| About the CD-ROM | xvii |
| Acknowledgments | xix |
| PART I OVERVIEW | |
| 1 Product Family | 3 |
| Meet the Family | 3 |
| Standard Edition | 5 |
| Enterprise Edition | 8 |
| Datacenter Edition | 10 |
| Web Edition | 13 |
| Compare the Features | 14 |
| Check the Requirements | 17 |
| For More Information | 18 |
| 2 Business Evaluation | 19 |
| Windows Server 2003 Benefits | 19 |
| Dependability | 20 |
| Productivity | 22 |
| Connectivity | 24 |
| Best Economics | 26 |
| Upgrading from Windows NT Server | 26 |
| Upgrading from Windows 2000 Server | 30 |
| For More Information | 34 |
| PART II WHAT'S NEW! | |
| 3 Active Directory | 37 |
| Active Directory Basics | 37 |
| Directory Data Store | 38 |
| Active Directory and Security | 39 |
| Active Directory Schema | 39 |
| The Global Catalog | 42 |
| Finding Directory Information | 43 |
| Active Directory Replication | 43 |
| Active Directory Clients | 45 |
| Integration and Productivity | 46 |
| Managing Active Directory | 46 |
| More Productivity Features | 47 |
| Performance and Scalability | 48 |
| Branch Office Performance | 48 |
| More Performance Improvements | 49 |
| Administration and Configuration Management | 50 |
| New Setup Wizards | 50 |
| More Administrative Improvements | 51 |
| Group Policy Management | 55 |
| Managing Domains | 56 |
| More Group Policy Improvements | 56 |
| New Policy Settings | 57 |
| Security Enhancements | 59 |
| Forest Trust Management | 59 |
| More Security Enhancements | 60 |
| For More Information | 62 |
| 4 Management Services | 63 |
| Managing Configurations | 63 |
| Managing Security | 65 |
| Security Templates | 65 |
| Software Restriction Policies | 66 |
| Windows Update | 67 |
| Software Update Services | 68 |
| Improving IntelliMirror | 70 |
| Policy Management | 72 |
| User Data Management | 74 |
| User Settings Management | 76 |
| Software Management | 78 |
| Computer Setup Process | 81 |
| Using Command-Line Tools | 82 |
| Command Shell | 83 |
| Command-Line Tools | 83 |
| WMI Command Line | 87 |
| Understanding the Deployment Tools | 88 |
| Remote Installation | 89 |
| User State Migration | 89 |
| Windows Installer | 91 |
| Using Remote Administration | 92 |
| Third-Party Administration Tools | 93 |
| Remote Desktop for Administration | 93 |
| For More Information | 94 |
| 5 Security Services | 95 |
| Security Benefits | 96 |
| Authentication | 96 |
| Authentication Types | 97 |
| Internet Information Services Security | 97 |
| Interactive Logon | 98 |
| Network Authentication | 98 |
| Single Sign-On | 98 |
| Two-Factor Authentication | 98 |
| Object-Based Access Control | 99 |
| Access Control Concepts | 100 |
| Effective Permissions | 101 |
| User Rights | 102 |
| Object Auditing | 102 |
| Security Policy | 102 |
| Security Configuration Manager | 102 |
| Security Configuration and Analysis | 103 |
| Security Analysis | 103 |
| Security Configuration | 103 |
| Auditing | 103 |
| Establish a Strategy | 104 |
| Common Events to Be Audited | 104 |
| Implementing Auditing Policy | 104 |
| Active Directory and Security | 105 |
| Data Protection | 106 |
| Encrypting File System | 106 |
| Digital Signatures | 108 |
| CAPICOM | 108 |
| Network Data Protection | 109 |
| Internet Protocol Security | 109 |
| Routing and Remote Access | 110 |
| Internet Authentication Service | 110 |
| Public Key Infrastructure | 111 |
| Certificates | 112 |
| Certificate Services | 114 |
| Certificate Templates | 114 |
| Certificate Autoenrollment | 115 |
| Web Enrollment Pages | 115 |
| Smart Card Support | 115 |
| Public Key Policies | 115 |
| Trusts | 116 |
| Trust Direction | 116 |
| Trust Types | 116 |
| Trust Relationships | 117 |
| Forest Trusts | 118 |
| For More Information | 119 |
| 6 Communications | 121 |
| Easier Setup, Configuration, and Deployment | 121 |
