Application Support and Certification on Windows Server 2003: Frequently Asked Questions

Certified for Windows is a logo program for Windows Server applications and is focused on enterprise issues: availability, reliability, security, and supportability. This is a third-party testing process conducted by VeriTest for Windows 2000 Server and Windows Server 2003 logos. Designed for Windows encompasses programs for software applications on Windows XP and hardware devices and systems for Windows XP or Windows Server. For client applications running on Windows XP, Designed for Windows employs a self-testing process focused on consumer fundamentals rather than enterprise issues.

You can download the final Windows Server 2003 Specification, which was published in 2003. There are no anticipated or scheduled changes for this document. See also the Windows Server 2003 Test Framework, published in 2003.

If an error is discovered in a test step, or a testing tool is improved, or clearer or more efficient testing methods are identified, the test framework is updated accordingly. Our goal is to make testing easier without compromising full and highly effective certification testing.

No. The majority of certified applications support multiple operating systems. Specifications focus on testing for reliability, security, availability, and supportability. These are the core requirements for deploying applications on Windows Server operating systems.

All applications, whether developed by Microsoft or a third party, must meet the specified requirements to obtain the logos.

No. You can choose to obtain one, two, or all three certification logos. However, Microsoft suggests that you consider qualifying for all three—including Windows 2000 Datacenter Server and Windows Server 2003 Datacenter Edition. Microsoft provides the maximum level of marketing benefits when you obtain all three certification logos, and certification at this level lets customers know that your application is rigorously tested for security, reliability, interoperability, and supportability and that your company is focused on those goals.

No. We expect that many ISVs will need to target both the Windows 2000 Server and Windows Server 2003 families for some time, so both certification programs will be available to meet the needs of ISVs.

To obtain the Windows 2000 Server certification logo, applications with kernel-mode components for hardware devices must have those components tested and signed by the Windows Hardware Quality Labs (WHQL). In addition, the kernel components will be tested using driver verifier while the application is run. For Datacenter Server, they will also be tested using DevCTL.

To qualify for the Windows Server 2003 certification, all kernel components included with the application must pass WHQL testing unless WHQL does not have a corresponding program for that type of component. WHQL testing and certification testing are separate programs that can be started in parallel, but if WHQL testing is required, it must be completed and the kernel components signed before the application can complete the certification process. For the Datacenter Edition logo, all kernel components that are included in applications are tested by VeriTest based on Datacenter Server driver test guidelines.

Note: Datacenter driver testing can be completed on individual drivers without testing the full application for all of the requirements of the logo program. In such case, a driver can be validated for original equipment manufacturer (OEM) use, but the application will not qualify for any logo.

To find out about the impact of specific technical issues, you can contact Microsoft or VeriTest as described on this site, or you can talk with other people who have pursued certification. To get a first-hand perspective on the certification process and its benefits, subscribe to the Windows Application Compatibility newsgroup (Public.microsoft.windows.app_compatibility under the Windows tab) and see if other companies have experiences they can share with you.

If updates are separate from the certified product, not shipped with the certified product, and are not presented in a way that might imply the updates have been certified, then you don't need to have them formally tested for certification. However, formal certification testing frequently finds significant reliablilty and security issues and adds another layer of protection for you and your customers.

Also, test reports for the updates that passed certification testing are listed on the VeriTest site, helping to provide greater visibility for a product and more confidence for customers.

Refer to the Participation Benefits Web page.

No. If the rebranded product is identical to the earlier product, it does not have to be retested for certification. However, ISVs must complete the following steps before using the Certified for Windows logo:

VeriTest may charge a nominal processing fee for costs associated with verifying product specifications. The same policy applies if an ISV changes its name.

You can send e-mail to cfw@veritest.com, and you can also contact VeriTest for information about pricing and the process for getting your applications tested. Your contacts at VeriTest are Kara McGhee-Gibson (425-468-1108) and Craig Bean (818-439-5857).

Yes. Pre-testing services are offered by VeriTest. For a list of VeriTest pre-certification services, send e-mail to cfw@veritest.com or see the VeriTest Pre-Certification Tests and Consultation Web site.

Yes. There are no requirements for server components related to writing to the registry at run time. This is a client-only requirement.

No, repartitioning of the processors is not acceptable. For the test on 32 processors, note the following:

From the standpoint of the Certified for Windows Server 2003 logo program, the source of the error is irrelevant. Any failure of a certification requirement is a certification failure of the application. To resolve the problem, the first option is always to avoid using the code that causes the issue. However, a better option may be to correct the issue in the code that causes the failure, and the Certified for Windows Server 2003 logo program is eager to work you to facilitate resolution of any issue that blocks an application from achieving certification.

The release of a service pack has no affect on previously granted certifications. When testing, VeriTest always applies the latest Windows Server service packs before they start, and the service pack version appears in the public test report. Microsoft extensively tests service packs before release to reduce the possibility of breaking existing applications—particularly certified applications. Applications do not have to be retested when a new service pack is released, but you are encouraged to perform your own testing. Microsoft provides beta versions of service packs to ISVs to make such testing possible.

Applications that include components that integrate with or run under IIS are typically called Web applications. For a Web application, consider the following:

The following types of files and data are acceptable to leave behind after an application is uninstalled:

Other special cases may apply. If you provide clear justification in your Readme file for why your customers benefit when certain files are left behind after uninstalling, doing so is usually acceptable—within reason. In every case, you must document the files in your Readme so that users will know which files they must address manually after an uninstallation process. Your Readme must also indicate why those files are left behind and whether they can safely be deleted.

Digital signing is required only for driver packages and client binaries (that is, binaries for installing or executing the client), and it does not apply to server components or purely administrative tools. Client components that are neither part of the server product nor packaged with the product, and for which no certification claims are made, also do not need to meet the digital signing requirement. It is acceptable for this signature to be either:

For nondriver binaries, the catalog option does not provide as many customer benefits, so embedding the certificate in each binary is the recommended way to sign.

The file associations requirement applies only to files being installed. Any file that is not being installed on a computer does not need the version, company, and product information, because neither of the two main two purposes of this file information applies: namely, allowing accurate updating of the file, and enabling tool-based and debugging-based evaluation of issues to identify company and product for potential issues. We strongly recommend that files being installed in an application's folder have full file information, but this is not required.

Note: Microsoft strongly recommends but does not require that you include the product name, company name, and file version when you install files in your application's own folder.

Requirement 3.4 has nothing to do with a user's desktop or any user interface displayed after a user has successfully logged on. "Secure desktop" refers to the user interface displayed by Windows before anyone has logged on and is also the interface displayed when a user presses Ctrl + Alt + Del. Very few applications ever display a user interface on the secure desktop. Those that do are typically security applications that modify how Windows authentication operates or system management applications that must run before any user has logged on to the computer. Requirement 3.4 applies only to applications that modify or add to this Windows secure desktop.

Certification testing is performed on computers with the following:

If an application requires special updates to non-Windows technology, or needs QFEs or updates that are not critical security updates, these requirements must be documented, and the application's installer must ensure that a computer has the needed updates.