What's New in Active Directory in Windows Server 2012

advertisement
Virtualization That Just Works
• All Active Directory features work equally well in physical, virtual or mixed environments
Simplified Deployment of Active Directory
•
•
•
•
Complete integration of environment preparation, role installation and DC promotion into a single UI
DCs can be deployed rapidly to ease disaster recovery and workload balancing
DCs can be deployed remotely on multiple machines from a single Windows 8 machine
Consistent command-line experience through Windows PowerShell enables automation of deployment tasks
Simplified Management of Active Directory
•
•
•
•
GUI that simplifies complex tasks such as recovering a deleted object or managing password policies
Active Directory Windows PowerShell viewer shows the commands for actions performed in the GUI
Active Directory Windows PowerShell support for managing replication and topology data
Simplify delegation and management of service accounts
Miscellaneous
Management
Simplified Deployment
Recycle Bin
User Interface
Dynamic
Access Control
Virtualization-Safe
Technology
Active Directory PowerShell
History Viewer User Interface
Active Directory
Based Activation
Rapid Deployment
Fine-Grained Password Policy
User Interface
Kerberos Enhancements
Active Directory
Platform Changes
Active Directory Replication &
Topology Cmdlets
Group Managed Service
Accounts
Miscellaneous
Simplified Deployment
Virtualization-Safe
Technology
Rapid Deployment
Active Directory
Platform Changes
Streamline the deployment process
… by integrating preparation and promotion
processes & automating pre-requisites in-between
Minimize odds of deployment failures
… by validating environment pre-requisites before
deployment
Minimize number of touch-points
… by providing remote capabilities for both
preparation and promotion processes
Optimize for common deployment paths
… by aligning the configuration wizard to the most
common deployment scenarios
Bring consistency with other Windows
Server roles deployment experiences
… by integrating the full deployment experience with
Server Manager
Gain UI-consistency by leveraging an
enhanced command-line experience
… by providing a deployment & configuration wizard
that is built on top of Windows PowerShell
http://microsoft.com
Miscellaneous
Simplified Deployment
Virtualization-Safe
Technology
Rapid Deployment
Active Directory
Platform Changes
USN rollback NOT detected: only 50 users converge across the two DCs
All others are either on one or the other DC
100 security principals (users in this example) with RIDs 500-599 have conflicting SIDs
Miscellaneous
Simplified Deployment
Virtualization-Safe
Technology
Rapid Deployment
Active Directory
Platform Changes
Miscellaneous
Simplified Deployment
Virtualization-Safe
Technology
Rapid Deployment
Active Directory
Platform Changes
Miscellaneous
Management
Simplified Deployment
Recycle Bin
User Interface
Dynamic
Access Control
Virtualization-Safe
Technology
Active Directory PowerShell
History Viewer User Interface
Active Directory
Based Activation
Rapid Deployment
Fine-Grained Password Policy
User Interface
Kerberos Enhancements
Active Directory
Platform Changes
Active Directory Replication &
Topology Cmdlets
Group Managed Service
Accounts
Management
Recycle Bin
User Interface
Dynamic
Access Control
Active Directory PowerShell
History Viewer User Interface
Active Directory
Based Activation
Fine-Grained Password Policy
User Interface
Kerberos Enhancements
Active Directory Replication &
Topology Cmdlets
Group Managed Service
Accounts
Management
Recycle Bin
User Interface
Dynamic
Access Control
Active Directory PowerShell
History Viewer User Interface
Active Directory
Based Activation
Fine-Grained Password Policy
User Interface
Kerberos Enhancements
Active Directory Replication &
Topology Cmdlets
Group Managed Service
Accounts
Management
Recycle Bin
User Interface
Dynamic
Access Control
Active Directory PowerShell
History Viewer User Interface
Active Directory
Based Activation
Fine-Grained Password Policy
User Interface
Kerberos Enhancements
Active Directory Replication &
Topology Cmdlets
Group Managed Service
Accounts
Management
Recycle Bin
User Interface
Dynamic
Access Control
Active Directory Windows
PowerShell History Viewer
Active Directory
Based Activation
Fine-Grained Password Policy
User Interface
Kerberos Enhancements
Active Directory Replication &
Topology Cmdlets
Group Managed Service
Accounts
Management
Recycle Bin
User Interface
Dynamic
Access Control
Active Directory Windows
PowerShell History Viewer
Active Directory
Based Activation
Fine-Grained Password Policy
User Interface
Kerberos Enhancements
Active Directory Replication &
Topology Cmdlets
Group Managed Service
Accounts
Management
Recycle Bin
User Interface
Dynamic
Access Control
Active Directory Windows
PowerShell History Viewer
Active Directory
Based Activation
Fine-Grained Password Policy
User Interface
Kerberos Enhancements
Active Directory Replication &
Topology Cmdlets
Group Managed Service
Accounts
Management
Recycle Bin
User Interface
Dynamic
Access Control
Active Directory Windows
PowerShell History Viewer
Active Directory
Based Activation
Fine-Grained Password Policy
User Interface
Kerberos Enhancements
Active Directory Replication &
Topology Cmdlets
Group Managed Service
Accounts
Management
Recycle Bin
User Interface
Dynamic
Access Control
Active Directory Windows
PowerShell History Viewer
Active Directory
Based Activation
Fine-Grained Password Policy
User Interface
Kerberos Enhancements
Active Directory Replication &
Topology Cmdlets
Group Managed Service
Accounts
With this deployed…
... these features become available
•
+ First Windows Server 2012 domain-member
(or Windows 8 with RSAT installed)
•
•
•
•
•
•
+
First Windows Server 2012 DC
+ Windows Server 2012 DC holds PDC FSMO role
•
•
•
•
New Active Directory Administrative Center
• Windows PowerShell History Viewer
• Graphical Recycle Bin and FGPP management
Richer authorization through DAC & FCI
Active Directory-based Activation
• Requires Windows Server 2012 schema extensions
Active Directory Replication & Topology Cmdlets
AD FS (v2.1)
Simplified Deployment and Preparation
Dynamic Access Control policies and claims
• Kerberos Claims in AD FS (v2.1)
Cross-domain Kerberos Constrained Delegation
Group Managed Service Accounts
Virtualization-Safe for the Windows Server 2012 DC
• requires Hypervisor support for VM-Gen-ID
Rapid virtual DC deployment through DC-cloning
• requires Hypervisor support for VM-Gen-ID
#TE(sessioncode)
DOWNLOAD
Windows Server
2012 Release
Candidate
Hands-On Labs
microsoft.com/windowsserver
DOWNLOAD
Windows Azure
Windowsazure.com/
teched
http://northamerica.msteched.com
www.microsoft.com/learning
http://microsoft.com/technet
http://microsoft.com/msdn
Download