Chapter 1: Windows Server 2008 R2 Technology Primer

1 2 3 4 5 6 7 8 9 Page 2
Page 2 of 9
  • Active Directory Recycle Bin—The AD Recycle Bin provides administrators an easy way to undelete objects in Active Directory. In the past, when an administrator inadvertently deleted an Active Directory object like a user, group, organizational unit container, or the like, the object was effectively gone and the administrator would have to create the object from scratch, which would create a whole new series of security principles for the new/unique object. The AD Recycle Bin now enables an administrator to simply run the recovery tool and undelete objects.

  • Managed Service Accounts—Applications in a network frequently use service accounts associated with the security to start a database, conduct data searches and indexing, or launch background tasks. However, when an organization changes the password of a service account, all servers with applications using the service account need to be updated with the new password, which is an administration nightmare. With Active Directory 2008 R2 mode, service accounts can be identified and then managed so that a password change to a service account will initiate a process of updating the service account changes to application servers throughout the organization.

  • Authentication Mechanism Assurance—Another Active Directory 2008 R2 feature is the enhancement of claims-based authentication in Active Directory. With authentication mechanism assurance, information in a token can be extracted whenever a user attempts to access a claims-aware application to determine authorization based on the user’s logon method. This extension will be leveraged by future applications to improve claims-based authentication in the enterprise.

  • Offline Domain Join—For desktop administrators who create system images, the challenge of creating images is that a system needs to be physically connected to the network before the system can be joined to the domain. With Offline Domain Join, a system can be prejoined with a file created with a unique system credential written to a file. When a Windows 7 client system or Windows Server 2008 R2 server system needs to be joined, rather than physically connecting the system to the network and joining the system to the domain, this exported file can be used offline to join the system to the Active Directory domain.

When Is the Right Time to Migrate?

When Windows Server 2008 R2 first shipped in the summer of 2009, many organizations wondered about the right time to migrate to the new operating system. It used to be that you waited until the first service pack shipped before installing any Microsoft product; however, Windows Server 2008 R2 is effectively an update to Windows Server 2008 that is post–Service Pack 2. And early adopter beta participants found Windows Server 2008 R2 (and Windows 7) to be extremely stable and reliable and, thus, began implementation of the operating systems in production environments six+ months before the operating systems were released. So, the decision of when to implement Windows Server 2008 R2 comes down to the same decision on migration to any new technology—identify the value received by implementing Windows Server 2008 R2, test the solution in a limited environment, and roll out Windows Server 2008 R2 when you are comfortable that the product meets the needs of your organization.

This introductory chapter notes the many features and functions built in to Windows Server 2008 R2 that have helped other organizations make the decision that Windows Server 2008 R2 has significant value to plan a migration and new server implementation. Improvements in security, performance, and manageability provide benefits to organizations looking to minimize administration costs, while providing more functionality to users.

The cost and effort to migrate to Windows Server 2008 R2 vary based on the current state of an organization’s networking environment, as well as the Windows Server 2008 R2 features and functions the organization wants to implement. Some organizations begin their migration process to Windows Server 2008 R2 by adding a Windows Server 2008 R2 member server into an existing Windows 2000/2003/2008 network. Others choose to migrate their Active Directory to Windows Server 2008 R2 as their introduction to the new operating system.

Adding a Windows Server 2008 R2 System to a Windows 2003/2008 Environment

Many organizations want to add in a specific Windows Server 2008 R2 function such as Windows Server 2008 R2 Remote Desktop Services (previously called Terminal Services), Hyper-V R2 virtualization, DirectAccess, or BranchCache. Such functions can be installed on Windows Server 2008 R2 member servers in an existing Active Directory 2003 networking environment. This allows an organization to get Windows Server 2008 R2 application capabilities fairly quickly and easily without having to do a full migration to Active Directory 2008 R2. In many cases, a Windows Server 2008 R2 member server can simply be added to an existing network without ever affecting the existing network. This addition provides extremely low network impact but enables an organization to prototype and test the new technology, pilot it for a handful of users, and slowly roll out the technology to the client base as part of a regular system replacement or upgrade process.

Some organizations have replaced all their member servers with Windows Server 2008 R2 systems over a period of weeks or months as a preparatory step to eventually migrate to a Windows Server 2008 R2 Active Directory structure.

