In-Depth

Managing in Isolation

Remote management has never been a Microsoft strong suit, but Windows Server 2003 is helping users manage servers that no IT staff can touch.

• By Kevin Fogarty
• May 01, 2005

Systems administrators stuck with the job of managing Windows servers tucked into buildings that have no IT presence have long complained about their plight, but Windows Server 2003 is giving them cause for hope.

Windows NT Server and Windows 2000 Server were difficult to maintain, monitor and customize, with little of the sophisticated scripting capabilities that Unix and mainframe system administrators use routinely. Neither made it easy to perform everyday maintenance or emergency response without third-party tools to automate common functions or apply changes to a group of servers at once.

"When Microsoft talked about Windows in the data center three or four years ago, it was really kind of laughable," according to Jean-Pierre Garbani, vice president of computing systems research at Forrester Inc.

Windows Server 2003 was intended to change that perception, and make Microsoft a contender in the market for servers that can be maintained without an IT person on site to baby-sit them—and thus a contender in the enterprise data center. To a large extent, Garbani says, it has done just that.

Microsoft has been trying to improve remote administration and management of its servers since the first version of NT shipped. The goal is to match or exceed the remote-management functions of data-center managers like Unix machines and mainframes, according to Ward Ralston, senior technical product manager in the Windows Server Division. "With Windows Server 2003, you can choose to remotely perform server management tasks that previously could be done only locally," he says.

Tools within Windows 2003 fall into four categories:

• Remote administration with Terminal Services, which is built into the OS and allows two simultaneous remote connections with no additional license costs. It's designed to allow server administration and configuration functions on servers located anywhere on the network. The Remote Desktop MMC snap-in allows support for additional machines, and can remotely administer Win2K servers.
• Branch office/remote (BO/R) servers allow administrators to remotely control servers that don't have a monitor, keyboard or mouse, as might be the case in either a cluster arrangement or in a branch office, to discourage users from tinkering with their local server. BO/R also includes Emergency Management Services, which lets administrators re-start or remotely install software on a server whose OS isn't responding.
• The command-line interface in Windows 2003 is much more capable than in previous versions because of enhancements to the Windows Management Instrumentation (WMI) API. WMI gives administrators access to all shells and utilities in Windows 2003, and enables them to write extensive scripts to automate functions across one or many servers.
• The Windows Server 2003 administration tool pack, included in Windows Server 2003 CDs, includes simplified interfaces for remote-management functions to make it easier to administer servers, networks, directories and storage.

"When you add up all those things, [Microsoft's] story is pretty good, especially for the money you spend," according to Peter Pawlak, a senior analyst at Directions on Microsoft, a research company in Kirkland, Wash. "You spend a fraction of what you would in the Unix world and get 80 percent of the functionality; and it's not just limited to Windows Server 2003. Some of those functions were there in Windows 2000 and can be used on NT and XP as well."

Easier Living Through Scripting
For many users, it's the base functions rather than the add-on products that they find particularly useful—especially given they come with no additional cost.

David Chacon, technical services manager for the IS department at PING Golf in Phoenix, Ariz., is particularly fond of the enhancements to WMI, an application programming language that first appeared in Windows 2000. WMI makes for simplified, richer scripting by providing access to operating system services that are otherwise inaccessible.

"Before WMI existed, if you wanted to kick off automated processes to migrate something, or handle login scripting, or monitor the status of a machine or an application, there was no way to do it in the OS itself," says Chacon. You could do it with DOS batch files, or you'd have to get some third-party application."

In Windows 2003, Microsoft enhanced WMI's automation capabilities, making it much easier to work with. For example, the SMTP Event Consumer function that enables WMI to e-mail an administrator when it notices a problem event wasn't available in Win2K.

Versions in XP and Windows 2003 also include more functional utilities and a simpler command set. Rather than having to write a script for every event and server you want to track, WMI now includes viewers or shorthand commands to let administrators view logs, query specific nodes and handle other functions with point-and-click or single-line commands.

The scripts Chacon's group wrote to manage 30 physical servers on the 1,000-person company's main campus aren't nearly as complex as the functions available in some of Microsoft's higher-end products. "But if you can automate status monitoring that keeps you from having to go to 500 workstations individually and spend 20 minutes on each, that time adds up quick," Chacon says. "That's versus a couple of days setting up and testing a script, then letting it take over."

