Windows Server 2008 (R2) blog by Kurt Roggen [BE]

Multilingual User Interface (MUI) Language Packs (Windows Server Language Packs) enable a multilingual user interface in a Windows Server 2008 environment.  Adding one or more language packs to a Windows Server 2008 image enables one or more languages in the installed Windows Server operating system, allowing corporations to deploy the same Windows Server 2008 image worldwide while still providing localized user interfaces. Typical scenario: Terminal Services in MUI environments.

The 2 groups of language packs delivered for now contain following languages:
English, German, Japanese, French, Spanish and Chinese Simplified, Chinese Traditional, Korean, Portuguese (Brazil).

Download here

Microsoft has created a new FTP service that has been completely rewritten for Windows Server 2008. This new FTP service incorporates many new features that enable web authors to publish content better than before, and offers web administrators more security and deployment options.

This new FTP service is only for Windows Server 2008 and Internet Information Services 7.0; it will not work on Windows Server 2003 and Internet Information Services 6.0 and is NOT available out of the box in Windows Server 2008.

This new FTP service incorporates many new features that enable web authors to publish content better than before, and offers web administrators more security and deployment options.

• Integration with IIS 7.0: IIS 7.0 has a brand-new administration interface and configuration store, and the new FTP service is tightly integrated with this new design. The old IIS 6 metabase is gone, and a new configuration store that is based on the .NET XML-based *.config format has taken its place. In addition, IIS 7.0 has a new administration tool, and the new FTP service plugs seamlessly into that paradigm.
• Support for new Internet standards: One of the most significant features in the new FTP service is support for FTP over SSL. The new FTP service also supports other Internet improvements such as UTF8 and IPv6.
• Shared hosting improvements: By fully integrating into IIS 7.0, the new FTP service makes it possible to host FTP and Web content from the same site by simply adding an FTP binding to an existing Web site. In addition, the FTP service now has virtual host name support, making it possible to host multiple FTP sites on the same IP address. The new FTP service also has improved user isolation, now making it possible to isolate users through per-user virtual directories.
• Improved logging support: FTP logging has been enhanced to include all FTP-related traffic, unique tracking for FTP sessions, FTP sub-statuses, additional detail fields in FTP logs, and much more.
• New supportability features: IIS 7.0 has a new option to display detailed error messages for local users, and the FTP service supports this by providing detailed error responses when logging on locally to an FTP service. The FTP service also logs detailed information using Event Tracing for Windows (ETW), which provides additional detailed information for troubleshooting.
  
  

Additional information about new features in FTP7 is available in the "What's New for Microsoft and FTP?" topic on Microsoft's http://learn.iis.net/ web site.

For more information: Robert McMurray's blog

Multiple Group Policy Preferences have been added to the Windows Server 2008 Group Policy Management Console (which are also available through the Remote Server Administration Toolset (RSAT) for Windows Vista SP1 soon!!).

Group Policy Preferences enable administrators to configure, deploy, and manage operating system and application settings they previously were not able to manage using Group Policy.  After you install this update, your computer will be able to process the new Group Policy Preference extensions.

Download packages below for Windows Server 2003 (SP1 or higher), Windows XP (SP2 or higher) and Windows Vista (RTM):

Group Policy Preference Client Side Extensions for Windows Server 2003 (KB943729)
Group Policy Preference Client Side Extensions for Windows Server 2003 x64 Edition (KB943729)

Group Policy Preference Client Side Extensions for Windows XP (KB943729)
Group Policy Preference Client Side Extensions for Windows XP x64 Edition (KB943729)

Group Policy Preference Client Side Extensions for Windows Vista (KB943729)
Group Policy Preference Client Side Extensions for Windows Vista x64 Edition (KB943729)

Related reading:

Group Policy Preferences in Windows Server 2008
Group Policy Preferences Frequently Asked Questions (FAQ)

RSAT (Remote Server Administration Tools), GPMC (Group Policy Mgmt Console) & Vista SP1
Remote Server Administrator Tools (RSAT) for Vista SP1
Installing RSAT (Remote Server Administration Tools) components unattended

Windows Server 2008 will be available in multiple editions to support the varying server needs of organizations of all sizes.
Windows Server 2008 will be available in five primary editions and three of these editions will also be available without Windows Server Hyper-V, bringing the total number of editions to eight.

