Windows 2000: All Grown Up and Looking to Play with UNIX

With the introduction of Windows 2000, Microsoft hopes to be able to compete on equal footing with the powerful UNIX servers that have traditionally dominated the enterprise computing landscape. And because it packs a host of amenities, Windows 2000 claims to have more than mere performance parity with UNIX going for it.

• 06/01/2000

W ith the introduction of its Windows 2000 operating system, Microsoft hopes to be able to compete on equal footing with the powerful UNIX servers that have traditionally dominated the enterprise computing landscape. And because it packs a host of amenities, including an integrated multiuser application server environment and a new enterprise directory service, Windows 2000 claims to have more than mere performance parity with UNIX going for it.

Of course, once Windows 2000 is actually sharing space with its more seasoned UNIX brethren, it’s going to need the necessary tools to make nice with them. Not surprisingly, says Rob Enderle, Senior Analyst with Giga Information Group, Microsoft is taking interoperability with UNIX systems very seriously.

"It’s a very serious issue for them, basically, because they realize that they gave UNIX its second wind by taking so long to ship Windows 2000 in the first place," Enderle explains. "Now, if Microsoft wants Windows 2000 to be accepted in the enterprise, they’ve got to show that it can coexist with those UNIX and Linux systems."

Surprisingly enough, it actually has a pretty good interoperability story vis-à-vis UNIX and Linux platforms. It’ll need it, says Windows 2000 Group Product Manager Peter Houston, because administrators accustomed to UNIX management tools and services won’t be very receptive to learning the administrative ropes on unfamiliar Windows 2000 systems.

"I believe that, ultimately, a lot more customers will take a look at Windows 2000 if we make it easier for them to deploy it with their existing systems," Houston concedes. "If you ask customers to make big jumps in order to embrace a new technology, they’re less likely to do it, and certainly interoperability lets them do this. If people can use and evaluate Windows 2000 in a NetWare or UNIX environment, then, ultimately, they will pick Windows 2000."

In April, the software giant shipped its Windows 2000 Services for UNIX, a set of tools and utilities that include a Network File System (NFS) client, NFS server and NFS gateway software components. NFS defines a file sharing standard for UNIX systems that was originally developed by Sun and is currently leveraged by most UNIX vendors as a means to share files between systems. Its closest corollary in the Windows world is Microsoft’s own server message block (SMB) protocol, which defines a file-sharing standard among Windows systems.

Moreover, Windows 2000 Services for UNIX facilitates the native integration of several of the more popular UNIX shell environments on Windows 2000 systems. Still further, Windows 2000 Services for UNIX supports at least 60 UNIX commands and utilities, and will also include a Perl implementation.

The kicker in Microsoft’s Windows-2000-to-UNIX interoperability efforts is undoubtedly the software giant’s release of version 2.2 of its Interix platform – a full-blown UNIX operating system that can run in conjunction with Windows 2000 – which provides support for almost 2,000 UNIX APIs and more than 300 UNIX utilities.

The end result, claims Microsoft’s Houston, is that because of Microsoft’s interoperability initiatives, UNIX and Linux administrators should even be able to administer their UNIX systems from Windows 2000.

"If you’re an administrator who understands how to use the shell and these commands on UNIX, then you can go to Windows 2000 and administer the system using these same commands," he concludes.

But Windows 2000 also includes its fair share of interoperability curveballs, especially in the areas of UNIX and Linux integration. Windows 2000’s new Kerberos-based security model, for example, is a proprietary one, differing in no small way from the open Kerberos standard that was originally developed at the Massachusetts Institute of Technology.

"Basically, Microsoft overloaded an application-specific field that is a maximum of 64 KB long with a user profile, which exceeds this maximum," explains Luke Kenneth Casson Leighton, a programmer at Internet Security Service’s export research services, and a member of the Samba development effort. As Leighton tells it, Microsoft could just as easily have implemented its own proprietary protocol without "hijacking" the open Kerberos standard.

"It’s not reasonable at all, they could have used their own proprietary protocol to obtain their own information, and there’s absolutely no technical reason to do what they did," he maintains.

As a result, Leighton points out, standard UNIX and Linux Kerberos clients will not be able to interoperate with Microsoft’s Windows 2000 Kerberos implementation.

