O'Reilly Network    
 Published on O'Reilly Network (http://www.oreillynet.com/)
 See this if you're having trouble printing code examples


Windows Server 2003 in a Nutshell

Windows Server 2003: Still Room for Improvement

by Mitch Tulloch, author of Windows Server 2003 in a Nutshell
11/11/2003

In my last article, I examined whether Windows Server 2003 has lived up to expectations, now that six months have elapsed since the product's final release. My answer in that article was a qualified "yes". There are indeed significant improvements over the earlier Windows 2000 server platform, but there's still lots of room for improvement.

In this brief article I'd like to highlight three areas where I think Microsoft could have done even better, and I hope the company takes these suggestions to heart as it moves to Longhorn and Blackcomb, the next versions of desktop and server Windows.

1. Improving Tools for Managing Active Directory

I still find the tools for managing Active Directory a bit clunky in Windows Server 2003, though there's been some improvements in them over their first release in Windows 2000. This is especially true for the Active Directory Users and Computers console, the main tool for managing users, groups, and computers. The biggest improvement in this tool is the new Saved Queries feature, which makes it much easier to perform repeated management tasks on selected users, groups, or computers.

There've been other improvements too. For example, when you want to move an object from one container to another, you can simply drag and drop the object instead of having to right-click, select Move, browse an explorer-like folder tree, and click OK. And while Windows 2000 lets you select multiple objects, it wouldn't let you simultaneously modify the properties of these objects. Windows Server 2003 overcomes this limitation, but really only for User objects. For example, if you select multiple Computer or Group objects and open their properties, the only setting you can bulk modify is the Description field. That's a bummer; you should at least be able to modify the group membership, location, and remote access permissions of multiple computers simultaneously this way, but you can't.

Another complaint I have is that you still can't add users to groups simply by dragging and dropping users onto groups. In fact, why not display groups as containers so that when you select a group in the console tree (see left pane in Figure 1), users who are members of the group will be displayed as subnodes?

Now to be fair, there is, in fact, a menu option to toggle showing "Users, Groups and Computers as containers" and it's been there since Windows 2000. But it doesn't do anything other than display groups as part of the console tree. If they're containers, why can't they "contain" anything? That is, if you select a group in the console tree, the right-hand pane is empty instead of showing which users are members of the group. And if you double-click on a group in the console tree, you'd expect the group's properties to be displayed, but instead nothing happens.

In fact, when showing "Users, Groups and Computers as containers" is toggled on, double-clicking is rendered totally useless--what an oversight. Obviously, there are still a few rough edges to these tools, and more could have been done to make them easier to use. Managing Active Directory is a complex enough task as it is without having awkward tools to work with.

figure 1

If the selected group is a container, then why aren't are the users that are its members displayed as subnodes and in the right-hand pane?

2. Improving Other Administrative Tools

And while we're at it, some of the other administrative tools could use some more work to make them easier to use as well. My favorite gripe here is Event Viewer, which displays the event logs in the console tree (see Figure 2). When you select an event log, the events in that log are displayed in the right pane. But to actually see the details of an event you have to double-click on the event to open its properties. What a drag.

It would be much better if you had the option of displaying event logs as containers so that events would be subnodes under event logs in the console tree. Then by selecting an event in the left pane you would see its details in the right pane, which would make it much easier to browse through events and see their details. The same is true for the Services console and several other administrative consoles. There's still room for improvement.

figure 2

Event viewer should display event logs as containers so you can view event details without having to double-click.

3. Improving What's Included in the Release Version

Windows Server 2003 was released as a product in April of this year, or was it? Did you know that bits and pieces of the product are still trickling out of Redmond? These extra components, called Feature Packs, are available as downloads from Microsoft's site.

The list is growing steadily. Some of the must-have items include the Group Policy Management Console (GPMC), a new tool for managing Group Policy that replaces several existing tools that integrated together rather poorly; the Remote Control Add-on for Active Directory Users and Computers, which adds some functionality obviously left out of ADUC in the rush to get the product out the door; Automated Deployment Services (ADS), which helps you streamline the process of deploying large numbers of servers across your enterprise; and Software Update Services (SUS), an important patch management tool that should have been fully integrated into Windows Server 2003 so you could install and configure it using the Manage Your Server wizard. I wonder if they'll start releasing Longhorn and Blackcomb in bits and pieces even before its final release date? Is Microsoft transitioning to a continuum of Windows versions instead of product increments? Who knows.

Conclusion

Windows Server 2003 is indeed a definite improvement over the earlier Windows 2000 platform, but with just a wee bit more work Microsoft could have made it much easier to use. I'd be interested in hearing your own thoughts about how you think Microsoft could have improved Windows Server 2003 over Windows 2000; please feel free to express your opinions using the Comment feature below.


O'Reilly & Associates recently released (October 2003) Windows Server 2003 in a Nutshell.

Mitch Tulloch is the author of Windows 2000 Administration in a Nutshell, Windows Server 2003 in a Nutshell, and Windows Server Hacks.


Return to the O'Reilly Network.

Copyright © 2009 O'Reilly Media, Inc.