Welcome to 

    mickyj.com

Windows Server 2008 (Standard)

Windows Server 2008 Requirements

My virtual server is running on a 1.6 Ghz Laptop with 1 Gb ram. The Virtual server is using 512 Mb ram.

What are the new things we get with Windows Server 2008?

Take a look at the short list here

Whilst I am only looking at this server from the eyes of someone in the small to medium business sector (I am less interested in DFS and AD replication), I feel I know a fair amount about servers and have used DFS and other enterprise solutions etc. My interest is in what is new and why Windows 2008 is worth putting on your servers. (If the above list (see the link) does not convince you then read on for other real world discoveries I have made).

Lets run through the installation and setup together.

Installation

The installation was very straight forward. The basic system images to your drive, It asks for the CD key, region and then asks you to change the Administrator password.

I opted to not use a CD key (trial mode) and then had to select the Standard version I wanted. (Just like Vista, everything is on the DVD disk. It depends on your CD key what is installed).

You do not get any options to partition the drive. This is due to the imaging technology used for the install. You will end up with one big partition with everything in it.  This is all the same as my experience with the Core installation. It leaves all the configuration until after the software is installed (Even the server name).

The system looks like Vista in best performance mode (Or what we called under Windows XP, Classic interface mode).

I am glad to see that unlike Vista, the Run and search areas are both in the start menu and I did not need to manually add the "run". I can see that the server feels a lot closer to SBS server as it has had the installation Wizards greatly enhanced and the monitoring capabilities are fantastic.

Initial configuration wizards

The first popup you are greeted with is a full screen configuration page, similar to the experience under SBS 2003, everything you need to start configuration is here, in one spot and with fantastic wizards. Well done Microsoft. It is a very concise list but full of great links and the right tools you need right at this moment.

Further digging

Looking at the server roles, the server comes as a hardened blank canvas. It is up to you to elect to install the items you need. The first item for me is the PowerShell.

Amongst the roles were the normal roles and some interesting additional roles.

SharePoint 3.0 is a role along with the familiar ones like faxing, IIS, Windows Deployment Services (What used to be called RIS), Domain controller and DNS. There are some new ones like the Network Policy and Access services role (A DMZ tool for untrusted machines local, remote, DHCP, VPN and other types of connections).

My first real look at the server was running the Active Directory Role wizard. This installed all the AD binaries but I still had to manually Dcpromo the server myself. Thankfully the server automatically took the DNS role saving me time.

One issue I had is that of IP addressing. I configured a Static IPv4 address but left the IPv6 address as Dynamic. The AD installed but I had a few warning messages about Dynamic addresses. As IPv6 is still new to me, I did not want to dive in and play with it.

It was great to see the AD wizard asked me if I want to install the AD for Windows 2000 Domains, Windows 2003 domains or Windows 2008 domains. There is comfort in compatibility.

The server is running .Net 3 and under the hood, smells like Vista. You can actually make the server more like Vista by adding the enhancement features but .... why would you. A server is meant to be mean and lean.

I noticed that under the "features" we can add a plethora of network protocols. Why QoD (Quote of the day) is still available beats me. Archie, Gopher and Finger are long time gone and QoD  is of the same heritage. The normal SMTP features are there and Services for Unix is built in (No longer just a download). Services for SAN's can be added as can Windows Recovery disks, Wins, Bitlocker, load balancing and Mutipath I/O (This is a fault tolerance and performance enhancement technique where there is more than one physical path between the CPU in a computer system and its mass storage devices through the buses, controllers, switches, and bridge devices connecting them).

The server smacks of Vista with the Calendar, mail and contacts tools.

The file system looks a little different. The recycler is replaced with $recycle.bin and the C:\Windows folder is now very lightweight. Apart from Notepad and regedit, there is very little in there.

I noticed that the same as the Core server, a lot of the folder structure was made up of Junctions. (Much like Vista and similar to Linux).

The server system uses the XPS printer (like Vista) and has many features I would debate do not belong on a server, ... but then again one day the Tablet, Pen and text to speech services might be needed on a server?

I have to debate why Card Space is on a server (Who in their right mind generally surfs from a server and needs to store this kind of data on a server?)

I like that the RDP settings give you the choices of security and compatibility.

By this time in this process I found the constant prompting to update my server with Automatic updates annoying to say the least.

The Help and support along with Defender are similar to Vista. I like the start menu direct links to the Administrators profile and the fact that the control panel comes up automatically in Classic view. It is almost like someone on the development team had used a real server before and knows what we need access to, but then someone has added features we will never actually use (like Microsoft marketplace ??).

