Mastering windows server 2003

Using Your Sybex Electronic Book

To realize the full potential of this Sybex electronic book, you must have Adobe Acrobat Reader with

Search installed on your computer. To find out if you have the correct version of Acrobat Reader, click on

the Edit menu—Search should be an option within this menu file. If Search is not an option in the Edit

menu, please exit this application and install Adobe Acrobat Reader with Search from this CD (double￾click on AcroReader51.exe in the Adobe folder).

Navigation

www.sybex.com

Click here to begin using

your Sybex Elect ronic Book!

Find and Search

Navigate throught the book by clicking on the headings that appear in the left panel;

the corresponding page from the book displays in the right panel.

To find and search, click on the toolbar or choose

Edit > Find to open the "Find" window. Enter the word

or phrase in the "Find What" field and click "Find." The

result will be displayed as highlighted in document.

Click "Find Again" to search for the next consecutive entry.

The Find command also provides search parameters such as

"Match Whole Word Only" and "Match Case." For more

information on these features, please refer to the Acrobat

Help file in the application menu.

San Francisco London

Mastering™

Windows®

Server 2003

Mark Minasi

Christa Anderson

Michele Beveridge

C.A. Callahan

Lisa Justice

Associate Publisher: Neil Edde

Acquisitions and Developmental Editor: Chris Denny

Production Editor: Kylie Johnston

Technical Editor: Jim Kelly

Copyeditor: Sally Engelfried

Compositor: Interactive Composition Corporation—Rozi Harris

Graphic Illustrator: Interactive Composition Corporation—Rozi Harris

CD Coordinator: Dan Mummert

CD Technician: Kevin Ly

Proofreaders: Laurie O’Connell, Yariv Rabinovitch, Nancy Riddiough, Monique van den Berg

Indexer: Ted Laux

Book Designer: Maureen Forys, Happenstance Type-O-Rama

Cover Designer: Design Site

Cover Illustrator/Photographer: Tania Kac, Design Site

Copyright © 2003 SYBEX Inc., 1151 Marina Village Parkway, Alameda, CA 94501. World rights reserved. No part of this publication may be

stored in a retrieval system, transmitted, or reproduced in any way, including but not limited to photocopy, photograph, magnetic, or other record,

without the prior agreement and written permission of the publisher.

An earlier version of this book was published under the title Mastering Windows 2000 Server, Fourth Edition © 2002 Sybex Inc.

Library of Congress Card Number: 2002115479

ISBN: 0-7821-4130-7

SYBEX and the SYBEX logo are either registered trademarks or trademarks of SYBEX Inc. in the United States and/or other countries.

Mastering is a trademark of SYBEX Inc.

Screen reproductions produced with FullShot 99. FullShot 99 © 1991–1999 Inbit Incorporated. All rights reserved.

FullShot is a trademark of Inbit Incorporated.

The CD interface was created using Macromedia Director, COPYRIGHT 1994, 1997–1999 Macromedia Inc. For more information on

Macromedia and Macromedia Director, visit www.macromedia.com.

Internet screen shots using Microsoft Internet Explorer 5 reprinted by permission from Microsoft Corporation.

TRADEMARKS: SYBEX has attempted throughout this book to distinguish proprietary trademarks from descriptive terms by following the

capitalization style used by the manufacturer.

The author and publisher have made their best efforts to prepare this book, and the content is based upon final release software whenever possible.

Portions of the manuscript may be based upon pre-release versions supplied by software manufacturer(s). The author and the publisher make no

representation or warranties of any kind with regard to the completeness or accuracy of the contents herein and accept no liability of any kind

including but not limited to performance, merchantability, fitness for any particular purpose, or any losses or damages of any kind caused or alleged

to be caused directly or indirectly from this book.

Manufactured in the United States of America

10 9 8 7 6 5 4 3 2 1

Software License Agreement: Terms and Conditions

The media and/or any online materials accompanying this book

that are available now or in the future contain programs and/or text

files (the “Software”) to be used in connection with the book.

SYBEX hereby grants to you a license to use the Software, subject to

the terms that follow. Your purchase, acceptance, or use of the Software

will constitute your acceptance of such terms.

