Introduction

Networks have evolved from loose collections of connected devices to complex subsystems made up of interdependent resources. For example, in the past, printers were assigned to a specific group of users. Today, users expect to be able to find and use the printer that best meets their needs, wherever they happen to be. Administrators need to think of adding printers as adding network resources that are available to everyone. And it�s not just about printers; it�s about every component of the network�s fabric being dynamic, discoverable, and ready to be used in ways that were not anticipated.

In the past, companies went to great lengths to build such networks by assembling bits and pieces of technology from many different vendors. The result was generally higher costs and fragile networks. The message to Microsoft from customers was clear: deliver the kind of simplified network we want but without all of the systems integration and complexity: just make it work.

In response to this requirement, Microsoft invested greatly to ensure that some of the most important advances in the Windows� 2000 Server operating system are in the system�s infrastructure. They include a state-of-the-art directory service, public key security technologies that are uniquely integrated with both the operating system and the directory service, the latest communications technologies�and more. Combined, the infrastructure services provided by Windows 2000 Server let organizations:

Simplify Management. Distributed systems often lead to time-consuming and redundant management that grows more complex as your computing infrastructure expands. For example, when you add new applications to your computing infrastructure, you may find you need to manage multiple directories. Or, when you add new employees, you need to distribute software to their desktops, and make sure it stays up to date. This is the type of issue that is addressed by the Active Directory ^TM service�the central, unifying infrastructure element of Windows 2000 Server.

Active Directory serves several essential functions. First, it provides a logically centralized place to store, manage and publish essential information about the hardware, software, and users throughout a network. Tasks such as delegating administrative privileges become easy�and enable companies to lower costs by achieving the right balance of centralized control and local autonomy. Second, the Active Directory provides a policy-based environment to centrally manage and control network resources and security. Third, it allows developers to build applications that build upon and extend the management infrastructure provided by Active Directory instead of building a proprietary solution. For example, Microsoft� Exchange Server 2000 uses Active Directory instead of a separate directory, enabling administrators to manage users and mailbox information in one place.

Another example of how Windows 2000 simplifies management is with the IntelliMirror� management technologies, which manage users' data, settings, and software through group-level policies set by the network administrator. Through integration with Active Directory, IntelliMirror features are able keep track of and present the users' complete environment, even making it available when users are roaming or working offline.

Strengthen Security. Security services are an essential part of a modern network operating system. With the integration of a standards-based public key infrastructure (PKI) and Lightweight Directory Access Protocol (LDAP) directory services in Active Directory, and the underlying distributed security infrastructure of Windows 2000, companies can extend their networks to customers, partners and suppliers faster and more securely than ever before. The Windows 2000 Server security services provide strong and consistent protection for your corporate network, while reducing management overhead and the risk of making an error when managing user authentication and access control.

Another key aspect of the Windows 2000 Server security infrastructure is Active Directory integration. Active Directory allows centralized management and enforces role-based security consistent with your organization's business processes. Active Directory also makes it easier for companies to use the latest security technologies such as X.509 certificates and Smart Cards to ensure remote access security, build secure e-commerce sites and deploy extranets.

Extend Interoperability. Since it�s unlikely you�ll be building your computing infrastructure from scratch, Windows 2000 Server can help you integrate the diverse collection of technologies you already have. For example, Active Directory provides a number of standard interfaces for application integration. Microsoft also provides a range of directory interoperability solutions to help reduce the cost and complexity of managing a diverse network and application environment. These include synchronization connectors that make it simple to manage environments that contain both Active Directory and Novell�s NDS, and industry-leading metadirectory technologies to handle more complex requirements.

In addition to directory services, Microsoft also has worked hard to ensure that the Windows 2000 security infrastructure is interoperable with other important security technologies. For example, the Windows 2000 Server public key infrastructure is interoperable with popular certificate authorities, and the Kerberos technologies in Windows 2000 Server are fully standards-compliant, enabling powerful single sign-on solutions.