| Network Diagnostics Features | 122 |
| Network Location Awareness | 123 |
| Wireless LAN Enhancements | 124 |
| Routing and Remote Access Service Enhancements | 126 |
| Connection Manager Enhancements | 131 |
| Internet Connectivity Improvements | 133 |
| Internet Connection Firewall | 133 |
| Network Connection Enhancements | 134 |
| More Network Access Options | 135 |
| Network Bridge | 135 |
| Remote Access Using Credential Manager Key Ring | 136 |
| All-User Remote Access Credential | 136 |
| Support for Internet Protocol over IEEE 1394 (IP/1394) | 136 |
| Changes to Protocols | 137 |
| TCP/IP Changes and Enhancements | 137 |
| IPv6 Protocol Stack | 140 |
| Kernel-Mode Processing of Web Traffic | 143 |
| Quality of Service Enhancements | 143 |
| Improved Network Device Support | 144 |
| Permanent Virtual Circuit Encapsulation | 144 |
| NDIS 5.1 and Remote NDIS | 145 |
| Improved Network Media Support | 146 |
| CardBus Wake on LAN | 146 |
| Device Driver Enhancements | 146 |
| Wake on LAN: Select Wake Event Improvements | 146 |
| IrCOMM Modem Driver for IrDA | 147 |
| New Network Services Support | 147 |
| TAPI 3.1 and TAPI Service Providers | 148 |
| Real Time Communication Client APIs | 149 |
| DHCP | 150 |
| DNS | 151 |
| WINS | 154 |
| IAS | 154 |
| IPSec | 162 |
| Additional New Features | 166 |
| Changes to the Winsock API | 166 |
| Windows Sockets Direct for System Area Networks | 167 |
| Removal of Legacy Networking Protocols | 167 |
| Removal of Obsolete RPC Protocols | 167 |
| Command-Line Tools | 168 |
| Strong Authentication for Services for Macintosh | 169 |
| For More Information | 170 |
| 7 Terminal Services | 171 |
| Terminal Services Benefits | 171 |
| Client Features | 172 |
| Improved User Interface | 172 |
| Client Resource Redirection Features | 174 |
| Client Deployment Options | 175 |
| New Server Features | 176 |
| Improved Server Management | 176 |
| Additional Management Features | 177 |
| Enhanced Security | 178 |
| For More Information | 180 |
| 8 Internet Information Services | 181 |
| Web Application Server Role | 181 |
| New Request Processing Architecture | 182 |
| HTTP.sys | 183 |
| WWW Service Administration | 184 |
| Worker Process Isolation Mode | 185 |
| Application Pools | 185 |
| Isolation Improvements | 186 |
| Improved Robustness | 187 |
| Worker Process Restarts | 190 |
| IIS 5.0 Isolation Mode | 190 |
| New Security Features | 191 |
| Locked-Down Server | 191 |
| Worker Process Identity | 193 |
| IIS Runs as NetworkService | 193 |
| Improvements to SSL | 193 |
| Passport Integration | 194 |
| URL Authorization | 194 |
| Delegated Authentication | 195 |
| New Manageability Features | 196 |
| XML Metabase | 196 |
| IIS WMI Provider | 199 |
| Command-Line Administration | 199 |
| Web-Based Administration | 200 |
| New Performance Features | 200 |
| New Kernel-Mode Driver | 201 |
| Caching Policy | 202 |
| Web Gardens | 202 |
| ASP Template Cache | 202 |
| Large-Memory Support | 203 |
| Site Scalability | 203 |
| New Programmatic Features | 204 |
| ASP.NET | 204 |
| ExecuteURL | 204 |
| Global Interceptors | 205 |
| VectorSend | 205 |
| Caching of Dynamic Content | 206 |
| ReportUnhealthy | 206 |
| Custom Errors | 206 |
| Unicode ISAPI | 207 |
| COM+ Services in ASP | 207 |
| Platform Improvements | 208 |
| 64-Bit Support | 208 |
| IPv6.0 Support | 208 |
| Granular Compression | 208 |
| Quality of Service | 208 |
| Logging Improvements | 209 |
| File Transfer Protocol | 209 |
| Improved Patch Management | 210 |
| For More Information | 211 |
| 9 Application Services | 213 |
| Simplified Integration and Interoperability | 213 |
| Improved Developer Productivity | 214 |
| Increased Enterprise Efficiency | 216 |
| Improved Scalability and Reliability | 217 |
| Efficient Deployment and Management | 217 |
| End-to-End Security | 218 |