The Software compilation is the property of SYBEX unless otherwise

indicated and is protected by copyright to SYBEX or other copy￾right owner(s) as indicated in the media files (the “Owner(s)”). You

are hereby granted a single-user license to use the Software for your

personal, noncommercial use only. You may not reproduce, sell, dis￾tribute, publish, circulate, or commercially exploit the Software, or

any portion thereof, without the written consent of SYBEX and the

specific copyright owner(s) of any component software included on

this media.

In the event that the Software or components include specific license

requirements or end-user agreements, statements of condition, dis￾claimers, limitations or warranties (“End-User License”), those

End-User Licenses supersede the terms and conditions herein as to

that particular Software component. Your purchase, acceptance, or

use of the Software will constitute your acceptance of such End-User

Licenses.

By purchase, use, or acceptance of the Software you further agree to

comply with all export laws and regulations of the United States as

such laws and regulations may exist from time to time.

Reusable Code in This Book

The author(s) created reusable code in this publication expressly

for reuse by readers. Sybex grants readers limited permission to reuse

the code found in this publication, its accompanying CD-ROM or

available for download from our Web site so long as the author(s)

are attributed in any application containing the reusable code and

the code itself is never distributed, posted online by electronic

transmission, sold, or commercially exploited as a stand-alone

product.

Software Support

Components of the supplemental Software and any offers associated

with them may be supported by the specific Owner(s) of that mate￾rial, but they are not supported by SYBEX. Information regarding

any available support may be obtained from the Owner(s) using

the information provided in the appropriate read.me files or listed

elsewhere on the media.

Should the manufacturer(s) or other Owner(s) cease to offer

support or decline to honor any offer, SYBEX bears no respon￾sibility. This notice concerning support for the Software is

provided for your information only. SYBEX is not the agent or

principal of the Owner(s), and SYBEX is in no way responsible

for providing any support for the Software, nor is it liable or

responsible for any support provided, or not provided, by the

Owner(s).

Warranty

SYBEX warrants the enclosed media to be free of physical defects

for a period of ninety (90) days after purchase. The Software is not

available from SYBEX in any other form or media than that

enclosed herein or posted to www.sybex.com. If you discover a

defect in the media during this warranty period, you may obtain

a replacement of identical format at no charge by sending the defective

media, postage prepaid, with proof of purchase to:

SYBEX Inc.

Product Support Department

1151 Marina Village Parkway

Alameda, CA 94501

Web: www.sybex.com

After the 90-day period, you can obtain replacement media of identical

format by sending us the defective disk, proof of purchase, and a check

or money order for $10, payable to SYBEX.

Disclaimer

SYBEX makes no warranty or representation, either expressed or

implied, with respect to the Software or its contents, quality, perfor￾mance, merchantability, or fitness for a particular purpose. In no

event will SYBEX, its distributors, or dealers be liable to you or

any other party for direct, indirect, special, incidental, consequential,

or other damages arising out of the use of or inability to use the Soft￾ware or its contents even if advised of the possibility of such damage.

In the event that the Software includes an online update feature,

SYBEX further disclaims any obligation to provide this feature for

any specific duration other than the initial posting.

The exclusion of implied warranties is not permitted by some states.

Therefore, the above exclusion may not apply to you. This warranty

provides you with specific legal rights; there may be other rights that

you may have that vary from state to state. The pricing of the book with

the Software by SYBEX reflects the allocation of risk and limitations

on liability contained in this agreement of Terms and Conditions.

Shareware Distribution

This Software may contain various programs that are distributed as

shareware. Copyright laws apply to both shareware and ordinary

commercial software, and the copyright Owner(s) retains all rights.

If you try a shareware program and continue using it, you are

expected to register it. Individual programs differ on details of trial

periods, registration, and payment. Please observe the requirements

stated in appropriate files.

Copy Protection

The Software in whole or in part may or may not be copy-protected

or encrypted. However, in all cases, reselling or redistributing these

files without authorization is expressly forbidden except as specifically

provided for by the Owner(s) therein.

Dedicated to the memory of Scott Anderson

(1964–2002). Christa’s husband was, for lack of better

words, a great guy. I (Mark) met him in 1992 and thus

was fortunate enough to enjoy his company for a decade.

He was a smart, funny, capable-at-nearly-everything

person who told good stories, played games masterfully,

and brewed good beer. It has to be one of life’s great

ironies that a man with so much heart was betrayed by

that very organ, and far too soon.

