Windows 2003: Active Directory Administration Essentials - 01 Mar 2006

Whether you're an expert with Windows 2000 and Active Directory, an NT administrator who's read all the trade journals and maybe has a Windows 2000 test lab, or you're new to Active Directory, this book is for you. Windows Server 2003 brings a lot that's new and improved to the table -- and this book delves into those new features. Additionally, the author touches on key topics that many Windows texts fail to mention, including Active Directory backup and recovery. This book is especially different from other Windows Server 2003 books, because it's based on the actual product rather than beta code that might contain outdated technology and ancient screenshots. Given this approach, you know you're not missing out on "late-breaking" technological changes that might have occurred between betas or release candidates.

Windows Server 2003 (Windows 2003) -- Microsoft's latest enterprise OS -- contains many critical enhancements that really make it worth the upgrade. The enhancements are especially important in the areas of security and manageability.

Windows 2003 is Microsoft's first OS to contain traces of the big security push Microsoft started in 2001. By default, Windows 2003 is locked down much more than Windows 2000 is -- right out of the box. Windows 2003 has built-in functionality to keep the OS current with the latest security patches, enhanced error reporting capabilities, and a brand new forest trust relationship type that helps companies maintain secure relationships, while sharing resources.

One fundamental change in Windows 2003 is Internet Information Services (IIS) 6.0. IIS has been completely re-architected and contains many important new features. The major driver behind this architectural effort was to create support for efficient Web application isolation. In IIS 6.0, Web applications can be configured separately and can run in their proper workspaces. Most importantly, the IIS is now locked down by default.

In the management space, Windows 2003 provides new deployment and configuration tools. An excellent example is the Group Policy Management Console (GPMC) that greatly enhances enterprise GPO management and delegation. When it comes to backup and restore, Windows 2003 really shines -- with the enhanced Recovery Console, and new features like Emergency Management Services (EMS) and Advanced System Recovery (ASR.)

The changes Windows administrators will appreciate most are the enhancements Microsoft included for the day-to-day management of the platform. These include simple changes in the GUI, such as the ability to save queries, drag and drop, and select multiple objects from the MMC-based management tools. Windows 2003 also ships with numerous new tools -- both in the server installation, the support tools, and the Resource Kit. New tools that you will certainly appreciate are the new series of "DS" tools, including dsadd, dsquery, dsmove, and dsget.

In addition, Windows 2003 Active Directory (AD) has been enhanced in many ways. To name a few of the new key features: AD now supports Global Catalog-less logon, link-state value replication, and the capability to promote from media. Also, Microsoft included several optimizations to AD's core networking service, the Domain Name System (DNS). These optimizations include the quick DNS health check, the advent of new stub zones, and conditional forwarding.

Jeremy Moskowitz, author of Windows 2003: Active Directory Administration Essentials, has considerable experience in the deployment of enterprise-wide Windows networks. In this eBook, Jeremy guides you through the critical changes in Windows 2003 -- many of which I introduced above. Jeremy explains the changes pragmatically, pointing out the caveats and pitfalls while illustrating the real value of this new Microsoft OS for today's enterprises.

-- Jan De Clercq

Jan De Clercq, a regular contributor to Windows & .NET Magazine, is a consultant in the Technology Leadership Group at Hewlett-Packard and focuses on security in Microsoft products.