PING has one full-time staffer who uses Terminal Services and other command-line-interface tools to monitor system status and keep the applications running. The new WMI scripts saved 40 percent of his time, a significant savings in a 15-person IT department—so much so that Microsoft is featuring PING in a series of case studies and ads.

"My picture's been up in so many places they've hung it up on our office bulletin board and are calling me 'Mr. 40 percent,'" Chacon jokes. The automated scripting has saved 800 hours worth of work, while making it possible to share data with customers securely and maintain the uptime of critical order-processing applications.

It also made it much easier to configure and maintain the "very complex" configurations on PING's 500 workstations, many of which run several applications and few of which can be down at any one time without dire consequences.

Shadowy Changes
It's Windows 2003's ability to shield users from changes on the network that's particularly valuable to Bruce Haff, director of IT at K2 Sports on Vashon Island, Wash.

The Volume Shadow Copy function in 2003 lets Haff and his crew temporarily map users in a remote office to a data volume on any server in the network, rather than the one that is closest to them. Haff's crew can then remotely update, reboot or make any other changes to the server without the users even knowing they'd been moved off the server in their own office.

"It used to be if we wanted to expand a volume or something, we had to let everyone know and re-map the drives," he says. "This way, the users don't have to know where the data lives any more. So we can move volumes around, or move data to completely different servers and the users would never know."

Assessing the Add-ons
In addition to base functions that come with Windows Server 2003, Microsoft touts add-on utilities such as Microsoft Operations Manager (MOM) as important components of its management lineup. But users warn that MOM comes with a fairly steep learning curve for the more powerful functions, which have to be scripted carefully.

It's fairly easy to tell it to trap critical events from all the server logs and present them to a server admin first thing in the morning, however. "That saves us about a half hour every day," Haff says. "It used to be that we'd have to check the log on each individual server. This consolidates things."

MOM 2005 is designed to monitor the status of every machine in the network, the health of the applications running on them and to automate many required maintenance tasks. It brings Windows systems-management capabilities up to par with mainstream Unix products from IBM and HP, Garbani says. MOM still trails those of BMC and Computer Associates, he says, which are both well ahead of IBM and HP in the feature/function race.

"The last version of MOM (2000), for example, would have been good in 1995. With MOM 2005, it's still a good product, but it is more like a 2002 version of the best systems management," Garbani says.

The major thing missing is the ability to map applications to specific servers, databases and network services so that you can get a picture not only of what server's running what applications, but the condition of the various components on which a single application depends, Garbani says MOM is also reactive, not proactive, so by the time it notices a server is down or the Internet's inaccessible, "it's already become a problem," says Steven Brummer, client/server design supervisor for Children's Healthcare in Atlanta (CHOA).

CHOA does its systems monitoring with NetIQ's AppManager product, which tracks performance data and extrapolates trends to identify problems as they're developing. CHOA has servers in geographically dispersed areas of the hospital complex, which makes it difficult for a technician to go work on them in person when there's a problem.

"With AppManager, we can configure it to see the trend and jump in before it becomes a problem. So it will notice if the database is slowing down, or you're running low on disk space, rather than waiting until the problem happens and then thinking what you're going to do about it," Brummer explains. "We want to be able to head it off at the pass."

On the Horizon
Microsoft is also working on a host of usability and manageability functions that it will release with an update to Windows 2003 due out later this year, code-named R2. It will deliver Windows Server Update Services (WSUS), a new, twice-renamed version of the free Software Update Services. WSUS is a more advanced application that can help administrators define by administrative group, server classification or end-user role what machines should get automatic updates. It can also direct users to internal servers rather than Microsoft's site for patches and OS updates.

It's those kinds of internal support functions that seem attractive to most users, despite Microsoft's efforts to sell add-on products like MOM 2005. Scripting and remote access to functions enabled by WMI let administrators do what they need to do, while excess bells and whistles cost more and deliver fewer critical functions.

As Brummer says, "If I had a big budget to go buy something, I'd go out and get another person, not a piece of software."