Windows Server 2012 or “Cloud OS” as Microsoft sometimes refers to it, and “W12” as I will call it for short – is the result of the deepest and broadest developer effort in the history of Microsoft server products: 10,000 engineers working for four years. Comments from testers and early adopters have included “jaw-dropping”, “game-changing” and “the competitors better watch out”.
In this article we will briefly review the New Features and Refreshed Features included in Microsoft’s next-generation operating system.
New Features
GUI for Recycle Bin Microsoft introduced the Active Directory Recycle Bin in Windows Server 2008 R2, but it was limited by its Windows PowerShell-only exposure. This time it gets a GUI.
UI for Fine-Grained Password Policies Also gaining a GUI are fine-grained password policies.
Dynamic Access Control (DAC) Windows Server 2008 R2 brought the File Classification Infrastructure (FCI). This version’s DAC adds far greater functionality to the (optional) second layer of FCI resource authorization.
Windows PowerShell History Viewer You see the Windows PowerShell commands that correspond to actions you perform in the Active Directory Administrative Center UI.
Windows PowerShell Cmdlets for Active Directory Replication and Topology More cmdlets — enough said.
Active Directory-Based Activation (ADBA) The good: ADBA eliminates the need for a Key Management Service server. The bad: Only forthcoming Windows 8 computers can leverage ADBA. Seriously, Microsoft?
Flexible Authentication Secure Tunneling (FAST) The nickname for FAST is “Kerberos armoring,” if that tells you anything. It isn’t enabled by default and requires clients that support it. Think you’ll be using it anytime soon?
Refreshed Features
Virtual Snapshot and Cloning Support Active Directory and hypervisor snapshots didn’t mix before. Now they do, if your hypervisor supports VM Generation ID.
ADPREP Integrated into DC Promotion Can’t recall the proper steps to promote a member server to a DC? No worries, it’s in there.
Active Directory Federation Services (ADFS) Now In-Box Adding ADFS no longer requires a separate installation. ADFS also gains multiple improvements. Watch this space, because you’ll be seeing and using more ADFS in the years to come.
Domain Join via DirectAccess One word: Nifty! Nine words: Computers can now be domain-joined over the Internet. You’ll need DirectAccess first. Trust me: You’ll want it.
Kerberos Constrained Delegation (KCD) Across Domains Another of those capabilities you’ve probably never used, but probably will in the future. KCD was first introduced in Windows Server 2003. Now it can span domains.
Group Managed Service Accounts (GMSAs) MSAs in Windows Server 2008 R2 made administering service accounts easier. GMSAs in this version extend their support to clustered and load-balanced services.
While individually these new features might not seem like a lot, as a group they’re a good reason to step up your Active Directory to Windows Server 2012 as soon as you can.