New & Updated Features in Windows Server 2012 R2

New & Updated Features in Windows Server 2012 R2

Expanded from: http://technet.microsoft.com/en-us/library/dn250019

What’s New for iSCSI Target Server in Windows Server 2012 R2

iSCSI Target Server enables you to network boot multiple computers from a single operating system image that is stored in a centralized location.  iSCSI Target Server can boot hundreds of computers by using a single operating system image. Other scenarios in which you can use iSCSI Target Server include:

  • Some server applications require block storage, and iSCSI Target Server can provide these applications with continuously available block storage. Because the storage is remotely accessible, it can also consolidate block storage for central and branch office locations.
  • iSCSI Target Server supports non-Microsoft iSCSI initiators, making it easy to share storage on servers in a mixed, heterogeneous software environment.
  • When iSCSI Target Server is enabled, a computer running the Windows Server operating system becomes a network-accessible block storage device. This is useful for testing applications prior to deployment in a storage area network (SAN).

Feature/functionality

New/updated

Summary

Virtual disks enhancements New Includes a redesigned data persistence layer that is based on a new version of the VHD format called VHDX (VHD 2.0). VHDX has a much larger storage capacity than the older VHD format. iSCSI Target Server also provides data corruption protection during power failures and optimizes structural alignments of dynamic and differencing disks to prevent performance degradation on new, large-sector physical disks. You can still import VHD 1.0 disks by using Windows Server 2012 R2 Preview.
Manageability enhancements Updated Uses the SMI-S provider in Windows Server 2012 R2 Preview with System Center Virtual Machine Manager (VMM) to manage iSCSI Target Server in a hosted, and/or private cloud. Additionally, new Windows PowerShell cmdlets for iSCSI Target Server enable you to export and import configuration files, and they provide the ability to disable remote management when iSCSI Target Server is deployed in a dedicated Windows-based appliance scenario (for example, Windows Storage Server).
Improved optimization to allow disk-level caching Updated iSCSI Target Server now sets the disk cache bypass flag on a hosting disk I/O, through Force Unit Access (FUA), only when the issuing initiator explicitly requests it. This change can potentially improve performance. Previously, iSCSI Target Server would always set the disk cache bypass flag on all I/O’s. System cache bypass functionality remains unchanged in iSCSI Target Server; for instance, the file system cache on the target server is always bypassed.
Scalability limits Updated Increases the maximum number of sessions per target server to 544, and increases the maximum number of logical units per target server to 256.
Local mount functionality Updated Deprecates local mount functionality for snapshots. As a workaround, you can use the local iSCSI initiator on the target server computer (this is also called the loopback initiator) to access the exported snapshots.

What’s New for SMB in Windows Server 2012 R2

Server Message Block (SMB) is a network file sharing protocol that allows applications on a computer to read and write to files and to request services from server programs in a computer network.

Feature/functionality

New or updated

Summary

Automatic rebalancing of Scale-Out File Server clients New This functionality improves scalability and manageability for Scale-Out File Servers. SMB client connections are tracked per file share (instead of per server), and clients are then redirected to the cluster node with the best access to the volume used by the file share. This improves efficiency by reducing redirection traffic between file server nodes. Clients are redirected following an initial connection and when cluster storage is reconfigured.
Improved performance of SMB Direct (SMB over RDMA) Updated Improves performance for small I/O workloads by increasing efficiency when hosting workloads with small I/Os (such as an online transaction processing (OLTP) database in a virtual machine). These improvements are evident when using higher speed network interfaces, such as 40 Gbps Ethernet and 56 Gbps InfiniBand.
Improved SMB event messages Updated SMB events now contain more detailed and helpful information. This makes troubleshooting easier and reduces the need to capture network traces or enable more detailed diagnostic event logging. By default, the most relevant event channels are turned on, so you instantly capture all of the essential information. In addition, some events now include details on configuration and troubleshooting solutions.
VHDX files as shared storage for guest clustering New Simplifies the creation of guest clusters by using shared VHDX files for shared storage inside the virtual machines. You can use this feature with VHDX files that are stored in Cluster Shared Volumes (CSV) or SMB Scale-Out file shares. For more information, see Deploy a Guest Cluster Using a Shared Virtual Hard Disk.
Hyper-V Live Migration over SMB New Enables you to perform a live migration of virtual machines by using SMB 3.0 as a transport. This allows you to take advantage of key SMB features, such as SMB Direct and SMB Multichannel, by providing high speed migration with low CPU utilization.
Improved SMB bandwidth management New Enables you to configure SMB bandwidth limits to control different SMB traffic types. There are three SMB traffic types: default, live migration, and virtual machine.
Support for multiple SMB instances on a Scale-Out File Server New Provides an additional instance on each cluster node in Scale-Out File Servers specifically for CSV traffic. A default instance can handle incoming traffic from SMB clients that are accessing regular file shares, while another instance only handles inter-node CSV traffic. This feature improves scalability and reliability of traffic between CSV nodes.
SMB 1.0 is now an optional feature Updated The SMB 1.0 features, including the legacy computer browser service and Remote Administration Protocol (RAP), are now separate and can be eliminated. These features are still enabled by default, but if you have no older SMB clients, such as Windows XP or Windows Server 2003, you can remove the SMB 1.0 features to increase security and potentially reduce patching.

