What's in Windows® Server 2008 R2: A Technical Overview
Harold WongSr. IT Pro Evangelistblogs.technet.com/haroldwong
Agenda
Best Practice Analyzers
Active Directory® Improvements
Windows Server 2008 R2 Overview
Power Management Improvements
Group Policy Improvements
Windows PowerShell™ 2.0
File Classification Infrastructure
Remote Desktop Services
Better Together with Windows 7 (DirectAccess and BranchCache)
Technology Investment Areas
Hyper-V™ 2.0 Live migration Remote Desktop
Services
Virtualization
Internet Information Services (IIS) 7.0 and integrated extensions .NET on Server Core
Configuration tracing
Service-oriented architecture
Web
Power management Active Directory Administrative Center Windows PowerShell
2.0 Best Practices
Analyzer
Management
Solid Foundation for Enterprise Workloads
DirectAccess BranchCache™ AppLocker™ Enhanced Group Policies BitLocker™ on removable drives
Better Together with Windows 7
>64 Core support
componentization
Scalability
Best Practices Analyzer
Built into Server Manager BPA is discoverable, easy to use, and provides on-demand
analysis and reporting of actual versus best practice configurations
New Feature in Windows Server 2008 R2 Goal is to reduce troubleshooting by helping proactively
manage servers to best practice configurations
Configurations Covered Active Directory® Certification Services, Active Directory Directory
Services, DNS, Remote Desktop Services, & Web Server (Internet Information Services)
Full Command-Line Support Run from the command-line through Windows
PowerShell, in addition to running from the UI
Best Practices Analyzer Process Community, support people, field teams, and customers provide
feedback, which the product teams use to create BPA models
Best Practices Analyzers
demo
What’s New In Active Directory
Key additions: Active Directory Administrative Center Managed Service Accounts Offline Domain Join Recycle Bin for AD
Other administrative additions: Windows PowerShell cmdlets Best Practices Analyzer Active Directory Web Services Authentication Assurance
DeletedObject
No Recycle Bin Feature
Auth Restore
Delete
LiveObject
Tombstone Object
GarbageCollection
TombstoneLifetime 180 Days
Undelete
Delete
LiveObject
RecycledObject
Deleted ObjectLifetime 180 Days
With Recycle Bin Feature
GarbageCollection
TombstoneLifetime 180 Days
Recycle Bin for AD Object Life Cycle
AD Administrative Center
demo
Clear-EventLog Get-EventLog Limit-EventLog New-EventLog Remove-EventLog Show-EventLog Write-EventLog
Get-Service New-Service Restart-Service Resume-Service Set-Service Start-Service Stop-Service Suspend-Service
Debug-Process Get-Process Start-Process Stop-Process Wait-Service
Windows PowerShell Management
Event Viewer ProcessesServices
Active Directory
Active Directory Rights Management Services
AppLocker Background Intelligent
Transfer Service Best Practices Analyzer Failover clustering
Group Policy Internet Information Services Network load balancing Remote Desktop Services Server Manager Server migration Windows® Diagnostics
Available with Windows Server 2008 R2
Windows PowerShell 2.0
Improves productivity and control Accelerates automation of system admin Easy to use Works with model
Improved Command-Line Shell & Scripting Language
Active Directory
Administration Center Internet Information
Services Power Management One-to-many Remote
Management using WS-MGMT
Integration
Graphical PowerShell Improved security Portability New cmdlets Remote execution capability
New Features
Enhancing Power Management
©2009 Microsoft Corporation. All Rights Reserved.
