Now Available:

Featured Resource:

line

Realtime Communities

line

Newsletter

Email Address:


line

Monthly Archives

line

RSS

line

Ask the Expert

Have a question for our resident expert? Email your questions to Greg.

« Server 2008 Domain Controllers: What's Most Neat and Cool? Part #1 of 6 | Main | Server 2008 Domain Controllers: What's Most Neat and Cool? Part #3 of 6 »

Server 2008 Domain Controllers: What's Most Neat and Cool? Part #2 of 6

So What Really is New and What's Changed?

The following is excerpted from Chapter 7 of Windows Server 2008: What’s New / What’s Changed, available now from www.sapienpress.com.

Active Directory’s new and changed features align with added security, audit ability, and improved management. From a security standpoint, we gain a wizard that helps prevent accidental deletion of AD objects.

We also get some nifty new backup, restore, and snapshot capabilities that enhance AD’s resiliency. AD backups in Server 2003 (and especially in Windows 2000) have had a few hiccups that made native backup a challenge to use for production domains. With Server 2008, we finally get the backup and restore capabilities that we’ve needed for our critical data.

We also get a brand new manifestation of Domain Controllers called Backup Domain Controllers. Oh, wait a minute. Actually I mean Read-Only Domain Controllers. If you remember Windows NT’s BDC’s that were read-only and downloaded their updates from elsewhere, you’re halfway through your education on this new old feature.

From the standpoint of auditing…

More after the jump.

…AD gets four new subcategories that go very far in helping us understand how it changes over time. These new subcategories also help us do better with compliance auditing, giving auditors a better feeling that we understand who is changing our environment, what they are doing, and when it occurs.

Aligning with new management capabilities are AD’s new DCPROMO wizard, much improved over previous versions’, and the reconfiguration of AD to a restartable service. We’ve already talked a bit about this reconfiguration in Chapter 4 on Group Policy, but here we’ll go into more detail on why this enhances our uptime and makes easier the administration of Domain Controllers.

Lastly, there are a few updated roles that link to Active Directory even if they don’t directly impact it. The first, Active Directory Lightweight Directory Services (AD LDS), is the evolution of what used to be called Active Directory Application Mode (ADAM). AD LDS is essentially a miniature version of our typical AD, but used for storing application credentials. Also is Active Directory Federation Services (AD FS), which is the big brother of what used to be called Microsoft Identity Integration Server (MIIS) and enables extending AD’s authentication functions across network and domain boundaries.

Interested in reading the whole series? Click here for a link to every post in this series.

Tags:              
 Email This!  Digg it!  Sphere it!  Del.icio.us  Reddit!  Newsvine

Posted by Greg Shields on January 4, 2008 12:30 AM |

TrackBack

TrackBack URL for this entry:
http://www.realtime-windowsserver.com/type/mt-tb.cgi/594

Post a comment

(All comments are approved by site leader before appearing here. Thanks for commenting!)

Search

line

Most Active Posts

line

Library Resources

line
line

Recent Posts

line

Categories

line

Greg Shields' Bio:

Greg Shields, is an independent author, instructor, and IT consultant based in Denver, Colorado, and a co-founder of Concentrated Technology. With nearly 15 years of experience in information technology, Greg has developed extensive experience in systems administration, engineering, and architecture specializing in Microsoft systems management, remote application, and virtualization technologies. Greg is a Contributing Editor for Redmond Magazine, MCPmag.com, and Virtualization Review Magazine and is the author of five books, including Windows Server 2008:  What’s New / What’s Changed. Greg is also a highly sought-after instructor and speaker, speaking regularly at conferences like TechMentor Events, and producing computer-based training curriculum for CBT Nuggets.  Greg is a recipient of Microsoft "Most Valuable Professional" award with a specialization in Windows Terminal Services.