What’s New for Windows Deployment Services in Windows Server 2012 R2

Windows Deployment Services (WDS) is a server role that enables you to remotely deploy Windows operating systems. You can use it to set up new computers by using a network-based installation. This means that you do not have to install each operating system directly from a CD, USB drive or DVD. To use Windows Deployment Services, you should have a working knowledge of common desktop deployment technologies and networking components, including Dynamic Host Configuration Protocol (DHCP), Domain Name System (DNS), and Active Directory Domain Services (AD DS). It is also helpful to understand the Preboot eXecution Environment (also known as Pre-Execution Environment).

Feature

Windows Server 2003

Windows Server 2008

Windows Server 2008 R2

Windows Server 2012and Windows Server 2012 R2 Preview

Operating systems deployed Legacy mode: Windows 2000, Windows XP, Windows Server 2003Mixed mode: Windows 2000, Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008

Native mode: Windows 2000 Professional, Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, Windows Server 2008 R2

Windows 2000Windows XP

Windows Server 2003

Windows Vista

Windows Server 2008

Windows 7

Windows Server 2008 R2

Windows XPWindows Server 2003

Windows Vista SP1

Windows Server 2008

Windows 7

Windows Server 2008 R2

Windows XPWindows Server 2003

Windows Vista SP1

Windows Server 2008

Windows 7

Windows Server 2008 R2

Windows Server 2012

Windows 8

Windows 8.1 Preview

Windows Server 2012 R2 Preview

Image types deployed Legacy mode: RISETUP and RIPREPMixed mode: RISETUP, RIPREP, .wim

Native mode: .wim

For a new installation, only .wim images are supported.If you upgrade from Windows Server 2003, you can convert any RIPREP images to .wim format after the upgrade. However, RISETUP images are not supported. .wim.vhd images of Windows Server 2008 R2 are supported as part of an unattended installation (managed by using the command line only).

Note
.vhd images are only used for booting from VHD scenarios, and they are not applied directly to volumes.
.wim and .vhd images are both supported similar to Windows Server 2008 R2..vhd images can now be managed via the WDS management snap-in in addition to the command-line.

In addition, .vhdx files (a new file format available in Windows Server 2012) are supported directly and over multicast.

The .vhdx format supports a sparse, dynamic representation of a disk, which produces a relatively small disk image file (compared to directly storing the full contents of the disk). The .vhdx format is supported for VDH boot scenarios in addition to direct application to system volumes (similar to .wim deployments).

Boot environment Legacy mode: OSChooserMixed mode: OSChooser and Windows Preinstallation Environment (Windows PE)

Native mode: Windows PE

Windows PE Windows PE Windows PE
Administration experience Legacy mode: Remote Installation Services (RIS) toolsetMixed mode: RIS toolset to manage RISETUP and RIPREP images. Microsoft Management Console (MMC) snap-in and WDSUTIL to manage .wim images.

Native mode: MMC snap-in and WDSUTIL

MMC snap-in and WDSUTIL MMC snap-in and WDSUTIL MMC snap-in and WDSUTIL. Windows PowerShell cmdlets added in Windows Server 2012 R2 Preview.
Multicasting Not supported. Supported for install images. (The Boot.wim file must be from the DVD for Windows Server 2003, Windows Vista with SP1, Windows Server 2008, Windows 7, or Windows Server 2008 R2.) Supported for install images. (The Boot.wim file must be from the DVD for Windows Server 2008, Windows Vista with SP1, Windows 7, or Windows Server 2008 R2.)Supported for boot images for computers with EFI (managed by using the command line only).

Provides the ability to automatically disconnect slow clients and divide transmissions into multiple streams based on client speeds (the boot image must be Windows 7 or Windows Server 2008 R2).

Provides support for multicasting in environments that use IPv6 (the boot image must be from Windows Server 2008, Windows Vista with SP1, Windows 7, or Windows Server 2008 R2).

Provides support for TFTP and multicasting over IPv6 and DHCPv6.Improved multicast deployment by eliminating the need for making a local copy of the install.wim file. You can apply the install.wim file while it is being downloaded without significant impact to the application process.

Applying the install.wim file concurrently with the multicast download decreases overall deployment time, offers higher disk write throughput, and requires less space on the client system.

Reduced default block size fits within an Ethernet MTU and works on customer hardware that does not support IP fragmentation.

Driver provisioning Not supported. Not supported. Provides the ability to deploy driver packages to client computers based on their hardware as part of an installation (the install image must be Windows Vista with SP1, Windows 7, or Windows Server 2008).Provides the ability to add driver packages to boot images (Windows 7 or Windows Server 2008 R2 images only). Extends filters for driver groups to support manufacturer Model Number and Device Groups. Driver import automatically detects and prevents duplicate driver packages from being added to the driver store.
Extensibility Supports custom PXE providers. Supports custom PXE providers.Supports transmitting data and images by using multicasting on a stand-alone server (Transport Server). However, you must develop a way to boot clients.

Supports custom multicast providers.

Supports custom PXE providers.Supports transmitting data and images by using multicasting on a stand-alone server (Transport Server).

Includes a PXE provider to boot clients.

Supports custom multicast providers.

Supports custom PXE providers.Supports transmitting data and images by using multicasting on a stand-alone server (Transport Server). Includes a PXE provider to boot clients.

Supports custom multicast providers.

Extensible Firmware Interface (EFI) Supports network booting of Itanium-based computers with EFI. Supports network booting of Itanium-based and x64-based computers with EFI/UEFI. Supports network booting of x64-based computers with UEFI.Includes Auto-add functionality.

