Just as Windows Server 2003 made significant improvements to Active Directory, Longhorn promises to follow suit. When AD was first deployed under Windows 2000, managing a Windows domain became much easier. With Server 2003, Microsoft kicked it up a notch, adding such functionality as group editing, simpler object editing, and a more fluid management interface. But AD was still far from a glowing example of form and function.
Longhorn promises to take the next logical step and then some. Microsoft has been saving up numerous features, fixes, and functions to include in the next-generation Windows server platform, and if it delivers, it will be a distinct benefit to any Windows network.
One of the banes of Windows 2000/2003 AD is the relative fragility of DCs (domain controllers). Once functioning and operational, a Windows 2003 DC is generally stable -- but if problems do occur with a specific DC, repairing it has never been a simple task, requiring a server rebuild in many cases. One of the more significant additions to Longhorn is the ability to use dcpromo to repair a domain controller, rather than promoting and demoting a server to that role. In addition, the AD services will be restartable, and will not require a server reboot for fixable problems with the AD core.
Also on the way are RODCs (read-only domain controllers). These are DCs that can perform authentication tasks but defer to another DC, thus providing a safety net for remote sites. An RODC does not store usernames or passwords locally, and provides unidirectional replication from other DCs. In addition, Server Core -- the GUI-less server base -- can provide DNS and DC services, further reducing the footprints of remote DCs. All this can be dropped into an existing Windows Server 2003 domain, as long as the Primary Domain Controller Flexible Single Master Operation role is on a Longhorn server. There are some other limitations, however, such as support for only one RODC per domain per site, and apparently no support for Microsoft Exchange.
The other biggie in Longhorn AD is Admin Role Separation. Most AD deployments have far too many accounts with Domain Admin privileges. In Longhorn, there will be a local admin role for each RODC with limited admin privileges, preventing accidental domain changes at edge sites from affecting the domain as a whole.
So there’s a lot to look forward to -- assuming these features make it all the way to the final press of Longhorn Server. If all this comes to pass, the main beneficiaries will be your domain security, stability, and, hopefully, your sanity.
This whitepaper explains the terminology and concepts behind Data Replication technologies and establishes some sizing rules through worked examples. Learn the new paradigm in disaster tolerance—protect data anywhere.
Download now »
Server virtualization is a popular option for dealing with mounting datacenter costs. Another equally promising approach is the use of an Application Delivery Controller. Citrix NetScaler provides a low-cost way for organizations to reduce their server count and accrue cost savings from a reduction in space, cooling, power and personnel.
Download now »
The emergence of WLANs has created a new breed of security threats to enterprise networks.
Included in HP ProCurve WLAN solutions is security technology that alleviates threats from WLANs through:
* Monitoring wireless activity inside and out of the enterprise
* Classifying WLAN transmissions into harmful and harmless
* Preventing transmissions that pose a security threat to the enterprise network
* Locating participating devices for physical remediation
Effectively address data protection challenges, implementing solutions that help store and protect business–critical data while cutting costs and improving efficiency and reliability.
Download now »
Sign up to receive Security Resource Alerts
This white paper provides guidance on how to develop a strategic approach to managing and monitoring logs, a key function required for compliance with many regulatory mandates and a critical defense against security threats.
Download now! »
Learn about the processes and technologies that support security information management (SIM) operations, as well as the business case for SIM. The series examines different options for implementing SIM and gives you evaluation criteria for selecting the best option for your organization.
Download now! »
Learn the strategies, actions, and capabilities that Best-in-Class organizations employ and technologies they choose to obtain superior performance against various security performance metrics. This report provides guidelines for identifying which security solutions to consume as a MSS and defines best practices for choosing and managing MSSPs.
Download now! »
Recommend This
