Windows & .NET Magazine UPDATE--Microsoft Plots Windows Server Road Map--May 18, 2004

1. Commentary
- Microsoft Plots Windows Server Road Map

2. Hot Off the Press
- Wi-Fi Vulnerability Threatens Wireless Availability

3. Inside Windows Scripting Solutions
- June 2004 Issue
- Focus: Use VBScript Plug-ins to Manipulate the File System

4. Resource
- Tip: Why do I receive errors when I use Microsoft Exchange Server 2003's Outlook Web Access (OWA) to access a front-end server--but not when I use it to directly access a back-end server?

5. New and Improved
- Access and Control Remote Servers
- Tell Us About a Hot Product and Get a T-Shirt!

==== Sponsor: Argent Software ====

Free Download: Monitor Your Entire Infrastructure with ONE Solution
The Argent Guardian monitors servers, applications, any and all SNMP-compliant devices as well as the overall health of the entire network at a fraction of the cost of "framework" solutions. Network Testing Labs states that "The Argent Guardian will cost far less than MOM and yet provide significantly more functionality." Using a patented Agent-Optional architecture, the Argent Guardian is easily installed and monitoring your infrastructure in a matter of hours. Download a fully-functioning copy of the Argent Guardian at:
http://www.argent.com/products/download.cgi?product=xxx&Source=WNT

==== 1. Commentary: Microsoft Plots Windows Server Road Map ====
by Paul Thurrott, News Editor, [email protected]

Last week, I received my first indication that Microsoft is finally taking the planning needs of its corporate customers seriously: Bob Muglia, Microsoft senior vice president of the Windows Server Division, met with me and spelled out the company's plans for the next several iterations of Windows Server, providing for the first time a predictable, obvious, and sustainable product rollout strategy. The discussion was eye-opening and, frankly, refreshing. Microsoft, historically, has been a secretive company, which I've often argued is a liability, not a benefit. Although I've heard that this secrecy will continue with the company's consumer-oriented products--its upcoming Windows Media Player (WMP) "Crescent" and Windows XP Media Center Edition (MCE) "Symphony" releases, for example, will be shrouded in mystery until they're ready for public consumption--Microsoft is now interested in being more open about its enterprise products. Here's what I learned when I met with Muglia.

First, the monolithic development nightmare that was most clearly seen with Windows 2000 is a thing of the past. During the Win2K development time frame, I argued that Microsoft's OS products had gotten too complex and that by the time the company met its internal goals for the product, its customers needs had changed, necessitating further release delays and product reformulations. The result was that the next server release, Windows Server 2003, was in many ways a fit-and-finish upgrade of Win2K that fixed glaring (and not-so-glaring) holes and improved security, uptime, and performance but offered few major new features. In the year since that release, Microsoft has issued an unprecedented set of add-ons--first called out-of-band (OOB) updates but now officially titled Feature Packs--that dramatically improve the features and capabilities of the base server product. Feature Packs include Windows Rights Management Services (RMS), Group Policy Management Console (GPMC), and Windows SharePoint Services (WSS).

"If you only do major releases every 4 years, you have to do lots of Feature Packs," Muglia said. "But here's what's worrying about Feature Packs: Customers have a hard time absorbing Feature Packs. They're not discoverable, \[customers\] have to download them; OEMs don't ship them. There's a lot of convenience that comes from having a single release, and it just provides a lot more value to the customer."

Thus, Microsoft's Windows Server development strategy boils down to the following simple structure: The company will issue major Windows Server upgrades every 4 years, interspersed by minor Windows Server upgrades every 2 years. The first of these minor updates, code-named Windows 2003 Server R2 (for "release 2"), will ship in mid-2005. Then, the next major Windows Server release, Windows Server Longhorn, will ship in 2007 (about 6 to 12 months after the Longhorn client). A Longhorn Server update will ship in 2009, and we can expect Blackcomb Server in 2011.