Includes DHCP referral to direct clients to a specific PXE server.

Provides the ability to deploy boot images by using multicasting.

Support x86 clients (32-bit processors) with Unified Extensible Firmware Interface (UEFI) to network boot and complete an end-to-end deployment by using WDS.
PowerShell cmdlet scripting Not supported Not supported Not supported Supported on Windows Server 2012 R2 Preview only

Windows PowerShell cmdlets for WDS

A WDS server running Windows Server 2012 R2 Preview can be managed using the Windows PowerShell cmdlets for WDS. Using Windows PowerShell cmdlets you can add driver packages, add client images, enable and disable boot and install images, and do many other common WDS tasks. For a full reference see Windows PowerShell cmdlets for WDS.

What’s New in Active Directory in Windows Server 2012 R2

One of the most prevalent IT industry trends at the moment is the proliferation of consumer devices in the workplace. Employees and partners want to access protected corporate data from their personal devices, from checking email to the consumption of advanced business applications. IT administrators in organizations, while wanting to enable this level of productivity, would like to continue to ensure that they can manage risk and govern the use of corporate resources.

In Windows Server® 2012 R2 Preview, Active Directory has been enhanced with the following value propositions to allow IT risk management while also enabling IT to empower their users to be productive from a variety of devices:

  • IT administrators can allow devices to be associated with the company’s Active Directory and use this association as a seamless second factor authentication.
  • Single sign-on (SSO) from devices that are associated with the company’s Active Directory
  • Enable users to connect to applications and services from anywhere with Web Application Proxy
  • Manage the risk of users working from anywhere, accessing protected data from their devices, with Multi-factor Access Control and Multi-Factor Authentication (MFA)

 

Guide Name

Description

Join to Workplace from Any Device for SSO and Seamless Second Factor Authentication Across Company Applications Overview This guide describes the key concepts and provides the step-by-step walkthrough instructions for Workplace Join: configuring the Device Registration Service (DRS), workplace join with a Windows device, workplace join with an iOS device, and how to deal with lost or stolen devices.
Connect to Applications and Services from Anywhere with Web Application Proxy Overview This guide describes and provides step-by-step walkthrough instructions for using Web Application Proxy – a new Remote Access role service in Windows Server® 2012 R2 Preview – to provide access to a sample web application using claims-based authentication using AD FS authentication.
Manage Risk with Multi-factor Access Control Overview This guide describes the enhanced IT risk management strategies available in AD FS in Windows Server® 2012 R2 Preview and provides step-by-step walkthrough instructions for configuring and verifying the solution of managing risk with multi-factor access control based on multiple criteria.
Manage Risk with Additional Multi-Factor Authentication for Sensitive Applications Overview This guide describes the authentication mechanisms available in AD FS in Windows Server® 2012 R2 Preview and provides step-by-step walkthrough instructions for configuring and verifying the solution of using AD FS to enable multi-factor authentication (MFA) based on the user data.

What’s New in BitLocker in Windows 8.1 and Windows Server 2012 R2
BitLocker is providing support for device encryption on x86 and x64-based computers with a TPM that supports connected stand-by. Previously this form of encryption was only available on Windows RT devices.

 

Support for device encryption

Device encryption helps protect data on your Windows PC. It helps block malicious users from accessing the system files they rely on to discover your password, or from accessing your drive by physically removing it from your PC and installing it in a different one. You can still sign in to Windows and use your files as you normally would. Device encryption protects the operating system drive and any fixed data drives on the system using AES 128-bit encryption. Device encryption can be used with either a Microsoft Account or a domain account. To support device encryption, the system must support connected standby and meet the Windows Hardware Certification Kit (HCK) requirements for TPM and SecureBoot on ConnectedStandby systems. The pre-requisites are listed in the following sections:

  • System.Fundamentals.Security.DeviceEncryption – General device encryption requirements.
  • System.Fundamentals – Connected standby systems requirements.
  • System.Fundamentals.Firmware.CS.UEFISecureBoot.ConnectedStandby– Requirements for TPM 2.0 and Secure Boot for connect standby systems.

Unlike a standard BitLocker implementation, device encryption is enabled automatically so that the device is always protected. The following list outlines the way this is accomplished:

  • When a clean install of Windows 8.1 Preview is completed the computer is prepared for first use. As part of this preparation, device encryption is initialized on the operating system drive and fixed data drives on the computer with a clear key (this is the equivalent of standard BitLocker suspended state).
  • If the device is not domain-joined a Microsoft Account that has been granted administrative privileges on the device is required. When the administrator uses a Microsoft account to sign in, the clear key is removed, a recovery key is uploaded to online Microsoft account and TPM protector is created. Should a device require the recovery key, the user will be guided to use an alternate device and navigate to a recovery key access URL to retrieve the recovery key using their Microsoft Account credentials.
  • If the user signs in using a domain account, the clear key is not removed until the user joins the device to a domain (on x86/x64 platforms) and the recovery key is successfully backed up to Active Directory Domain Services. The Group Policy setting Computer Configuration\Administrative Templates\Windows Components\BitLocker Drive Encryption\Operating System Drives must be enabled and the option Do not enable BitLocker until recovery information is stored in AD DS for operating system drives should be selected. With this configuration the recovery password will be automatically created when the computer joins the domain, then the recovery key will be backed up to AD DS, the TPM protector is created, and the clear key is removed.

