MCITP 70-640: New Features in Windows Server 2008 R2 and Service Pack 1

Welcome back to your free Active Directory training course. In this video l will look
at some of the new features in Windows Server 2008, Windows Server 2008 R2 and Service
Pack 1 for Windows Server 2008 R2. In this training series and other free training
series from us you will notice that we commonly refer to Windows Server 2008 even when the
course is designed around windows Server 2008 R2. The reason for this is that if the feature
exists in both operating systems we will simply state Windows Server 2008. If the feature
only exists in R2 or with service pack 1 we will mention this.
All the demonstrations for this course are done in Windows Server 2008 R2. If you are
working with Windows Server 2008 the interface is very simpler if not the same so you should
be able to follow along. The first major feature of Windows Server
2008 over its predecessor is that Windows Server 2008 is very modular. This is done
through the use of roles and features. Both are added through the Server Manager. All
though at times there is an overlap between roles and features think of a role as a major
feature or change added to the operating system. A feature on the other hand is like a smaller
add-on package added to the operating system. Some of these roles and features in Windows
Server 2008 were available in Windows Server 2003 as downloads from Microsoft. In windows
Server 2008 these have been integrated into windows Server 2008 and you no longer need
to download them. The modular nature of Windows Server 2008 makes it very easy to customize
your Server and changed it when your needs change. Let’s start by looking at some of
the new features in Windows Server 2008 following by R2 and finishing with the features that
are in service pack 1. Firstly I will look at the Active Directory
features added with Windows Server 2008. Windows Server 2008 comes with Active Directory certificate
services formally certificate services in Windows Server 2003. Certificates give you
excellent security. With Windows Server 2008 certificates are more tidily bound with Active
Directory making it a lot easier to deploy certificates in your organization.
Next Windows Server 2008 comes with Active Directory Application Mode or Adam. This was
previously an add-on in Windows Server 2003. With Windows Server 2008 it is included. Adam
is a non-operating systems service unlike Active Directory. Adam provides an application
frame work for applications to access data in the Active Directory database.
The next feature of Windows Server 2008 is Active Directory federation services. Federation
services allow users in different organizations to easily share resources with each other.
This is designed for circumstances where the users are not part of your company and may
be a partner or supplier. Federation Services provides the infrastructure for the two organizations
to access to each other resources. All this is done without the need for both organizations
to share Active Directory Infrastructure. When done correctly the supplier or 3rd party
organization should be able to access resources on both networks with a single sign on.
The next feature of Windows Server 2008 is that it comes with Active Directory rights
management. Rights management is software designed to protect your Intellectual property.
For example you could protect an office document from being copied or even printed.
Next Windows Server 2008 supports read only domain controllers. A domain controller is
responsible of authenticating users and allowing them access to the network. A read only domain
controller is used in places where physical security of the domain controller may be a
concern. A read only domain controller can’t make changes and if stolen can easily be removed
from the network without any lost of security. The next feature of Windows Server 2008 is
Active Directory is now restartable. If you have a problem with Active Directory you can
stop and restart it like any other service. Previously you could only do this by rebooting
the server. Active Directory now supports granular password
polices. Previously if you want to have a different password policy, for example you
want to enforce longer passwords for certain users, the only way this could be done was
to have separate domains. Now with Active Directory granular passwords you can create
a completely different set of password policies for different users. With granular password
policies you no longer have to create separate domains in order to have separate password
polices. Active Directory now also supports snap shots
for the database itself. A snapshot allows you to take a record of what the database
looks like at a particular point in time. Once the snap shot is taken you can restore
the database back to what it looked like when the snap shot was taken. Snap shots make recovery
of the Active Directory database a lot easier. That’s it for Active Directory features
in Windows Server 2008, let’s look at some of the non-Active Directory related features
that Windows Server 2008 has. Windows Server 2008 now has self-healing
NTFS file system. If Windows detects a problem with a file on the hard disk a NTFS worker
thread is started to correct the problem. In the old days you sometimes had to reboot
your server and run a low level check disk when the server started up. Hopefully with
a self-healing NTFS rebooting the server to perform a disk check is a thing of the
past. If you are using terminal services you may
have suffered delays for creating new sessions on busy servers. This is because terminal
services could only create one session at a time. If a session was in the process of
being created, the next session had to wait until that session was created. Windows Server
2008 can now start four sessions at once in parallel reducing the wait time users have
to wait to access busy Terminal Servers. Windows Server 2008 now supports clean server
shut down. Previously what would happen is that all the processes on the system would
be given a signal that the server is shutting down. All processes on the system would then
have 20 seconds to shut down. An application that has a lot of data to write to the hard
disk or a printer with a big job currently printing 20 seconds is not enough time.
