This list highlights the differences between Windows XP and Windows Server 2003. I composed this note a very long time ago in my OneNote while I was studying for my MCSE exams, 70-290 and 70-270. This list is no longer practically useful as time has caught up with both Windows XP and Windows Server 2003. However, this note is a memento of a certain period of time in which I studied hard for my success. I do not want to throw away this memento. Hence I’m archiving it here for probable future references.
Differences between Windows XP and Windows Server 2003
The fundamental difference: Windows XP is Windows XP and Windows Server 2003 is Windows Server 2003! Do not underestimate this difference: Some Windows XP programs which check for Windows version may refuse to run on Windows Server 2003. In addition, some programs which are designed for Windows Server 2003 may refuse to run on Windows XP.
Server security configuration
Server computers running Windows Server 2003 usually run 24/7 all the year, mostly unattended. Therefore, the default security configuration of Windows Server 2003 matches with this trend as follows:
- Internet Explorer Enhanced Security Configuration: This is an exclusive feature of Windows Server 2003 and is enabled by default. Enhanced Security further tightens security in Internet Explorer. Amongst changes to the security, Enhanced Security Configuration enforces security level of “High” for “Internet Zone”.
- Shutdown Event Tracker: This feature challenges any shutdown attempt by asking the user for a full descriptive reason as to why he or she is shutting down. By default, it is enabled in Windows Server 2003 and disabled in Windows XP.
- Shutdown restriction: In Windows Server 2003, a shutdown order can only be issued by a user logged on with Administrative privileges. In Windows XP, it is even possible to shutdown from the logon screen without even logging in. Note that computers running Windows XP are meant to run applications and provide most of their functionalities when a users logs onto them. However, Windows Server 2003 is meant to run services, which may run independent from a user console and have their own logon mechanism. Therefore, a Windows Server 2003 computer is perhaps most productive when it is running without a user having logged on into its console. A user session consumes resources after all.
- Error Reporting Queue Mode: This is an exclusive feature of Windows Server 2003 and causes Windows to postpone Error Reporting prompts until next logon. Crashed applications silently exit and users never know why. This feature is enabled by default.
- CTRL+ALT+DELETE Requirement upon logon: This feature prompts all users who want to log on to press CTRL+ALT+DELETE before entering their username and password. Since only Windows can catch that sequence of keys, no malware can duplicate a counterfeit logon prompt. By default, it is enabled in Windows Server 2003 and disabled in Windows XP.
- Drive automounting: Windows Server 2003 Enterprise or Datacenter editions, by default, do not automatically assign a drive letter to newly installed fixed disks while Windows XP and other editions of Windows Server 2003 do. The rationale for this behavior is SAN support in Windows Server 2003 Enterprise edition and Datacenter edition. Drive automount behavior in these editions of Windows can be modified using DISKPART.EXE command-line utility.
- No-Execute (NX) and Data Execution Prevention (DEP): This feature protects the operating system from buffer overrun attacks by terminating the offending applications and services. In Opt-In mode, only applications and service whose benevolent and wise developer marked them as compatible can opt in to be protected by this feature. Nearly all of Microsoft and Adobe products are marked as compatible. In Opt-Out mode however, all programs and services are monitored by this feature unless an administrator explicitly opt them out and exclude them from DEP monitoring. DEP is by default in Opt-In mode in Windows XP but in Opt-Out mode in Windows Server 2003.
- Memory Dump: The name of this feature describes it best: It dumps the contents of system memory into a file . Windows uses this feature after a Stop Error (A.K.A Critical Error, Critical System Failure, Blue Screen of Death, etc.) for further troubleshoot assistance. By default, Windows Server 2003 performs a Complete Memory Dump after each Stop Error while Windows XP only performs a Small Memory Dump. Security resources never fail to mention that an expert intruder will always be able to gain highly valuable and critical information from a Complete Memory Dump, if it happen to fall into wrong hands. However, be aware that a Complete Memory Dump is at least as large as the system memory plus one megabytes and is saved in Windows folder. Therefore, intruders are going to have a tough job accessing it. By the time they reach it, they have full control of the server and thus memory dump is of no use anymore. In addition, they are going to have a tougher job transporting it over the network, especially when the server has more than 4GBs of memory.
Servers often run unattended but may become extremely busy, attending to incoming requests and serving network demands. Windows Server 2003 default settings combine well with this trend as follows:
- Manage Your Server logon window: Manage Your Server is an exclusive component of Windows Server 2003 that provides access to a collection of Windows Server features all in one place. In Windows Server 2003, Manage Your Server dialog box appears at every log on of an Administrator until he wishes otherwise.
- Processor Scheduling: Windows Server 2003 is configured to spends more time on Background Services. In contrast, Windows XP is configured to allocate most of CPU’s time on Programs.
