Changes in Functionality from Windows Server 2003 with sp1 to Windows Server 2008
What existing functionality is changing?
Download 1.83 Mb.
|
- Navigate this page:
- Why is this change important
- Multiple local Group Policy objects
- Finding specific Administrative template policy settings
- Which policy settings are added or changed
- Network Load Balancing Improvements
- What does Network Load Balancing do
- Are there any special considerations
What existing functionality is changing?Windows Server 2008 includes improvements to the GPMC, Group Policy service, events and logging, multiple local Group Policy objects, and more options for finding Administrative template policy settings. Group Policy serviceThe Group Policy infrastructure is improved with complete isolation from Winlogon, delivering a new architecture for how Group Policy performs notification and processing. Why is this change important?The new Group Policy service provides better reliability for Windows and Group Policy, and includes these additional benefits: Microsoft can deliver new Group Policy files, which can be updated without requiring a restart of the operating system. The application of policy is more efficient because of the reduction of resources used for background processing. A performance increase and a reduction in memory usage are results of the new design. These changes eliminate the need to load Group Policy functionality in multiple services. Events and loggingThe Group Policy infrastructure has changed significantly in Windows Server 2008. Group Policy processing no longer exists within the Winlogon process but is hosted as its own service. Additionally, the Group Policy engine no longer relies on the trace logging found in userenv.dll. Why is this change important?Much of the troubleshooting for Group Policy in earlier versions of Windows relied on logging being enabled inside the component userenv.dll. This created a log file named userenv.log in the %WINDIR%\Debug\Usermode folder. This log file contained function trace statements with supporting data. In addition, profile load and unload functions shared this log file, making the log sometimes difficult to diagnose. This log file, used in conjunction with the Resultant Set of Policy Microsoft Management Console (RSoP MMC) was the primary way to diagnose and resolve Group Policy problems. In Windows Server 2008, Group Policy is treated as its own component with a new Group Policy Service, a stand-alone service that runs under the Svchost process for the purpose of reading and applying Group Policy. The new service includes changes with event reporting. Group Policy event messages, previously appearing in the application log, now appear in the system log. The event viewer lists these new messages with an event source of Microsoft-Windows-GroupPolicy. The Group Policy Operational log replaces previous userenv logging. The operational event log provides improved event messages specific to Group Policy processing. Multiple local Group Policy objectsWindows Server 2008 introduces greater flexibility in administering local Group Policy objects (LGPOs), providing the means to manage multiple LGPOs on a single computer. This increased flexibility eases managing environments that involve shared computing on a single computer, such as libraries or computer labs. In addition, in a workgroup each computer maintains its own policy settings. Multiple LGPOs may be assigned to local users or built-in groups. This feature will work with domain-based Group Policy or can be disabled through a Group Policy setting. Why is this change important?Multiple Local Group Policy gives you the flexibility to manage Group Policy based on built-in groups. For example, if you wanted to set up kiosk computers in a library, you could create tightly managed policy settings for built-in User groups and lightly managed policy settings for the built-in Administrator accounts. This approach allows patrons to use the Internet kiosk in a secure environment. Local administrators no longer have to explicitly disable or remove Group Policy settings that interfere with their ability to manage the workstation before performing administrative tasks. In addition, Windows Server 2008 administrators can turn off local Group Policy settings without having to explicitly enable domain-based Group Policy. Finding specific Administrative template policy settingsAdministrative templates are registry-based policy settings listed under the Administrative Templates node of both the Computer Configuration and User Configuration nodes when you edit a GPO in the GPMC. Windows Server 2008 provides a comprehensive list of Administrative template policy settings and new options for filtering and sorting the list of settings. Why is this change important?Windows Server 2008 provides many Administrative template policy settings. Filtering or sorting these settings can enable you to find a specific policy setting more quickly. What works differently?In Windows Server 2008, an All Settings node is displayed under the Administrative Templates node, providing a comprehensive list of all Administrative template policy settings, including both those in ADMX and ADM formats. You can sort this list alphabetically by setting name, state, comment, or path. Additionally, you can filter the list of Administrative template settings using the options available when you right-click the All Settings node. When filtered, the list includes only policy settings in the ADMX format, and you can further restrict the list to include only policy settings: That have been configured (or that have not been configured). To which comments have been added (or to which comments have not been added). That include specified keywords in the setting title, Explain text, or comments. That are managed (or unmanaged). Which policy settings are added or changed?In Windows Server 2008, you can use Group Policy to centrally manage a greater number of features and component behaviors. The number of Group Policy settings has increased from approximately 1,700 in Windows Server 2003 with Service Pack 1 (SP1) to approximately 2,400 in Windows Server 2008. This table summarizes new or expanded categories of Group Policy settings.
