In the previous version of the system, the developers removed the Start button located in the lower left corner. In the current version, this quick access to applications has been returned to its place. And those who don’t want to waste time hovering and clicking can simply press the Windows button on the left of their keyboard.
Also new is the ability to quickly switch between the graphical interface and the command line (Server-Core).
As SQLandME reports, the Active Directory has been changed
The ability to clone domain controllers. In this system, developers have rewarded system administrators with the ability to clone an existing domain controller to speed up the deployment process. When using the domain controller interface, it is possible to raise a single virtual domain controller. After that, additional virtual domain controllers can be deployed in the same domain.
Cloning will reduce the number of repetitive operations in the deployment process. It will also be possible to deploy additional domain controllers configured and authorized using Active-Directory. This can be achieved by creating a copy of the virtual domain controller, while authorizing the original controller and running the existing PowerShell cmdlets. All these operations will lead to the creation of a configuration file containing promotion instructions, DNS, IP address and other parameters.
Improved fine-grained password policy
The Active-Directory service in this version of Windows has many features, including the function of protecting and maintaining the password database. Prior to Windows 2008, the password policy was the same for all organizational units. Thus, the creation of passwords for IT personnel was subject to the same rules as for administrative personnel. But everything changed in Windows-2008 R2, as well as in the current version of the server OS. Now, thanks to fine-grained password policies, system managers have their own information protection policies, and salespeople, accounting and other departments have their own.
The appearance of the recycle bin in Active-Directory
The emergence of this innovation will avoid such an incident as the erroneous deletion of the database of accounts and passwords of all domain users. Now, before deleting, all information goes into a separate disk space called the recycle bin, and the system engineer will receive a message confirming the deletion of the data. If he did it by mistake, then there is the possibility of restoring all the information.
The emergence of PowerShell and the Active-Directory Administration Center
PowerShell is a command line with a lot of features. The appearance of additional commands (cmdlets) allows the user to quickly complete a sequence of operations for system administration by entering just a few characters.
The emergence of Active Directory Rights Management Services
In any company, there are many documents with the highest degree of secrecy. For example, the file of the report on the number of employees of the organization, including their salaries, should not be seen by everyone, but only the CEO and CFO and other executives. To make a limited number of people access to this kind of information, there is an Active-Directory rights management service, with which a file can be encrypted or authenticated.
Note that before the release of Windows-2012, this service could be installed only by users with local administration privileges on a computer with a hosted SQL server database and ql server openrowset. The reason for this was the need to read the SQL server settings from the registry.
The advent of the Active-Directory certificate service
Thanks to the Active-Directory certificate service, it became possible to bind the identity of devices, users, services to a secret key. Note that only AD-CS supported applications can access the enhanced security.
The following are the features and services that are new in Windows 2012 R2
So, the opportunity arose:
- Integration with the server dispatcher;
- Server management and deployment via Windows-PowerSell;
- Launching the AD-CS role in Server-Core version;
- For computers not connected to the domain, the ability to automatically renew certificates has been added;
- Certificates with the same key are forcibly renewed;
- Support for international domain names.