Phone : +1 (800) 980-1130 | Email :   |  |  | 
Category Archives: Active Directory 2012

Based on client feedback, below are the top 10 favorite features of Server 2012:

1) AD Recycle Bin: Active Directory Recycle Bin helps minimize directory service downtime by enhancing your ability to preserve and restore accidentally deleted Active Directory objects without restoring Active Directory data from backups, restarting Active Directory Domain Services (AD DS), or rebooting domain controllers.

2) Read-Only Domain Controllers: A read-only domain controller (RODC) is a new type of domain controller. With an RODC, organizations can easily deploy a domain controller in locations where physical security cannot be guaranteed. An RODC hosts read-only partitions of the Active Directory Domain Services (AD DS) database.

3) New Server Manager/MMC: Henson Group clients have realized 25% productivity gain using the new server manager in 2012. That’s because you can manage multiple servers, provides a dashboard, and displays on premise and cloud servers. Also major improvements are implemented with the new Microsoft Management Console (MMC) snap-in functions.

4) Better Password Policies: The Windows Server 2012 operating system provides organizations with a way to define different password and account lockout policies for different sets of users in a domain. Previously, only one password policy and account lockout policy could be applied to all users in the domain. These policies were specified in the Default Domain Policy for the domain. As a result, organizations that wanted different password and account lockout settings for different sets of users had to either create a password filter or deploy multiple domains. Both are costly options. You can use fine-grained password policies to specify multiple password policies within a single domain and apply different restrictions for password and account lockout policies to different sets of users in a domain.

5)      PowerShell: PowerShell as the primary management tool which allows for better scheduling and automation of server tasks.

6)      Software Activation: Today, Volume Licensing for Windows and Office requires Key Management Service (KMS) servers. That solution can be complex and difficult to implement and also requires RPC traffic on the network, which complicates matters, and it does not support any kind of authentication. Server 2012 now supports Active Directory-based activation so not additional KMS servers are needed and no RPC is required.

7) SMB 2.2: The Windows Server Message Block (SMB) file sharing protocol has also been significantly enhanced in Windows Server 2012. SMB 2.2 adds file server resiliency with no special configuration. In addition, server applications such as Microsoft SQL Server can now have their databases stored on SMB 2.2 shares, which gives them the benefits of SMB 2.2 with no configuration changes to the SQL Server databases.

8) Data deduplication: Windows Server 2012 provides built-in data deduplication, a feature typically found in high-end SANs. Windows Server 2012’s data deduplication runs in the background, and it can automatically detect duplicate data, save the duplicated data in a separate system store, and replace the data in the original files with pointers to the system store.

9) Expanded cluster scalability: Windows Failover Clustering has also taken a big jump in scalability. Previous versions of Windows Server were limited to 16 nodes. Windows Server 2012 clusters can support up to 63 nodes.

10) Offline Domain Join for PCs: The offline domain-join feature that was added to AD DS in Windows Server effectively allows client computers to be joined to a domain without requiring network connectivity to a domain controller, but the client computer could not also be preconfigured for DirectAccess as part of the domain join.
But there are many more features and enhancement. In fact, Sever 2012 is almost a complete rewrite of the OS. See additional details below for the new/enhanced features in Server 2012.

•What’s New in AD CS and PKI?

Active Directory Certificate Services (AD CS) in Windows Server 2012 provides multiple new features and capabilities over previous versions. This document describes new deployment, manageability, and capabilities added to AD CS in Windows Server 2012.

•What’s New in Active Directory Domain Services (AD DS)?

Active Directory Domain Services (AD DS) in Windows Server 2012 includes new features that make it simpler and faster to deploy domain controllers (both on-premises and in the cloud), more flexible and easier to both audit and authorize access to files with Dynamic Access Control, and easier to perform administrative tasks at scale, either locally or remotely, through consistent graphical and scripted management experiences.

•What’s New in Active Directory Rights Management Services (AD RMS)?

Active Directory Rights Management Services (AD RMS) is the server role that provides you with management and development tools that work with industry security technologies—including encryption, certificates, and authentication—to help organizations create reliable information protection solutions.

•What’s New in BitLocker for Windows 8 and Windows Server 2012?

BitLocker encrypts the hard drives on your computer to provide enhanced protection against data theft or exposure on computers and removable drives that are lost or stolen.

•What’s New in BranchCache?

BranchCache in Windows Server 2012 and Windows 8 provides substantial performance, manageability, scalability, and availability improvements.

