What's in Windows® Server 2008 R2: A Technical Overview

Harold WongSr. IT Pro Evangelistblogs.technet.com/haroldwong

Agenda

Best Practice Analyzers

Active Directory® Improvements

Windows Server 2008 R2 Overview

Power Management Improvements

Group Policy Improvements

Windows PowerShell™ 2.0

File Classification Infrastructure

Remote Desktop Services

Better Together with Windows 7 (DirectAccess and BranchCache)

Technology Investment Areas

Hyper-V™ 2.0 Live migration Remote Desktop

Services

Virtualization

Internet Information Services (IIS) 7.0 and integrated extensions .NET on Server Core

Configuration tracing

Service-oriented architecture

Web

Power management Active Directory Administrative Center Windows PowerShell

2.0 Best Practices

Analyzer

Management

Solid Foundation for Enterprise Workloads

DirectAccess BranchCache™ AppLocker™ Enhanced Group Policies BitLocker™ on removable drives

Better Together with Windows 7

>64 Core support

componentization

Scalability

Best Practices Analyzer

Built into Server Manager BPA is discoverable, easy to use, and provides on-demand

analysis and reporting of actual versus best practice configurations

New Feature in Windows Server 2008 R2 Goal is to reduce troubleshooting by helping proactively

manage servers to best practice configurations

Configurations Covered Active Directory® Certification Services, Active Directory Directory

Services, DNS, Remote Desktop Services, & Web Server (Internet Information Services)

Full Command-Line Support Run from the command-line through Windows

PowerShell, in addition to running from the UI

Best Practices Analyzer Process Community, support people, field teams, and customers provide

feedback, which the product teams use to create BPA models

Best Practices Analyzers

demo

What’s New In Active Directory

Key additions: Active Directory Administrative Center Managed Service Accounts Offline Domain Join Recycle Bin for AD

Other administrative additions: Windows PowerShell cmdlets Best Practices Analyzer Active Directory Web Services Authentication Assurance

DeletedObject

No Recycle Bin Feature

Auth Restore

Delete

LiveObject

Tombstone Object

GarbageCollection

TombstoneLifetime 180 Days

Undelete

Delete

LiveObject

RecycledObject

Deleted ObjectLifetime 180 Days

With Recycle Bin Feature

GarbageCollection

TombstoneLifetime 180 Days

Recycle Bin for AD Object Life Cycle

AD Administrative Center

demo

Clear-EventLog Get-EventLog Limit-EventLog New-EventLog Remove-EventLog Show-EventLog Write-EventLog

Get-Service New-Service Restart-Service Resume-Service Set-Service Start-Service Stop-Service Suspend-Service

Debug-Process Get-Process Start-Process Stop-Process Wait-Service

Windows PowerShell Management

Event Viewer ProcessesServices

Active Directory

Active Directory Rights Management Services

AppLocker Background Intelligent

Transfer Service Best Practices Analyzer Failover clustering

Group Policy Internet Information Services Network load balancing Remote Desktop Services Server Manager Server migration Windows® Diagnostics

Available with Windows Server 2008 R2

Windows PowerShell 2.0

Improves productivity and control Accelerates automation of system admin Easy to use Works with model

Improved Command-Line Shell & Scripting Language

Active Directory

Administration Center Internet Information

Services Power Management One-to-many Remote

Management using WS-MGMT

Integration

Graphical PowerShell Improved security Portability New cmdlets Remote execution capability

New Features

Enhancing Power Management

©2009 Microsoft Corporation. All Rights Reserved.

