|
2.2. Choosing Windows ComponentsAn unwritten rule of system administration is to never install any components unless they are required. Although that might seem moronic at first, the point to take is that systems that operate only with the components required for their daily work are far easier to manage. There's less to go wrong, less to secure, and less to administer. Microsoft has embraced this maxim in a lukewarm sort of way by eliminating the ability to customize components (including adding them) at the time of a standard installation. You can add and remove Windows components only after installation is complete. (I'll cover ways around that limitation later in this chapter, but for now, note that you can't customize an installation while that installation is in progress.) However, even before you install the operating system, you should spend some time looking over the components to figure out which ones you need, using as a guide Table 2-1, which lists the components available for installation onto machines with Windows Server 2003 loaded.
Although actually installing Windows Server 2003 on your machines might be on the lighter side of your duties as an administrator, you still need to do some planning, about both the architecture and organization of the computer and of your company's network. This section will introduce you to the most common aspects of server installation, and how you can make the appropriate decisions. 2.2.1. Partitioning Disks and Allotting Disk SpaceYou have some options when it comes to slicing and dicing the disk space on a machine that will run Windows Server 2003. You can, of course, create a new partition on either a nonpartitioned portion of a disk or by deleting an existing partition to make room for a new one. You also can install Windows Server 2003 on an existing disk partition if there's enough free disk space. A single partition is the most common option for new Windows Server 2003 installations and is the simplest to use. However, some administrators like to create a separate partition, ranging from 4- to 5GB in size, to hold the operating system files, and then another partition for the remainder of the disks in the server to hold user or application data. Additionally, if you choose to run Active Directory, Microsoft recommends keeping the Windows Server 2003 operating system separate, by using either a different disk or a different partition, from the Active Directory database filesand during the Active Directory setup process, you can choose where to place the Active Directory files. Finally, many administrators also like to create a separate partition that contains only the "page" file, the area of disk used by Windows Server 2003 to swap in and out pages of memory depending on server load. In any case, segregating the operating system from data makes it easier to perform upgrades to the software and to apply security updates and service packs without worrying about how it might affect the integrity of user data stored on the machine. You also might want to create other partitions to use Remote Installation Services, covered later in this chapter. How much disk space? A general guide is that the partition that Windows Server 2003 resides on ought to be at least 1GB in size, and preferably larger. Most administrators also recommend that you keep the system files separate from user datafilesat the very least, user data should be on a separate partition, and even better, on a separate disk. Having separate partitions ensures user data security if the operating system ever becomes corrupted, whereas having separate disks affords that security as well as increased I/O performance because of less disk seeking. Along with partitioning comes the choice of filesystems. Windows Server 2003 supports three: NTFS, FAT, and FAT32. NTFS is the filesystem native to Windows NT-based operating systems, and it supports the full range of built-in security features, automatic file compression, disk space quotas, and file encryption. FAT and FAT32, although venerable standards that have a place in systems where legacy compatibility is crucial, do not offer NTFS security features and therefore should be used only if required. You can convert an existing FAT or FAT32 system to NTFS at a later time, but you cannot convert to either FAT filesystem from NTFS. Table 2-2 shows the comparative advantages and disadvantages of the three filesystems.
2.2.2. Assigning LicensesWindows Server 2003 offers two licensing options for clients, and each has specific advantages depending on the computing environment in which the OS will be installed:
Per-server licensing almost always is the better choice among the two options, for a couple of reasons. First, the Windows Licensing Service will take care of enforcing the number of licenses you tell it you have in per-server mode. So, if you have 25 CALs, and user 26 tries to access a file on your machine, Windows will reject the connection. This takes away a big headache of license enforcement, but be sure you have accurate information to tell the license service. After you configure the license service, Windows takes care of policing the connections for you automatically. Second, it's a better way of tracking how your employees use the network. Under per-seat licensing, you need a license for your vice president of finance's home computer because he sometimes checks email there at night. You'd also need a license for desktop, laptop, and PDA devices if any of them use a server resource. Per-server licensing eliminates the need to go overboard with license purchases, and it doesn't make you distinguish and prioritize between licenses. In some situations per-client licensing makes sense, however. If you have a lot of Windows servers, buying a client license for each workstation eliminates the need to license clients for each server. If you also use Terminal Services in application mode, you'll probably find that per-client licensing is less expensive. However, do keep in mind that if you're in doubt as to which licensing method to choose, pick per-server. Windows allows you to change once from per-server to per-seat licensing, but not from per-client to per-server licensing. Another issue also needs to be noted: as soon as you add a system running Windows Server 2003 to your network, you must purchase brand-new CALs to remain in compliance with the Windows Server 2003 license agreement. If you read Chapter 1, you'll be familiar with this requirement. That's really unfortunate from my point of view, mainly because traditionally, NT upgrades that require new licenses involve significant changes to the underlying operating system code, and in many opinions, Windows Server 2003 just doesn't offer enough change to justify that expense. But regardless of whether any of us agree with the license terms, by using Windows Server 2003, this is a necessary step. You can purchase CALs at any major vendor, including Computer Discount Warehouse (CDW) and PC Connection. You also can purchase CALs directly from Microsoft through an enterprise agreement. You can discuss how best to acquire licenses by speaking with a Microsoft licensing representative. They're more than happy to discuss options with you. 2.2.3. Joining Domains Versus Joining WorkgroupsLater, in the graphical portion of the installation process, you'll be asked whether you want to create or join an existing workgroup or make this machine a member of an existing domain. A workgroup is a decentralized collection of computers designed to facilitate resource sharing among a handful of computers. There is no common security database, and all user data is stored locally on each computer. A domain is a group of network resources delineated by the network administrator with a centralized and shared security database. Domains allow for a central logon and easier management of their member clients and servers. In Windows Server 2003, domains are administered as part of the Active Directory system. To join a new machine to a domain, that domain must already exist and a domain controller for that domain must be reachable by the new machine. |
|