Small Business Server
I installed Small Business Server 2003 for a customer last week. SBS is really starting to mature into a nice product and you can't beat the price especially if you get it bundled with a Dell server.
Application Security
I've been reading Craig McMurtry's series on Application Security. It is interesting stuff, especially the use of ADAM as repository for application security information. I certainly can understand why you would want to store user information in a central repository, but I am still struggling with the idea of storing all of the authorization information outside of the application database. What happens in a multi-database scenario? A user may have access rights to certain information in a database for one company, but not in the database for another company. Also, by moving the roles and role assignments out of the database, when I back up the database, I don't back up that information.
Adding to the Active Directory Schema
As I understand it, to add to the Active Directory Schema you need an OID assigned. For fellow Canadians thinking of doing this you can go here http://www.pwgsc.gc.ca/cosira and register. It took about a week to get an OID assigned and it didn't cost a penny!