Group Policy setting conflicts

Device encryption is subject to BitLocker Group Policy settings; however, its default configuration will conflict with some Group Policy settings. The following list describes the policy settings that should be set to either “not configured” or, if configured, reviewed to ensure that they support device encryption.

  • Computer Configuration\Administrative Templates\Windows Components\BitLocker Drive Encryption\Operating System Drives\Require additional authentication at startup settings:
    • Any option that requires a startup authentication method other than the TPM.Device encryption defaults only allow for the TPM key protector to be configured when the device is encrypted. On Windows x84 and x86 computers an additional protector can be added after the device is encrypted from the BitLocker Control Panel by using the Change how drive is unlocked at startup item.
  • Computer Configuration\Administrative Templates\Windows Components\BitLocker Drive Encryption\Operating System Drives\Choose how BitLocker-protected operating system drives can be recovered and Computer Configuration\Administrative Templates\Windows Components\BitLocker Drive Encryption\Fixed Data Drives\Choose how BitLocker-protected fixed data drives can be recovered settings:
    • Device encryption uses recovery passwords only. If you have configured this Group Policy setting with the option Do not allow 48-digit recovery password, device encryption will be prevented because its only recovery method is the recovery password.
    • Device encryption requires that passwords be backed up to an online storage location. If you have configured this Group Policy setting with the option Save BitLocker recovery information to Active Directory Domain Services unchecked, device encryption will be prevented because device encryption requires that the recovery password be backed up to AD DS if the device is domain-joined.

What’s New in DFS Replication in Windows Server 2012 R2

DFS Replication is a role service in the File and Storage Services role. It enables you to efficiently replicate folders (including those referred to by a DFS namespace path) across multiple servers and sites. DFS Replication uses a compression algorithm known as remote differential compression (RDC). RDC detects changes to the data in a file, and it enables DFS Replication to replicate only the changed file blocks instead of the entire file.

Feature/functionality

New or updated?

Description

Windows PowerShell module for DFS Replication New Provides Windows PowerShell cmdlets for performing the majority of administration tasks for DFS Replication, as well as new functionality.
DFS Replication Windows Management Infrastructure provider New Provides the latest Windows Management Infrastructure (WMI)-based methods to manage DFS Replication.
Database cloning for initial sync New Provides support for bypassing initial replication when creating new replicated folders, replacing servers, or recovering from a disaster.
Database corruption recovery New Provides support for rebuilding corrupt databases without unexpected data loss caused by non-authoritative initial sync.
Cross-file RDC disable New Provides the option to disable cross-file remote differential compression (RDC) between servers.
File staging tuning New Provides the option to configure variable file staging sizes on individual servers.
Preserved file restoration New Provides the capability to restore files from the ConflictAndDeleted and PreExisting folders.
Unexpected shutdown database recovery improvements Updated Enables automatic recovery after a loss of power or an unexpected stopping of the DFS Replication service.
Membership disabling improvements Updated Stops DFS Replication private folder cleanup when disabling a server’s membership in a replicated folder.

 

The following features are included in Windows Server 2012 R2 Preview but are being phased out, and they likely will be removed from future versions of the Windows Server operating system.

Deprecated feature

Replacement

DFS Namespaces command-line tool, Dfscmd DFS Namespaces module for Windows PowerShell
File Replication Service (FRS) DFS ReplicationIn Windows Server 2012 R2 Preview, it is no longer possible to use Windows PowerShell or Server Manager to create new domains with a Windows Server 2003 domain functional level. This means that new FRS deployments are now blocked and DFS Replication will always be used for SYSVOL replication in new domains.

To use FRS to replicate SYSVOL on domain controllers running Windows Server 2012 R2 Preview, they must belong to an existing domain that uses the Windows Server 2003 domain functional level.

What’s New in DHCP in Windows Server 2012 R2

Dynamic Host Configuration Protocol (DHCP) in Windows Server® 2012 R2 Preview provides new features and capabilities over previous versions.

Feature/functionality

New or improved

Description

DNS registration enhancements New You can use DHCP policies to configure conditions based on the fully qualified domain name (FQDN) of DHCP clients, and to register workgroup computers using a guest DNS suffix.
DNS PTR registration options New You can enable DNS registration of address (A) and pointer (PTR) records, or just enable registration of A records.
Windows PowerShell for DHCP server Improved New Windows PowerShell cmdlets are available.

 

