In today’s Ask the Admin, I’ll provide a quick rundown of the new and improved features in the latest preview of Windows Server.
Almost as if it didn’t happen, Microsoft quietly released Windows Server 2016 Technical Preview 5 on April 28th. Aidan Finn has already provided an overview of the many new features and improvements in Hyper-V, but if you want to know about the best of the rest, keep on reading.
It’s hard not to have noticed the impact Docker has had over the past couple of years, so Windows and Hyper-V Containers, along with Docker support, are some of Windows Server 2016’s most anticipated new features. This preview brings with it performance improvements, simplified network management, and support for Windows Containers on Windows 10.
Nano Server is now easier to deploy with an updated PowerShell module, and there’s better separation between the host device and guest VM. The Recovery Console has also been updated, including the ability to repair Windows Remote Management (WinRM).
Remote Desktop Services
There’s also good news for Remote Desktop Services, which now includes support for using an Azure SQL Database for RD Connection Brokers when high availability is required.
Active Directory Certificate Services
Key attestation allows users to cryptographically prove that the key in a certificate request to a certificate authority (CA) is protected by a Trusted Platform Module (TPM) that the CA trusts. Windows Server 2016 TP5 supports Smart Card Key Storage Provider (KSP) for key attestation, and workgroup devices can use Network Device Enrollment Service (NDES) enrollment to request certificates that can be attested for keys in a TPM.
Because a user certificate with a TPM-attested key provides a greater level of assurance, administrators can create whitelists of devices from which users are able to access corporate resources, such as VPNs and wireless access points. This feature allows administrators to be confident that unapproved devices can’t be used to access sensitive network resources.
Along with support for PowerShell 5.0, Windows Server 2016 TP5 comes with new cmdlets for managing local users and groups, the ability to run PowerShell.exe locally on Nano. Nano also sees PowerShell debugging support, and security and logging transcription for Just Enough Administration (JEA). For more information on JEA, see PowerShell 5.0 Just Enough Administration (JEA) Part 1 and Part 2 on the Petri IT Knowledgebase.
JEA also benefits from a raft of improvements, such as support for running under a network account, PowerShell Direct, the ability to securely copy files to and from JEA endpoints, and the PowerShell console can be configured to launch connected to a JEA endpoint by default.
File and Storage Services
Storage Spaces Direct sees advances in management and the Health Service monitors operations and maintenance. Storage Replica brings delegation of administration capabilities and better performance for thinly provisioned storage.
Last but not least, clustering support is updated with VM Node Fairness for seamless load balancing of virtual machines in a cluster, and VM Start Order, which allows admins to determine the start order of VMs in a cluster. There’s also simplified Server Message Block (SMB) multi-channel and multi-NIC cluster networks for easier configuration of high speed networks on Scale-out File Servers. See Windows Server 2012: SMB 3.0 and the Scale-Out File Server on Petri for more details on these features.