Windows Server 2008 - New Active Directory FeaturesWindows Server 2008 Active Directory Directory Services

New developments for Active Directory in Windows Server 2008, include a Read-only domain controller (RODC), reducing domain controller reboots, and separating the domain administrator from the local machine administrator accounts.
Windows Server 2008 Active Directory Topics

    The Five Active Directory Roles
    How to Install an Active Directory Role
    Read-only Domain Controller (RODC)
    Re-startable AD
    STS (Security Token Service)
    DC (Domain Controller) / Domain Admin Separation

The Five Active Directory Roles

While 'Role' is normally such an insignificant word, in Windows Server 2008 Microsoft has elevated 'Role' to the status of a keyword.  The most important association for the word 'Role' is to invoke the correct installation wizard, who then installs all the necessary sub-components associated with that role.

1) AD DS - Active Directory, Directory Services.

This is the main Active Directory database for user and computer objects.  AD DS is a descendant of Active Directory in Windows 2000 --> 2003 --> 2008.  Remember the two sides of AD DS, the physical data store and the logical, forest, domains, OUs and sites.

2) AD CS - The Certificate Services (CS) specializes in managing digital certificates (PKI).  Security is the key, the idea is to protect data in these scenarios: S/Mime for email, SSL for websites, smartcard logon via VPN and for encrypting files (EFS).  Naturally, integrates with the above AD DS.

3) AD RMS - Rights Management Solution.  Can be used to protect documents sent in emails.  Users must first have an AD DS account.  Services using RMS must also be registered in Active Directory.

4) AD FS - Federation Services

Federation manages trust relationships between different organizations.  Also provides single sign on for web based applications, for example, online retailers.

5) AD LDS - Active Directory Lightweight Directory Services

This is like the ADAM (Active Directory Application Mode) service of Windows Server 2003.  Only use AD LDS for applications that cannot use the regular AD DS, for example where there are security worries, or you just need to test LDAP features.  Unlike the other roles, AD LDS is an alternative to the main Active Directory and not an extension.

Windows Server Catalog (Hardware Compatibility List)Windows Server 2008 SP1

Two minutes of checking your hardware against the WSC (Windows Server Catalog), will save you a lifetime of grief dealing with incompatibilities.  Because server hardware is relatively cheap, if you are installing Server 2008 on a production server, don't coble something together.  It's just not worth risking nearly-incompatible kit, sooner or later the mismatched component will come back and bite you.

The best answer is treat yourself to new kit which is plastered with the Logo - 'Certified for Windows Server 2008 hardware'.  Don't accept imitations, even at knock down prices.

Worth a look: check out the free Microsoft Assessment and Planning Solution Accelerator.  What this utility does is assess your present hardware, then produces an Excel report on the fitness of your machines to run Windows Server 2008.

Windows Server 2008 Editions

The purpose of this page is to help you choose the best version of Microsoft Windows Server 2008 for your circumstances.

Quick Question:  Which version should I buy?
Quick Answer:  Windows Server 2008 Enterprise edition (64bit). Choose Windows Server 2008 Enterprise Edition

My point is that if you are unsure, make the Windows Server 2008 Enterprise edition your default choice.  Another way to make sense of Microsoft's many versions is to start with the Enterprise version, assess what it has to offer; then use that knowledge as a baseline to evaluate the other versions.

Note: for the purpose of this article, I will use the terms 'edition' and 'version' interchangeably.
Microsoft's Windows Server 2008 Versions

    Windows Server 2008 Standard
    Windows Server 2008 Enterprise Edition (Recommended)
    Windows Server 2008 Datacenter

Other considerations before you order a Windows Server 2008 edition are, firstly, do you want a 32bit version, or do you have 64bit hardware waiting to install your server?  Secondly, would like to try the new Hyper-V technology?  Alternatively, do you need to save money and buy a version without Hyper-V.

One new feature shared by Server 2008 and Vista is that Microsoft supply just one DVD for all 64bit editions; consequently it's the Product Key that determines which edition you install.

There is sister DVD for all 32bit versions.  Incidentally, Windows Server 2008 is the last Microsoft Operating system to have a 32bit version.
Three Specialist Editions of Server 2008

    Web - Very restricted, dedicated for one specialist role
    HPC (High Performance Computing) - For clustering
    Itanium-based.  These CPUs execute more instructions per clock cycle than x64 processors.  Two minor points,  Core Server is not available as installation option for Itanium-based systems.  Also there is no storage manager for SANs.

Windows Server 2008 Overview

Windows Server 2008 is the operating system which will replace W2K3 (Server 2003).  My aim on this page is to give you a look and feel of this new server.  If you are more interested in an itemized list than an overview, then here are the new features.

Remember that Windows 2008 is a Microsoft server, thus you are going to recognise features from W2K3.  You may also see tiny bits of NT 3.5, NT 4.0 and Windows Server 2000.  You may also recall that when each of those old servers was new it had a front-end make-over; so it is with Windows Server 2008, it has the latest Vista GUI.

Although Windows Server 2008 reports to be Version 6.0 (Windows Server 2003 R2 is 5.2), the progression seems more like the evolution from W2K to W2K3, than the revolution from NT 4.0 to W2K.  In addition to the headline new features such as Hyper-V, what we get is lots of small changes, each is relatively insignificant in itself, but together these little improvements add up to make Windows Server 2008 an impressive product.

It is also true to say that 2008/9 is make or break time for Microsoft.  Either Windows Server and Vista will work together to fuel future networks, or else Microsoft will crash and burn.