworkstations and serversup to date at all times. Windows Server Update Services (WSUS) is not part of WS08, but is free and can be obtained at www.microsoft.com/windowsserversystem/updateservices/downloads/WSUS.mspx. Registration is required to obtain the download.
In addition, any organization that includes more than one site will need to ensure that the services they provide at one site are available at any other. This is done through a series of different features, which rely mostly on either a duplication of the base services in remote sites or the use of a replication mechanism to copy data from one location to the other. The implementation of these systems is more complex than single-site structures.
Larger organizations will add more services to their network just because of the nature of their organization. These will include:
- Certificate Services Anyone who wants to control identity and ensure that users are who they claim they are at all times will want to take advantage of Active Directory Certificate Services, a public key infrastructure system that provides electronic certificates to users and machines in order to clearly identify who they are.
NOTE For more information on public key infrastructures (PKI), see the Advanced Public Key Infrastructures section at www.reso-net.com/articles.asp?m=8.
- Rights Management Services Organizations concerned about the protection of their intellectual data will want to implement Active Directory Rights Management Services (ADRMS). ADRMS can protect electronic documents from tampering through the inclusion of protection mechanisms directly within the documents.
- Advanced Storage Organizations maintaining large deposits of information will want to take advantage of advanced storage systems, such as storage area networks (SANs). Windows Server 2008 provides new ways to access and manage SANs.
- Clustering Services and Load Balancing Organizations running N-tier applicationsapplications that are distributed among different server roleswill want to protect their availability through the use of the Windows Clustering Service (WCS)a service that provides availability through a failover capacity to another server running the same serviceand/or Network Load Balancing (NLB)a service that provides availability through the use of multiple servers running identical configurations.
- Database Services Organizations relying on large data structures will want to run more than the Windows Internal Database and will rely on other versions of SQL Server to protect their databases.
- Web Applications Organizations providing custom services, both internally and externally, will need to rely on Internet Information Services (IIS) to deliver a consistent Web experience to end users.
- Middleware Services Organizations running N-tier applications will want to support them with middleware, such as the Microsoft .NET Framework, COM+, and other third-party components. These run on middleware servers.
- Key Management Services Organizations that take advantage of Microsoft Software Assurance and Volume Licensing will want to implement this new WS08 role. Key Management Services (KMS) controls the activation of Microsoft volume-licensed software from both clients and servers from within your firewall.
Microsoft Windows Server 2008: The Complete Reference; Copyright 2008, The McGraw-Hill Companies