As a computer type, I’m used to a world of reversible

catastrophes; there are always backups. It is daunting

to be reminded that some things can’t be restored.

Even precious things.

Acknowledgments

This book was a lot of work, so I’m sure glad I didn’t have to do most of it!

This is essentially the twelfth edition of the Mastering NT Server book that debuted in 1994. In every

other edition, we always had contributors who only worked on a chapter or a less, and so did not

get co-author credit. This time, I wanted everyone who worked on it to get their name on the cover,

and turned to two old tried-and-true contributors. Christa Anderson has contributed in a major way

to every version of this book, and this one is no exception. Lisa Justice’s work also appeared in the

past six editions and she is a welcome addition to this one as well.

This book also introduces two newcomers to book writing, but not to networking. Michele Beveridge,

the University of Georgia’s Active Directory architect, and veteran tech teacher C.A. Callahan

come from solid backgrounds in both working with technology and communicating it, and I think

you’ll agree that their first outing as geek book co-authors is a successful one. They dug into every

chapter, forsaking family and friends in order to get this done. I owe all four co-authors quite a bit,

and am quite thankful for their efforts. (Additionally, Michele tells me that a techie friend of hers,

Martijn Middleplaats, helped her with some of the heavy lifting by researching some of her chapter

material. She thanks him and so do I.)

While this should have been an easy book to write, it wasn’t, as I’ll explain in the Introduction—

that’s my fault. That made life horrendous for the Sybexers involved, and I can’t thank them enough

for their help in getting this volume out.

Chris Denny and Neil Edde got the ball rolling, and Sally Engelfried edited the chapters. Many

thanks also to technical editor Jim Kelly for his painstaking checking and verifying.

There is, of course, the whole production crew to thank as well. Without them, all we’d have is

a collection of electronic files. Kylie Johnston steered the project smoothly through the production

channels, as she did with previous editions; Rozi Harris at Interactive Composition Corporation trans￾formed the manuscripts into the handsome book before you; and the proofreaders—Laurie O’Connell,

Yariv Rabinovitch, Nancy Riddiough, and Monique van den Berg—scrutinized the many pages to

ensure that no stone was left unturned. Thanks also to Ted Laux, the indexer, and Dan Mummert and

Kevin Ly of the CD team.

Finally, we could not have done this without the assistance of Microsoft, who not only created the

product but also allowed us to see it before it was finished.

Introduction

I said it in the Acknowledgments, and I’ll say it again: man, was this book a lot of work! But trust

me, I don’t say that to complain; rather, it lets me explain—to explain what is probably the question

in most prospective readers’ minds:

“Is this a book only for people who use Windows Server 2003?”

The answer is, definitely not. Yes, it’s a Server 2003 book—but it’s also basically Mastering Windows 2000

Server, FIFTH edition. Here’s what I mean.

When planning this book, I decided early on that it had to have two major goals. First, it had

to cover the new features in Server 2003, or the title would be downright wrong. But the differ￾ences between 2000 and 2003 are, while not insignificant, not huge either. And that led me to the

second goal. I’m guessing that almost no one reading this will have thrown away all of their “old”

Windows 2000 Server systems when adopting Server 2003; as a matter of fact, many of you tell

me that you’re still running Windows NT 4 Servers! Nor is that a bad thing—NT 4 and Win2K

are both really good tools, in my opinion. Yes, in some ways Server 2003 is better—and you’ll learn

those ways in this book—but not so much better that many can justify tossing out the Win2K

systems to make room for Server 2003. No, I’m guessing that Server 2003 will move into your network

gradually, and so you’ll be living in a server environment that includes both Windows 2000 Server

and Windows Server 2003 for quite a while. That’s why I asked my co-authors to “think of this

as the Fifth!”

Instead of taking the Mastering Windows 2000 Server book and looking for things that we’d have to

change to make it a Server 2003 book, we started with the topics that previous editions of the Win￾dows 2000 Server book explored and took them further, to build on the book series’ growth. For

example, previous editions didn’t consider a lot of Active Directory maintenance issues, like checking

database integrity or compacting the database, so this one did, even though it wasn’t a new-to-2003

topic. A look at the Macintosh chapter will reveal that what wasa chapter consisting of only a handful

of pages in previous editions is now 50 or so pages long, with completely new information on

Mac OS/X clients.