| For More Information | 218 |
| 10 Windows Media Services | 219 |
| Fast Streaming | 220 |
| Fast Start | 220 |
| Fast Cache | 220 |
| Fast Recovery | 221 |
| Fast Reconnect | 221 |
| Dynamic Content Delivery | 222 |
| Server-Side Playlists | 222 |
| Advertisements | 223 |
| Edge Delivery | 223 |
| Industrial Strength | 224 |
| Extensible Platform | 225 |
| For More Information | 225 |
| 11 File Services | 227 |
| File Service Benefits | 228 |
| New File Service Features | 228 |
| Improved File System Infrastructure | 230 |
| Virtual Disk Service | 231 |
| Volume Shadow Copy Service | 232 |
| Distributed File System | 233 |
| Other File Serving Improvements | 235 |
| Enhanced End User Experience | 235 |
| Shadow Copy Restore | 235 |
| Improvements to Offline Files | 235 |
| WebDAV Redirector | 236 |
| Lower Total Cost of Ownership | 236 |
| Better Utilities Improve Availability | 238 |
| For More Information | 239 |
| 12 Print Services | 241 |
| Print Services Benefits | 241 |
| Print Services Improvements | 242 |
| Print Services Manageability | 244 |
| For More Information | 246 |
| 13 Clustering Services | 247 |
| Clustering Overview | 248 |
| Microsoft Cluster Technologies | 248 |
| Protection Against Downtime | 249 |
| Purposes and Requirements | 249 |
| Windows Clustering | 250 |
| General Improvements | 250 |
| Installation | 252 |
| Resources | 255 |
| Network Enhancements | 256 |
| Storage | 257 |
| Operations | 259 |
| Supporting and Troubleshooting | 261 |
| Network Load Balancing: New Features | 262 |
| Network Load Balancing Manager | 263 |
| Virtual Clusters | 263 |
| Multi-NIC Support | 264 |
| Bidirectional Affinity | 264 |
| Limiting Switch Flooding Using IGMP Support | 265 |
| Server Cluster Architecture | 266 |
| Shared-Nothing Cluster | 266 |
| Local Storage Devices and Media Connections | 266 |
| Virtual Servers | 268 |
| Resources | 270 |
| Resources and Dependencies | 271 |
| Failover Policies | 273 |
| Preferred Node List | 279 |
| Network Load Balancing Architecture | 280 |
| How Network Load Balancing Works | 280 |
| Managing Application State | 281 |
| Detailed Architecture | 282 |
| Distribution of Cluster Traffic | 284 |
| Load Balancing Algorithm | 286 |
| Convergence | 289 |
| Remote Control | 290 |
| For More Information | 291 |
| 14 Multilingual Support | 293 |
| Global Business Challenges | 294 |
| Enabling a Multinational Enterprise | 296 |
| Multilingual User Interface | 296 |
| Options for Multinational Enterprises | 296 |
| Multinational Improvements | 297 |
| Multilingual User Interface | 298 |
| Supported Software and Platforms | 299 |
| What the MUI Can Do for You | 300 |
| Deploying a Multilingual Enterprise | 301 |
| Configuring Server Platforms | 302 |
| Configuring Desktops | 303 |
| Considerations for Multilingual Applications | 304 |
| For More Information | 305 |
| PART III GETTING STARTED | |
| 15 Deploying Windows Server 2003 | 309 |
| Upgrades Compared with New Installations | 309 |
| Upgrade Considerations | 310 |
| New Installation Considerations | 310 |
| System Requirements | 311 |
| Hardware Compatibility | 313 |
| Running a Preinstallation Compatibility Check | 313 |
| Checking Drivers and System BIOS | 313 |
| Inventorying Non-Plug and Play Devices | 314 |
| Mass Storage Drivers and the Setup Process | 316 |
| Using a Custom Hardware Abstraction Layer File | 316 |
| Understanding the ACPI BIOS for an x86-Based Computer | 316 |
| Using Dynamic Update for Updated Drivers | 317 |
| Important Files to Review | 318 |
| Decisions to Make for a New Installation | 318 |
| Choosing a Licensing Mode | 319 |
| Installing Multiple Operating Systems | 321 |
| Reasons to Install Only One Operating System | 323 |
| Requirements for Installing Multiple Operating Systems | 324 |
| File System Compatibility | 326 |
