The Windows Server 2003 Network Architecture


The Windows Server 2003 network architecture extends the Active Directory schema present in Windows 2000 implementations to include several new features, along with a more integrated user interface for centralized administration over large and complex organizational implementations. Many of the interfaces appear similar to those in Windows Server 2000 with minor changes, as shown in Figure 2.1.

Figure 2.1. The Active Directory Users and Computers MMC snap-in showing the familiar organizational unit layout, along with the new capability to create stored search queries and items available through the Advanced Features view.

graphics/02fig01.gif

Many of the new Windows Server 2003 services also integrate more fully within the existing MMC snap-ins to centralize management over many tasks into a single interface. As shown in Figure 2.2, the installation of Microsoft's Exchange Server has added electronic mail “ related options into the Properties dialog box brought up within the Active Directory Users and Computers MMC snap-in.

Figure 2.2. The Properties dialog box for the Administrator account opened within the Active Directory Users and Computers MMC snap-in to show the addition of mail-related items caused by the installation of Microsoft's Exchange Server.

graphics/02fig02.gif

The organization and layout of the overall user interface is also very similar to users of both Windows 2000 Server and Microsoft's Windows XP products. Familiar MMC snap-in utilities are arranged within similar groupings, with an overall feel that is more like that of the Windows XP interface, as shown in Figure 2.3.

Figure 2.3. The user interface showing an XP-like layout that encapsulates familiar MMC snap-in utilities found also in Windows Server 2003.

graphics/02fig03.jpg

Improved Functionality

The functionality of the user interface has been expanded in Windows Server 2003 to improve efficiency and ease of use. To move a security principal (user, group , or organizational unit) within the Windows 2000 Server environment, it was necessary to first right-click on the object within the Active Directory Users and Computers MMC snap-in, select Move from the options within the drop-down menu, and finally to navigate to the desired destination.

In Windows Server 2003, this process can be performed using a drag-and-drop mechanism that's familiar to users of Microsoft's Office suite of products. By left-clicking on an object and holding the mouse button, an administrator can simply move the cursor over the new destination and release the button to complete the same process that previously required several steps.

Integration and Security

Windows Server 2003 is not only an updated version of Windows 2000 Server; it also includes features designed to allow more fluid integration with other operating systems and external functionality provided by many third-party vendors . One example of this is the inclusion of a new security principal type, the InetOrgPerson, which is used in migrating from or interfacing with other non-Microsoft LDAP and X.500 directory services.

Microsoft has improved the implementation of security options in many ways as well, starting with a more secure method of installation in which not every service possible is installed and activated by default. Each function a server is to implement must be enabled using the Manage Your Server Wizard, shown in Figure 2.4.

Figure 2.4. The Manage Your Server Wizard showing configured server roles for file server, application server, domain controller, and DNS server functionality.

graphics/02fig04.gif

Microsoft has also added administrator-configurable security settings to control user access using advanced authentication methods , such as biometric authentication and smart cards. Accounts can be trusted for service-access delegation through the use of the setspn utility provided in the Windows Support Tools, or can be restricted to prevent delegation, such as in the case of a Guest account. Windows Server 2003 includes support for the data encryption standard (DES) in many forms, as well as support for alternative implementations of the Kerberos protocol.



MCSA.MCSE Managing and Maintaining a Windows Server 2003 Environment Exam Cram 2
MCSA/MCSE Managing and Maintaining a Windows Server 2003 Environment Exam Cram 2 (Exam Cram 70-292)
ISBN: 0789730111
EAN: 2147483647
Year: 2006
Pages: 132

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net