Looks like old MS has found a whole host of things wrong with Windows Server 2003, but then you all just knew they would, didn't you? As always, security is top of the list where blunder after blunder has been uncovered and lovingly documented for crackers everywhere to create exploits from before they are patched. And the pattern of locking the Server down by default rather than leaving such tasks up to System Admins seems to be continuing, with even more restrictive security models in the pipeline:

"Microsoft is working on a set of security upgrades for Windows Server 2003 that executives said will deliver on the company's promise to make its products more secure by default and give enterprises more options for locking down servers."

The idea, I believe, is to make it possible for a System Admin to designate a Server as having a "role" - web server, DNS server, Mail server, etc, and have the OS automatically block off anything unwanted.

"For example, if an administrator is setting up a Windows Server 2003 machine as a mail server, the system could automatically close port 80 and turn off IIS (Internet Information Services) to deny Web traffic and open port 25 to SMTP connections. "

Doesn't sound that smart to me!

More here and here. Oh, and here.