We tried, then, to make this essentially two books in one; I hope you think we succeeded.

What’s Inside

In Chapter 1, I briefly list and explain what’s new in Windows Server 2003. As you’ll see, Server 2003

is basically 2000 Server, version 1.1. But when you consider what a big product Windows 2000

Server is, and what a major change it was from NT 4, then you’ll understand that even just a 1.1 version

of 2000 would involve a lot of changes—this chapter outlines them. In Chapter 2, I offer a basic

answer to the question, “Why do we network?” for those who are just joining us. Folks who have no

idea what a domain is, or why they’d want one, should take a look at Chapter 2 and in no time you’ll

sound like a grizzled network veteran.

Lisa Justice then shows you in Chapter 3 how to navigate the Server 2003 user interface. Thank

God it wasn’t as large a change as the NT-to-2000 shift, and that it doesn’t come out of the box

configured in the XP “Playskool” user interface. But you’ll find a few things have changed, and Lisa

will guide you through the new stuff. She also walks you through the process of creating your own user

interface with taskpads, a great way to build customized tools for administrators.

XXXII INTRODUCTION

The user interface is one way to control Server 2003, and that’s why Lisa covers it in Chapter 3.

But the other way is via the Registry, 2000’s place to store system settings and home to hundreds of

undocumented or poorly documented switches, dials, knobs, and levers. No NT, 2000, XP, or 2003

techie can last long without a bit of Registry work, and so in Chapter 4 I introduce it.

By now, you’ll be itching to load it up and try it out, so in Chapter 5 I not only show you how

to shove a CD into a drive and answer questions, but I also cover scripting 2003 installs, using the

Remote Installation Server, and finally, how Sysprep can make setting up systems and cloning them

easier. Microsoft has made automated rollouts—scripts, RIS, and Sysprep—quite a bit easier and

more powerful. Study Chapter 5 and you’ll see how to deploy 2003 with style and grace…but mostly

with a minimum of effort on your part!

Chapters 6 and 7 permit me to explain how TCP/IP works, both in a general sense and in the specific

sense of configuring Server 2003 to use it. In Server 2003, Microsoft has taken another baby step

toward making the NT platform an IP-only platform, as NetBEUI is no longer even an option for

protocols. Chapter 6 explains the basics: how to get on an internet; how IP addresses, subnet masks,

and routing work; and how to use a Server 2003 as a router. Chapter 7 then explains the three basic

TCP/IP services that every Microsoft network needs: DHCP, WINS, and DNS. Server 2003

doesn’t really do much that’s new in DHCP and WINS, but DNS now offers several new features,

all of which the chapter covers. The biggest changes in the chapter, however, are in the structure of

the DNS section, which now spans almost 200 pages. It’s not only a primer on DNS; in this edition

I completely reoriented the discussion and the examples around building not just any DNS infra￾structure, but a more secure infrastructure, using split-brain DNS techniques—and if you don’t know

what that means, don’t worry, the chapter covers it all. You’ll also see in Chapters 6 and 7 that I’ve

worked hard to unify the step-by-step examples so that they all fit together, allowing you to follow

along and build a small network that is then completely ready for Active Directory…which is the next

chapter’s topic.

Chapter 8 is basically a medium-sized book in itself, at 81,000 words and 110-plus figures. It

takes you from the basics of “What is an Active Directory and why would you want one?” to design￾ing an AD, implementing one, managing it, optimizing it, rearranging its structure when necessary,

and fixing it when it breaks. Server 2003’s changes permeate this topic, as you’ll see. The migration

section is much larger than in the 2000 Server book, and it and the rest of the chapter offers many

step-by-step examples that allow you to build a small working AD.

Lisa returns in Chapter 9 to explain the ins and outs of creating and managing user accounts.

That’s a big topic, as it includes user profiles and group policies, which Lisa explains in detail. She also

showcases and shows you how to use 2003’s new Resultant Set of Policies troubleshooting tool for

group policies. GP fans will love it.

Windows 2000 handles storage differently than NT did, and 2003 changes things a bit more, as

you’ll learn in Chapter 10. In that chapter, Michele Beveridge shows you how to connect, partition,

and format drives, and she also covers Windows 2000’s RAID functions. I was very fortunate to get

Michele’s help on this book, as she’s responsible for the University of Georgia’s Active Directory,

both its design and implementation. Her years of real-world, in-the-trenches experience with NT in

its various forms show through in her coverage of both this and the companion Chapter 11. That

chapter covers shared folders, including how to secure those shares with both share and NTFS

permissions, as well as coverage of Windows 2000 and Server 2003’s Distributed File System and the

File Replication Service. In that chapter, you’ll also learn about the Encrypted File System—which

INTRODUCTION XXXIII

has changed in some subtle but important ways since Windows 2000—and offline folders, a modifi￾cation of the network redirector that offers greater network response, laptop synchronization support,

and network fault tolerance.

C.A. Callahan joins us in Chapter 12 to describe one of 2000, XP, and 2003’s nicest features

for desktop support folks: central software distribution. Callahan has been in the technical teaching

business for many years and has a well-honed talent for digging into a topic, getting excited about

it, and explaining to you so that you’ll be excited about it as well. (She’s also a Mac geek, which is why

she rewrote the Mac chapter [Chapter 16] completely and made it about ten times larger than it

was before.) Christa returns in Chapter 13 to describe how to network printers under Server 2003.

Lisa then explains, in Chapter 14, how to connect client PCs to a Server 2003 network, whether those

PCs are running DOS, Windows, or whatever. And you may be surprised to hear that it’s now impossible

to connect a DOS or Windows 9x system to a 2003-based Active Directory…unless you know the

trick. (Of course, Lisa lets you in on the secret.)

Christa then warms to a favorite topic of hers in Chapter 15, where she covers the built-in Terminal

Services feature of Server 2003 and remote server administration in general. And if you have no idea

what Terminal Services does, check out that chapter: Terminal Services makes your Server 2003 system

a multiuser computer, in many ways combining the best of the PC and the mainframe! Then, in

Chapter 16, Callahan “cracks the Mac,” as I’ve already mentioned.

Once your organization is connected to the Internet, you’ll probably want to get a Web server up

and running. Server 2003 includes a Web server, as did NT 4 and Windows 2000, but 2003’s IIS 6

is built to be both more secure and more reliable, so you won’t want to miss Lisa’s coverage of it,

including not only the Web piece but also the FTP server piece, the SMTP mail server, and 2003’s

new POP server. Yes, that’s right, Server 2003 now comes with a complete e-mail server service built

in, and you can read about it in Chapter 17.

Then, in Chapter 18, Christa offers some advice and instruction on tuning and monitoring a

Server 2003–based network, and in Chapter 19, she looks at disaster recovery—never a happy topic,

but a necessary one.

Michele returns for a lengthy and quite complete look at dial-up, ISDN, and frame relay support

in Routing and Remote Access Service (RRAS) in Chapter 20. Callahan then finishes the book with

coverage of NetWare coexistence in Chapter 21.

Conventions Used in This Book

As you know, when discussing any network technology, things can get quite complex quite quickly,

so I’ve followed some conventions to make them clearer and easier to understand.

Referring to Windows NT, 2000, XP, and 2003

Throughout this book, you’ll see me refer to Server 2003, Windows 2000, NT 4, and just plain NT.

I don’t want to confuse, so let me clarify what I mean when I use those terms.

When I say “Server 2003,” “Windows 2000” or “NT 4,” then of course I mean those particular

products. But when I say “NT,” I’m referring to the various versions of the NT operating system that

have come out, including NT 4, Windows 2000, Windows XP, and Windows Server 2003. Despite

the name change from NT-version-something to Windows-model-year, under the hood, NT 4,

2000, XP, and 2003 are quite similar. The underlying kernel, the piece of the operating system that

XXXIV INTRODUCTION

manages memory, handles multitasking, and loads and unloads drivers, changes with every revision,

but not in any earthshaking way. For example, from NT 4 to 2000 the look of NT changed, but under

the hood the main kernel difference we saw as administrator types was Plug and Play. Basically, you

can think of it this way:

◆ Windows 2000 = NT 5.0, in both Workstation and Server flavors.

◆ Windows XP Professional = NT 5.1 Workstation. (XP Home is also NT 5.1 Workstation,

but crippled. Don’t use it.)

