Top 10 Changes in Server 2008 R2
There are a number of different changes which were introduced with Windows Server 2008 R2 and this article is intended to review 10 of the most useful changes. Of course, this type of task is subjective and completely dependent on the implementations which are used within the reader’s systems. Because of this fact, in reviewing the changes, those which I believed would be the top ten changes for the average user were selected and presented in no particular order.
In the past, one of the things that seem to happen the most with Active Directory (AD) Domain Services and Lightweight Directory Services was the accidental deletion of AD objects. Now, some level of recovery has been available in both Windows Server 2003 and 2008, they were not options which allowed all of the attributes to be completely restored OR they were options which required bringing the AD server down (to enter Directory Service Restore Mode (DSRM)).
The AD Recycle Bin feature provides a mechanism which allows the complete restoration of the object’s link-values and non-link-valued attributes without having to restore from backup and bringing the AD server offline.
Learn more about the Active Directory Recycle Bin in Server 2008 R2.
The AD Administrative Center provides an additional option to manage AD directory service objects (by extending the abilities of AD Users and Computers). With the Administrative Center, the user is able to perform a number of administrative tasks including:
- Create new user accounts or manage existing user accounts
- Create new groups or manage existing groups
- Create new computer accounts or manage existing computer accounts
- Create new organizational units (OU) and containers or manage existing OU’s
- Connect to multiple domains or domain controllers using the same Administrative Center instance
- Filter AD data by using query-building search
Learn more about AD Administrative Center’s Global Search in Server 2008 R2.
3. AppLocker in Server 2008 R2
The Applocker feature was introduced to replace the functionality of the Software Restriction Policies feature. AppLocker extends the abilities that are available through the Software Restriction Policies feature.
With AppLocker, the user has the ability to define rules based on a number of different file attributes including digital signature, publisher, product name, file name and file version. Keep in mind however, that Applocker rules have an implicit deny at the end which means that all files which are not specified to be allowed to run are not permitted.
Learn more about AppLocker in Windows 7.
4. PowerShell Cmdlets for Group Policy
Windows PowerShell is a command line shell and scripting language which provides the ability for users to automate many of the same functions which are possible through a number of different management consoles. Some additional Cmdlets were included in the R2 distribution that provides the functionality to do a number of these additional tasks for group policy. These tasks include:
- GPO creation, removal, backup and import
- GPO link creation, update and removal
- Configuration of the inheritance flags and permissions of AD OU’s and domains
- The ability to update, retrieve and remove Group Policy registry settings
- Starter GPO creation and update
Learn more about AD PowerShell Scripts in Server 2008 R2.
5. Windows PowerShell in Server 2008 R2
Along with a number of new CmdLets which were included with Windows Server 2008 R2, there are also a number of PowerShell different enhancements. These enhancements include:
- Inclusion of PowerShell 2.0
- The ability to remote manage one or more computers by using a single command and the ability to establish an interactive session with one of more computers
- Introduction of the Windows PowerShell Integrated Scripting Environment (ISE) is a new feature which is provided
- Support for background jobs
- Introduction of the Windows PowerShell debugger
- Support for Windows PowerShell modules that let the user organize the PowerShell scripts and functions into independent, self contained units
- Transaction support
- New event infrastructure that lets the user create events, subscribe to system and application events and then listen, forward and act on these events
- Support for script internationalization
- Addition of online help that enables help options at the command line
Learn more about PowerShell 2.0 in Server 2008 R2.
6. DirectAccess in Server 2008 R2
Server 2008 R2 and Windows 7 Enterprise and Ultimate offer the ability to utilize DirectAccess functionality. DirectAccess offers the ability to connect into an organizational network whenever the client connects to an Internet based computer. DirectAccess also offers the ability to maintain software and policies which can be a big deal when dealing with remote users.
All enterprise destined traffic is authenticated and encrypted and provides the same access control as if the client was physically attached to the local organizational network. Unlike with many VPN options available, DirectAccess was designed to work over a number of different connections including behind existing Network Address Translation (NAT) devices.
7. BranchCache in Server 2008 R2
The BranchCache feature in Server 2008 R2 offers the ability to improve the response time for data residing at a central office and access from a remote branch. It also provides the ability to limit the amount of WAN traffic required as data which is accessed often is cached at the local branch site.
BranchCache works in one of two modes: Distributed and Hosted cache modes: Distributed Cache mode and Hosted Cache mode.
When in Distributed mode, the BranchCache feature simply requires that the site have Windows 7 clients. In this scenario, the cache is held on the first local (at the branch) computer to access it and the other clients access the data from that client’s cache. When in Hosted cache mode, the branch requires a local server that runs Windows 2008 Server R2; this server is used for the local cache and all clients connect to this cache.
8. RemoteApp and Desktop Connection in Server 2008 R2
The ability to use the RemoteApp feature was introduced in Windows Server 2008 through Terminal Services. With Windows Server 2008 R2, RemoteApp and Desktop Connection were introduced that offer the ability to configure a personalized view of RemoteApp programs, session-based desktops and virtual desktops to users.
RemoteApp programs which are configured on the client computer (Windows 7) show up under the Start menu with their normal programs. If connected, the client will have a notification area icon which can be used to identify this connection to disconnect if not being used.
Learn more about Remote Desktop Services in Server 2008 R2.
9. Web Server Role in Server 2008 R2
Internet Information Services (IIS) version 7.5 – IIS 7.5 is the foundation of the web server role running on Windows Server 2008 R2. This new version of IIS offers a number of new features including:
- WebDAV, FTP, Request Filtering and Administration Pack Module integrated extensions
- Best Practices Analyzer
- Windows PowerShell Provider and cmdlets
- Configuration logging and tracing
Learn more about the new features and configuration in IIS 7.5.
10. Windows Deployment in Server 2008 R2
There are a number of changes to Windows deployment which are available for Windows Server 2008 R2 and Windows 7, these include new versions of the Windows Automated Installation Kit (AIK) and Microsoft Deployment Toolkit (MDT).
The Windows Deployment Services role, which was introduced in Windows Server 2008, has also been enhanced to include support for multicast and driver-provisioning functionality; it also provides the ability to deploy Virtual Hard Disk (VHD) images by using unattended installation.
Coming Soon: Keep an eye out for additional how-to articles and tutorials on Windows Deployment in Server 2008 R2 and Windows 7.
More on Server 2008 R2
As with any new product, there are some features which will be very useful in day-to-day operations and other ones which will help only on occasion. The new functionalities that are provided by Windows Server 2008 R2 should give the user an even better platform to increase product supportability and decrease the required support time.
Here are a few additional articles on Server 2008 R2 that you might find useful: