I like 2003 for the most part. It is fast, has better defined roles a nicer group policy editor interface and the impending enhanced access controls as far as what can be printed and emailed are very good. (I can't think of a system in the last 10 years or under $50,000 to support this.)

However, it is not more secure than Win2k, at this time no additional security functionality has been added and it is expected that the assurances have remained the same (time will tell as I don't feel like doing an ISO15408 audit myself) the secure by default really bothers me though. This is one of the worst things any discretionary system can do.

Why is default security bad you ask? because it is far simpler to calculate adding security (you'll notice functionality missing) than it is removing it (which may have unseen consequences of things being unlocked) but MS is trying to pander to lazy people with virtually no knowledge or resources for security (not unlike an OpenBSD mailing list.)

catch

PS. I love IIS6, good stuff all around. ideally I'd run IIS6 on my Win2k system.