You are on page 1of 37

So many new changes

and
they are all hot

Domain Controller cloning


Enhanced Direct Access
Safe Domain controller virtualization
RID pool enhanced management
Enhanced logging
PowerShell 3.0
PowerShell Workflow
PowerShell history
Kerberos CBAC
Compound identity
Remote FX
IP Address Management
DHCP HA
DA object recovery GUI
ISCI Target

http://www.allpass4sure.com/mcsa-windows-server-2012-pdf-70-410.html

Add/remove
Feature

Graphical Management
Tools and Infrastructure

Server Graphical Shell

Desktop Experience

PowerShell
Install-WindowsFeature
Uninstall-WindowsFeature

Server-Gui-Mgmt-Infra

Server-Gui-Shell

Desktop-Experience

http://www.allpass4sure.com/mcsa-windows-server-2012-pdf-70-410.html

http://www.allpass4sure.com/mcsa-windows-server-2012-pdf-70-410.html

Windows key

Metro Start

Windows key + C

Open Charms bar

Windows + I

Settings on Charms bar

Windows + Q

Search on Charms bar

VM1

VM2

VM3

Virtual machines

VMn

Maximum number
System

Resource

Windows 2008
R2

Windows Server
"8" Beta

64

160

2.5

Physical memory

1 TB

2 TB

Virtual processors per host

512

1,024

32

64 GB

1 TB

16

Active virtual machines

384

1,024

2.7

Nodes

16

64

1,000

4,000

Logical processors on hardware


Host

Virtual processors per virtual machine

Virtual
machine

Cluster

Improvement
factor

Memory per virtual machine

Virtual machines

http://www.allpass4sure.com/mcsa-windows-server-2012-pdf-70-410.html

http://www.allpass4sure.com/mcsa-windows-server-2012-pdf-70-410.html

Internet

Corporate intranet

May Be Not
Internet

Corporate intranet

Tunnelling technologies for the Internet and intranet to support IPv6 over IPv4
Internet tunnelling selection based on client location Internet, NAT, firewall
Encryption/authentication of Internet traffic (end-to-edge/end-to-end)
PKI required

Client location detection: Internet or corporate intranet


Certificates require PKI

http://www.allpass4sure.com/mcsa-windows-server-2012-pdf-70-410.html

http://www.allpass4sure.com/mcsa-windows-server-2012-pdf-70-410.html

Direct Access
Dynamic Access Control

http://www.allpass4sure.com/mcsa-windows-server-2012-pdf-70-410.html

Compound ID
User
PAC

Users group memberships added


to PAC
Authorization based on group
membership

Device

Groups

Claims
Groups
Claims

PAC contains a users


group and claims
information
+
Device information

Authorization based on group


membership, user and device
claims

http://www.allpass4sure.com/mcsa-windows-server-2012-pdf-70-410.html

http://www.allpass4sure.com/mcsa-windows-server-2012-pdf-70-410.html

Block cross forest delegation


by setting netdom trust to no
for /EnableTGTDelegation

Protect backend services by setting services account


parameter PrincipalsAllowedToDelegateToAccount

http://www.allpass4sure.com/mcsa-windows-server-2012-pdf-70-410.html

Direct Access
Kerberos enhancements

http://www.allpass4sure.com/mcsa-windows-server-2012-pdf-70-410.html

http://www.allpass4sure.com/mcsa-windows-server-2012-pdf-70-410.html

http://www.allpass4sure.com/mcsa-windows-server-2012-pdf-70-410.html

Sales
UK

Sales UK RW

US

Sales US RW

UK Sales

US Sales

HI UK
Sales HI UK RW

Sales Managers

HI US
Sales HI US RW

http://www.allpass4sure.com/mcsa-windows-server-2012-pdf-70-410.html

No way to tag files and apply authorization and


auditing based on file type

No way to create ACLs based on expressions


Requires complex group structures
ACLs defined using groups
Device state not supported in authorization
decisions

Sales

UK

US

http://www.allpass4sure.com/mcsa-windows-server-2012-pdf-70-410.html

http://www.allpass4sure.com/mcsa-windows-server-2012-pdf-70-410.html

John has designed and implemented computing systems ranging from


high-speed industrial controllers through to distributed IT systems with a
focus on security and high-availability. A key player in many IT projects
for industry leaders including Microsoft, the UK Government and multinationals that require optimized IT systems. Developed technical training
courses that have been published worldwide, co-authored a highly
successful book on Microsoft Active Directory Internals, presents
regularly at major international conferences including TechEd, IT Forum
and European summits. John can be engaged as a consultant or booked
for speaking engagements through XTSeminars. www.xtseminars.co.uk

http://www.allpass4sure.com/mcsa-windows-server-2012-pdf-70-410.html

You might also like