Cmdlet name

New or improved

Description

Add-DhcpServerSecurityGroup New Adds security groups to a DHCP server.
Add-DhcpServerv4MulticastExclusionRange New Adds a range of addresses to exclude from a multicast scope.
Add-DhcpServerv4MulticastScope New Adds a multicast scope on the DHCP server.
Add-DhcpServerv4Policy Improved Adds a new policy either at the server level or at the scope level.This cmdlet can now be used to specify lease duration and also add FQDN-based policies.
Get-DhcpServerDnsCredential New Gets an account that the DHCP Server service uses to register or deregister client records on a DNS server.
Get-DhcpServerv4DnsSetting Improved This cmdlet can now be used to display DNS settings of DHCP policies.
Get-DhcpServerv4MulticastExclusionRange New Retrieves the exclusion range for a specified multicast scope.
Get-DhcpServerv4MulticastLease New Retrieves multicast leases for a specified scope name.
Get-DhcpServerv4MulticastScope New Gets multicast scope objects.
Get-DhcpServerv4MulticastScopeStatistics New Gets multicast scope statistics.
Get-DhcpServerv4SuperscopeStatistics New Returns statistics for superscopes.
Remove-DhcpServerDnsCredential New Removes the credential that the DHCP Server service uses to register or deregister client records on a DNS server.
Remove-DhcpServerv4MulticastExclusionRange New Removes a range of addresses previously excluded from a multicast scope.
Remove-DhcpServerv4MulticastLease New Removes one or more multicast scope leases for a specified multicast scope or IP address.
Remove-DhcpServerv4MulticastScope New Removes multicast scopes.
Rename-DhcpServerv4Superscope New Renames a superscope.
Repair-DhcpServerv4IPRecord New Reconciles inconsistent lease records in the DHCP database.
Set-DhcpServerDnsCredential New Sets credentials that the DHCP Server service uses to register or deregister client records on a DNS server.
Set-DhcpServerv4DnsSetting Improved Configures how the Dynamic Host Configuration Protocol (DHCP) server service updates the DNS server with the client-related information.Ths cmdlet can now be used to set the DNS settings of policies.
Set-DhcpServerv4Failover Improved Modifies the attributes of an existing failover relationship.This cmdlet can now be used to change the mode of a failover relationship.
Set-DhcpServerv4MulticastScope New Modifies the properties of a multicast scope.
Set-DhcpServerv4Policy Improved Sets the properties of an existing policy either at the server level or at the specified scope level.This cmdlet can now be used to set lease duration of a policy and also modify FQDN-based policies.

What’s New in DNS Server in Windows Server 2012 R2

This topic provides information about new and changed functionality in the DNS Server service in Windows Server 2012 R2 Preview. For information about the DNS Client service or the DNS Server service in other versions of Windows Server, see What’s New in DNS.

Feature/functionality

New or improved

Description

Enhanced zone level statistics Improved Zone level statistics are available for different resource record types, zone transfers, and dynamic updates.
Enhanced DNSSEC support Improved DNSSSEC key management and support for signed file-backed zones is improved.
Enhanced Windows PowerShell support Improved New Windows PowerShell parameters are available for DNS Server.

What’s New in Failover Clustering in Windows Server 2012 R2

Failover clusters provide high availability and scalability to many server workloads. These include server applications such as Microsoft Exchange Server, Hyper-V, Microsoft SQL Server, and file servers. The server applications can run on physical servers or virtual machines. In a failover cluster, if one or more of the clustered servers (nodes) fails, other nodes begin to provide service. This process is known as failover.

Feature/Functionality

New or Improved

Description

Shared virtual hard disk (for guest clusters) New Enables you to use .vhdx files as shared storage in a guest cluster.
Virtual machine drain on shutdown New Enables a Hyper-V host to automatically live migrate running virtual machines if the computer is shut down.
Virtual machine network health detection New Enables a Hyper-V host to automatically live migrate virtual machines if a network disconnection occurs on a protected virtual network.
Optimized CSV placement policies Improved Distributes CSV ownership evenly across the failover cluster nodes.
Increased CSV resiliency Improved Multiple Server service instances per cluster node and CSV monitoring of the Server service provide greater resiliency.
CSV cache allocation Improved Increases the amount of RAM that you can allocate as CSV cache.
CSV diagnosibility Improved Enables you to view the state of a CSV on a per node basis, and the reason for I/O redirection.
CSV interoperability Improved Adds CSV support for other Windows Server 2012 R2 Preview features.
Deploy an Active Directory-detached cluster New Enables you to deploy a failover cluster with less dependency on Active Directory Domain Services.
Dynamic witness New Dynamically adjusts the witness vote based on the number of voting nodes in current cluster membership.
Quorum user interface improvements Improved Enables you to easily view the assigned quorum vote and the current quorum vote for each node in Failover Cluster Manager.
Force quorum resiliency New Enables automatic recovery in the case of a partitioned failover cluster.
Tie breaker for 50% node split New Enables one side of a cluster to continue to run in the case of a cluster split where neither side would normally have quorum.
Configure the Global Update Manager mode New Helps the cluster to continue to function if there is a delay with one or more nodes.
Cluster node health detection Improved Increases the resiliency to temporary network failures for virtual machines that are running on a Hyper-V cluster.
Turn off IPsec encryption for inter-node cluster communication New Helps prevent a cluster from being affected by high latency Group Policy updates.
Cluster dashboard New Provides a convenient way to check the health of all managed failover clusters in Failover Cluster Manager.

New and changed functionality in File and Storage Services

File and Storage Services includes technologies that help you set up and manage one or more file servers, which are servers that provide central locations on your network where you can store files and share them with users. If your users need access to the same files and applications, or if centralized backup and file management are important to your organization, you should set up one or more servers as a file server by installing the File and Storage Services role and the appropriate role services.

The File and Storage Services role and the Storage Services role service are installed by default, but without any additional role services. This basic functionality enables you to use Server Manager or Windows PowerShell to manage the storage functionality of your servers. However, to set up or manage a file server, you should use the Add Roles and Features Wizard in Server Manager or the

1
Install-WindowsFeature

Windows PowerShell cmdlet to install additional File and Storage Services role services, such as the role services discussed in this topic.