Core 1 Active

Core 4 InactiveCore 2 Inactive

Core 3 Inactive

Quad Core Processor

Core 3 Active

Core 4 ActiveCore 2 Active

Core Parking

Overview Scheduling processes on a single server for

density as opposed to dispersion This allows “park/sleep” cores by putting them

in deep C states Benefits

Enhances Green IT by reducing CPU power consumption

Group Policy PowerShell

PowerShell Scripting inside GP Extend current reach of GP Script Extension to

include PowerShell for logon/logoff, startup/shutdown scripts

PowerShell cmdlets for GPMC operations Full lifecycle: create, link, configure, rename,

backup, copy, remove Enables interesting new scenarios for

customers PowerShell cmdlets that write and read

registry settings to GPO(s) Values can be written to either Policy or

Preferences Settings can accept more value types

Group Policy Starter GPOs

Easy experience right from the start Starting off point to speed up the creation of

GPOs Embody best practices that map to Microsoft

Security Guide Eight existing:

User and computer case Available for Windows Vista and Windows XP

SP2 Enterprise Client (EC) and Specialized Security

Limited Functionality (SSLF) Ships in-box with Windows 7

Better Targeting

Robust Targeting• 29 Types• Boolean Logic

(and, or, not) collections

Intuitive UI• No need to

learn query languages

ITM Level Targeting • Not GPO level

Classify Data

Automatically apply policies according to classification

Classify Manage Report Extend (Partners)

Windows Server 2008 R2 FCI

File Classification Can Help

Need per-project share

Ensure that business-secret files do not leak out

Back up files with personal information to encrypted store

PersonalInformation Secrecy

Business Needs

IT Complexity

True multiple monitor support

Multimedia support & bi-direction audio

Enhanced bitmap remoting for Flash, PPT, Silverlight® etc.

RemoteApp & desktop connections

RemoteApp, desktop & Web access

RD gateway security improvements

New Key Features in Remote Desktop Services

Hyper-V™ support for virtual desktops

Single discovery, broker & publishing infrastructure

SCVMM support

RDS & VDI – an Integrated Solution

Remote Access Application

Full Fidelity RemoteApp &

Desktops

Platform & Management ImprovementsNew API, connection broker extensibility, Windows Powershell

support, Best Practices Analyzer, full MSI support

NEWIMPROVE

D

Remote Desktop Services and Virtual Desktop Infrastructure

Remote Desktop

Connection Broker

TS-BasedRemote Desktop

Hyper-V-BasedRemote Desktop

Virtual Machine

Management

(SCvirtual machineM)

DirectAccessMore Than Just Remote Access

Always On

Improved productivity

Not user initiated

Simplified connectivity

Manage Out

"Light up" remote clients

Decreases patch miss rates

Applies GPOs to remote machines

Access Policies

Pre-logon health checks and remediation

Replaces modal "connect-time" health checks

Full NAP integration

Protected Transactions

Supports authenticated transactions and encrypted transactions

Authentication and encryption mitigate many attacks

VPNs connect the user to the networkDirectAccess extends the network to the user

Better Together With Windows 7DirectAccess, BranchCache and More…

Agile VPN AppLocker Read-only DFS More efficient client power management Desktop and application virtualization feeds BitLocker encryption on removable drives Remote Workspace, Presentation Virtualization

and Remote Desktop Services Gateway combine for native desktop experience on public Windows 7 computers

Better TogetherWindows Server 2008 R2 & Windows 7

demo

Learn More About Windows Server 2008 R2

Technical Resources

The New Efficiency Virtual Launch Experience www.thenewefficiency.com

Windows Server 2008 R2 evaluation www.microsoft.com/ws08eval

Windows Server TechCenter http://technet.microsoft.com/windowsserver

Get Hands on Training

Training Offers—Exclusive for Launch Attendees www.microsoft.com/learning/careeroffers

Windows Server 2008 Learning Resources www.microsoft.com/windowsserver2008/en/us/learning.aspx

Community Resources

Windows Server Division blog http://blogs.technet.com/windowsserver/

Windows Virtualization Team blog http://blogs.technet.com/virtualization/

Windows Server forums http://social.technet.microsoft.com/Forums/en-US/category/windowsserver

© 2009 Microsoft Corporation. All rights reserved. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the

date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.