◆ Windows Server 2002 = NT 5.2 Server, no Workstation version. (The next version of

Workstation probably won’t appear until 2005, code-named “Longhorn.”)

I wish they’d just kept calling things “NT version something,” because then simply saying “NT”

would obviously refer generically to all versions of the OS. In this book, therefore, I’m going to use

the phrase “NT networks” to mean “anything running NT 4, 2000, XP and/or 2003.” When I’m

talking about NT 4–based things, I’ll include the “4.”

Call It “Server 2003”

And speaking of names…Microsoft is working so hard to “brand” the name Windows that now

they’ve attached the name to three totally different operating systems. The first of the “original”

Windows—versions 1.0, 2.0, 2.1, 3.0, 3.1, 3.11, Windows for Workgroups 3.1 and 3.11, Windows 95

and 98—is an ever-evolving operating system built to extend the life of Microsoft’s cash cow,

MS-DOS. The second was NT, a project intended originally to extend an older operating system

named OS/2. And the third is Windows CE, an OS designed for smaller, diskless computers,

including the of-dubious-value “AutoPC,” a computer designed for your car’s dashboard. (Oh

great, now I get to worry that the bozo in front of me in traffic will be distracted playing Warcraft;

good call, Bill.)

Now, of course, what should have been called “NT Server 5.2” has the much-longer name

“Windows Server 2003, Standard Edition.” If I stopped to write that every time I needed to identify

the product, I wouldn’t get the book done until about 2009, so permit me to just shorten it to

“Server 2003.”

I can’t wait until Microsoft sends Pella and Andersen cease and desist letters enjoining them from

using the word “Windows” in their corporate name and product-line descriptions.

Directory Names: \windows, system32

In a change from previous versions of Server, Windows Server 2003 installs by default into a direc￾tory named \windows on some drive. Upgrades from previous versions stay in whatever directory you

installed the previous version in—probably \winnt. You can decide at installation time to put the

operating system somewhere else, but almost no one does.

As a result, I have a bit of a problem: I often need to refer to the directory that Server 2003 is

installed into, and I need a phrase less cumbersome than “whatever directory you installed your server

into” or the brief and technically accurate but nonintuitive %systemroot%. So you’ll see references to

the \windows directory, which you should read as “whatever directory you’ve installed Windows

Server 2003 into.”

INTRODUCTION XXXV

Similarly, both Server 2003 and every other version of NT includes a directory inside \winnt or

\windows or whatever called system32—\winnt\system32 on older OSes and upgrades, \windows\

system32 on fresh installs. I’ll refer to that directory as system32. But let me stress this: If you see a

reference in this book to \windows or \windows\system32 and you do not have a \windows or \windows\system32,

don’t panic—just substitute \winnt and it’ll work.

Stay Up-to-Date with Our Free Newsletter

With the first version of this book, I tried out a way to keep you folks informed about book errata,

changes to the NT family, or just plain new stuff that I’ve learned. No matter how long 2003 stays

around, we’ll never know everything about it—there will always be new things to learn. And certainly

I’ll include the things that I learn into new editions of the book—but why wait for the next edition? I’d

rather get you at least some of that new information immediately!

So I’m extending the following offer to my readers. Visit my Web site at www.minasi.com and

register to receive my free Windows Networking newsletter. It covers everything from NT 4 to 2000

to XP to 2003 and even a little Linux. Every month that I can, I send you a short update on tips and

things that I’ve learned, as well as any significant errata that appear in the book (which I’m praying

don’t appear). It won’t be spam—as the saying goes, “Spammers must die!”—just a short heads-up

on whatever I’ve come across that’s new (to me) and interesting about NT, 2000, XP, or 2003. Past

newsletters have also included lengthy articles on DNS troubleshooting, Indexing Service, and IPSec,

so I think you’ll find it a worthwhile newsletter for the price.

Well, okay, about the spam part: there will be one bit of naked marketing—when the next edition

of the book comes out, I’ll announce it in the newsletter.

For Help and Suggestions: Check the Newsletter

and www.minasi.com/gethelp

As always, if I can help, I’m available on e-mail. Got a question the book didn’t answer? Visit my FAQ

page at www.minasi.com/gethelp and, if that doesn’t help, there are instructions on how to e-mail me.

