The last couple of months, I have actively worked together with Veeam to profile their excellent Veeam Explorer for Active Directory and to help people get more out of their current investments in on-premises Active Directory Domain Services.
One of the projects we’ve worked on is a whitepaper that details what’s new in Active Directory Domain Services since Windows Server 2008 R2, how organizations can benefit from these features and the requirements to enable and/or use each of these features.
About the whitepaper
While Active Directory (AD) has been around since Windows 2000 Server, Microsoft has continued to make adjustments and introduce features in newer Windows Server releases, especially in Windows Server 2012. What’s New in Active Directory 2016 covers different AD features and the requirements to enable them.
Learn about two big changes made by Microsoft in Windows Server 2012, which now allow AD environments to grow more easily, and beyond the limitations encountered by AD administrators.
Deployment and migration features
Microsoft has released many improvements to make DC deployment and migration better than ever. Have you ever wondered how to prevent possible issues after a schema update? Do you know how to make your DC aware of the virtual environment to prevent data loss? Have you thought about using DC cloning so you can quickly create a replica DC for DR purposes? Have you heard about the new ways to promote a machine to DC? How about preparing an automatic update for the AD domain and a forest for new versions? Keep reading this white paper, we’ve got you covered!
In Windows Server 2012 and WS 2012 R2, a couple of features have been introduced to enable domain admins to further lock down their AD environments. One new security feature is the Flexible Authentication Secure Tunneling (FAST) or Kerberos Armoring. Start solving common security problems with Kerberos and make sure that clients will never return to less- secure legacy protocols or weaker cryptographic methods.
On top of all that security goodness, Windows Server 2016 brings Privileged Access Management (PAM) that allows admins to only have administrative privileges when they need them through auto-expiration of these privileges. Did you know that PAM is the only secure way you could actually regain control over a compromised AD environment without throwing it away?
Learn about Active Directory Administrative Center (dsac.exe), which was first introduced with Windows Server 2008 R2. Read about Active Directory Administrative Center’s serious overhaul in Windows Server 2012. In addition to providing Graphical User Interfaces (GUIs) to new features in Active Directory 2012, the functionality has expanded to manage features that were previously only manageable on the command line.
Has your organization adopted a Hybrid Identity approach towards Azure Active Directory? Your AD can help get the devices your users use into Azure Active Directory with the help of Azure AD Connect and (optionally) AD FS. These features are not just Windows 10 devices, either.
You can download the Whitepaper from Veeam after registration.
It’s a PDF file, weighing 653 KB. It was last released in March 2017.
I am an MCSA, MCSE, MCT, Microsoft Most Valuable Professional (MVP) and Veeam Vanguard. Working for SCCT, a Dutch IT services provider, I have ample experience with deploying and maintaining Microsoft technologies in hundreds of environments, ranging from four to four hundred thousand seats, both on-premises and in the cloud.