| Multibooting with Windows NT 4.0 | 327 |
| Encrypting File System | 327 |
| Choosing a File System | 328 |
| Reformatting or Converting to NTFS | 329 |
| NTFS Compared with FAT and FAT32 | 330 |
| Understanding NTFS | 332 |
| Planning Disk Partitions | 332 |
| Remote Installation Services | 334 |
| Options When Partitioning a Disk | 335 |
| Working with Dynamic Disks | 335 |
| Working with Volumes, Mirrors, and Stripes | 336 |
| Types of Multidisk Volumes on Dynamic Disks | 337 |
| Configuring Networking | 337 |
| IP Addresses | 338 |
| Name Resolution | 339 |
| Planning for Your Servers | 340 |
| For More Information | 341 |
| 16 Upgrading from Windows NT 4.0 Server | 343 |
| Upgrade Paths | 344 |
| Verifying System Requirements | 346 |
| System Requirements | 347 |
| Disk Space Considerations | 347 |
| Hardware Compatibility | 347 |
| Service Pack 5 or Later | 348 |
| Compatibility Resources | 348 |
| Choosing to Upgrade or Refresh | 348 |
| Reasons to Upgrade | 349 |
| Reasons to Perform a Clean Installation | 349 |
| Understanding Server Roles | 350 |
| Member Servers | 350 |
| Domain Controllers | 351 |
| Stand-Alone Servers | 351 |
| Active Directory Considerations | 352 |
| New Features for Active Directory | 353 |
| Compatibility with Windows NT 4.0 | 355 |
| Upgrading from a Windows NT Domain | 356 |
| Planning and Implementing a Namespace and DNS Infrastructure | 357 |
| Determining Forest Functionality | 359 |
| Upgrading the Windows NT 4.0 or Earlier Primary Domain Controller | 359 |
| Upgrading Any Remaining Backup Domain Controllers | 360 |
| Converting Groups | 361 |
| Converting Groups and Microsoft Exchange | 362 |
| Using Converted Groups with Servers Running Windows Server 2003 | 362 |
| Installing Active Directory Client Software on Older Client Computers | 363 |
| Raising Domain Functional Levels | 364 |
| Raising Forest Functional Levels | 365 |
| Domain Controllers | 366 |
| Working with Remote Installation Services | 367 |
| Deployment Resources | 368 |
| Renaming Domain Controllers | 368 |
| Working with Domain Trust | 369 |
| Trust Protocols | 369 |
| Trusted Domain Objects | 369 |
| Nontransitive Trust and Windows NT 4.0 | 369 |
| External Trust and Windows NT 4.0 | 370 |
| How Some Windows NT Tasks Are Performed in Windows Server 2003 | 371 |
| Support for Existing Applications | 372 |
| Best Practices for Active Directory | 373 |
| Application Compatibility | 375 |
| For More Information | 376 |
| 17 Upgrading from Windows 2000 Server | 377 |
| Getting Ready to Upgrade | 378 |
| Active Directory Preparation Tool | 378 |
| Application Directory Partitions | 379 |
| Supported Upgrade Paths | 380 |
| Hardware Requirements | 381 |
| Test Tools and Logs | 382 |
| Running the Upgrade Process | 383 |
| Install Active Directory on a Member Server | 383 |
| Upgrade the First Domain | 384 |
| Upgrade the Remaining Domains | 384 |
| Completing Postupgrade Tasks | 385 |
| Raise Forest and Domain Functional Levels | 385 |
| Use DNS Application Directory Partitions | 386 |
| For More Information | 386 |
| 18 Testing for Application Compatibility | 387 |
| Collecting an Application Inventory | 388 |
| Collecting Information | 389 |
| Reporting Information | 390 |
| Testing for Compatibility | 391 |
| Gathering Information About Applications | 393 |
| Using Compatibility Administrator | 394 |
| Creating Compatibility Fixes | 395 |
| Understanding the Application Compatibility Process | 396 |
| Creating Compatibility Fixes | 398 |
| Distributing Compatibility Fixes | 399 |
| Local Installation | 399 |
| Remote Installation | 400 |
| Compatibility Testing During Development | 400 |
| Using Application Verifier | 401 |
| Testing for Logo Compliance | 403 |
| Application Compatibility Checklist | 404 |
| For More Information | 408 |
| INDEX | 409 |
