Windows Server (2008 R2) blog by Kurt Roggen [BE]

The new Intel Xeon 7400 will have six cores (up to 16 MB L3 cache) and will be socket compatible with Xeon 7300 boards which will allow for simple upgrades with little downtime. Intel delivers higher virtualization performance for consolidation and data demanding applications offering more cores, cache and larger memory footprints.

Hyper-V also increases the number of logical processors and virtual machines that are running on a Windows Server 2008-based computer through this update package 956710 and includes the following improvements:

• The update package increases the limitation on the number of logical processors to 24 (6x4). The previous limitation was 16.
• The update package increases the number of Hyper-V virtual machines that you can run per server to 192. The previous limitation was 128.

Download here

And it looks like this…

Microsoft Advanced Group Policy Management (AGPM) helps you better manage Group Policy objects (GPOs) in your environment by providing change control, offline editing, and role-based delegation.

What would this tool do? It would help you better delegate who can review, edit, and deploy Group Policy objects (GPOs). It would help you prevent widespread failures that result from editing GPOs in production.
You could use it to track each version of each GPO and roll back if needed or track the changes between different versions of a GPO.

AGPM is a key component of the Microsoft Desktop Optimization Pack (MDOP).

Version 3.0 of AGPM supports the latest Microsoft operating systems (Vista SP1 and Windows Server 2008) and has added some highly requested customer features as outlined below. 

Full x64 support

Windows Vista SP1 & Windows Server 2008

Customizable permissions

Version 3.0 allows the permissions deployed to a GPO to be customized. The default permissions are the same as version 2.5, however, custom permissions can be configured for each domain. The permissions configured on the “Production Delegation” tab will replace any permission already on a production GPO when it is controlled or deployed from the AGPM server. Applying the above permissions to the production GPO when taken into AGPM control will prevent changes to production GPOs from outside of AGPM as soon as a GPO is controlled.

More robust change tracking

The AGPM history has been changed to track more changes made to GPOs such as when/who made a request, when/who Approved/Rejected the request, when/who made changes to AGPM delegation, etc.

Purge Historical data

This version gives the AGPM administrator the ability to purge old data by specifying on the AGPM Server tab how many historical versions to retain. Purging old data deletes the data (GPO backup) from the archive so this data is no longer be accessible. The information about the historical action is, however, retained in the history and an entry is recorded in the history that data was purged. This means that if a checked in GPO from 6 months ago was purged, reports, etc. cannot be run against it but the history view still shows that a check-in was performed.

Group Policy Preferences Support

This version fully supports the new Group Policy Preferences (GPP) functionality added to Windows Server 2008.

General UI improvements

Changes have been made to field names and ordering to better describe the information contained in the field. Additionally the order in which the fields are displayed has been changed to make more pertinent information easier to find.

Localization

Localized in 13 additional languages which will be available 3 months after English version ships.

Related reading:

• Advanced Group Policy Management Training Guide
• Advanced Group Policy Management User Guide
• Advanced Group Policy Management Step-by-Step Guide

Terminal Services Web Access (TS Web Access) is a TS role service in the Windows Server 2008 operating system that enables users to access RemoteApp programs or the full terminal server desktop from a Web site.
By default, the TS Web Access Web site enables you to point to a single terminal server or to a single terminal server farm to populate the list of RemoteApp programs that appear on the site. If you have multiple terminal servers or multiple terminal server farms, you could even use Windows SharePoint Services to create a single Web access point for RemoteApp programs and/or full terminal server desktop connections that are available on different terminal servers.

After you install TS Web Access, you can specify (on the Configuration tab) from which terminal server you want to populate the Web Part. Any RemoteApp programs on the specified terminal server that are configured to show in TS Web Access will appear in the Web Part. Because the Web server can populate the list from an external data source, the TS Web Access server does not have to be a terminal server, but could be running on a dedicated (virtualized) webserver.

Remote Desktop Web Connection

Terminal Services Remote Desktop Web Connection enables a user to connect to the desktop of a remote computer from the TS Web Access Web site. To connect to a remote computer, you must meet the following conditions:

• The remote computer must be configured to accept Remote Desktop connections.
• The user must be a member of the Remote Desktop Users group on the remote computer.