Network Load Balancing ImprovementsIn the Windows Server® 2008 operating system, the improvements to Network Load Balancing (NLB) include support for Internet Protocol version 6 (IPv6) and Network Driver Interface Specification (NDIS) 6.0, Windows Management Instrumentation (WMI) enhancements, and improved functionality with Microsoft Internet Security and Acceleration (ISA) Server. What does Network Load Balancing do?NLB is a feature that distributes the load for networked client/server applications across multiple cluster servers. It is part of the Windows scale out functionality and is one of three Windows Clustering technologies. Who will be interested in this feature?NLB is used by IT professionals who need to distribute client requests across a set of servers. It is particularly useful for ensuring that stateless applications, such as a Web server running Internet Information Services (IIS), can be scaled out by adding additional servers as the load increases. NLB provides scalability by allowing you to easily replace a malfunctioning server or add a new server. Are there any special considerations?You must be a member of the Administrators group on the host that you are configuring by using NLB, or you must have been delegated the appropriate authority. What new functionality does this feature provide?NLB includes the following improvements: Support for IPv6. NLB fully supports IPv6 for all communication. Support for NDIS 6.0. The NLB driver has been completely rewritten to use the new NDIS 6.0 lightweight filter model. NDIS 6.0 retains backward compatibility with earlier NDIS versions. Improvements in the design of NDIS 6.0 include enhanced driver performance and scalability and a simplified NDIS driver model. WMI Enhancements. The WMI enhancements to the MicrosoftNLB namespace are for IPv6 and multiple dedicated IP address support. Classes in the MicrosoftNLB namespace support IPv6 addresses (in addition to IPv4 addresses). The MicrosoftNLB_NodeSetting class supports multiple dedicated IP addresses by specifying them in DedicatedIPAddresses and DedicatedNetMasks. Enhanced functionality with ISA Server. ISA Server can configure multiple dedicated IP addresses per each NLB node for scenarios where clients consist of both IPv4 and IPv6 traffic. Both IPv4 and IPv6 clients need to access a particular ISA Server to manage the traffic. ISA can also provide NLB with SYN attack and timer starvation notifications (these scenarios typically occur when a computer is overloaded or is being infected by an Internet virus). Support for multiple dedicated IP addresses per node. NLB fully supports defining more than one dedicated IP address per node. (Previously only one dedicated IP address per node was supported.) Directory: uploads uploads -> 587 Return function, r i(X) r i(0) r i(1) r i(2) r i(3) 1 0 2 4 6 Thermal Station, I 2 0 1 5 6 3 0 3 5 6 10 uploads -> Department of science and humanities department of mathematics part-a questions and answers uploads -> The Case Against the nypd’s Quota-Driven ‘Broken Windows’ Policing What Is It? uploads -> For want of a nail uploads -> Ownership Models There are two different types of ownership models uploads -> Police Militarization uploads -> City of rising star regular meting thursday, july 14, 2016 uploads -> Township of winfield uploads -> Stop Militarizing Law Enforcement Act of 2014 uploads -> The Black Panther Party’s Ten-Point Program What We Want Now! Download 1.83 Mb. Share with your friends:
|