Introduced in Windows 2000, the Microsoft Active Directory® service simplifies the administration of complex network directories and makes it easy for users to locate resources on even the largest networks. This enterprise-class directory service is scalable, built from the ground up using Internet-standard technologies, and fully integrated at the operating-system level in Windows Server 2003, Standard Edition, Windows Server 2003, Enterprise Editon, and Windows Server 2003, Datacenter Edition.

Windows Server 2003 provides numerous ease-of-use improvements to Active Directory and new features including cross-forest trusts, the ability to rename domains, and the ability to deactivate attributes and classes in the schema so that their definitions can be changed.

Administrators can use Group Policy to define the settings and allowed actions for users and computers. In contrast with local policy, organizations can use Group Policy to set policies that apply across a given site, domain, or organizational unit in Active Directory. Policy-based management simplifies such tasks as system update operation, application installation, user profiles, and desktop-system lockdown.

Expected to be available as an add-in component to Windows Server 2003, the Group Policy Management Console (GPMC) provides the new framework for managing Group Policy. With GPMC, Group Policy becomes much easier to use, a benefit that will enable more organizations to better utilize Active Directory and take advantage of its powerful management features.

The Resultant Set of Policy (RSoP) tool allows administrators to see the effect of Group Policy on a targeted user or computer. With RSoP, organizations have a powerful and flexible base-level tool to plan, monitor, and troubleshoot Group Policy.

RSoP is an infrastructure provided as a set of Microsoft Management Console (MMC) snap-ins that let administrators determine and analyze the current set of policies in two modes: logging mode and planning mode. In logging mode, administrators can assess what has applied to a particular target. In planning mode, they can see how policies would be applied to a target and then examine the results before deploying a change to Group Policy.

As part of Volume Shadow Copy service, this feature lets administrators configure point-in-time copies of critical data volumes without interrupting service. These copies can then be used for service restoration or archival purposes. Users can retrieve archived versions of their documents that are invisibly maintained on the server.

Internet Information Services (IIS) 6.0 is a full-featured Web server that enables Web applications and XML Web services. IIS 6.0 has been completely re-architected with a new fault-tolerant process model that greatly boosts the reliability of Web sites and applications.

Now, IIS can isolate an individual Web application or multiple sites into a self-contained process (called an application pool) that communicates directly with the operating system kernel. This feature increases throughput and capacity of applications while offering more headroom on servers, effectively reducing hardware needs. These self-contained application pools prevent one application or site from disrupting the XML Web services or other Web applications on the server.

IIS also provides health monitoring capabilities to discover, recover, and prevent Web application failures. On Windows Server 2003, Microsoft ASP.NET natively uses the new IIS process model. These advanced application health and detection features are also available to existing applications running under Internet Information Server 4.0 and IIS 5.0, with the vast majority of applications not needing any modification.

The Microsoft .NET Framework is the programming model of Microsoft .NET-connected software and technologies for building, deploying, and running Web applications, smart client applications, and XML Web services that expose their functionality programmatically over a network using standard protocols such as SOAP, XML, and HTTP.

The .NET Framework provides a highly productive, standards-based environment for integrating existing investments with next-generation applications and services.

In addition, it helps organizations solve the challenges of deployment and operation of Internet-scale applications.

With the .NET Framework fully integrated into the Windows Server 2003 operating system, developers are freed from writing "plumbing" code and can instead focus their efforts on delivering real business value. The .NET Framework takes care of the integration and management details, reducing code complexity and increasing coherency.

The Windows Server 2003 family provides a significantly enhanced command-line infrastructure, letting administrators perform most management tasks without using a graphical user interface. Of special importance is the ability to perform a wide range of tasks by accessing the information store enabled by Windows Management Instrumentation (WMI). This WMI command-line (WMIC) feature provides a simple command-line interface that interoperates with existing shells and utility commands and can be easily extended by scripts or other administration-oriented applications.

Overall, the greater command-line functionality in the Windows Server 2003 family, combined with ready-to-use scripts, rivals the power of other operating systems often associated with higher cost of ownership. Administrators accustomed to using the command line to manage UNIX or Linux systems can continue managing from the command line in the Windows Server 2003 family.

Available only in Windows Server 2003, Enterprise Edition and Windows Server 2003, Datacenter Edition, this service provides high availability and scalability for mission-critical applications such as databases, messaging systems, and file and print services. Clustering works by enabling multiple servers (nodes) to remain in constant communication. If one of the nodes in a cluster becomes unavailable as a result of failure or maintenance, another node immediately begins providing service, a process known as failover. Users who are accessing the service continue their activities, unaware that service is now being provided from a different server (node).

Both Windows Server 2003, Enterprise Edition and Windows Server 2003, Datacenter Edition support server cluster configurations of up to eight nodes.

Companies can move to a security model that ensures all physical access is authenticated and encrypted, based on the 802.1X support in the Windows Server 2003 family. Using 802.1X-based wireless access points or switches, companies can be sure that only trusted systems are allowed to connect and exchange packets with secured networks. Because 802.1X provides dynamic key determination, 802.1X wireless network encryption is dramatically improved by addressing many of the known issues associated with wired equivalent privacy (WEP) used by IEEE 802.11 networks.

This feature provides security and performance improvements for wireless local area networks (LANs), such as automatic key management, user authentication, and authorization prior to LAN access. It also provides access control for Ethernet networks when wired Ethernet is used in public locations.

"Headless server" capabilities allow IT administrators to install and manage a computer without a monitor, VGA display adaptor, keyboard, or mouse. Emergency Management Services is a new feature allowing IT administrators to perform remote-management and system recovery tasks when the server is unavailable through the network or other standard remote-administration tools and mechanisms.