	Windows Server 2008 Standard (with Hyper-V) is the most robust Windows Server operating system to date. With built-in, enhanced Web and virtualization capabilities, it is designed to increase the reliability and flexibility of your server infrastructure while helping save time and reduce costs. Powerful tools give you greater control over your servers, and streamline configuration and management tasks. Plus, enhanced security features work to harden the operating system to help protect your data and network and provide a solid, highly dependable foundation for your business.
	Windows Server 2008 Enterprise (with Hyper-V) delivers an enterprise-class platform for deploying business-critical applications. Help improve availability with clustering and hot-add processor capabilities. Help improve security with consolidated identity management features. Reduce infrastructure costs by consolidating applications with virtualization licensing rights. Windows Server 2008 Enterprise provides the foundation for a highly dynamic, scalable IT infrastructure.
	Windows Server 2008 Datacenter (with Hyper-V) delivers an enterprise-class platform for deploying business-critical applications and large-scale virtualization on small and large servers. Improve availability with clustering and dynamic hardware partitioning capabilities. Reduce infrastructure costs by consolidating applications with unlimited virtualization licensing rights. Scale from 2 to 64 processors. Windows Server 2008 Datacenter provides a foundation on which to build enterprise-class virtualization and scale-up solutions.
	Designed to be used specifically as a single-purpose Web server, Windows Web Server 2008 delivers on a rock-solid foundation of Web infrastructure capabilities in the next-generation Windows Server 2008. Integrated with the newly re-architected IIS 7.0, ASP.NET, and the Microsoft .NET Framework, Windows Web Server 2008 enables any organization to rapidly deploy Web pages, Web sites, Web applications, and Web services.
	Windows Server 2008 for Itanium-Based Systems is optimized for large databases, line of business, and custom applications providing high availability and scalability for up to 64 processors to meet the needs of demanding and mission-critical solutions.
	Windows HPC Server 2008, the next generation of high-performance computing (HPC), provides enterprise-class tools for a highly productive HPC environment. Built on Windows Server 2008, 64-bit technology, Windows HPC Server 2008 can efficiently scale to thousands of processing cores and includes management consoles that help you to proactively monitor and maintain system health and stability. For more information:  Windows HPC Server

IMPORTANT NOTE: Hyper-V RC (Release Candidate beta - no longer preview versions) is included with the Windows Server 2008 RTM versions for x64 SKUs only.
Hyper-V comes at $28 in addition to the Windows Server 2008 OS cost.

	Windows Server 2008 Standard without Hyper-V.
	Windows Server 2008 Enterprise without Hyper-V.
	Windows Server 2008 Datacenter without Hyper-V.

Learn about the various editions of Windows Server 2008 and find the edition that best suits your organization’s needs.

• Overview of Editions - Read a short description of the various editions of Windows Server 2008

• Compare New Features - Compare features of Windows Server 2008 editions

• Compare Server Roles - Compare server roles of Windows Server 2008 editions

• Differentiated Features - Compare differentiated features of Windows Server 2008 editions

• Compare Server Core Installation Options - Compare installation options of Windows Server 2008 editions

• Compare Technical Features - Compare technical features and specifications of Windows Server 2008 editions

• Compare Editions without Hyper-V - Learn about Windows Server 2008 editions without Hyper-V

This guide provides the information needed to successfully plan and deploy Group Policy using Windows Server 2008 and the Group Policy Management Console. 
For your information: It does not cover Group Policy Preferences!

The document gives a good overview of concepts as:

• GPO inheritance
• GPO link order
• Applying WMI filters
• Delegating administration of Group Policy
• Group Policy processing
• Slow link detection
• SYSVOL and ADMX templates
• Backing up, restoring and migrating GPOs
• Group Policy Modeling
• Group Policy Results
• Migration tables
• Testing Group Policy in the staging environment

Windows Server 2008 Group Policy is used to manage configurations for groups of computers and users, including options for registry-based policy settings, security settings, software deployment, scripts, folder redirection, and preferences.  Group Policy Preferences, new in Windows Server 2008, are more than 20 Group Policy extensions that expand the range of configurable policy settings within a Group Policy object (GPO). In contrast to Group Policy settings, preferences are not enforced.  Users can change preferences after initial deployment.

