- Important new features reduce the cost of running corporate networks, including Network Access Protection, Server Core, PowerShell and Read Only Domain Controllers
- Many existing components, such as IIS, Terminal Services and the file-sharing protocol have also had a thorough overhaul
- Many new features are not compatible with older Windows desktop and server systems
- Upgrades to existing servers will need careful planning
- More care is needed when purchasing Terminal Service Client Access Licences
- .NET framework and PowerShell are not available in Server Core configurations
- Training is required to make good use of the Server Core option
Launched on 27 February, Windows Server 2008 is designed to run on 32-bit and 64-bit processors from Intel and AMD, including multicore versions — many of which were unheard-of when Windows Server 2003 was first released.
Virtualisation is fast becoming a fixture in all IT operations, but is unfortunately missing from the launch version of Windows Server 2008. However, it will be integral to the new suite when Microsoft delivers its Hyper-V virtualisation hypervisor, which is due in August. A beta version of Hyper-V is currently included on the x64 version of the Windows Server 2008 installation media. US pricing for Windows Server 2008 ranges from $999 for the Standard edition up to $3,999 for the Enterprise edition.
As well as supporting the latest hardware technologies, Windows Server 2008 is easier to install and manage. In ZDNet UK's lab tests, we found that the installation process has been streamlined and it's now much quicker and easier to install a new server system. The installation utility asked for our country and licence number, and then a dialogue box offered full or Server Core versions of the Standard, Enterprise or Datacenter editions. Had we run the installation tool in an existing Windows Server 2003 system, the option to upgrade or make a clean install would also have been offered. After selecting the target disk partition, the installation tool proceeded to the end without stopping.
The Windows Server 2008 installation process has been streamlined.
Before we could log into our new servers, we needed to set a 'strong' password — that is, a password containing numbers and punctuation as well as letters. Once logged in, Windows presented the new Initial Configuration Tasks screen. This contains links to various utilities needed to handle the normal tasks of commissioning a new server, such as setting its time zone, assigning an IP address and changing its name. We needed to restart our server for the new name to take effect. There was also a link for configuring firewall settings, and we were pleased to see that the default firewall settings blocked most incoming connections — the exceptions were for things like router broadcasts. All outbound traffic was allowed.
The Initial Configuration Tasks screen provides links to the utilities required to set up your new server installation.
The old Windows Add or Remove Programs applet in Control Panel has been replaced by two new utilities. The Add Server Role wizard is used to add and configure complex applications, such as Active Directory (AD) and Network Policy and Access Services. There's also a new applet called Programs and Features that lists third-party software installed on the system. This has a link that launches Server Manager, which in turn can be used to launch the wizards to add or remove server roles and features.
We found 18 GUI-based server roles that could be installed using this new wizard. Eight of these roles could also be installed in Server Core systems, although in this case there's no graphical wizard. Similarly, the new Add Features wizard is used to add 35 simpler software components, such as a Telnet client and BitLocker Drive Encryption. There are links to start both these wizards on the Initial Configuration Tasks screen.
Manageability gets a big boost from the new PowerShell environment, which enables administrators to perform setup and administration tasks using scripts rather than via the Windows GUI. This will be a popular choice for tasks that must be scheduled or performed repeatedly on one or more servers: having written and tested a script, it can easily be deployed and executed on multiple systems. People familiar with Linux will see many similarities with the BASH scripts used to manage Linux systems; those more used to working with Windows and MS-DOS will see PowerShell scripts as a logical development from DOS batch files and Windows scripts.
Most Windows administrators will need some time and training in order to get the most from the new scripting options. Fortunately the graphical management tools have also been spruced up. Many now use the three-panel design seen in other Microsoft products, such as System Center 2007 and Virtual Machine Manager 2007. In particular, we like the new Server Manager utility, which allows you to inspect the server configuration and performance parameters, as well as make adjustments to the installed software.
Organisations running Active Directory Domain Controllers in remote offices will also benefit greatly from a new Read Only Domain Controller (RODC) option. As the name suggests, changes in the RODC's AD database are not replicated back to the datacentre DCs. In addition, by default no user or computer passwords are stored by the RODC, although we could select users and groups that would be cached by the RODC. The idea is to use RODC's in remote offices to reduce WAN traffic and improve security. For example, there would be no need to replace every password in the organisation should a remote-office DC be stolen or compromised.
We also found big changes in the Microsoft Internet Information Services 7.0 (IIS7) platform, which has been completely overhauled and is now much simpler to set up and manage. Although web administrators can still use the Windows GUI to set up web sites, a new site can be deployed simply by copying an XML file to the appropriate place on the server. Support for the open-source PHP server-side scripting language is now built in, and sites that don't need the .NET Framework — which includes PHP sites — can be hosted in Server Core systems.
Likewise, there are reliability benefits from the vastly improved clustering support — which now includes a new validation tool that checks the hardware setup — and a new setup wizard that reduces the number of steps needed to configure clustering on a server from 17 to 3. Other improvements meant we could create a cluster that had no single point of failure. Support for clustering in business continuity scenarios has also been improved: a new tuneable timeout parameter removes the 200km limit for members of a cluster, and clustered servers no longer have to be on the same IP subnet.
Other highlights include an overhaul to Terminal Services that makes it much easier to support remote clients and improves the way documents are printed on client systems. There's also a new Terminal Services Remote Application option to publish applications as well as complete Windows desktops, while the new Terminal Services Gateway eliminates the need for a VPN for remote clients. Using TS Gateway, clients can connect directly using HTTPS. For scalability and fault tolerance, a new TS Session Broker will help to balance TS sessions across between two and five servers. The broker decides where to place new sessions based on the number of active and disconnected sessions on each server in the TS farm.
Terminal Services Licensing has also finally been sorted out. Previously, per-client licensing was not enforced by the Terminal Services License Server. Consequently it was difficult for organisations to be sure they had purchased an adequate number of licenses. Now both the 'per user' and 'per device' client licence models are handled properly by the licence server. The downside to this is that IT departments must now specify which type of licence they require at the time of purchase, so they cannot easily convert one type of licence to another.
The new SMB2 file sharing protocol will be another popular enhancement for organisations with remote offices. Before Windows Server 2008, the Windows file-sharing protocol was notoriously slow when used over WAN links. So much so that many businesses had to invest in expensive alternative technologies to create a workable system. Although organisations will still want to protect SMB2 access using VPN connections, the updated protocol should make high-performance access to remote file servers much more affordable.
Although Windows Server 2008 is a great improvement, there are still a few areas that could be enhanced. In particular, it seems a pity that PowerShell and the .NET Framework are not available in Server Core systems. Microsoft says Server Core is an infrastructure platform, not an application server platform. Nevertheless we wouldn't be surprised to see the .NET Framework made available in a future version of Server Core. This would enable Server Core-based IIS systems to host many more web sites and be managed using PowerShell.
There are currently no specifications for this product.
There are currently no prices available for this product.