What's New in Windows 2003 R2

  • Article

There are lots of blockbuster technologies in R2—the documentation lists 16 distinct feature sets—but these technologies build on Windows. They don't fundamentally alter the nature of Windows itself or introduce dramatic new ways to architect or administer your systems.

The new items in R2 are incorporated into the Windows Components section of Add/Remove Programs, layering onto what Windows 2003 SP1 already added. The R2 portion of Setup also makes changes to the Active Directory schema when installed on a domain controller.

The new components in R2 don't form an integrated package. R2 isn't a novel you read from beginning to end. It's more like a magazine where you read articles you find interesting. Let's take a look at some of R2's components and capabilities that you may find interesting and useful.

Distributed File System Upgrades
The Distributed File System (DFS) lets you build virtual volumes that link share points from different servers into a single, cohesive structure that users can browse without concern for the names or locations of the host servers. R2 sports a new DFS management console (see Figure 1) that greatly simplifies setting up enterprise-strength DFS volumes.

Figure 1. The improved DFS Management console in R2.
Figure 1. The improved DFS Management console in R2 simplifies configuration of large DFS volumes. (Click image to view larger version.)

The big news, though, is the new handling for DFS links that targets shares on multiple servers. This feature ushers users who touch a virtual folder represented by a DFS link to the replica in their site or the closest upstream site.

Unfortunately, the replication engine that Windows 2000 Server DFS uses to keep the content behind a DFS link with multiple targets in sync—the NT File Replication Service (NTFRS)—simply doesn't have the horsepower to handle large files or large numbers of files. Worse yet, when stressed, NTFRS can fail catastrophically. This often forces a complete rebuild of all replicas.

R2 has a completely new DFS replication engine that handles huge files and huge numbers of files with great aplomb. You can use the new engine to maintain real-time replicas of large data volumes in a central location, which not only makes multiple-targeted DFS links a practical reality, it also makes it simpler to set up a low-cost data recovery center.

If you have file servers in branch offices and you've been looking for a cost-effective way to replicate those volumes to central headquarters for redundancy, check out DFSR.

Print Management
I'm not sure if assigning an administrator to oversee print servers officially qualifies as cruel and unusual punishment under the terms of the Geneva Convention, but it certainly isn't a job that most folks are eager to tackle. The new Print Management Console (PMC) in R2 won't put gold trim around the Printer Administrator cubicle, but it sure will ease the pain of having that position.

As shown in Figure 2, the PMC provides centralized control of all Windows print servers (Win2K and Windows 2003), all the printers serviced by those servers and the print queues represented by those printers.

Figure 2. The R2 Print Management Console.
Figure 2. The R2 Print Management Console makes it much easier to manage printers on multiple servers. (Click image to view larger version.)

If you cringe at the thought of sifting through hundreds and hundreds of printers in a GUI interface, you'll really like the folder filters in the PMC. You can sort your printers into various categories based on name, location, number of jobs in the queue and so on. The PMC also has an automated detection feature that you can use to locate all the network print servers in a subnet and automatically add them to the console as managed printers.

Not only can you see every single printer and its queued jobs, the PMC also has a handy little window for accessing the Web interface of network print servers. This doesn't quite replace a vendor's proprietary management interface, but it sure beats juggling three or four different interfaces in a large, mixed environment of network print servers. The PMC is a superior innovation. In short order, you'll wonder how you ever managed distributed Windows printers without it.

Storage Resource Manager
Microsoft introduced quota management in Win2K, but it was a thin effort. Several vendors leapt into the breach to deliver functional storage resource management (SRM) solutions. In R2, Microsoft has licensed and built-in SRM tools from Veritas.

SRM in R2 significantly improves the on-board quota handling in the operating system. You can also layer R2 onto Network Attached Storage (NAS) devices if they're based on Windows Storage Server 2003. So with vendor approval, you can get quota management on your existing NAS devices.

Unlike Win2K quotas, which you could only apply at the volume level and which relied solely on file ownership to determine disk utilization, quotas in R2 SRM can be assigned to individual folders or sets of folders (see Figure 3) and will limit folder size regardless of who created the files.

Figure 3. The Storage Resource Manager.
Figure 3. The Storage Resource Manager lets you assign quotas to user home directories. (Click image to view larger version.)

There's even an AutoQuota feature that's particularly useful for putting limits on user home directories. By applying AutoQuotas to the top folder above the user home folders, you can limit the content of each user folder to a specific maximum, with intermediate settings for e-mail scoldings and administrative notifications.

SRM also comes with a nifty file screening utility with which you can block storage of all sorts of non-business files. The feature relies on file extensions, not content analysis, so it won't stop a crafty user from stashing piles of music videos and ripped DVDs, but it's a step in the right direction.