Core 1 Active
Core 4 InactiveCore 2 Inactive
Core 3 Inactive
Quad Core Processor
Core 3 Active
Core 4 ActiveCore 2 Active
Core Parking
Overview Scheduling processes on a single server for
density as opposed to dispersion This allows “park/sleep” cores by putting them
in deep C states Benefits
Enhances Green IT by reducing CPU power consumption
Group Policy PowerShell
PowerShell Scripting inside GP Extend current reach of GP Script Extension to
include PowerShell for logon/logoff, startup/shutdown scripts
PowerShell cmdlets for GPMC operations Full lifecycle: create, link, configure, rename,
backup, copy, remove Enables interesting new scenarios for
customers PowerShell cmdlets that write and read
registry settings to GPO(s) Values can be written to either Policy or
Preferences Settings can accept more value types
Group Policy Starter GPOs
Easy experience right from the start Starting off point to speed up the creation of
GPOs Embody best practices that map to Microsoft
Security Guide Eight existing:
User and computer case Available for Windows Vista and Windows XP
SP2 Enterprise Client (EC) and Specialized Security
Limited Functionality (SSLF) Ships in-box with Windows 7
Better Targeting
Robust Targeting• 29 Types• Boolean Logic
(and, or, not) collections
Intuitive UI• No need to
learn query languages
ITM Level Targeting • Not GPO level
Classify Data
Automatically apply policies according to classification
Classify Manage Report Extend (Partners)
Windows Server 2008 R2 FCI
File Classification Can Help
Need per-project share
Ensure that business-secret files do not leak out
Back up files with personal information to encrypted store
PersonalInformation Secrecy
Business Needs
IT Complexity
True multiple monitor support
Multimedia support & bi-direction audio
Enhanced bitmap remoting for Flash, PPT, Silverlight® etc.
RemoteApp & desktop connections
RemoteApp, desktop & Web access
RD gateway security improvements
New Key Features in Remote Desktop Services
Hyper-V™ support for virtual desktops
Single discovery, broker & publishing infrastructure
SCVMM support
RDS & VDI – an Integrated Solution
Remote Access Application
Full Fidelity RemoteApp &
Desktops
Platform & Management ImprovementsNew API, connection broker extensibility, Windows Powershell
support, Best Practices Analyzer, full MSI support
NEWIMPROVE
D
Remote Desktop Services and Virtual Desktop Infrastructure
Remote Desktop
Connection Broker
TS-BasedRemote Desktop
Hyper-V-BasedRemote Desktop
Virtual Machine
Management
(SCvirtual machineM)
DirectAccessMore Than Just Remote Access
Always On
Improved productivity
Not user initiated
Simplified connectivity
Manage Out
"Light up" remote clients
Decreases patch miss rates
Applies GPOs to remote machines
Access Policies
Pre-logon health checks and remediation
Replaces modal "connect-time" health checks
Full NAP integration
Protected Transactions
Supports authenticated transactions and encrypted transactions
Authentication and encryption mitigate many attacks
VPNs connect the user to the networkDirectAccess extends the network to the user
Better Together With Windows 7DirectAccess, BranchCache and More…
Agile VPN AppLocker Read-only DFS More efficient client power management Desktop and application virtualization feeds BitLocker encryption on removable drives Remote Workspace, Presentation Virtualization
and Remote Desktop Services Gateway combine for native desktop experience on public Windows 7 computers
Better TogetherWindows Server 2008 R2 & Windows 7
demo
Learn More About Windows Server 2008 R2
Technical Resources
The New Efficiency Virtual Launch Experience www.thenewefficiency.com
Windows Server 2008 R2 evaluation www.microsoft.com/ws08eval
Windows Server TechCenter http://technet.microsoft.com/windowsserver
Get Hands on Training
Training Offers—Exclusive for Launch Attendees www.microsoft.com/learning/careeroffers
Windows Server 2008 Learning Resources www.microsoft.com/windowsserver2008/en/us/learning.aspx
Community Resources
Windows Server Division blog http://blogs.technet.com/windowsserver/
Windows Virtualization Team blog http://blogs.technet.com/virtualization/
Windows Server forums http://social.technet.microsoft.com/Forums/en-US/category/windowsserver
© 2009 Microsoft Corporation. All rights reserved. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the
date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.