Windows Server 2008 R2 Unleashed (9 page)

10

CHAPTER 1

Windows Server 2008 R2 Technology Primer

evolutionary than revolutionary. AD 2008 R2 adds a handful of new features that organi-

zations might or might not choose to upgrade to AD 2008 R2 immediately; however,

many organizations have found that the new enhancements in Active Directory 2008 R2

were the primary reason for their migration.

The new features in Active Directory 2008 R2 are as follows:

.
Active Directory Recycle Bin—
The AD Recycle Bin provides administrators an

easy way to undelete objects in Active Directory. In the past, when an administrator

inadvertently deleted an Active Directory object like a user, group, organizational

unit container, or the like, the object was effectively gone and the administrator

would have to create the object from scratch, which would create a whole new series

of security principles for the new/unique object. The AD Recycle Bin now enables an

administrator to simply run the recovery tool and undelete objects.

.
Managed Service Accounts—
Applications in a network frequently use service

accounts associated with the security to start a database, conduct data searches and

indexing, or launch background tasks. However, when an organization changes the

password of a service account, all servers with applications using the service account

need to be updated with the new password, which is an administration nightmare.

With Active Directory 2008 R2 mode, service accounts can be identified and then

managed so that a password change to a service account will initiate a process of

ptg

updating the service account changes to application servers throughout the organi-

zation.

.
Authentication Mechanism Assurance—
Another Active Directory 2008 R2

feature is the enhancement of claims-based authentication in Active Directory. With

authentication mechanism assurance, information in a token can be extracted when-

ever a user attempts to access a claims-aware application to determine authorization

based on the user’s logon method. This extension will be leveraged by future appli-

cations to improve claims-based authentication in the enterprise.

.
Offline Domain Join—
For desktop administrators who create system images, the

challenge of creating images is that a system needs to be physically connected to the

network before the system can be joined to the domain. With Offline Domain Join,

a system can be prejoined with a file created with a unique system credential written

to a file. When a Windows 7 client system or Windows Server 2008 R2 server system

needs to be joined, rather than physically connecting the system to the network and

joining the system to the domain, this exported file can be used offline to join the

system to the Active Directory domain.

When Is the Right Time to Migrate?

When Windows Server 2008 R2 first shipped in the summer of 2009, many organizations

wondered about the right time to migrate to the new operating system. It used to be that

you waited until the first service pack shipped before installing any Microsoft product;

however, Windows Server 2008 R2 is effectively an update to Windows Server 2008 that is

post–Service Pack 2. And early adopter beta participants found Windows Server 2008 R2

When Is the Right Time to Migrate?

11

(and Windows 7) to be extremely stable and reliable and, thus, began implementation of

the operating systems in production environments six+ months before the operating

1

systems were released. So, the decision of when to implement Windows Server 2008 R2

comes down to the same decision on migration to any new technology—identify the

value received by implementing Windows Server 2008 R2, test the solution in a limited

environment, and roll out Windows Server 2008 R2 when you are comfortable that the

product meets the needs of your organization.

This introductory chapter notes the many features and functions built in to Windows Server

2008 R2 that have helped other organizations make the decision that Windows Server 2008

R2 has significant value to plan a migration and new server implementation. Improvements

in security, performance, and manageability provide benefits to organizations looking to

minimize administration costs, while providing more functionality to users.

The cost and effort to migrate to Windows Server 2008 R2 vary based on the current state

of an organization’s networking environment, as well as the Windows Server 2008 R2

features and functions the organization wants to implement. Some organizations begin

their migration process to Windows Server 2008 R2 by adding a Windows Server 2008 R2

member server into an existing Windows 2000/2003/2008 network. Others choose to

migrate their Active Directory to Windows Server 2008 R2 as their introduction to the new

operating system.

ptg

Adding a Windows Server 2008 R2 System to a Windows

2003/2008 Environment

Many organizations want to add in a specific Windows Server 2008 R2 function such as

Windows Server 2008 R2 Remote Desktop Services (previously called Terminal Services),

Hyper-V R2 virtualization, DirectAccess, or BranchCache. Such functions can be installed

on Windows Server 2008 R2 member servers in an existing Active Directory 2003 network-

ing environment. This allows an organization to get Windows Server 2008 R2 application

capabilities fairly quickly and easily without having to do a full migration to Active

Directory 2008 R2. In many cases, a Windows Server 2008 R2 member server can simply

be added to an existing network without ever affecting the existing network. This addition

provides extremely low network impact but enables an organization to prototype and test

the new technology, pilot it for a handful of users, and slowly roll out the technology to

the client base as part of a regular system replacement or upgrade process.

Some organizations have replaced all their member servers with Windows Server 2008 R2

systems over a period of weeks or months as a preparatory step to eventually migrate to a

Windows Server 2008 R2 Active Directory structure.

Migrating from Windows 2003 and Windows 2008 Active Directory

to Windows Server 2008 R2 Active Directory

For organizations that already have a Windows 2003 or Windows 2008 Active Directory

environment, migrating to Windows Server 2008 R2 for Active Directory functionality can

provide access to several additional capabilities that require a Windows network to be

running on Windows Server 2008 R2. Some of the Windows Server 2008 R2 technologies

12

CHAPTER 1

Windows Server 2008 R2 Technology Primer

that require implementation of the Windows Server 2008 R2 Active Directory include

Active Directory Recycle Bin, Managed Service Accounts, PowerShell Administration, and

Offline Domain Join capabilities as the most popular solutions.

