I had a quick look at some of the new features of Vista, and during that time I found five impressive features:
1. Longhorn Server Core
I learned about this feature in a user hands-on lab and took a little time to get used to it. I landed as an administrator and the server showed an unusual interface, and the only thing on the screen was the blue background desktop and two command Windows-no taskbar, no Start menu, no bulletin board and desktop icons. There is nothing but two command windows.
Then one of the speakers said they set up two command windows here for a reason--in some cases you accidentally close one of them, and you can have another one to work with. This is better suited for people who have remote servers or domain controllers and need to manage them frequently, and often complain to Microsoft about the need for some products with minimal user interface. I checked the *.msc file to find Snap-ins but didn't find it. There are some examples in this lab to guide me through the installation of DNS, Dynamic Host Configuration Protocol (DHCP), and other server-related services that use the appropriate appropriate hidden commands. In fact, the MCT Lab assistant must contact a Microsoft engineer to find out which commands are used exactly. I did notice that I could use Dcpromo to install the domain controller, but I had to use an unattended file because there was no UI. It is also necessary to note that these servers can be managed from a fully functional Longhorn server through snap-ins and other tools such as those we have in previous versions of Windows.
This is really an interesting idea-we'll see a lot of administrators benefit from it.
2. Vista Group Policy
In Windows 2003, Microsoft notes that there are about 1800 registered configurations, plus more security, ie, and other areas. They expect Vista to add about 700 configurable configurations, and I guess the Longhorn server will add more. So, maybe 2,500. It's hard to imagine that Windows NT 4.0 has just about 79. There are some cool features in Group Policy that will help the Administrator complete the task.
Microsoft announces that the Group Policy Management Console (GPMC) tool consolidates the operating system of Vista and Longhorn servers as a self-contained tool. The presenter explained to us that many administrators still view the GPMC as a "very easy to use" tool, but some do not want to use it because it is a tool that requires additional downloads. My job is to work with users to resolve Group Policy issues, and I stress to them that if they do not install the GPMC, I will not help them--GPMC will make the job easier.
Any administrator who has to write user ADM files will be happy to know that the old ADM syntax will be replaced by the new ADMX, ADMX is a syntax based on XML format that creates user ADM files. ADMX files are significantly reduced by more than 4 trillion compared to ADM files. Vista will configure the ADMX file, which is also an extension of the old ADM file. ADM and AMDX files will coexist, and ADMX files can be centrally stored in a single client or in a new directory on the server.
3. read-only domain controller (RODC)
At first glance, it looks as if Microsoft has been reinventing the backup domain controller (BDC). The idea of a read-only domain controller (RODC) is very close to the core of the server, where a restricted domain controller is created at the remote site to simplify the management and recovery of failed events.
A read-only domain controller (RODC) has a smaller Ntds.dit file that can help you properly install a domain controller on a remote site that is connected to a slow speed. Users can log on by caching certificates. The security key can be copied from a fully functional Longhorn domain controller and stored in a read-only domain controller (RODC), similar to how universal group members cache work on Windows Server 2003.
A read-only domain controller (RODC) will be a good addition to the deployment of a branch office. Microsoft is committed to Longhorn the release of Beta 2 with a corresponding full white paper release.
4. BitLocker full Volume encryption (BDE)
BitLocker full Volume encryption (BDE) has the potential to become a heavyweight security feature. There is often a debate about deploying a domain controller or whether the server is powerless in terms of physical security at a remote location. Not long ago, I read an article about a High-tech burglar breaking into a bank without moving the bank's money, but stealing the hard drive from a global directory server. Of course, recent events also have examples of lost or stolen laptops that store information that could cause huge losses to owners, making it all the more important to protect these important data.
The BitLocker feature locks the hard disk into the system layout on one computer, which is very similar to the way file security public key/key works-key or ping. In order to prevent the hard drive from being installed on another system so that data is lost, without the correct trust certificate, the data can not be accessed even if the Windows files and system security are cracked by booting from another hard drive operating system or using hacker software.
5. Restartable Active Directory (restartable Active Directory)
This is a very cool concept, the restartable Active Directory (restartable Active Directory) allows the Active Directory to be restarted without restarting the server. You can use a command line or MMC to complete the reboot. This saves you time online, for example, when you are working on an Active Directory offline disk, you don't have to take the server offline and shut down other services and applications.
This is especially important for deploying several servers at a remote site. For example, if you have an Exchange server on a single server, a global catalog (Catalog), file and print services, and applications, and this is also a domain controller (DC), perform domain controller troubleshooting, Fixes and offline operations can be done while the server and other applications are running, but your Active Directory needs to be offline. This will be very interesting if your restartable Active Directory (restartable Active Directory) will prevent Exchange from being affected by Active Directory paralysis-for example, you can re-create the Active Directory without affecting Exchange.