For information about Group Policy Preferences, see Group Policy Preferences Overview.

Download here

Related reading:

• Group Policy TechCenter
• "Group Policy" in Help and Support Center for Windows Server 2008
• My Group Policy Blog posts

For the 4th year in a row I will be speaking on Dev&ITPro Days, now rebranded into TechDays! This year (like last year) I will be doing another session on Group Policies and another on "Deploying Windows Server 2008". You can find the abstracts below.  Find more information on the TechDays 2008 website. Hope to see you there as well.  And don't forget to pass by and say hello!

Group Policy Infrastructure in Windows Server 2008

Learn about the new Group Policy features in Windows Vista and Windows Server 2008, including the new format and functionality of Administrative Template (ADMX) files and interoperability with legacy ADM files, the ADMX central store, improved awareness of changing network conditions, using multiple local Group Policy Objects (MLGPOs), Group Policy templates, Group Policy Filtering and the new Group Policy Preferences (GPP).
Group Policy Preferences Extensions significantly extend the scope of Group Policy to include areas such as drive mapping, folder creation, shortcuts, scheduled tasks and many more. Additionally, new features such as setting-level targeting and the elimination of “tattooing” provide greater control over where and how policy settings are applied.
We will provide an introduction to the products acquired from DesktopStandard and discuss their future availability and roadmap.

Deploying Windows Server 2008

Learn about the deployment options & features in Windows Server 2008 including Windows Deployment Services (WDS) and multicasting, Windows Imaging, Microsoft Deployment.
Microsoft Deployment Solution Accelerator is the next version of Business Desktop Deployment (BDD) 2007 and provides deployment automation and task sequencing for Windows Server 2008 to support deployment of both server and desktop infrastructure. We will have a look at deploying both Windows Server 2008 full installations and Server Core installations, including Server Roles, Role Services and Features.

The Works with Windows Server 2008 program enables you to quickly test whether your application meets the baseline technical bar for compatibility for Windows Server 2008.  For line-of-business and mission-critical applications, the Certified for Windows Server 2008 program ensures that the application has been independently tested to meet the highest technical bar for stability, security, reliability, availability, Windows operating system fundamentals, and platform compatibility.

Application Compatibility Cookbook

This document is the first step for application developers to become familiar with how to verify the compatibility of their applications for Windows Vista and Windows Server 2008.  This document also provides an overview of the few known application incompatibility issues in Windows Vista and Windows Server 2008 and provides links to detailed white papers and other developer guidance.

Download here 

Also find 7 presentations about compatibility issues between Windows Server 2003 and Windows Server 2008.

1. General Overview
2. IIS7
3. Active Directory
4. MMC 3.0
5. Failover Cluster
6. Server Roles
7. Server Core

This Microsoft knowledge base article describes how to extend, or re-arm, the Windows Server 2008 evaluation period.
The evaluation period is also known as the "activation grace" period. These instructions apply to any edition of Windows Server 2008. This includes evaluation copies!

Evaluating Windows Server 2008 software does not require product activation.  Any edition of Windows Server 2008 may be installed without activation and may be evaluated for 60 days.  Additionally, the 60-day evaluation period may be reset (re-armed) three times. This action extends the original 60-day evaluation period by up to 180 days for a total possible evaluation time of 240 days.

NOTE: Although you can reset the 60-day evaluation period, you cannot extend it beyond 60 days at any time. When you reset the current 60-day evaluation period, you lose whatever time is left on the previous 60-day evaluation period. Therefore, to maximize the total evaluation time, wait until close to the end of the current 60-day evaluation period before you reset the evaluation period.

To reset the evaluation period, type slmgr.vbs –rearm

For more information: Q948472

Related reading: Windows Server 2008, Volume Activation 2.0 and KMS (Key Management Server)

The other day, I got a mail informing about when to expect "Part 2" of my previous post on "Active Directory Domain Services: UI changes - Part 1".
And he was right... I totally forgot about that blogpost... stuck in my drafts now for quite a while... and so, finished it... here it is... hope you enjoy it!!