With Windows Server 2008 the processes on the server are now given as much time as they
need to stop cleanly as long as they are still responsive. If Windows Server 2008 thinks
the process has crashed or hung it will reboot the server regardless. This ensures your services
get time to shut down correctly and a stuck process does not cause the system not to reboot.
The next feature is Server Core. Server Core is a version of Window Server 2008 without
the graphical interface. Not having the graphical interface means that the server has less software
and drivers. This reduces the amount of memory required to run the server and also reduces
the attack surface. The attack surface is defined as the number of ports, services and
software that an attacker could use to compromise a system. More software running is more software
that needs to be patched and has the potential to have a security issues that a hacker may
be able to exploit. Windows Server 2008 comes with a new role
called Hyper-V. Originally Hyper-V was not included with Windows Server 2008 when it
was first released as it was not finished in time. It was later made available as a
download and through windows update. Hyper-V provides a native virtualization solution
to run your virtual machines. The next feature with Windows Server 2008
is Power Shell. This is available as a download for Windows Server 2003 but is included in
Windows Server 2008. Power shell is a command line interface designed to replace the old
MS dos style command line prompt. Power shell is a lot more powerful than the command line
and has better support for interfaces like dot net.
There are more new features in Windows Server 2008 but this covers the major ones. The next
features that I want to look as the new features that are in Windows Server 2008 R2.
The first feature is BranchCache. BranchCache allows files to be cached on a local
network rather than coping them over the wide area network again. BranchCache only works
with Windows 7 clients. The next feature is DirectAccess. Once again
this feature only works when combined with Windows 7 clients. DirectAccess allows users
to connect to the corporate network without having to create a VPN connection. A Direct
Access connection back to the office will be made automatically when the computer is
connected to an internet connection. Windows Server 2008 R2 adds supports for
the Active Directory recycle bin. The Active Directory recycle bin allows you to recover
Active Directory objects after they have been deleted. For example, if you deleted a user
account you could recover the user account and any security attached to this account.
Previously in order to recover deleted objects you would have needed to reboot the server
into safe mode and restore the Active Directory objects.
The next feature you have is starter group polices. Group policy allows you to deploy
settings to computers in your enterprise. Starter group policy allows you to create
a template group policy. If you are deploying a lot of simpler group polices a starter group
policy will save you a lot of time. There are quite a lot of changes in Windows
Server 2008 but this covers the major ones. Next there are the features that service pack
1 adds to Window Server 2008 R2. Service pack 1 contains many improvements
and fixes based on customer feedback. There are over 600 updates and fixes. A lot of these
are available through windows updates but installing one service pack is generally a
lot easier. As well as these updates there are two major features added with Service
pack 1. First there is Dynamic memory a new feature
for Hyper-V. Dynamic memory allows you to set a minimum and maximum memory range for
your virtual machines. Hyper-V will then change this value based on the demand on the system.
For example, if one computer needs more RAM then more RAM will be allocated to that virtual
machine and less to the other. The essential idea behind dynamic memory is
that all the virtual machines on the system will not need the entire RAM in the computer
at once. In some cases, one virtual machine may be put under a lot of loading and needs
additional RAM but any other time it needs very little. When this occurs, RAM from a
pool is allocated to this virtual machine. When done correctly this allows more virtual
machines on the one server without scarifying the performance of the other virtual machines.
Before I starting talk about the next feature, one thing I want to point out that in Windows
Server 2008 R2 terminal services changed its name to remote desktop. Essentially terminal
services and remote desktop are the same thing just consider remote desktop as a newer version
of terminal services. The next new feature is remote FX. Remote
FX allows graphical intense effects like Aero, Windows graphics interface, to use 3d
Hardware on the server rather than on the client. This means that if you connect to
a Terminal Server using old hardware, the Terminal Server would perform all the 3d rendering
on the server and sent the result to the client. This means that your old hardware that is
being used for remote clients that don’t support 3D can start displaying 3D. This
does mean that the 3D load is being moved from the client to the server, however if
you server can handle the load it means that you won’t have to upgrade the hardware on
your clients. That’s it for all the new features in Windows
Server 2008, R2 and services pack 1. Not a complete list but covers all the major changes.
In the next video I will look more in some of the protocols that make Active Directory
work. For more free videos in this series and others, please have a look at our web
page or you tube channel. Thanks for watching.