"One thing we're trying to do is move to a world where we have much more predictability associated with our software release schedules," Muglia said. "\[Two years after each major Windows Server release\] we can take features and functionality and add them on top of the \[then-current Windows Server\] kernel--not change the kernel in any way, keep things consistent for the customers, and don't break compatibility--and build functionality on top that they can utilize. \[Windows Server 2003\] R2 will be the first of these update releases."

Muglia admitted that part of the rationale for this strategy was dissatisfaction from its Software Assurance (SA) customers, many of whom expected to see another major server release during their license period. For these customers, Windows Server 2003 R2 will be included as part of their licensing costs. But when Windows Server 2003 R2 ships, other customers would need to purchase it, as they would any server release.

I asked Muglia how Windows Server 2003 R2 and subsequent update releases will affect the company's current plans for service packs and hotfixes. He said Windows Server 2003 R2 would be based on the code for Windows 2003 Service Pack 1 (SP1)--due this fall--and will ship before Windows 2003 SP2. According to Muglia, when SP2 does ship, presumably in late 2005, the update will upgrade both the initial Windows 2003 release and Windows Server 2003 R2.

Muglia also talked up the upcoming 64-bit version of Windows Server that will target AMD64 (AMD Opteron) and Intel x86 (Intel Xeon EMT64T). Dubbed Windows Server 2003 64-Bit Edition for Extended Systems, this version will have the same features as existing Windows Server versions (Itanium-based versions of Windows didn't include all the features of the 32-bit versions) and will offer significant improvements over 32-bit versions, including, for the first time, performance gains. Indeed, according to Microsoft's internal testing, even 32-bit servers, services, and applications run faster on AMD 64-bit hardware than they do on comparable 32-bit hardware. More about that at a later date.

I do have one bit of bad news: During a recent visit to the Windows NT Build Lab at the Microsoft campus, I noticed a sign that detailed the lab's build-order precedence as XP SP2, then Windows 2003 SP1, followed by Win2K, then Longhorn. I was surprised to see Win2K on the build precedence list and asked Muglia whether Win2K would be getting some of the XP SP2 security fixes (code-named "Springboard"). Sadly, the answer is no. "We're taking the core fixes that we find we need to bring back to Windows 2000 and putting them back there," Muglia said. "But no, there's nothing like Springboard at this point for Windows 2000. We won't do the very broad pass that we did for XP. Just those things that we feel are the really significant security vulnerabilities we've identified ... are the only things that we're taking. You have to understand that with Springboard, we made hundreds and hundreds of changes to the operating system. We've done a lot of clean-up-type work that no one's really done any exploits on \[in XP SP2\], and yet we want to make sure there's no chance of that happening, so we're doing a ton of that sort of work. That's not all going back to Windows 2000." In other words, Win2K SP5, due in late 2004, will be a traditional service pack.

There's a lot more information, including the exact technologies Microsoft expects to ship in each Windows Server release, but I'm out of space. I'm not yet sure where the entire Muglia interview will be published, but I'll certainly provide a link to it as soon as it's available. In the meantime, please let me know what you think about Microsoft's road-map plans. Although the overall roadmap view is appreciated, I suspect that some of its plans will likely be somewhat controversial for the software giant's customers.

==== Sponsor: Control Unwieldy Exchange Databases ====

The Network Engines Data Management Appliance (DMA) for Microsoft(R) Exchange Server takes charge of increasingly complex Exchange environments. The DMA strengthens backup infrastructures and leverages features of CommVault QiNetix DataMigrator and Galaxy Backup and Recovery applications. Benefits include disk-based backup and restore, Exchange migration and mailbox management. The DMA sets up quickly and is simple to manage using browser-based administrative tools. See a demo at Microsoft Tech Ed, booths 924, 1138 and SP6. This Network Engines product is available by calling 877-638-9323 or emailing [email protected].
http://www.networkengines.com/ad/dma/windowsnet.asp

==== 2. Hot Off the Press ====
by Paul Thurrott, [email protected]

Wi-Fi Vulnerability Threatens Wireless Availability
Students at an Australian university have discovered a flaw in Wi-Fi, the 802.11b wireless standard, that could let an attacker effectively shut down wireless networks with a Denial of Service (DoS)-like attack. The PhD students, who hail from the Queensland University of Technology's Information Security Research Centre, were studying ways to prevent Wi-Fi-based attacks when they discovered the vulnerability. They say that the Carrier Sense Multiple Access/Collision Avoidance (CSMA/CA) feature of Wi-Fi networks, which adhere to the IEEE's standardized 802.11 protocol, is to blame. To read the entire story, visit the following URL:
http://www.winnetmag.com/article/articleid/42697/42697.html

==== 3. Inside Windows Scripting Solutions ====

Windows Scripting Solutions is a monthly paid print newsletter loaded with news and tips to help you manage, optimize, and secure your Web-enabled enterprise. NONSUBSCRIBERS can access all the newsletter content in the online article archive from the premiere issue of Windows Scripting Solutions (December 1998) through the print issue released 1 year ago.

Subscribers
In addition to receiving the monthly print newsletter, SUBSCRIBERS can access all the newsletter content, including the most recent issue, at the Windows Scripting Solutions Web site ( http://www.winnetmag.com/windowsscripting ). Subscribe today and access all 2003 issues online!
https://secure.pentontech.com/nt/winscripting/index.cfm?promocode=00wi26xxhm

June 2004 Issue
To access this issue of Windows Scripting Solutions, go to the following URL:
http://www.winnetmag.com/windowsscripting/issues/issueid/706/index.html

Focus: Use VBScript Plug-ins to Manipulate the File System
Beef up your scripting library with VBScript plug-ins for reading and writing files and creating a directory tree. Plus, collect and format information about user accounts; use WQL queries to trap OS events; and control Perl scripts that hog the CPU.

5 Plug-In Functions to Manipulate Files, Folders, and Drives
Use this handy set of prewritten VBScript functions to eliminate coding of repetitive file-and folder-handling tasks, such as reading or writing to a text file, appending data to a file, and creating a directory tree in one step.
--Alex K. Angelopoulos

http://www.winnetmag.com/windowsscripting/article/articleid/42368/42368.html

==== Announcements ====
(from Windows & .NET Magazine and its partners)

New Web Seminar: Preemptive Email Security Works for Chick-fil-A--It Can Work for You
Become the company hero! Save your company time and money by preventing unwanted and lost email. In this free Web seminar, hear from an email expert--and learn from a real-world Chick-fil-A case study--about how you can reduce spam and viruses and improve email security and employee productivity. Register now!
http://www.winnetmag.com/seminars/preemptiveemailsecurity/index.cfm?code=emailannc0517

Free White Paper--Learn How to Eliminate the Top 5 Email Security Threats Including Spam and Viruses
Discover the top 10 reports every email administrator shouldn’t live without, including dashboard views that show threats to your network and how they are being blocked. Plus, learn how to eliminate the top 5 email security threats including spam and viruses. Get this free white paper today!
http://www.winnetmag.com/whitepapers/postini/emailsecurity/index.cfm

Windows & .NET Magazine Announces Best of Show Finalists
Windows & .NET Magazine and SQL Server Magazine announced the finalists for the Best of TechEd 2004 Awards. The field included more than 260 entries in 10 categories. Winners will be announced at a private awards ceremony on Wednesday, May 26. The winners will also be announced at TechEd on Thursday, May 27 at 12:30 p.m. at the Windows & .NET Magazine booth #625. Click here to find out this year's finalists:
http://www.winnetmag.com/article/articleid/42700/42700.html

==== Instant Poll ====

Results of Previous Poll: Macintosh Systems
The voting has closed in Windows & .NET Magazine's nonscientific Instant Poll for the question, "How often are you required to deal with Macintosh systems or users?" Here are the results from the 352 votes:
- 17% Frequently
- 11% Occasionally
- 23% Rarely
- 49% Never