Migrating from Windows 2003 and Windows 2008 Active Directory to Windows Server 2008 R2 Active Directory

For organizations that already have a Windows 2003 or Windows 2008 Active Directory environment, migrating to Windows Server 2008 R2 for Active Directory functionality can provide access to several additional capabilities that require a Windows network to be running on Windows Server 2008 R2. Some of the Windows Server 2008 R2 technologies that require implementation of the Windows Server 2008 R2 Active Directory include Active Directory Recycle Bin, Managed Service Accounts, PowerShell Administration, and Offline Domain Join capabilities as the most popular solutions.

Fortunately, organizations that already have Windows 2003 or 2008 Active Directory in place have completed the hard part of the Active Directory implementation process. Effectively, Windows Server 2008 R2 uses the same Active Directory organizational structure that was created with Windows 2003 or 2008, so forests, domain trees, domains, organizational units, sites, groups, and users all transfer directly into Windows Server 2008 R2 Active Directory. If the organizational structure in Windows 2003 or 2008 meets the needs of the organization, the migration to Windows Server 2008 R2 is predominantly just the insertion of a Windows Server 2008 R2 global catalog server into the existing Windows 2003 or 2008 Active Directory domain to perform a global catalog update to Windows Server 2008 R2 Active Directory.

Of course, planning, system backup, and prototype testing—covered in Chapter 16, “Migrating from Windows 2003/2008 to Windows Server 2008 R2”—help minimize migration risks and errors and lead to a more successful migration process. However, the migration process from Windows 2003 and Windows Server 2008 to Windows Server 2008 R2 is a relatively easy migration path for organizations to follow.

Versions of Windows Server 2008 R2

Windows Server 2008 R2 comes in the same release versions as the more recent server version releases from Microsoft with the addition of a Server Core version that provides a lighter GUI-less version of Windows Server 2008 R2. The main versions of Windows Server 2008 R2 include Windows Server 2008 R2, Standard Edition; Windows Server 2008 R2, Enterprise Edition; Windows Server 2008 R2, Datacenter Edition; Windows Web Server 2008 R2; and Windows Server 2008 R2 Server Core.

Windows Server 2008 R2, Standard Edition

The Windows Server 2008 R2, Standard Edition is the most common server version of the operating system. Unlike previous versions of Windows Server where basic functions and scalability for memory and processor support was limited to only the Enterprise or Datacenter Editions of the operating system, Windows Server 2008 R2, Standard Edition is now the default version deployed by organizations.

A basic Windows Server 2008 R2 x64-bit Standard Edition system supports up to four x64 professor sockets and 32GB of memory and supports all of the server roles available in Windows Server 2008 R2, with the exception of clustering, cross-file replication (DFS-R technology), and Active Directory Federation Services.

The Standard Edition is a good version of the operating system to support domain controllers, utility servers (such as DNS or DHCP), file servers, print servers, media servers, SharePoint servers, and so on. Most organizations, large and small, find the capabilities of the Standard Edition sufficient for most network services. See Chapter 34, “Capacity Analysis and Performance Optimization,” for recommendations on choosing and tuning a Windows Server 2008 R2 system that is right for its intended purpose.


Note - One of the first things an organization becomes aware of is that Windows Server 2008 R2 ONLY comes in 64-bit (x64 or IA64) versions. 32-bit hardware and a 32-bit installation is no longer supported. The last version of the Windows Server operating system that supported 32-bit is Windows Server 2008.


Windows Server 2008 R2, Enterprise Edition

With the Windows Server 2008 R2, Standard Edition taking on the bulk of network services, the Windows Server 2008 R2, Enterprise Edition is really focused on server systems that require extremely large-scale processing and memory capabilities as well as clustering or Active Directory Federation Services. From the basis of scalability of processing and memory capacity, applications like Windows virtualization or enterprise-class Exchange 2010 or SQL 2008 servers would benefit from the capabilities of the Enterprise Edition of Windows Server 2008 R2.

Any time an organization needs to add clustering to its environment, the Enterprise Edition (or the Datacenter Edition) is needed. The Enterprise Edition is the appropriate version of operating system for high availability and high-processing demands of core application servers such as SQL Servers or large e-commerce back-end transaction systems.