Fortunately, organizations that already have Windows 2003 or 2008 Active Directory in

place have completed the hard part of the Active Directory implementation process.

Effectively, Windows Server 2008 R2 uses the same Active Directory organizational struc-

ture that was created with Windows 2003 or 2008, so forests, domain trees, domains, orga-

nizational units, sites, groups, and users all transfer directly into Windows Server 2008 R2

Active Directory. If the organizational structure in Windows 2003 or 2008 meets the needs

of the organization, the migration to Windows Server 2008 R2 is predominantly just the

insertion of a Windows Server 2008 R2 global catalog server into the existing Windows

2003 or 2008 Active Directory domain to perform a global catalog update to Windows

Server 2008 R2 Active Directory.

Of course, planning, system backup, and prototype testing—covered in Chapter 16,

“Migrating from Windows 2003/2008 to Windows Server 2008 R2”—help minimize migra-

tion risks and errors and lead to a more successful migration process. However, the migra-

tion process from Windows 2003 and Windows Server 2008 to Windows Server 2008 R2 is

a relatively easy migration path for organizations to follow.

ptg

Versions of Windows Server 2008 R2

Windows Server 2008 R2 comes in the same release versions as the more recent server

version releases from Microsoft with the addition of a Server Core version that provides a

lighter GUI-less version of Windows Server 2008 R2. The main versions of Windows Server

2008 R2 include Windows Server 2008 R2, Standard Edition; Windows Server 2008 R2,

Enterprise Edition; Windows Server 2008 R2, Datacenter Edition; Windows Web Server

2008 R2; and Windows Server 2008 R2 Server Core.

Windows Server 2008 R2, Standard Edition

The Windows Server 2008 R2, Standard Edition is the most common server version of the

operating system. Unlike previous versions of Windows Server where basic functions and

scalability for memory and processor support was limited to only the Enterprise or

Datacenter Editions of the operating system, Windows Server 2008 R2, Standard Edition is

now the default version deployed by organizations.

A basic Windows Server 2008 R2 x64-bit Standard Edition system supports up to four x64

professor sockets and 32GB of memory and supports all of the server roles available in

Windows Server 2008 R2, with the exception of clustering, cross-file replication (DFS-R

technology), and Active Directory Federation Services.

The Standard Edition is a good version of the operating system to support domain

controllers, utility servers (such as DNS or DHCP), file servers, print servers, media servers,

SharePoint servers, and so on. Most organizations, large and small, find the capabilities of

the Standard Edition sufficient for most network services. See Chapter 34, “Capacity

Versions of Windows Server 2008 R2

13

Analysis and Performance Optimization,” for recommendations on choosing and tuning a

Windows Server 2008 R2 system that is right for its intended purpose.

1

NOTE

One of the first things an organization becomes aware of is that Windows Server 2008

R2 ONLY comes in 64-bit (x64 or IA64) versions. 32-bit hardware and a 32-bit installa-

tion is no longer supported. The last version of the Windows Server operating system

that supported 32-bit is Windows Server 2008.

Windows Server 2008 R2, Enterprise Edition

With the Windows Server 2008 R2, Standard Edition taking on the bulk of network

services, the Windows Server 2008 R2, Enterprise Edition is really focused on server

systems that require extremely large-scale processing and memory capabilities as well as

clustering or Active Directory Federation Services. From the basis of scalability of process-

ing and memory capacity, applications like Windows virtualization or enterprise-class

Exchange 2010 or SQL 2008 servers would benefit from the capabilities of the Enterprise

Edition of Windows Server 2008 R2.

Any time an organization needs to add clustering to its environment, the Enterprise

ptg

Edition (or the Datacenter Edition) is needed. The Enterprise Edition is the appropriate

version of operating system for high availability and high-processing demands of core

application servers such as SQL Servers or large e-commerce back-end transaction systems.

For organizations leveraging the capabilities of Windows Server 2008 R2 for Thin Client

Remote Desktop Services that require access to large sets of RAM (up to 2TB) and multiple

processors (up to eight sockets), the Enterprise Edition can handle hundreds of users on a

single server. Remote Desktop Services are covered in more detail in Chapter 25.

The Enterprise Edition, with support for server clustering, can provide organizations with

the nonstop networking demands of true 24/7, 99.999% uptime capabilities required in

high-availability environments. Windows Server 2008 R2, Enterprise Edition supports a

wide variety of regularly available server systems, thus allowing an organization its choice

of hardware vendor systems to host its Windows Server 2008 R2 application needs.

Windows Server 2008 R2, Datacenter Edition

Windows Server 2008 R2, Datacenter Edition is a high-end datacenter class version of the

operating system that supports very large-scale server operations. The Datacenter Edition

supports organizations that need more than eight core processors. The Datacenter Edition

is focused at organizations that need scale-up server technology to support a large central-

ized data warehouse on one or limited numbers of server clusters.

As noted in Chapter 34 on performance and capacity analysis, an organization can scale-

out or scale-up its server applications. Scale-out refers to an application that performs

better when it is distributed across multiple servers, whereas scale-up refers to an applica-

tion that performs better when more processors are added to a single system. Typical scale-

out applications include web server services, electronic messaging systems, and file and

14

CHAPTER 1

Windows Server 2008 R2 Technology Primer

print servers. In those cases, organizations are better off distributing the application server

functions to multiple Windows Server 2008 R2, Standard Edition or Enterprise Edition