Finally, SRM has quite a few handy report formats that simplify quota administration. You can get usage statistics by file size, owner, least recently used files, duplicate files and more. SRM can generate reports automatically every night so you can come to morning meetings armed with enough paper printouts to keep even the most detail-oriented manager happy.

Storage Management for SANs
Unrelated to SRM, the Storage Management for SANs component in R2 lets you use a single MMC console for managing a variety of SAN devices. You can create, extend, assign and un-assign logical unit numbers (LUNs), manage iSCSI target devices, and get a view of storage subsystems and the drives in those subsystems. This feature requires the SAN device to support Virtual Disk Services (VDS) in Windows 2003. Your vendor should have details.

Hardware Management
While we're on the subject of consolidating the management of diverse technologies, R2 includes plumbing to support a broad-based computer management initiative called the Intelligent Platform Management Interface (IPMI).

In essence, IPMI uses a separate processor on the motherboard—the Baseboard Management Controller (BMC)—to constantly take measurements and assess system operation. Because the BMC is a separate processor, it doesn't rely on the availability of an operating system to take action. Also, BMC can handle IPMI commands arriving at the Ethernet controller directly, giving you the benefit of out-of-band management to do remote diagnostics and system restarts.

The Hardware Management component in R2 exposes IPMI as a set of Windows Management Instrumentation (WMI) classes. But it goes one step further. WMI can be a bit, um, temperamental to implement on remote servers, especially in a diverse environment, so R2 includes an implementation of WS-Management Web services that define a set of routines for accessing the BMC both while the OS isfunctioning and if it's unavailable.

If all this mucking about with Web services and alternate motherboard processors seems a little too abstruse to be truly useful for system administration, let me reassure you: This technology will eventually become the underpinnings of distributed system management. It's well worth your time to do the research and experiment with any tools that become available.

Active Directory Federation Services
Speaking of Web services, R2 includes an implementation of another potentially revolutionary-enabling technology called WS-Federation. Space prohibits going into even a fraction of the details of this feature in this column, but here's the bottom line: If your company engages in Web-enabled transactions with business partners or customers and those transactions require that you create and maintain identity information for outside users, then you absolutely should be looking at ways to implement WS-Federation.

Unix/Linux Interoperability
R2 also comes with three components designed to simplify Unix/Linux interoperability by letting a Windows system pretend to be a *nix system by donning a variety of masks:

  • Identity Management for Unix (IdMU) lets an AD domain controller pretend to be a Network Information Service (NIS) server for purposes of authentication and authorization (see Figure 4, below).
  • Microsoft Services for Network File System (MSNFS) lets Unix/Linux clients use NFS to mount shared folders on Windows servers. This eliminates the need for configuring Samba and makes file storage more seamless in a distributed environment.
  • Subsystem for Unix-based Applications (SUA) lets you compile and run the source code for a Unix/Linux application natively on a Windows machine without an intervening emulator.
Figure 4. Identity Management for Unix.
Figure 4. Identity Management for Unix lets an AD domain controller pretend to be a Unix server for authorization purposes. (Click image to view larger version.)

All these features are present in Services for Unix, but their capabilities have been enhanced, the interfaces simplified and the underlying system changes brought in line with commonly accepted industry practices.

General Upgrades and Enhancements
For the most part, the remaining components of R2 are upgrades to existing technologies. For example, many of the tools in the R2 components use the Microsoft Management Console version 2.1's great new features. One of these new features is a field at the far right of the console for displaying the content of property menus so you don't have to right-click your way through an unfamiliar interface. Sweet.

You'll also find several improvements to Active Directory Application Mode (ADAM), the underrated but highly useful younger sibling of AD. You may encounter one or more applications that make use of ADAM to store directory service information that would otherwise require a schema modification to implement directly in AD.

If you're a fan of SharePoint, you'll like that R2 includes Service Pack 2 (SP2) of Windows SharePoint Services, which incorporates a variety of fixes and updated plumbing plus a new Central Administration Website. If you prefer your clients a bit chubbier than those provided by SharePoint, R2 also includes version 2.0 of the Microsoft .NET Framework.

How To Get R2
R2 is packaged as a second disk that accompanies a primary disk containing Windows 2003 SP1. Once released, R2 will replace Windows 2003 SP1 in the retail channel, meaning that if you buy new server software, it will include the R2 disk, even if you have no need for the new R2 features.

If you're a Software Assurance or Premier customer, you already own R2 so you might as well take advantage of its new components. If you're a retail or volume license customer, there are no Client Access License (CAL) upgrade requirements, but there is an upgrade cost.

The R2 Customer Preview Program beta is available for download here. Be sure to let me know what you like and don't like

Article complet sur https://redmondmag.com/columns/article.asp?EditorialsID=1008