The additional clocks, just like Vista, are very handy. Especially with servers linked over different time zones. I love the fact that someone thought about performance and the indexing is turned off by default. The default IE page goes to a html page telling you that the server is hardened. Much like the opening page on Windows Server 2003.

The control panel has now got icons for iSCSI and MPIO (I added the features). It looks fresh and clean but why do we still have the boring mouse cursers from NT4? I guess my debate that this is a server rules out any new fancy cursors.

The Sideshow as in Vista, is a cool idea. I would love a little sideshow LCD screen on the front of my server telling me important event notifications (Are you listening HP ?)

As this is the next generation of server, in line with Vista, then it is no surprise that the networking is the same as in Vista. It is good to see that Volume shadow copy is installed and on by default and offline files is turned off. (Again ... Why is this feature even on a server?) The power settings are set to Balanced, I am unsure why this is needed. I want my server always on and chugging away.

The settings for the notification area allow you to default the network cards to show. That is cool.

Terminal server now allows you to restrict users to 1 session. On my server the Terminal server is in RDP mode, up until I add the Terminal server role. It is great to see the resource kit/support tools "remote desktops" make it to the administration start menu.

Other news on Terminal server later in this document (When I have had a real play)

The Active Directory Domains and Trusts looks and feels like ISA 2004 with it's tool panes.

The Active Directory Sites and services looks about the same.

The Active directory Users and Computers looks similar but then again, I have not extended the Directory with Exchange. I noted the new NPS settings on the dialin tab for the users. I see in the environment for Terminal Services retains the link drives and printers and now default the session to a client PC. There is a new delegation wizard and when you create a new OU, you can protect it from accidental deletion. When you look in advanced mode, there is now an attribute editor for each object (Users, OU's etc). You can also setup password replication and the resultant set of polices wizard is easier to locate, straight from the OU. The group policies have moved out into their own tool in the administration tools menu.

Overall in the AD Users and Computer's, nothing is as revolutionary as Drag and Drop was from the AD in Windows Server 2000 to Windows Server 2003.

Using the new Policy editor, I can see new policy based Qos, a vast amount of folder redirections you can configure, a new printer deployment section and an All settings section.

The policies have been updated for the Vista Era (With settings for sideshow, tablet etc). The policies are now more granular and include more services like DFS. Both the user and computer policy sections have been reworked and there is to much new content to comment on here. you can even control tablet and pen functions.

ADSI edit has made it from the resource kit and support tools, into the main menu. I have only even used this once when I had to edit some Exchange 2000 RPC values but I saw it's power and I respect it.

Component services looks like it has the same new layout as the event viewer. It also includes direct node access to the event viewer.

The computer management has also had the "Vista makeover" but essentially remains unchanged.

ODBC ... well what can you do with this? It looks the same as before, just as it should.

DHCP now allows for IPv4 and IPv6 scopes.

DNS now adds conditional forwarders and IPv6. It also has listeners on the IPV6 network card. The root servers are still IPv4 for the moment.

The event viewer is the same layout as in Vista.

IIS, err ... WOW. It is way to complicated to list all the changes.  This is not the IIS we all knew and loved. It has compartmentalized everything and there is now so much more you can do. It looks dangerous for me so I stepped back out to review it again later. (To much of a shock for me).

SharePoint 3.0 is there on port 80 (http://servername) and it is a very sexy intranet indeed. It has it's recycle bin, search features (Without SQL), RSS and workflows. It is really cool.

iSCSI (Internet Small Computer System Interface) is there to talk to disks, tape units and other devices on other computers.

The local security policy looks much the same with the addition of firewall settings, software restriction policies and IP security policies.

MPIO is on the Administration tools menu but as I can't use Multipath I/O and I added this using the feature selection, then I am moving on.

Printer management. Now here is a fantastic tool. For me, this rivals the release of RWW in SBS 2003. It might be a life changer. A single point to control all printers, job failures and much more. It is very cool.

The reliability and performance monitor. This is also very cool. It looks like Task manager, works like perfmon and will make any frustrated IT administrator smile as he locates and solves bottlenecks with ease.

The security Configuration Wizard is there to further lock your system down.

The services applet looks about the same.

The Share and storage management is a new way to look at an old problem. It is a very cool way to manage all your shared folders and volumes. It also manages your disks and storage subsystems. It is has a very easy non cluttered interface. Brilliant.

The repair tool for SharePoint and technologies resets all the database, registry and file information for you. I am not sure why you would need this exposed on the start menu. Maybe people have had more trouble with SharePoint than I.