- Memory usage: Unlike Windows XP, Windows Server 2003 allocates more memory to System Cache than to running Programs.
- Windows Update: (I forgot what it was but there is definitely a different.)
- Firewall: In Windows Server 2003, Windows Firewall is disabled by default, as the servers are (actually, were) usually protected by dedicated firewalls like Microsoft ISA Server at gateways. In Windows XP with Service Pack 2, Windows Firewall is enabled by default. Note that with Windows Firewall disabled, simple Internet Connection Sharing also doesn’t work.
- Start Menu items: Windows Server 2003 configures default Start Menu differently to bring the administrators up to speed. For example, Control Panel is displayed as a menu.
- Windows Media Player 11: Windows Server 2003 SP2 is equipped with Windows Media Player 10. However, Windows Media Player 11 cannot be installed on Windows Server 2003. Note that Windows XP x64 Edition is in fact an edition of Windows Server 2003 and therefore Windows Media Player 11 cannot be installed on it. [Update: Recently, Microsoft has released a version of Windows Media Player 11 for Windows XP x64 edition.)
- Windows Messenger: The vaunted Windows Messenger is not included with Windows Server 2003. You are spared the trouble of uninstalling or deactivating it.
Windows Server 2003 comes with many of its services disabled in order to improve performance and reduce attack surface. After all, it is common to have server boxes without any Monitor, Mouse or Keyboard, let alone CD-Writers, Scanners, Webcams, Speakers, Headphones, etc. The following reflects this trend:
- Visual styles and Themes: Windows Server 2003 uses classic visual styles by default and Themes service is disabled. To apply the sleek look of Windows XP visual styles in Windows Server 2003, start Themes service. In Windows XP, Themes service is set to Automatic to ensure that is started at each startup.
- CD-Burning: IMAPI CD-Burning COM Service allows Windows and 3rd Party applications to burn CDs. By default, it disabled in Windows Server 2003. In Windows XP, it is set to Manual, so it may start on demand.
- Windows Image Acquisition (WIA): WIA allows scanners and digital cameras to interface with Windows. Windows Server 2003 comes with Windows Image Acquisition (WIA) service disabled. On Windows XP, this service is set to manual and will start as soon as an appropriate device is connected. Installation of certain device drivers put this service into Automatic mode, both in Windows XP and Windows Server 2003.
- Multimedia support and DirectX acceleration: In Windows Server 2003, DirectDraw and Direct3D are disabled by default. In addition, Windows does not use Hardware Acceleration for Video subsystem. One must use DXDIAG.EXE to enable DirectDraw and Direct3D as Display applet in Control Panel does not do it wholesomely. Only then, Display applet in control panel (Advanced Setting) can be employed to increase Hardware Acceleration level to Full.
- Windows Firewall/Internet Connection Sharing: This service, which regulates both Windows Firewall and Internet Connection sharing features, is, by default, disabled in Windows Server 2003 and enabled on Windows XP. This service is excluded from certain editions of Windows Server 2003.
- Windows Audio: According to Microsoft Threats and Countermeasures Guide, updated at 27 December 2005, this service is “configured to start automatically on computers that run Windows XP and Windows Server 2003, Standard Edition. The service is disabled on other Windows Server 2003 editions.” However, some audio drivers may enable this service upon installation.
Device driver support
The focus of Windows Server 2003 driver base is to support the devices which are attached to servers while the focus of Windows XP driver base is to support the devices which are attached to workstations and home computers. Therefore there is no guarantee that a device which Windows XP natively supports is not alien to Windows Server 2003… or vice versa.
The following components are not included in Windows Server 2003:
- System Restore
- Simple File Sharing
- Fast User Switching service
- User Accounts applet in Control Panel
- Welcome Screen
- Security Center
- Classic games
- 3-D arcade pinball game
- User Account 48×48 Icons/Pictures
- Some minor shell services
The following features are exclusively included with Windows Server 2003 but note that the list is incomplete. The full list fills books.
- Windows Server kernel
- Active Directory
- Full-featured edition of Microsoft Internet Information Services (IIS) 6.0
- Full edition of Microsoft Terminal Services
- DNS Server services
- DHCP Server services
- WINS services
- Routing and remote access services
- Full version of Dynamic Volume support and NTFS file system
- Full version of File and Printer Sharing services
- Full version of Microsoft networking stack including IPv6, SMB, TCP/IP, 802.1x and Kerberos
- Microsoft Windows Media Services
- Windows SharePoint Services (not to be mistaken with Microsoft Office SharePoint Services)
- Microsoft Storage Services including Distributed File System
- Microsoft Certificate Services
- Windows Desktop Deployment Services (formerly Remote Installation Services)
- Clustering services
- Licensing services
- Shadow Copy technologies and services