I can’t promise that I’ll have the answer, but I’ll sure try! I’m often traveling, sometimes for weeks at a time,

and I don’t pick up e-mail when I’m on the road, so if I take a week or few to respond, don’t worry, I’ll

get back to you as soon as I can. It’s easiest to help with questions which are specific but brief—please

understand that I sometimes open my e-mail to find more than a hundred questions waiting for me!

In addition to offering help, I’d appreciate your help and feedback. Sybex and I have been able to

get a new edition of this book out roughly annually since NT Server first appeared in 1993. I don’t

know everything about Microsoft networking—I’m not certain anyone does—and through the years,

reader suggestions and “book bug reports” have been a tremendous source of assistance in making

the NT books better and better. (“Gasp! An error? In my book? No, say it isn’t so!”) Got a tip,

something you want to share with the world? Pass it along to me, and I’ll include it in the next edition

and acknowledge your contribution.

And by the way, to all of you reading this book: thank you so much, and I hope you enjoy our

coverage of Microsoft’s flagship networking platform!

Chapter 1

Windows Server 2003

Overview

If you lived through the change from NT 4 Server to Windows 2000 Server, then you might

be a bit gun-shy about Windows Server 2003; how much more will you have to learn, and how

hard will it be? If so, then I have good news: while Server 2003 offers a lot of new stuff, there’s not

nearly as much new stuff—if 2000 was a tsunami, 2003 is just a heavy storm. (If, however, you’re an

NT 4 guy getting ready to move to 2003, then yes, there’s a whole lot of new stuff to learn. But don’t

worry, this is the right book, and I’ll make it as easy as is possible!)

Clearly explaining what Server 2003 does is the job of the entire book, but in this chapter I’ll

give you a quick overview of what’s new. I’m mainly writing this chapter for those who already know

Windows 2000 Server and are looking for a quick overview of what’s new in 2003, so if you’re just

joining the Microsoft networking family then don’t worry if some of this doesn’t make sense. I

promise, in the rest of the book I’ll make it all clear.

Four Types of Server

Once, there was just one kind of NT Server. Under 3.1 it was called NT Advanced Server 3.1, which

confused people—was there a cheaper “basic” server available?—and so Microsoft just renamed it

NT Server 3.5 for its second outing, and it stayed that way through NT Server 3.51. But with NT 4

came a slightly more powerful (and expensive) version called Enterprise Edition, which offered a

different memory model and clustering but not much else, so not many chose it.

Pre-Server 2003 Varieties

Under Windows 2000, the basic server was just called Windows 2000 Server, and Enterprise became

Windows 2000 Advanced Server. It offered a bit more incentive to buy it than Enterprise had, but

not much; its most enticing feature was a new tool called Network Load Balancing Module, some￾thing that Microsoft had purchased and decided to deny to the buyers of basic Server. (But it’s now

shipped in the basic Server, thankfully.)

2 CHAPTER 1 WINDOWS SERVER 2003 OVERVIEW

Microsoft also started releasing a third version of Server called Datacenter Server, but you couldn’t

just go to the store and buy it—they only “OEMed” it, which means that they allowed vendors to

buy Datacenter and tune it very specifically for their particular hardware. The only way that you’re

going to get a copy of Datacenter is if you spend a whole lot of money on a high-end server computer,

and then you get Datacenter with it.

Should you feel left out because you can’t buy a copy of Datacenter 2000 and slap it on your

TurboClone3000 no-name Web server? Probably not. Yes, there are a few things that Datacenter 2000

can do that the others can’t: eight-computer clusters is the main one, but for most of us the loss

isn’t great. Unfortunately, that changes with Windows Server 2003.

Windows Server 2003 Flavors: Web Edition Makes Four

As you’d expect, Microsoft introduced a number of new features with Windows Server 2003 but didn’t

make them available in all of the versions. It also added a new low-cost version, Web Edition, and

reshuffled the features among the four versions. There are actually a whole pile of different versions

of Server 2003 if you include the 64-bit versions, the embedded versions, and so on, but the main

product grouping is the four “product editions”:

◆ Windows Server 2003, Standard Edition

◆ Windows Server 2003, Enterprise Edition

◆ Windows Server 2003, Datacenter Edition

◆ Windows Server 2003, Web Edition

I’m going to focus on Standard Edition in this book, but let’s take a very quick look at each edition.