And then there’s the question of whether the Samba Team’s Samba client will ever interoperate effectively with Windows 2000 and Active Directory. Samba – an open source SMB implementation that runs on most UNIX and Linux platforms – works right now with Windows 2000 in NT 4.0 backward-compatibility mode, Leighton says, but probably won’t be able to interoperate with Active Directory-enabled Windows 2000 systems for quite some time – if ever.

"If people want Samba to be compatible with an NT 5-only [Active Directory] domain, they’ll have to tell us, because if they don’t start asking for it, we won’t bother," Leighton concludes, noting that NT 4.0 interoperability is foremost on the Samba Team’s list of priorities.

While former UNIX stalwarts, such as HP, have seen their stakes in the UNIX high-end and midrange server markets erode to a great extent, Sun Microsystems has boasted impressive growth in both spaces, enjoying 19.2 percent overall growth in shipments of its Solaris operating system in 1999, according to IDC.

The bottom line, says Giga’s Enderle, is that Sun’s position of defiance vis-à-vis Windows NT/2000 adoption has served to enhance rather than hurt its overall position among UNIX vendors and in the UNIX community as a whole.

"Sun is dominating in the UNIX market, and through its marketing and overall strategy has succeeded in positioning HP as either diluting UNIX or not being fully committed to UNIX because they both also have a Windows NT/2000 strategy," Enderle says.

But as Giga’s Enderle points out, Sun’s anti-Windows posturing creates opportunities for vendors with mixed UNIX and Windows NT strategies, such as HP, which can attempt to out-market Sun by providing "blended" solutions to serve the needs of customers on both the low and high ends of the enterprise spectrum.

"HP has a strategy, as does IBM, as do other players with multiple platforms, to compete against Sun, which has staked a claim as the only UNIX-only provider," Enderle says. "So to compete against Sun, HP and IBM have to offer something that Sun can’t offer, and that is a blended solution. So, whether it’s Linux or the Microsoft Windows products, both can give you the benefits of UNIX at the high end until these products perform at the high end, so their value proposition is a thorough blend."

As part of its mixed UNIX and Windows strategy, HP is slated to release a software product – dubbed the Common Internet File System (CIFS/9000) for HP-UX 11 – that facilitates end-to-end UNIX and Windows system interoperability across intranets and the Internet. HP’s CIFS/9000 is actually a counterpart to Microsoft’s own Common Internet File System (CFS), which is a standard for remote file access that is leveraged in all of Microsoft’s 32-bit Windows platforms.

With CIFS/9000 client and server software in place, both Windows and HP-UX 11 platforms can function as file servers for one another. Additionally, CIFS/9000 solves the authentication barrier that currently exists between the two systems, providing a single-user ID and password for client authentication in UNIX and Windows system environments. HP may make CIFS/9000 available for all UNIX platforms, as well.

One of the traditional knocks against Windows NT has been its lack of a multiuser terminal environment similar to that found on all UNIX platforms. When Microsoft reached an agreement with Citrix in April 1997 for the rights to Citrix’ multiuser-for-Windows NT kernel extensions, it took a significant step toward addressing this shortcoming.

But, it wasn’t until Microsoft incorporated Windows Terminal Services into its vanilla Windows 2000 Server and Windows 2000 Advanced Server products that its next-generation operating systems finally came into their own. With a robust multiuser environment – and a slew of purported reliability and scalability enhancements – integrated under its hood, Microsoft is betting that Windows 2000 could become a potentially popular platform choice for use as an enterprise-wide application server.

Public Host, a Web site and e-mail hosting start-up, is one organization that has deployed Windows 2000 in such a capacity. As Public Host CEO Dave Williams explains, his company – launched unofficially in May 1999 – wanted to build a reliable, scalable hosting environment from scratch. Public Host chose Windows 2000, Williams says, because it believes that Microsoft’s next-generation OS offers the best overall platform for hosting of any ilk.

Windows NT 4.0’s existing domain infrastructure is notoriously complex, and beginning with Windows 2000, Microsoft is shipping its first-generation Active Directory enterprise directory services. In addition to simplifying management in the Windows 2000 world, Active Directory should also open the way for directory-enabled applications that can enhance collaboration among users, and pave the way for advanced, directory-aware e-commerce solutions.

For its part, Active Directory is an advanced, hierarchical directory service that provides the administrative underpinning for Microsoft’s Windows 2000 OS. Active Directory maintains a database of information about the network resources scattered throughout an enterprise, and can manage users, groups, servers, printers and entire networks as objects with distinct or inheritable permissions.