 

Administrators can use the File and Storage Services role to set up and manage multiple file servers and their storage capabilities by using Server Manager or Windows PowerShell. Some of the specific applications include the following:

  • Work Folders   Use to enable users to store and access work files on personal PCs and devices, in addition to corporate PCs. Users gain a convenient location to store work files and access them from anywhere. Organizations maintain control over corporate data by storing the files on centrally managed file servers and optionally specifying user device policies (such as encryption and lock screen passwords). Work Folders is a new role service in Windows Server 2012 R2 Preview.
  • Data Deduplication   Use to reduce the disk space requirements of your files, saving money on storage.
  • iSCSI Target Server   Use to create centralized, software-based, and hardware-independent iSCSI disk subsystems in storage area networks (SANs).
  • Storage Spaces   Use to deploy high availability storage that is resilient and scalable by using cost-effective industry-standard disks.
  • Server Manager   Use to remotely manage multiple file servers from a single window.
  • Windows PowerShell   Use to automate the management of the majority of administration tasks for file servers.

Feature/functionality

New or updated?

Description

Work Folders New Provides a consistent way for users to access their work files from their personal computers and devices. See Work Folders Overview for more information.
Server Message Block Updated Enhancements include automatic rebalancing of Scale-Out File Server clients, improved performance of SMB Direct, and improved SMB event messages. See What’s New for SMB in Windows Server 2012 R2 for more information.
DFS Namespaces and DFS Replication Updated Enhancements include database cloning for large performance gains during initial sync, a Windows PowerShell module for DFS Replication, a new DFS Replication WMI provider, faster replication on high bandwidth connections, conflict and preexisting data recovery, and support for rebuilding corrupt databases without unexpected data loss. See What’s New in DFS Replication in Windows Server 2012 R2 for more information.
iSCSI Target Server Updated Updates include virtual disk enhancements, manageability enhancements in a hosted or private cloud, and improved optimization to allow disk-level caching. See What’s New for iSCSI Target Server in Windows Server 2012 R2 for more information.

The following table describes some of the major changes in File and Storage Services functionality that are available in Windows Server 2012.

Feature/functionality

New or updated?

Description

Data Deduplication New Saves disk space by storing a single copy of identical data on the volume.
iSCSI Target Server New Provides block storage to other servers and applications on the network by using the Internet SCSI (iSCSI) standard.
Storage Spaces and storage pools New Enables you to virtualize storage by grouping industry-standard disks into storage pools and then creating storage spaces from the available capacity in the storage pools.
Unified remote management of File and Storage Services in Server Manager New Enables you to remotely manage multiple file servers, including their role services and storage, from a single window.
Windows PowerShell cmdlets for File and Storage Services New Provides Windows PowerShell cmdlets to perform the majority of administration tasks for file and storage servers.

What’s New in File Server Resource Manager in Windows Server 2012 R2
File Server Resource Manager provides a set of features that enable you to manage and classify data that is stored on file servers.
You can configure the features that are included with File Server Resource Manager by using the File Server Resource Manager snap-in or by using Windows PowerShell.

Feature/Functionality

New or Improved

Description

Clear classification property values that no longer apply to an updated file New Provides the ability to clear property values that no longer apply to an updated file during reevaluation of existing classification property values.
Set maximum values for storage reports New Enables you to configure the maximum number of files per storage report, and to configure maximum values in the default parameters for specific storage reports.

What’s New in Group Policy in Windows Server 2012 R2
Group Policy is an infrastructure that enables you to specify managed configurations for users and computers through Group Policy settings and Group Policy Preferences. For Group Policy settings that affect only a local computer or user, you can use the Local Group Policy Editor. You can manage Group Policy settings and Group Policy Preferences in an Active Directory Domain Services (AD DS) environment through the Group Policy Management Console (GPMC). Group Policy management tools also are included in the Remote Server Administration Tools pack, which provides a way for you to administer Group Policy settings from your desktop.

Feature/functionality

New or Updated

IPv6 support Updated
Policy caching New
Event logging Updated

Policy caching

Windows Server 2012 R2 Preview , when Group Policy gets the latest version of a policy from the domain controller, it writes that policy to a local store. Then if Group Policy is running in synchronous mode the next time the computer reboots, it reads the most recently downloaded version of the policy from the local store, instead of downloading it from the network. This reduces the time it takes to process the policy. Consequently, the boot time is shorter in synchronous mode. This is especially important if you have a latent connection to the domain controller, for example, with DirectAccess or for computers that are off premises. This behavior is controllable by a new policy called Configure Group Policy Caching.

What’s New in Hyper-V in Windows Server 2012 R2
The Hyper-V role enables you to create and manage a virtualized computing environment by using virtualization technology that is built in to Windows Server 2012 R2 Preview. Hyper-V virtualizes hardware to provide an environment in which you can run multiple operating systems at the same time on one physical computer, by running each operating system on its own virtual machine.

Feature or functionality

New or updated

Shared virtual hard disk New
Resize virtual hard disk Updated
Storage Quality of Service New
Live migrations Updated
Virtual machine generation New
Integration services Updated
Export Updated
Failover Clustering and Hyper-V Updated
Enhanced session mode New
Hyper-V Replica Updated
Linux support Updated
Management Updated
Automatic Virtual Machine Activation New


What’s New in Hyper-V Network Virtualization in Windows Server 2012 R2

HNV provides a virtual network abstraction on top of a physical network. This abstraction provides virtual networks to virtual machines which operate the same as a physical network. This is similar to the abstraction hypervisors provide to the operating system running in virtual machines. HNV provides this abstraction through an overlay network on top of the physical network for each VM network.

