Академический Документы
Профессиональный Документы
Культура Документы
This product is aimed at small businesses and departmental use within larger
organizations. Some common uses of Windows Server 2003, Standard Edition,
include:
Is the replacement product for Windows 2000 Advanced Server. This edition of Windows
Server 2003 is built to meet the general-purpose needs of businesses of all sizes, and
especially those that require a higher degree of availability and scalability.
Enterprise Edition provides full support for Active Directory, including the ability to
function as a domain controller
Windows Server 2003, Datacenter Edition
Datacenter Edition provides full support for Active Directory, including the ability to
function as a domain controller
■ 64-bit version supporting Intel Itanium platforms with up to 64 CPUs and 512 GB of
RAM Unlike the other editions of Windows Server 2003, the Datacenter Edition is always
preinstalled
Windows Server 2003, Web Edition
■ Windows Server 2003 supports upgrades from both Windows 2000 Server
and Windows NT Server 4.0 editions. For upgrades from Windows NT 4.0,
Service Pack 5 or later must be installed or the upgrade will not be possible.
■ The Hardware Compatibility List (HCL) provides a list of hardware that has
been tested and is known to work with editions of Windows Server 2003. All
hardware installed in a server should be on this list to ensure maximum
compatibility and, ultimately, availability.
at http://www.microsoft.com/whdc/hcl/default.mspx.
■ The Microsoft Windows Upgrade Advisor is a diagnostic tool that should be
run on a server prior to installing Windows Server 2003. The tool provides
information relating to any hardware or software compatibility issues that
might exist.
<cdrom>:\i386\winnt32 /checkupgradeonly
New Features in Windows Server 2003
The tool now provides the ability to select multiple objects simultaneously, and drag
and drop them to a new location such as a different container or organizational unit
(OU). By the same token, the common properties of multiple objects can also be
changed at once—
Active Directory Users And Computers now includes a new node named Saved
Queries
New Security Enhancements
Microsoft has ensured that the Windows Server 2003 platform is a step toward this
vision. Some ways in which Windows Server 2003 works toward providing better
security
This ensures that IIS is installed only on systems that actually require it and does not
unintentionally present a security risk on systems where it is not explicitly being used.
This approach helps to ensure that the upgrade does not present any initial security
risks, giving an administrator
features such as FrontPage Server Extensions, Active Server Pages, ASP.NET, the
Indexing Service, server-side includes (SSI), and Web Distributed Authoring and
Versioning (WebDAV) are disabled by default and must be individually enabled as
required.
Microsoft has introduced a new free tool known as Software Update Services (SUS).
This server-based software is used to distribute security patches and critical updates in
environments that include Windows 2000, Windows XP, and Windows Server 2003
systems.
New Administrative Tools and Utilities
Command-Line Tools
Windows Server 2003 Active Directory consists of both logical and physical
components. The logical components of Active Directory include domains,
trees, forests, and organizational units. The physical components of Active
Directory include sites and domain controllers.
Functional level The level to which a Windows Server 2003 domain or forest
is con-figured based on whether Windows 2000 or Windows NT 4.0 domain
controllers are still in use. The functional level of a domain or forest affects the
ability to use certain new Active Directory features in Windows Server 2003.
basic input/output system (BIOS) On PC-compatible computers, the set of
essential software routines that test hardware at startup, start the operating system,
and support the transfer of data among hardware devices. The BIOS is stored in
read-only memory (ROM) so that it can be executed when the computer is turned on.
domain In Active Directory, a collection of computer, user, and group objects defined
by the administrator. These objects share a common directory database, security
policies, and security relationships with other domains. In DNS, a domain is any tree
or subtree within the DNS namespace. Although the names for DNS domains often
correspond to Active Directory domains, DNS domains should not be confused with
Active Directory domains.
certification authority (CA) An entity responsible for establishing and vouching for
the authenticity of public keys belonging to subjects (usually users or computers) or
other certification authorities. Activities of a CA can include binding public keys to
distinguished names through signed certificates, managing certificate serial
numbers, and handling certificate revocation.
distinguished name (DN) A name that uniquely identified an object by using the relative
distinguished name for the object, plus the names of container objects and domains that
contain the object. The distinguished name identifies the object as well as its location in
a tree. Every object in Active Directory has a distinguished name. A typical distinguished
name might be: CN=MyName,CN=Users,DC=microsoft,DC=com. This identifies the
MyName user object in the microsoft.com domain.
