Home > Articles > Operating Systems, Server > Microsoft Servers

Windows Server Reference Guide

Hosted by

The Ten Most Important New Features

Last updated Sep 26, 2003.

In May 2007, after the release of Beta 3 of the last version of the operating system to bear the code-name "Longhorn," we got our first complete glimpse of the feature set planned for Windows Server 2008.

For years, I maintained a private little complaint, which I successfully refrained from revealing in these pages because I thought it more important to concentrate upon teaching the material: The problem with Windows as a server, I've secretly maintained, is that it insists on carrying its baggage with it from the client realm, into the server realm where it can gum up the system. All the object linking and embedding, all the graphical libraries (including DirectX), all the applications support, all the little client-motivated control panels...all of these things reduce the efficiency of the server operating system.

Windows Server 2008 may be the first iteration of the operating system where Microsoft demonstrates it finally recognized that fact. Perhaps for some servers, the operating system running the DNS and DHCP and POP services does not need to be Windows, all bedecked and bejeweled. Granted, Microsoft never intended to run the Aero UI from Vista on Windows Server, which is to its credit; but since anything one would want to do with Windows that involves fun or personal productivity or watching movies belongs on the client edition anyway, it should at least be an option for admins to deploy less if they're going to use less anyway.

Microsoft's gradual, if late, recognition of the proper role of a server operating system is made apparent through a myriad of architectural changes. In order to make those changes more obvious to some of my readers on the more general-purpose, often less technical BetaNews, I selected ten changes to WS2K8 (I can use that abbreviation now) that may have the greatest impact on enterprises. These are changes to the system proper—the parts that get shipped as part of the main license, as opposed to add-ons shipped or downloaded separately (for instance, the new System Center line of admin tools).

For the Reference Guide, here are the ten features I selected, with more technical detail and comparisons to existing references:

#10: The Self-Healing NTFS File System

Since the dawn of recorded history, a corrupt file system on a volume tended to take down the entire volume, and often threatened to bring down the entire operating system. Too much depended upon a volume's record of its contents to be pristine and impregnable.

For a great many admins even into the WS2K3 era, recovering a volume often meant restoring a backup. If a backup was unavailable—or worse, if it was corrupt—you might find yourself having to power down the server in order to restart it in a diagnostic mode that would run CHKDSK. Since the primary job of a server operating system is to serve files, you might think it would go about that job by continually maintaining the file system, rather than setting off a pre-programmed panic mode every time a cluster bounces out of alignment.

At last, WS2K8 has a self-healing file system, whose objective is continual availability all the time. This is a kernel enhancement, not some extra snap-on driver. Specifically, what it does is take specific clusters offline, rather than force you to dismount an entire volume, whenever an inconsistency is detected. The kernel then corrects that inconsistency in the background, isolating the "knot" in the system, untying the knot, and removing the isolation—all perfectly transparently.

Naturally, there will be limits to the usefulness of this background functionality, particularly with regard to the boot sector. If the boot sector's corrupted (and if WS2K8 "knows" it's corrupted), the service should not be able to instigate background repairs—in such an instance, on false information. Supposedly Microsoft has instituted a failsafe here.

#9: Parallel Session Creation

As you've just seen, up to this point in history, when it came time to devote critical attention to a storage volume, suddenly it reverted two decades back in time from a networkable component down to a 10 MB Winchester. The changes in Windows Server 2008 involve casting off the presumptions of Windows as a client-oriented operating system refitted for use as a server, in favor of a kernel that can be adapted for roles either as a server or client.

My #9 choice for top WS2K8 system improvement demonstrates this principle quite vividly: In any multi-user operating system, a session is a moderated sequence of interactions involving a set of applications and a single user. But in the way Windows used to handle this process, a certain string of processes were spawned for each new session. Specifically, that chain was: Session Manager (SMSS.EXE), which then triggers the console logon service (WINLOGON.EXE), that in turn launches the Local Security Authority Subsystem (LSASS.EXE). Whenever a new session was created on an already booted machine, the same string was spawned yet again, resulting in multiple instances of system services running concurrently, one instance per user—services supposedly designed to manage multiple users, but just not doing so.

(By the way, before the first instance of the old Session Manager got that far along, it triggered an AUTOCHK version of CHKDSK, which provided some servers' only indication that a volume was corrupt.)

This was problematic enough for typical server configurations, but it ended up becoming treacherous for Terminal Services. As Microsoft technical fellow Mark Russinovich explained during a WinHEC session where he introduced Windows Server 2008, "The serialization of the session initialization caused a bottleneck on large Terminal Services systems. So Monday morning, everybody gets to work, a few hundred people all log onto their Terminal Services, and they've all got to wait in line to have their session initialized, because of the way session initialization was architected."

In WS2K8, the new SMSS.EXE runs in a session envelope called Session 0, where only system services run. User services and applications don't get this privilege. (This is Microsoft's new answer to an age-old security problem involving system services that somehow always manage to be able to inject alert messages into application threads.) From here, a kind of split emerges between the concepts of an OS session and a user session. This is so the services necessary to support each new user session don't end up pulling down the operating system session. (Think of low-level sessions like "rings" for threads executing on a microprocessor.)

Now, SMSS.EXE triggers a new WININIT.EXE, which is the new process for handling initialization. That triggers LSASS.EXE, which in turn invokes the new Local Session Manager (LSM.EXE). And it is this latter process which can invoke new sessions in parallel: up to four at once, or even more at one time if a server has more than four processor cores.

Books and E-books

Online Resources

Save To Your Account