To improve the installation and management of Active Directory Domain Services (AD DS), Windows Server 2008 includes some changes in the user interface of the "Active Directory Domain Services Installation Wizard" (dcpromo), but also to the Microsoft Management Console (MMC) snap-in functions that manage AD DS.

We already covered the "Active Directory Domain Services Installation Wizard" (dcpromo) in a previous post.
Let's continue the overview with the administration tools:

1. Active Directory Users and Computers (dsa.msc)
2. Active Directory Sites & Services  (dssite.msc)
3. Active Directory Domains & Trusts (domain.msc)
4. Active Directory Schema
5. AdsiEdit (adsiedit.msc)

1. Active Directory Users & Computers

All objects - Protected objects

Windows Server 2008 ADU&C introduces Active Directory object protection to protect against accidental deletion by placing an extra Deny ACL on the object (see below). The object protection is available on all AD objects and appears afterwards in the Object tab (Advanced Features view).

Notice that only newly created OU objects are protected (with an ACL) by default.  Existing objects (such as Domain Controllers OU) are not protected by such an ACL.
The same interface is also available through the ADU&C snapin included in RSAT (Remote Server Administration Tools).
This functionality is independent of Windows Server 2008 Active Directory... it's just a GUI thing!

Unprotected	Protected

For more information, read Ulf's blog post on "Protecting Objects from accidental deletion"

All objects - Attribute Editor

By default, a low level attribute editor is available on any object (when switching on the Advanced Features view) which allows you to populate/modify any attribute on the object that might not be display through the GUI.  Great feature, but don't touch it if you don't know what you are doing!!

Filter View

Domain Controller objects - DC Type

When looking at domain controller objects, you will notice a number of changes.
First of all, you are able to quickly determine the type of domain controller (Global Catalog, Read Only).
Also, when connecting to other domain controllers, you can easily identify what domain controller (and sites) you are dealing with from the interface and their availability (online/offline).
Notice the option to connect to other LDAP instances (eg: ADAM instances and/or Active Directory Mount point instances).

Domain Controller objects - NTDS settings

If the domain controller is a global catalog, you're able to change it through the ADU&C (Active Directory Users & Computers) interface now, by connecting to the NTDS settings object.
Quick and easy!

Domain Controller Objects - Deleting Computer Object

When deleting domain controller objects, you will notice the interface below depending the type of domain controller:

• Read-Only DC (RODC)
• Read/Writable DC (RWDC)

Delete RODC object

Delete RWDC object

Read Only Domain Controller (RODC) objects - Password Replication Policy

To help manage RODCs, there is now a Password Replication Policy tab on the domain controller computer objects.
By clicking the Advanced button on this tab, an administrator can see the following things:

What accounts have authenticated to the RODC, including accounts that are not currently defined in the security groups that are allowed or denied replication. As a result, the administrator can see who is using the RODC and determine whether to allow or deny password replication.

Notice, that there is also a related Password Replication tab on user/computer objects.  More about this a few topics below.

 

Read Only Domain Controller (RODC) objects - Pre-population (to delegate RODC installation/administration)

First, a member of the Domain Admins group (or with delegated permissions) creates an RODC (computer) account by using the Active Directory Users and Computers Microsoft Management Console snap-in.
When you created the RODC (computer) account, you can delegate the installation and administration of that RODC to a user or better a security group.
On the server that will become the RODC, the user who has been delegated the permissions to install and administer it can then run dcpromo /UseExistingAccount:Attach at a command prompt to start the wizard.

	Pre-creating RODC account

RODC installation/administration delegated to Barcelona Admins.

User Objects - Password Replication

Password for user and computers are permanently stored on all writeable domain controllers and can be optionally stored/cached on read-only domain controllers (RODCs).
On a user and/or computer object you can find out on which read-only domain controllers the password in stored.

The Administrator password stored nowhere.

My password stored on the Barcelona RODC.

Computer account password not being replicated to any RODCs (empty list of RODCs).

 

User Objects - Reset User password

Sometimes small details can make a difference; resetting a user password and unlocking the account is one single step.

2. Active Directory Sites and Services

Find site

The Active Directory Sites and Services snap-in in Windows Server 2008 includes a Find command on the toolbar and in the Action menu.  This allows you to easily find a domain controller.

 

Create Subnet

Windows Server 2008 natively supports IPv6.
 