For organizations leveraging the capabilities of Windows Server 2008 R2 for Thin Client Remote Desktop Services that require access to large sets of RAM (up to 2TB) and multiple processors (up to eight sockets), the Enterprise Edition can handle hundreds of users on a single server. Remote Desktop Services are covered in more detail in Chapter 25.

The Enterprise Edition, with support for server clustering, can provide organizations with the nonstop networking demands of true 24/7, 99.999% uptime capabilities required in high-availability environments. Windows Server 2008 R2, Enterprise Edition supports a wide variety of regularly available server systems, thus allowing an organization its choice of hardware vendor systems to host its Windows Server 2008 R2 application needs.

Windows Server 2008 R2, Datacenter Edition

Windows Server 2008 R2, Datacenter Edition is a high-end datacenter class version of the operating system that supports very large-scale server operations. The Datacenter Edition supports organizations that need more than eight core processors. The Datacenter Edition is focused at organizations that need scale-up server technology to support a large centralized data warehouse on one or limited numbers of server clusters.

As noted in Chapter 34 on performance and capacity analysis, an organization can scale-out or scale-up its server applications. Scale-out refers to an application that performs better when it is distributed across multiple servers, whereas scale-up refers to an application that performs better when more processors are added to a single system. Typical scale-out applications include web server services, electronic messaging systems, and file and print servers. In those cases, organizations are better off distributing the application server functions to multiple Windows Server 2008 R2, Standard Edition or Enterprise Edition systems, or even Windows Web Server 2008 R2 systems. However, applications that scale-up, such as e-commerce or data warehousing applications, benefit from having all the data and processing on a single server cluster. For these applications, Windows Server 2008 R2, Datacenter Edition provides better centralized scaled performance as well as the added benefit of fault tolerance and failover capabilities.


Note - The Windows Server 2008 R2, Datacenter Edition used to be sold only with proprietary hardware systems; however, Windows Server 2008 R2, Datacenter Edition can now be run on “off-the-shelf” servers with extensive core, processor, and memory expansion capabilities. This update now allows organizations to purchase nonproprietary servers and get the scalability of the Datacenter Edition of the operating system for enterprise-class performance, reliability, and supportability.


Windows Web Server 2008 R2 Edition

The Windows Web Server 2008 R2 Edition is a web front-end server version of the operating system focused on application server needs that are dedicated to web services requirements. Many organizations are setting up simple web servers as front ends to database servers, messaging servers, or data application server systems. Windows Web Server 2008 R2 Edition can be used as a simple web server to host application development environments or can be integrated as part of a more sophisticated web farm and web services environment that scales to multiple load-balanced systems. The Windows Server 2008 R2 operating system has significant improvements in scalability over previous versions of the Windows operating system, and an organization can license multiple web services systems at a lower cost per server to provide the scalability and redundancy desired in large web farm environments.


Note - For organizations looking to purchase a low-cost Windows Web Server Edition to set up a simple file and print server or utility server (DNS, DHCP, domain controller), the Web Server Edition does not provide traditional multiuser file or print access or utility services. You need to purchase the Windows Server 2008 R2, Standard Edition to get capabilities other than web services.


Windows Server 2008 R2 Server Core

New to Windows Server 2008 and continued support with Windows Server 2008 R2 is a Server Core version of the operating system. Windows Server 2008 R2 Server Core, shown in Figure 1.3, is a GUI-less version of the Windows Server 2008 R2 operating system. When a system boots up with Server Core installed on it, the system does not load up the normal Windows graphical user interface. Instead, the Server Core system boots to a logon prompt, and from the logon prompt, the system drops to a DOS command prompt. There is no Start button, no menu—no GUI at all.

Figure 1.3

Windows Server 2008 R2 Server Core.

Server Core is not sold as a separate edition, but rather as an install option that comes with the Standard, Enterprise, Datacenter, and Web Server Editions of the operating system. So, when you purchase a license of Windows Server 2008 R2, the DVD has both the normal GUI Edition code plus a Windows Server 2008 R2 Server Core version.

The operating system capabilities are limited to the edition of Server Core being installed, so a Windows Server 2008 R2, Enterprise Edition Server Core server has the same memory and processor limits as the regular Enterprise Edition of Windows Server 2008 R2.

1 2 3 4 5 6 7 8 9 Page 2
Page 2 of 9
IT Salary Survey: The results are in