Distributed File System (DFS) A service that allows system administrators to organize
distributed network shares into a logical namespace, enabling users to access files
without specifying their physical location and providing load sharing across network
shares.
dynamic-link library (DLL) A program module that contains executable code and data
that can be used by various programs. A program uses the DLL only when the program
is active, and the DLL is unloaded when the program closes.
File Transfer Protocol (FTP) An application layer TCP/IP protocol designed to per-form
file transfers and basic file management tasks on remote computers. FTP is a mainstay
of Internet communications. FTP is unique among TCP/IP protocols in that it uses two
simultaneous TCP connections. One, a control connection, remains open during the
entire life of the session between the FTP client and the FTP server. When the client
initiates a file transfer, a second connection is opened between the two computers to
carry the transferred data. This connection closes when the data transfer concludes.
flexible single master operations (FSMO) Active Directory operations that are not
permitted to occur at different places in the network at the same time.
File Replication Service (FRS) The service responsible for ensuring consistency of the
SYSVOL folder on domain controllers. FRS will replicate, or copy, any changes made to
a domain controller’s SYSVOL to all other domain controllers. FRS can also be used to
replicate folders in a Distributed File System (DFS).
fully qualified domain name (FQDN) An unambiguous DNS domain name that
indicates its location in the domain namespace with absolute certainty. Fully qualified
domain names differ from relative names in that they can be stated with a trailing period
(.)—for example, host.example.microsoft.com.—to qualify their position in relation to the
root of the name space.
globally unique identifier (GUID) A 128-bit number that is guaranteed to be unique.
GUIDs are assigned to objects when the objects are created. The GUID never changes,
even if you move or rename the object. Applications can store the GUID of an object and
use the GUID to retrieve that object regardless of its current distinguished name.
Group Policy Object (GPO) A collection of Group Policy settings. GPOs are essentially
the documents created by the Group Policy snap-in. GPOs are stored at the domain
level and affect users and computers contained in sites, domains, and organizational
units. In addition, each computer running Microsoft Windows Server 2003 has exactly
one group of settings stored locally, called the local GPO.
Group Policy The component within Active Directory that enables directory-based
change and configuration management of user and computer settings, including security
and user data. You use Group Policy to define configurations for groups of users and
computers. With Group Policy, you can specify policy settings for registry-based policies,
security, software installation, scripts, folder redirection, remote installation services, and
Internet Explorer maintenance.
Internet Information Services (IIS) Software services that support Web site creation,
configuration, and management, along with other Internet functions. Microsoft Internet
Information Services include Network News Transfer Protocol (NNTP), File Transfer
Protocol (FTP), and Simple Mail Transfer Protocol (SMTP).
Lightweight Directory Access Protocol (LDAP) The primary access protocol for
Active Directory. LDAP version 3 is defined by a set of Proposed Standard documents in
Internet Engineering Task Force (IETF) RFC 2251.
master boot record (MBR) The first sector on a hard disk where the computer gets its
startup information. The MBR contains the partition table for the computer and a small
program called the master boot code.
master file table (MFT) A special system file on an NTFS volume that consists of a
database describing every file and subdirectory on the volume.
Message Digest 5 (MD5) A 128-bit hashing scheme developed by RSA Security Inc.
and used by various Point-to-Point (PPP) vendors for encrypted authentication.
Remote Access Server (RAS) Any computer running Microsoft Windows Server 2003
that is configured to accept remote access connections.
Security Accounts Manager (SAM) A Windows service used during the logon process.
SAM maintains user account information, including the list of groups to which a user
belongs.
security identifier (SID) A unique number that identifies a user, group, or computer
account. Every account on the network is issued a unique SID when the account is first
created. Internal processes in Windows refer to an account’s SID rather than the
account’s user or group name.
Simple Network Management Protocol (SNMP) A network protocol
used to man-age TCP/IP networks. In Windows, the SNMP service is
used to provide status information about a host on a TCP/IP network.