 

NTDS Objects - Replication

Selective replication from and to selected domain controllers.
 

Attribute Editor

By default, a low level attribute editor is available on any object (when switching on the Advanced Features view) which allows you to populate/modify any attribute on the object that might not be display through the GUI.  Great feature, but don't touch it if you don't know what you are doing!!

 

3. Active Directory Domains and Trusts

Nothing special to report...

4. Active Directory Schema

The Schema Management snapin (schmmgmt.dll) still requires registration.

 

5. AdsiEdit

Is now included in the Windows Server 2008 product and is installed as part of the Active Directory Domain Services Server Role including some other CLI tools listed below.

 
Screenshot from the Server Manager ADDS homepage.


Related posts:

Related reading:

The document describes new features and technologies, which were not available in Windows Server 2003 with Service Pack 1, that will help to increase the security of computers running Windows Server 2008, increase productivity, and reduce administrative overhead.

These topics apply to the next release of Windows Server 2008, based on the functionality expected to be included in the Beta releases in 2007. They do not describe all of the changes that are included in Windows Server 2008. Instead, they highlight changes that will potentially have the greatest impact on your use of Windows Server 2008 and provide references to additional information. 

Released on 7th Feb 2008, version 6.0, containing 341 pages of reading pleasure...

Download here

"It's February 1, 2008.  Only twenty-six more days until Windows Server 2008 is released to the world.  With that in mind, we have twenty-six posts lined up between now and February 27 covering areas of Windows Server 2008 that contain both general information as well as specific posts that are relevant to what we support here on the Performance team."

So far, they have posted:

1. WS2008: Upgrade Paths, Resource Limits & Registry Values
2. WS2008: Startup Processes and Delayed Automatic Start
3. WS2008: Windows Service Hardening
4. WS2008: Service Shutdown and Crash Handling
5. WS2008: Windows Error Reporting
6. WS2008: Dynamic Link Library Loader and Address Space Load Randomization
7. WS2008: Memory Management, Dynamic Kernel Addressing, Memory Priorities and I/O Handling
8. WS2008: The Print Services Role
9. WS2008: Understanding XML Paper Specification (XPS)
10. WS2008: Client-side Rendering

And the story continues... Keep looking at the Ask the Performane Team Blog

Michael Kleef states:

"Yes you heard right! The Web SKU of Windows Server 2008 does not require CALs but can be deployed only in internet facing scenarios.

Additionally there's no restriction on the number of users. Good news huh? That's gotta mean cheaper Windows web hosting on IIS 7 coming soon to a web hoster near you!"

In Windows Server 2008, the Streaming Media Services server role and remote administration tools are not included in Server Manager.
To obtain the new features and tools available in Windows Media Services for Windows Server 2008, such as the built-in WMS Cache/Proxy plug-in, you must obtain and run the appropriate Streaming Media Services role installer file on the updated platform.

These Microsoft Update Standalone Package (MSU) files install either 32-bit (x86) or 64-bit (x64) versions of:

• Windows Media Services and the rest of the Streaming Media Services role in Server Manager, on “full” installations of Standard and Enterprise editions of Windows Server 2008
• The Streaming Media Services Server Core role, on “Server Core” installations of Standard and Enterprise editions of Windows Server 2008
• The Windows Media Services snap-in for Microsoft Management Console (MMC) on a computer that is running the Business, Enterprise, or Ultimate edition of the Microsoft Windows Vista operating system

Download here

For more information: How to install Windows Media Services in Windows Server 2008

Windows Server 2008 is now live and available to all TechNet Plus subscribers from TechNet Plus Subscriber Downloads. The following software editions and languages are now available:

• Windows Server 2008 Datacenter, Enterprise and Standard (x64) - English, French, German, Japanese, Spanish
  Subscriber Downloads and Product Keys
  
• Windows Automated Installation Kit 1.1 (x86, x64, ia64) - English, French, German, Japanese, Spanish
  Top Subscriber Downloads
  
• Windows Server 2008 Multilingual User Interface Language Pack (x64) - English, French, German, Japanese, Spanish
  Top Subscriber Downloads

Additional editions and language versions will be made available over the next few weeks. Please keep your eye out for the following upcoming editions.