Feature/functionality

Windows Server 2012

Windows Server 2012 R2 Preview

Inbox HNV Gateway X
HNV interoperability with Hyper-V Virtual Switch Extensions X X
HNV VM Network Diagnostics X X
HNV Architecture X X
Dynamic IP Address Learning X
HNV + Windows NIC Teaming X X
NVGRE Encapsulated Task Offload X X

What’s New in Hyper-V Virtual Switch in Windows Server 2012 R2

This topic provides information about the new features for the Hyper-V Virtual Switch in Windows Server® 2012 R2 Preview.

This topic contains the following sections.

 

What’s New in IPAM in Windows Server 2012 R2
IP Address Management (IPAM) is feature which was first introduced in Windows Server® 2012 that provides highly customizable administrative and monitoring capabilities for the IP address infrastructure on a corporate network. IPAM in Windows Server® 2012 R2 Preview includes many enhancements.

Feature/functionality

New or improved

Description

Role based access control New Role based access control enables you to customize the types of operations and access permissions for users and groups of users on specific objects.
Virtual address space management New IPAM streamlines management of physical and virtual IP address space in System Center Virtual Machine Manager.
Enhanced DHCP server management Improved Several new operations are available in IPAM to enhanced the monitoring and management of the DHCP Server service on the network.
External database support New In addition to Windows Internal Database (WID), IPAM also optionally supports the use of a Microsoft SQL database.
Upgrade and migration support New If you installed IPAM on Windows Server 2012, your data is maintained and migrated when you upgrade to Windows Server 2012 R2 Preview.
Enhanced Windows PowerShell support Improved Windows PowerShell support for IPAM is greatly enhanced to provide extensibility, integration, and automation support.


What’s New in Networking in Windows Server 2012 R2

The following networking technologies are new or improved in Windows Server® 2012 R2 Preview:

802.1X Authenticated Wired Access

802.1X Authenticated Wireless Access

Domain Name System (DNS)

Dynamic Host Configuration Protocol (DHCP)

Hyper-V Network Virtualization (HNV)

Hyper-V Virtual Switch

Internet Protocol Address Management (IPAM)

Remote Access (DirectAccess, Routing and Remote Access)

Virtual Receive-side Scaling (vRSS)

Windows Server Gateway (virtual machine (VM)-based software router)

What’s New in Print and Document Services in Windows Server 2012 R2
Print and Document Services enables you to centralize print server and network printer management tasks. With this role, you can also receive scanned documents form network scanners and route the documents to a shared network resource, Windows SharePoint Services site, or email addresses.

Feature/functionality

New or updated?

Description

Event Logging for Branch Office Direct Printing Updated Printing events are now written to the print server when BODP is enabled for the queue
Printer Migration for Web Services for Devices (WSD) print devices Updated You can now use the Printer Migration Wizard or command line tools to export and import printer settings for WSD print devices
Roaming Settings include Printer Connections New Printer settings and some connections are now available in roaming user profiles when you log on using different computers and devices
Easier Printing in Windows RT New Windows RT users can now easily find and use printers
Near Field Communication (NFC) Connections to Printers New You can configure shared printers to advertise NFC wireless connections to Printers so that users with compatible devices can easily locate, install, and use printers
Common framework for PIN-protected printing support by IHVs New A common framework is provided for PIN-protected printing, with an integrated user interface and easier implementation for IHVs
Print and Fax services now include user access logging Updated Print and fax service logging now includes user name and computer name logging in addition to IP address logging.

What’s New in Remote Access in Windows Server 2012 R2
There are a number of new Remote Access server and client features in Windows Server® 2012 R2 Preview and Windows® 8.1 Preview. The new server features include:

  • Multi-tenant Site-to-site VPN Gateway
  • Multi-tenant Remote Access VPN Gateway
  • Border Gateway Protocol (BGP)
  • Web Application Proxy

The new Windows 8.1 Preview Remote Access client features include:

  • Auto-triggered VPN
  • Enhanced VPN Client PowerShell configuration
  • Enhanced VPN IPsec
  • Create and Edit VPN profiles in PC settings

What’s New in Remote Desktop Services in Windows Server 2012 R2

The Remote Desktop Services server role in Windows Server® 2012 provided technologies that enabled users to connect to virtual desktops, RemoteApp programs, and session-based desktops. With Remote Desktop Services, users can access remote connections from within a corporate network or from the Internet.

In Windows Server 2012, Remote Desktop Services offers support for the following enhanced features:

  • Virtual Desktop Infrastructure (VDI) deployments
  • Session Virtualization deployments
  • Centralized resource publishing
  • Rich user experience with Remote Desktop Protocol (RDP)

In Windows Server 2012 R2 Preview, Remote Desktop Services offers enhanced support in the following areas:

  • Session Shadowing
  • Online Storage Deduplication
  • Improved RemoteApp behavior
  • Quick reconnect for remote desktop clients
  • Improved compression and bandwidth usage
  • Dynamic display handling
  • RemoteFX virtualized GPU supports DX11.1

New and changed functionality in security and protection in Windows Server 2012 R2

This collection contains descriptions and links to information about changes in security technologies in Windows Server 2012 R2 Preview, Windows Server 2012, Windows 8.1 Preview, and Windows 8.

The following table provides links to available information for the IT professional about security technologies and features for Windows Server 2012 R2 Preview, Windows Server 2012, Windows 8.1 Preview, and Windows 8. More technologies and features will be added to this table as content becomes available.

 

Feature or Technology

Overview

What changed in Windows Server 2012 R2 Preview

What changed in Windows Server 2012

Access Control Access Control and Authorization OverviewAccess control helps protect files, applications, and other resources from unauthorized use. The Protected Users security group and Authentication Policy Silos add more credentials protection. They are administered through Active Directory Domain Services.A restricted administration mode is available in the Remote Desktop Services (RDS) client.