“Regular Old Server” Gets a Name

For the first time since 1983, the basic variety of server has a name; it is now Windows Server 2003,

Standard Edition. (I suspect I may have to sue Microsoft for the extra carpal tunnel damage that I’m

getting writing this book—where I could once just say “NT 4,” now I’m typing half a sentence

just to identify the product.) In general, it has just about all of the features that it did back when it

didn’t have a name.

Standard Edition comes with a bunch of new features that are new to all of 2003’s editions, as

you’d expect, but it also comes with a bit of quite welcome news: Standard Edition includes Network

Load Balancing (NLB). NLB’s not new, as it was included in Windows 2000 Advanced Server, the

more expensive version of Windows 2000 Server. But where Microsoft once required you to buy

the pricier version of 2000 Server to get this very useful feature, it’s now included in all four editions

of Windows Server 2003. (You’ll learn how to set it up in Chapter 6.) But that’s not all that’s new

in Standard Edition—for instance, how does, “You finally get a complete e-mail server free in the

box” sound? But I’m getting ahead of myself.

Web Edition Debuts

The newest and fourth option for Server is Web Edition. The idea is that Microsoft really wants their

Web server, IIS, to completely crush, overtake, and overwhelm the competition: Apache and Sun Web

servers. So they ripped a bunch of things out of Server and offered it to hardware vendors as an

XP SUPPORT COMES TO SERVER 3

OEM-only copy of Windows Server 2003. It can only address 2GB of RAM (NT has always been

able to access 4 or more GB) and cannot

◆ Be a domain controller, although it can join a domain

◆ Support Macintosh clients, save as a Web server

◆ Be accessed remotely via Terminal Services, although it has Remote Desktop, like XP

◆ Provide Internet Connection Sharing or Net Bridging

◆ Be a DHCP or fax server

So it’s unlikely that you’ll actually see a copy of Web Edition, but if you do, then don’t imagine

that you’ll be able to build a whole network around it. As its name suggests, it’s pretty much intended

as a platform for cheap Web servers.

What You’re Missing: Enterprise and Datacenter Features

Back in the NT 4 days, Microsoft introduced a more expensive version of Server called NT 4 Server,

Enterprise Edition. It supported clusters and a larger memory model. When Windows 2000 Server came

around, Microsoft renamed it Windows 2000 Advanced Server. With Server 2003, Micro￾soft still offers this higher-end version of Server, but with yet another name change. Now it’s called

Windows Server 2003, Enterprise Edition. Yes, you read that right: once it was Enterprise

Edition, then it became Advanced Server, and now it’s back to Enterprise Edition. (Don’t shoot me,

I just report this stuff.)

Enterprise Edition still does clusters—four-PC clusters now. It also lets you boot a server from a

Storage Area Network (SAN), hot-install memory like Datacenter can, and run with four processors.

With Windows Server 2003, Microsoft has finally made me covetous of Datacenter. It has this

incredibly cool tool called Windows Resource Manager that basically lets you do the kind of system

management that you could do on the mainframe years and years ago. How’d you like to say to

your system, “Don’t let SQL Server ever use more than 50 percent of the CPU power or 70 percent

of the RAM?” WRM lets you do that, and it only ships with Datacenter. Datacenter also now

supports eight-PC clusters as well as hot-installing RAM—yup, that’s right, you just open the top of

the server while it is running and insert a new memory module, wait a second or two and poof! the system

now recognizes the new RAM, no reboot required.

XP Support Comes to Server

For the first time in a long time, Microsoft shipped NT in two parts, delivering NT Workstation

version 5.1—that is, Windows XP Professional and its sadly eviscerated sibling, XP Home—over

a year earlier than its NT Server counterpart, Windows Server 2003. I don’t think that Microsoft

originally intended for there to be a year and a half interregnum, but that unintended extra time let

Microsoft make Windows Server 2003 much more than “XP Server”—it’s NT Server version 5.2.

XP was a nice upgrade from 2000 Professional but not a great one, not a must-upgrade for

current Windows 2000 Professional systems, but a very attractive step up for those running NT 4 or

Windows 9x/Me on their desktops. Okay, I might have understated things a bit there—let’s go back

and italicize that “very.” And for people running—auggh—Wintendo (9x and Me) put that “very”