The storage explorer is for Fiber and iSCSI servers. (Maybe this was added when I installed some features)

The System configuration is the old Msconfig in new clothing.

The Task scheduler looks like the event viewer (With task panes) and has a complete rework. It now has a library of all tasks and looks very easy to use.

The Windows firewall with Advanced Security allows you to play with outgoing rules, incoming rules and has some serious monitoring tools.

Wins (I added this as a feature) looks the same. It even has the same boring icon. Hmm no further development there!

Windows Server backup (wbadmin.msc) is there to do your backups. No more Seagate backup or Veritas backup heritage here. This is a completely different beast to the original backup based on Backup Exec. You can backup to local drives or a network location (It must be shared with the right permissions allowing access and must be on an NTFS drive). It uses Volume Shadow copy to perform it's magic but the backup only seems to allow you to backup volumes and not granular? I need to look into that one more.

And ... there are lots of command line tools including PowerShell.

Server manager

Under the server manager you can see all current relevant information like your IP and server status. You can see the firewall and rules, installed features, multipath I/O (If you added the feature), and you can add further Rules and features.

In each of the roles, you can see relevant errors and tasks for each.

There is a section listing the features you have added and can add. It also has a group policy section here.

The "diagnostics" groups the usual tools you need (Event viewer, performance and devices) for diagnostics.

The configuration section allows access to tools, services, firewall and WMI.

Storage links into disks and backups.

Two things to look out for - Terminal services and Hyper-V

These items need their own discussion.

With Terminal services in 2008... there is now just so much of it and so much new bling to look at:

• Remote Desktop Connection Display

• Plug and Play Device Redirection for Media Players and Digital Cameras

• Microsoft Point of Service for .NET Device Redirection

• Single Sign-On for Terminal Services

• Terminal Server Installation

• Terminal Services Printing

• Terminal Services RemoteApp (TS RemoteApp)

• Terminal Services Web Access (TS Web Access)

• Terminal Services Licensing (TS Licensing)

• Terminal Services Gateway (TS Gateway)

• Terminal Services Session Broker (TS Session Broker)

• Terminal Services and Windows System Resource Manager

These items alone make your head spin. I have a few heavy users of Terminal services so this is a pet interest of mine. The capabilities of Terminal Services in Windows Server 2008 are far ahead of those in Windows Server 2003 9Although Server 2003 SP1 was great !).

One of the coolest features is RemoteApps. Previously, native Terminal Services could present only a desktop view of the terminal server. If you wanted to display individual applications, you'd need to create a custom RDP file that included a path to the application and its working directory. Anyone launching this RDP file would get only a single application, but it would still have the icon for the remote session (instead of for the application being run) and it was within a remote session frame. Windows Server 2008 now adds this new easier to use feature (or application publishing) to terminal servers. The application looks like it is on your PC. Too cool.

Ever used the application server options in RWW in SBS and wanted the facility in normal server (Besides using the TWseb tool). TSWA (Terminal Server Web Access) connects a terminal server and an IIS server to present applications in a browser, accessible via the intranet or on the Internet. All RemoteApps that the administrator has selected to be visible via TSWA display their icons in the browser window. The user must be authenticated to the Web site to see the application icons hence the security. When the user is authenticated on the terminal server it creates an RDP file with the settings appropriate to that user and terminal server, and the application launches. Again... cool.

Ever had those 90 day TS licenses that seem to always be temporary or the error "You can not connect" and you know it is a licensing issue? There are now new cool diagnostics and licensing tools. About time I say. I hate rebuilding TS licensing services. On top of this you can track the usage of licenses. Here is another nugget, in Windows Server 2008, you'll be able to revoke up to 20% of your per-device licenses at a time, returning them to the pool for allocation. This was a pain point in Windows server 2003. (Just as under 2003 server, all Temporary licences are 120 days)

All this and there is more. I might add to this list as time goes by. Obviously everyone wants to know about the Plug and Play Device Redirection for Media Players and Digital Cameras but I need to play with it before I can speak about it.

Lets instead speak about Hyper-V. Let me start by saying if you are offered the standard or Hyper-V version on a price list, take the Hyper-V version. It might not be common place now but it might soon be.

"Hyper-V provides a reliable virtualization platform that enables customers to virtualize their infrastructure and reduce costs."

No, it is not VMware, Virual PC or Virtual server renamed. Hyper-V has a thin microkernelized hypervisor architecture with minimal attack surface (Security comes first) and is available in a Server Core version. It has integrated management which you can use the supplied set of tools to manage both your physical local and virtual resources.

Check this quick list out