A user can access Remote Desktop Web Connection by clicking the Remote Desktop tab on the TS Web Access page (see below). As an administrator, you can even configure whether the Remote Desktop tab is available to users. Additionally, you can configure settings such as the TS Gateway server to use, default device and resource redirection options.

All these settings will be set from the ASP.NET Application Settings (see below) on the TS Virtual Directory in IIS.
To configure the default TS Gateway server, double-click DefaultTSGateway, enter the fully qualified domain name of the TS Gateway server (eg: tsg.company.com).

To configure the TS Gateway authentication method, use GatewayCredentialsSource and enter the number that corresponds to the desired authentication method in the Value box.

These settings correspond with the authentication options on the RDP client.

To configure whether the Remote Desktop tab even appears on the TS Web Access page, use ShowDesktops. In the Value box, type true to show the Remote Desktop tab or false to hide the Remote Desktop tab.

To configure default device and resource redirection settings, use the setting that you want to modify (xClipboard, xDriveRedirection, xPnPRedirection, xPortRedirection, or xPrinterRedirection). In the Value box, type true to enable the redirection setting by default or type false to disable the redirection setting by default.

NOTE: All settings above only apply to the Terminal Services Remote Desktop Web Connection.

All default values are listed below.

The changes made above are located in the %windir%\Web\TS\Web.config file and take effect immediately on the TS Web Access Web site when the webpage is refreshed.

NOTE: Terminal Services Web Access (TS Web Access) requires the most recent update to the Remote Desktop Connection (RDC) client software. 
You must have Remote Desktop Connection (RDC) client version 6.1 installed to use TS Web Access. RDC 6.1 is available with the following operating systems:

• Windows Server 2008
• Windows Vista with Service Pack 1 (SP1)
• Windows XP with Service Pack 3 (SP3)

For more information: RDC client requirements for Terminal Services Web Access in Windows Server 2008

Related reading:

• Step-By-Step Guide: Windows Server 2008 TS Gateway Server Step-By-Step Setup Guide
• Step-By-Step Guide: Customizing TS Web Access by Using Windows SharePoint Services
• Servicing Branch Offices with Terminal Services
• TechNet Webcast: Windows Server 2008 Terminal Services RemoteApp and Web Access (Level 300)

In order to enable VSS based backups of Hyper-V VMs using Windows Server Backup in Windows Server 2008, you must add the following registry keys to register the Hyper-V VSS Writer (vssadmin list writers - {66841CD4-6DED-4F4B-8F17-FD23F8DDC3DE}) with Windows Server Backup.
NOTE: the WindowsServerBackup key is not created when installing the Windows Server Backup feature. This key must be created manually.

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT
\CurrentVersion\WindowsServerBackup\Application Support\{66841CD4-6DED-4F4B-8F17-FD23F8DDC3DE}

Name: Application Identifier
Type: REG_SZ
Value: Hyper-V

For more information: Windows Server Core Team blog - How to enable Windows Server Backup support for the Hyper-V VSS Writer

Please remember my previous post if the HyperV VSS writer is not showing up!!

If you ever tried to use or find the HyperV VSS writer using "vssadmin list writers", but failed or were unable to find it back in the VSS writers list, it is was probably due to invalid and/or corrupted VM configuration files.  Removing the invalid (symbolic link) to the VM configuration file would make the Hyper-V VSS writer reappear. 

An error occurred while identifying the Hyper-V VSS Writer - EvID 10107

Failed to get summary information for virtual machine - EvID 18160

The issue is that if you have a single invalid or corrupted configuration file none of the virtual machines will be backed up properly on that server.  Now a hotfix for this issue has been released for this issue.  So make sure you have this hotfix on your HyperV systems.

Have a look at this KB article 956697 relating to the VSS writer and corrupted or/and invalid VM configuration files.

For more information: KB956697 - Hyper-V VSS writer is not used during a backup job because of corrupted or invalid virtual machine configuration files