New Instant Poll: TechEd
The next Instant Poll question is, "Have you ever attended a Microsoft TechEd conference?" Go to the Windows & .NET Magazine home page and submit your vote for a) Yes, and I'm planning to go to TechEd 2004, b) Yes, but I'm not planning to attend TechEd 2004, c) No, but I'm planning to go to TechEd 2004, or d) No, and I have no plans to attend TechEd 2004.
http://www.winnetmag.com/magazine

==== 4. Resource ====

Tip: Why do I receive errors when I use Microsoft Exchange Server 2003's Outlook Web Access (OWA) to access a front-end server--but not when I use it to directly access a back-end server?
by John Savill, http://www.windows2000faq.com

If you receive errors when you use Exchange 2003 OWA's spell-checking facilities to access a front-end server but not when you access a back-end server, the security settings on the front-end server's Microsoft IIS virtual directory might be incorrect. To check the security settings and, if necessary, correct them, perform the following steps:
1. Log on to the back-end server and start the Internet Information Services (IIS) Manager. Click Start, Programs, Administrative Tools, Internet Information Services (IIS) Manager.
2. Navigate to Web Sites, Default Web Site, ExchWeb.
3. Right-click "bin" and select Properties.
4. Click the Directory Security tab.
5. Click the Edit button in the "Authentication and access control" section.
6. Make a note of the current Authentication Methods. Click OK.
7. Select bin, right-click spell (which is a child directory of bin), and select Properties. Repeat Steps 4 through 6.
8. Log on to the front-end server and repeat Steps 1 through 7, this time ensuring that the Authentication Methods match those of the back-end server. (The problem usually occurs because the "Integrated windows" security check box in the Authentication Methods section isn't selected on the front-end server.)

==== Events Central ====
(A complete Web and live events directory brought to you by Windows & .NET Magazine: http://www.winnetmag.com/events )

The Exchange Server Seminar Series--Coming to Your City Soon!
Simplify your life and others' lives with Windows Server 2003 and Exchange Server 2003. Learn the advantages of migrating to an integrated communications environment, consolidating and simplifying implementation of technology, and accelerating worker productivity. Register now for this free event!
http://www.winnetmag.com/roadshows/exchange2003

==== 5. New and Improved ====
by Carolyn Mader, [email protected]

Access and Control Remote Servers
Avocent released the DSR1021 switch, a keyboard/video/mouse (KVM) over IP solution for accessing and controlling remote servers and serial devices in remote offices. The DSR1021 switch lets IT administrators troubleshoot, reboot, and power cycle servers or serial devices from any location by using DSView management software. The DSR1021 switch features external modem support so that administrators can still manage remote devices when the network is down. The DSR1021 features eight user-configurable ports for serial or KVM use. The switch is available for $1750. Contact Avocent at 866-286-2368 or [email protected].
http://www.avocent.com

Tell Us About a Hot Product and Get a T-Shirt!
Have you used a product that changed your IT experience by saving you time or easing your daily burden? Tell us about the product, and we'll send you a Windows & .NET Magazine T-shirt if we write about the product in a future Windows & .NET Magazine What's Hot column. Send your product suggestions with information about how the product has helped you to [email protected].

==== Sponsored Links ====

Primary Sponsor:
Argent Software -- http://www.Argent.com -- 1-860-674-1700

Secondary Sponsor:
Network Engines -- http://www.networkengines.com -- 1-877-638-9323

==== Contact Us ====

About the newsletter -- [email protected] About technical questions -- http://www.winnetmag.com/forums About product news -- [email protected] About your subscription -- [email protected] About sponsoring UPDATE -- [email protected]

==== Contact Our Sponsors ====

Primary Sponsor:
Microsoft(R) -- http://www.microsoft.com

Hot Release:
Aelita Software -- http://www.aelita.com -- 1-800-263-0036