•What’s New in DFS Namespaces and DFS Replication in Windows Server 2012?

DFS Namespaces and DFS Replication in Windows Server 2012 provide new management functionality as well as interoperability with DirectAccess and Data Deduplication.

•What’s New in DHCP in Windows Server 2012?

Dynamic Host Configuration Protocol (DHCP) is an Internet Engineering Task Force (IETF) standard designed to reduce the administration burden and complexity of configuring hosts on a TCP/IP-based network, such as a private intranet.

•What’s New in DNS?

Domain Name System (DNS) services in Windows Server 2012 and Windows 8 are used in TCP/IP networks for naming computers and network services. DNS naming locates computers and services through user-friendly names.

•New and changed functionality in File and Storage Services

File and Storage Services provides a number of new management, scalability, and functionality improvements in Windows Server 2012.

•What’s New in Failover Clustering?

Failover clusters provide high availability and scalability to many server workloads. These include file share storage for server applications such as Hyper-V and Microsoft SQL Server, and server applications that run on physical servers or virtual machines.

•What’s New in File Server Resource Manager?

File Server Resource Manager provides a set of features that allow you to manage and classify data that is stored on file servers.

•What’s New in Group Policy in Windows Server 2012?

Group Policy is an infrastructure that enables you to specify managed configurations for users and computers through Group Policy settings and Group Policy Preferences

•What’s New in Hyper-V?

The Hyper-V role enables you to create and manage a virtualized computing environment by using virtualization technology that is built in to Windows Server 2012. Hyper-V virtualizes hardware to provide an environment in which you can run multiple operating systems at the same time on one physical computer, by running each operating system in its own virtual machine.

•What’s New in IPAM in Windows Server 2012?

IP Address Management (IPAM) is an entirely new feature in Windows Server 2012 that provides highly customizable administrative and monitoring capabilities for the IP address infrastructure on a corporate network.

•What’s New in Kerberos Authentication

The Microsoft Windows Server operating systems implement the Kerberos version 5 authentication protocol and extensions for public key and password-based authentication. The Kerberos authentication client is implemented as a security support provider (SSP) and can be accessed through the Security Support Provider Interface (SSPI).

•What’s New for Managed Service Accounts?

Standalone Managed Service Accounts, which were introduced in Windows Server 2008 R2 and Windows 7, are managed domain accounts that provide automatic password management and simplified SPN management, including delegation of management to other administrators.

•What’s New in Networking in Windows Server 2012?

Discover new networking technologies and new features for existing technologies in Windows Server 2012. Technologies covered include BranchCache, Data Center Bridging, NIC Teaming, and more.

•What’s New in Remote Desktop Services in Windows Server 2012?

The Remote Desktop Services server role in Windows Server 2012 provides technologies that enable users to connect to virtual desktops, RemoteApp programs, and session-based desktops. With Remote Desktop Services, users can access remote connections from within a corporate network or from the Internet.

•What’s new in Security Auditing?

Security auditing is one of the most powerful tools to help maintain the security of an enterprise. One of the key goals of security audits is to verify regulatory compliance.

•What’s new in Server Manager?

In this blog post, senior Server Manager program manager Wale Martins describes the innovations and value of the new Server Manager. Server Manager in Windows Server 2012 lets administrators manage multiple, remote servers that are running Windows Server 2012, Windows Server 2008 R2, Windows Server 2008, or Windows Server 2003.

•What’s New in Smart Cards?

Smart cards and their associated personal identification numbers (PINs) are an increasingly popular, reliable, and cost-effective form of two-factor authentication. With the right controls in place, a user must have the smart card and know the PIN to gain access to network resources.

•What’s New in TLS/SSL (Schannel SSP)?

Schannel is a Security Support Provider (SSP) that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) Internet standard authentication protocols. The Security Support Provider Interface (SSPI) is an API used by Windows systems to perform security-related functions including authentication.


•What’s New for Windows Deployment Services for Windows Server 2012?

Windows Deployment Services is a server role that enables you to remotely deploy Windows operating systems. You can use it to set up new computers by using a network-based installation.

•What’s new in Windows PowerShell 3.0?

Windows PowerShell 3.0 includes many new features and improvements in the scripting and automation experience, such as Windows PowerShell Workflow, multiple new features in Windows PowerShell ISE to help make scripting and debugging faster and easier, updatable Help, Windows PowerShell Web Access, and over 2,200 new cmdlets and functions.

For more information and a free consult, please contact Henson Group at or 800-980-1130 .