On April 13, Netcraft (http://news.netcraft.com/) announced the number of sites running Windows Server 2003 has overtaken Solaris 9, despite the fact Windows Server 2003 (from now on WS 2003) was not yet released and Solaris 9 has been around longer than a year. Even more telling, according to the same Netcraft posting, www.sun.com is still running Solaris 8 while www.microsoft.com has been on 2003 since July 2002. I like folks who eat their own dog food. It says a lot about their productand their company.

Multiple Versions
I know. I still havent said a word about features or new features, but first I want to introduce the four different versions of this beast released in May (other versions to follow).

WS 2003 Standard EditionSupports 4 GB RAM, 4 processors, and a full boatload of communications and management features. It is advertised to run on as little as a 133 MHZ 128 MB box. This is the version for small- to medium-sized businesses. It does not support clustering.

WS 2003 Enterprise EditionUp to 32 GB RAM and 8 processors. It also will run on Intel Itanium-based product. Support for 64-bit computing includes up to 8 processors and 64 GB of RAM. This is billed as a general-purpose server but is clearly designed for high-end use.

WS 2003 Datacenter EditionUp to 32 processors and 64 GB of RAM with the 32-bit version and 128-way machines with individual partitions of up to 64 processors and 512 GB of RAM with the 64-bit version. This is most definitely a high-end OS. I am anxious to see how it performs against the mainframes and Solaris servers it is aimed at.

WS 2003 Web EditionThis truly is interesting. It will support dual 32-bit processors and 2 GB RAM but has limited functionality. It really is designed just as a Web servermost other standard server features are disabled. I suspect this product (priced at $399 with no CALs needed) is aimed at the Linux/Apache open-source user. Whether Microsoft can crack that market is another issue altogether. An interesting side note: It appears the Web edition now is only available as an OEM product. I dont know what that really means, unless there is a grand strategy to market Web devices dependent on that OS. I do know that unless it is readily available, it wont ever grab the Linux market.

An All-Purpose Tool?
The Microsoft marketing promotes WS 2003 as a multipurpose operating system capable of just about everything: file and print server, Web server, application server, mail server, terminal server, remote access server, DNS server, DHCP server, streaming media server, domain controllersounds like one of those Leatherman (www.leathermanstore.com) all-purpose tools. Isnt a Buck knife sometimes better than a multiple-use gadget? Well, yes, but it is possible to build an integrated multiple-role server. Maybe Microsoft has succeeded.

The features list of this new OS is way too extensive to discuss in a piece this short, so I will try to focus on a few that caught my eye.

An XML Metabase?
Have you ever tried to accomplish a quick and dirty replication of a Windows 2000 Web server? You knowmirror all the data, establish the same software configuration including IPs, etc. Your goal is to provide a quick and easy failover should one ever be necessary. So you have the box all set up, and all you need to do is export the Internet Information Services (ISS) metabase from one box to another. Wrongcant be done. Or it cant be done without some third-party slightly scary tool. Previous ISS metabases were stored in a proprietary data format that made modification impossible. Have you ever trashed an existing metabase without having made a recent backup? Enough said. It was a nasty business. The good news is IIS 6.0, which ships with WS 2003, has an XML-formatted plain text metabase! I can modify or repair a metabase with Notepad. Not only that, but it wont require a reboot for changes to take effect. I may be a little nuts on this, but a real-time editable metabase is reason enough for me to trade in my old server software.

A Secure IISAnother Oxymoron?
We all know what the biggest security risk is in our organizationspeople. No matter how much you educate them or how much you watch them, the human factor is responsible for most failures in security. Microsoft finally learned that lesson, too. A normal install of WS 2003 doesnt even set up a working version of IIS 6.0.

So you wont have some dunderhead setting up a primary domain controller with an open Port 80. Even when IIS 6.0 is installed, it starts out locked down by default. Out of the box, it will only serve up static content, and even that with very restricted security. There isnt even any sample code to muck about in. (The sample code installed with previous versions of IIS always was the first door a hacker would knock on and jiggle the handle.) With WS 2003, you are forced to open up or turn on every feature you need for your Web sites. While still not foolproof or idiot-proof, it at least provides the potential for much better security on Microsoft-based Web sites.

Performance in IIS 6 is reported to be greatly improved. Microsoft reports double the performance of a similar two-processor IIS 5 server. Well see. IIS 6 offers two modes of operationworker process isolation mode and IIS 5 isolation mode. A clean installation of IIS 6 runs in the former (an upgrade from IIS 4 or 5 runs in IIS 5 isolation mode). What does all that mean? Previous versions of IIS dictated that requests were passed from a single process (inetinfo.exe) to a worker process (dllhost.exe or aspnet_wp.exe). Using IIS 6 in Worker Process Isolation mode, requests are passed directly to the worker process from the kernel. That not only eliminates cross-process marshalling but allows an application to be configured so no other code will be running in its process space. That is some cool stuff. Additionally, IIS 6 permits a greater number of worker processes to run than previous versions of IIS. Finally, an IIS 6 server can host a larger number of sites and applications as well as providing the ability to shut down and restart faster.

How Does Your Garden Grow?
Scalability always has been a major concern when comparing Microsoft Web servers to UNIX-based machines. IIS 6 Web gardens are a new feature that will enhance scalability. In short, a Web garden is an application pool that has multiple processes serving requests to that pool. With Web gardens, enabled IIS will load balance these requests. Should any process lock up or demand too much of the available resources, it will be cycled out of the pool allowing for transparent system recovery.

Scalability also is provided via clustering. A cluster is a group of computers that operate together to provide a common set of applications while providing the image of a single system to the client and the application. Clusters provide transparent failover capabilities as well as load balancing.

The Windows Server 2003 family will provide two types of clustering services. MSCS (Multiple Server Cluster Service) is only available in WS 2003 Enterprise Edition and Datacenter Edition and will support server clusters of up to eight nodes. This is the true clustering servicethe one that provides failover for mission-critical applications such as high-availability database applications. A properly configured cluster will provide continual client access to applications even though one or more servers experience failure. You cannot mix Enterprise Edition and Datacenter Edition servers in a cluster. Choose your poison, and stick with it.

All editions of the WS 2003 family support network load balancing, which distributes the requests for TCP/IP services across a cluster (of up to 32 computers). It will load balance multiple server requests, from either the same client or multiple clients across multiple hosts in the cluster. Network load balancing is designed to integrate into existing Web server farms.

More to Come!
This is not good. I am out of space and have barely begun to touch on the features on Windows Server 2003. I have not yet done the product justice (or injustice). Active directory now is fully supported; this is the first Microsoft OS with .NET support built-in; security and performance is greatly improved. I will discuss some of these improvements in future columns.

Regardless of how many features are promised, the ultimate question is to upgrade or not. That is not an easy decision. Microsoft seems to have the timing right on this one. The SCO-UNIX-IBM fiasco has many IT managers wondering which road to take. If Windows Server 2003 lives up to the hype, there might be some religious conversions taking place. We are at the end of the NT life cycle. Microsoft shops need to upgrade to something. I personally will wait for a service pack or two, but I would much rather be at the front end of a product cycle than running to catch up.