Server Roles in Windows 2008

Windows Server 2008 is designed around certain roles and features. A role is a primary duty that a server performs. For example, you typically would point at a server and say "that’s my domain controller (DC) and DNS server." A feature is something that helps a server perform its primary duty (Windows Backup, network load balancing). Certain roles are comprised of sub-elements called Role Services, which are distinct units of functionality. For example, within the role of Terminal Services, is the TS Gateway and TS Licensing Role Services (among others). Please note that Server 2008 Web Edition has only the Web Server role. Also note that WINS isn’t a role in Server 2008, it’s a feature.

The Server 2008 roles are as follows:

• Active Directory Certificate Services. Provides the services for creating and managing public key certificates used in most aspects of security today, including HTTP Security (HTTPS), which is vital to many Windows Roles; Wireless network security; VPNs; IPsec; Encrypting File System (EFS); and other software security systems that require encryption or digital signatures.
• Active Directory Domain Services. Previously known as just Active Directory, AD Domain Services stores information about users, computers, and other devices on the network in a security boundary known as a domain. With resources and users being  members of a domain or trusted hierarchy of domains known as a forest, access to company wide information is secure and no burden on the user.
• Active Directory Federation Services (ADFS). Provides Web single-sign-on (SSO) capabilities across separate organizations, allowing authentication across multiple Web applications in various companies using a single user account. ADFS accomplishes this by securely federating, or sharing, user identities and access rights, in the form of digital claims, between partner organizations once a federation trust has been established.
• Active Directory Lightweight Directory Services. Previously known as Active Directory Application Mode (ADAM), Active Directory Lightweight Directory Services provides a directory service that organizations can use to store information specific to an application that is separate from the organization’s main AD. Active Directory Lightweight Directory Services runs as a non-OS service and doesn’t require deployment on a DC, with multiple Active Directory Lightweight Directory Services instances supported on a single server.
• Active Directory Rights Management Services. Provides very granular protection on supported documents via AD RMS-enabled applications to not only protect documents and other digital information but also to control the actions that authorized consumers of the information can do.
• Application Server. Comprises a number of components that are responsible for the deployment and managing of .NET Framework 3.0 applications. These components include the .NET Framework, Web Server (IIS) Support, Message Queuing, COM+ Network Access, TCP Port Sharing, Distributed Transactions and Windows Process Activation Service Support.
• Dynamic Host Configuration Protocol (DHCP) Server. Allows servers to assign or lease IP addresses to computers and other devices that are enabled as DHCP clients on the network.
• DNS Server. DNS is used to resolve host names to IP addresses, both IPv4 and IPv6.
• Fax Server. Sends and receives faxes, and allows you to manage fax resources such as jobs, settings, reports, and fax devices on this computer or on the network.
• File Services. Provides technologies for storage management, which includes control of the types of files stored on a server via file screens and powerful quotas, file replication, distributed namespace management, NFS, and support for UNIX clients.
• Hyper-V. Provides the services that you can use to create and manage virtual machines (VMs) and their resources. Hyper-V will ship within 180 days of the Server 2008 launch, but a beta version is supplied with the 2008 RTM.
• Network Policy and Access Services. Delivers a variety of methods to provide users with local and remote network connectivity, to connect network segments, and to allow network administrators to centrally manage network access and client health policies. With Network Access Services, you can deploy VPN servers, dial-up servers, routers, and 802.11 protected wireless access. You can also deploy RADIUS servers and proxies, and use Connection Manager Administration Kit to create remote access profiles that allow client computers to connect to your network.
• Print Services. Enables the management of print servers and printers. A print server reduces administrative and management workload by centralizing printer management tasks. Also part of Print Services is the Print Management Console, which streamlines the management of all aspects of printer server management including the ability to remotely scan a subnet for printers and automatically create the necessary print queues and shares.
• Terminal Services. Enables users to access Windows-based programs that are installed on a terminal server or to access the Windows desktop from almost any computing device that supports the RDP protocol. Users can connect to a terminal server to run programs and to use network resources on that server. Server 2008 has technologies that allow the RDP traffic necessary for communication with a terminal server from a client to be encapsulated in HTTPS packets, which means all communication is via port 443 so no special holes are required in the firewall for access to terminal servers within an organization from the Internet.
• Universal Description, Discovery, and Integration (UDDI) Services. UDDI Services provides description, discovery, and integration capabilities for sharing information about Web services within an organization’s intranet, between business partners on an extranet, or on the Internet.
• Web Server (IIS). Enables sharing of information on the Internet, intranets, or extranets. It’s a unified Web platform that integrates IIS 7.0, ASP.NET, and Windows Communication Foundation. IIS 7.0 also features enhanced security, simplified diagnostics, and delegated administration.
• Windows Deployment Services (WDS). Used to install and configure Windows OSs that are stored in the Windows Imagine format remotely on computers via Pre-boot Execution Environment (PXE) boot ROMs.