/ciol/media/agency_attachments/c0E28gS06GM3VmrXNw5G.png)
Follow UsAnindya Roy
Microsoft is on its way to release a new Server OS 'Windows Server 2008 codename Longhorn' sometime early next year. We will pick up one of the following features of the server every month and talk about it in more detail through a Hands-On approach. The aim is to equip you with a complete guide till the time the server gets released. So now fasten your seat belts to explore some new features offered by Beta 3.
|
Windows Power Shell
And finally with the advent of Beta 3, Microsoft has realized the need of a powerful command line or shell which not only gives a good set of administrative tools but also provides a good framework for Shell scripting.
Power Shell is not just an enhanced Shell for Windows but also a scripting framework. To work on this you just need a basic knowledge of batch scripting. Power Shell is now shipped with Windows Server 2008, but you can even download and install it on Windows XP or Windows 2003 from http://www.microsoft.com/technet/scriptcenter/topics/msh/download.mspx.
Server Core Install
Again, something very common and old for *Nix users, but a new functionality for Windows Server users. The Server Core Install is a minimal install option for Windows Server 2008 which gives you the liberty to install only the Role or the component that you want to run on a particular server. So, let's say if you want to build a DHCP server in your organization but don't want to install and manage a full-blown Windows Server with GUI, and all the unnecessary applications, then you can do a Core Installation of Windows Server 2008 and install the DHCP role on top of it. This not only gives you better manageability and resource conciseness but also provides more compact attack surface by reducing unnecessary applications and services.
The Core install will be available with all the versions of upcoming Windows 2008 Server (i.e. Standard, Enterprise, and Data Center) and will appear as an install option. While using Server Core for the first time you get a feel of FVWM, a Window manager in Linux. But of course the graphical capability is kept very less in Windows Core install than in FVWM. This kind of a setup can also be very useful in cases where you have to run multiple servers under a virtualized environment. This is because such kind of an install will have smaller footprints and will require minimal resources in your Virtualization setup.
Network Access Protection
NAP is essentially an agent-based model and you require an SHA or System Health Agent to be installed on all the client machines connected to the network. SHA is at present available as an independent download or as an update pack for Windows XP and ships with Windows Vista. Microsoft also plans to bundle the agent with Windows XP SP3. NAP also checks for certain criteria such as whether the client machine has the Firewall enabled, antivirus installed, enabled and updated, and so on. NAP can even change the settings on the client machines and cure these by enabling the components such as Firewall. At present NAP has been bundled with Beta3.
Read Only Domain Controllers
This is essentially a way to tighten the security of branch offices. In branch offices one must have local administrators managing local Domain Controllers which are connected to the central ADS. But if you provide full right to the local administrator on the Domain then he or someone who has compromised the local DC can even get illegitimate access to the central ADS which can be a major security risk.
So to fight against such risks Microsoft has bundled RODC in Windows Server 2008, providing a one-way synchronization of the Global ADS with the DC. It also doesn't allow sensitive information to get cached on the DC. And provides options for delegating Administrative privileges to local users under the DC. This kind of a setup is very helpful for servers kept in remote locations without any physical security.
Virtualization
This component is still not bundled with Windows Server 2008, but Microsoft promises to ship it with its first RTM. With the popularity of other Hypervising technologies, Microsoft also planned to jump into this bandwagon and is coming out with its own Hypervisor. This will work parallel with the pre-existing Micorosft's Virtual Servers and Virtual PC, but will be specifically for those who want to get benefited from the hardware-level virtualization provided in new generation processors and full virtualization.
Microsoft also claims that it will have interoperability with the Xen kernel of Novell's SuSE Enterprise Server and Desktop versions of Linux, an outcome of Micorosft's and Novell's partnership.
Terminal Services
With Windows Server 2008, terminal services have been completely revamped. The first thing to notice is the remote desktop getting upgraded to version 6.0. This version is available for Vista, XP SP2, and Windows 2003.
Using remote desktop 6 in conjugation with terminal services running on Server 2008 provides you with 32-bit color and most of the animation including the aero theme of Vista. It also supports wide aspect ration display and spanning the desktop over multi monitors. With it you can even cut and paste between remote sessions and local desktop.
A new feature called 'Terminal Service Easy Print' lets you easily select on the printer (remote or local) you want to fire a print over terminal services. Another feature is the 'Terminal Service Gateway,' which essentially provides terminal services to your users over the Internet through HTTPS. The beauty of it is that you don't even need a VPN setup to do so.
Yet another feature offered by terminal services is the 'Terminal Services RemoteApp.' It is essentially a mechanism for streaming through terminal services instead of the full desktop. Something very similar to Citrix's Presentation Server. Yes it is, but now it is going to be bundled with your Windows Server and you don't need a third party for such a kind of feature.
A very innovative feature from Microsoft. NAP or Network Access Protection is a framework, which provides a mechanism to the network admins to control and check the health status of the machines connected to the network. And based on the status of the client machine, the framework can either let the machine enter the network or quarantine it to an isolated subnet for cure. If you are someone from the *Nix background then you must be a lover of command line. But while working on or while administrating a Windows Server you never had a chance to power use the command prompt. Since the days of Windows NT, Microsoft has been stating that they will make desktop environment more graphical and easy.