For more information see, Credentials Protection and Management.

Added the ability to use dynamic rules-based policies to protect shared folders and files. For more information, see Dynamic Access Control: Scenario OverviewRedesigned the Access Control List Editor (ACL editor) to more clearly present key information needed to assess and manage access control. For more information, see Enhanced ACL Editor.
AppLocker AppLocker OverviewAppLocker provides policy-based access control management for applications. To assist you in process analysis, AppLocker captures command information for each process at runtime, and writes that data to the security log and states, ”The system is attempting to launch a process with the following attributes:” Added functionality to set rules on app packages, which helps manage Windows Store apps. For more information, see Packaged Apps and Packaged App Installer Rules in AppLocker.
BitLocker BitLocker OverviewBitLocker Drive Encryption enables you to encrypt all data that is stored on the operating system volume and configured data volumes for computers running supported versions of Windows. By using a Trusted Platform Module (TPM), it can help ensure the integrity of early startup components. Broadening support for additional platforms.For more information, see What’s New in BitLocker for Windows 8.1 and Windows Server 2012 R2. Added improvements for provisioning and encryption methods, the ability for standard users to change their PINs, support for encrypted hard drives, and a network unlock feature. For more information, see What’s New in BitLocker for Windows 8 and Windows Server 2012.
Credential Locker Credential Locker OverviewCredential Locker is managed through the Control Panel by Credential Manager, and supports mostly consumer scenarios. Enhancement of credential storage through web authentication broker-capable apps, and ability to select a default credential for each siteFor more information, see Credentials protection and management. Added ability to program Windows Store apps to use Credential Locker, and improvements to credential roaming (which is set to be disabled for domain-joined computers. For more information, see New and changed functionality.
Encrypted Hard Drive Encrypted Hard DriveEncrypted Hard Drive is a feature that is provided with BitLocker to enhance data security and management. Device encryption is available on most editions of Windows.For more information, see Device encryption. Introduced in Windows Server 2012 and Windows 8. For more information, see Support for Encrypted Hard Drives for Windows.
Exchange ActiveSync Policy Engine Exchange ActiveSync Policy Engine OverviewSet of APIs that enable apps to apply EAS policies on desktops, laptops, and tablets to protect data that is synchronized from the cloud, such as data from Exchange Server. In certain cases, biometrics sign-in methods are not disabled when the failed-attempts limit is exceeded.For more information, see New and changed functionality. Introduced in Windows Server 2012.
Group Managed Service Accounts Group Managed Service Accounts OverviewThe group Managed Service Account provides the same functionality as the standalone Managed Service Account within the domain, and it extends that functionality over multiple servers. No changes. Added the group Managed Service Account. For more information, see What’s New for Managed Service Accounts.
Kerberos Kerberos Authentication OverviewKerberos protocol is an authentication mechanism that verifies the identity of a user or host. Change of behavior when the account is in the Protected User security group.For more information, see Credentials protection and management. Reduced authentication failures due to larger service tickets, added changes for developers and IT professionals, and added configuration and maintenance improvements. For more information, see What’s New in Kerberos Authentication.
Local Computer Policy Settings Security Policy Settings OverviewSecurity policy settings are the configurable rules that the operating system follows when it determines the permissions to grant in response to a request for access to resources.

Group Policy Administrative Templates can also be used for security management.

No changes in local security policy settings.For improved process auditing, Audit Process Creation was added to the System node of Administrative Templates under Computer Configuration. Added new security policies to improve security management. For more information, see New and changed functionality.
NTLM NTLM OverviewThe NTLM authentication protocols are based on a challenge-and-response mechanism that proves to a server or domain controller that a user knows the password associated with an account. Change of behavior when the account is in the Protected User security group.For more information, see Protected Users Security Group. No changes.
Passwords Passwords OverviewThe most common method for authenticating a user’s identity is to use a secret passphrase or password as part of the sign-in process. No changes.Microsoft offers other means for proving identity. For more information, see Smart Card Overview and Virtual smart cards. No changes.
Security Auditing Security Auditing OverviewSecurity auditing can help identify attacks (successful or not) that pose a threat to your network, or attacks against resources that you have determined are of value through a risk assessment. No changes. Added expression-based audit policies, and improvements in the ability to audit new types of securable objects and removable storage devices. For more information, see What’s New in Security Auditing.
Security Configuration Wizard Security Configuration WizardThe Security Configuration Wizard is an attack-surface reduction tool that helps administrators create security policies that are based on the minimum functionality required for a server’s roles. No changes. No changes.
Smart Cards Smart Card OverviewSmart cards provide a tamper-resistant and portable security solution for tasks such as authenticating clients, signing in to domains, signing code, and securing email. The process to enroll TPM-enabled devices as a virtual smart card device has improved. APIs are added to simplify the enrollment process, making it easier to enroll a device with a virtual smart card regardless of whether they are domain joined and regardless of the hardware. Changed the smart card sign-in experience, service start and stop behavior, and smart card transactions, by adding support for Windows RT devices and Windows 8 applications. For more information, see What’s New in Smart Cards.
Software Restriction Policies Software Restriction PoliciesSoftware Restriction Policies (SRP) is Group Policy-based feature that identifies software programs running on computers in a domain, and controls the ability of those programs to run. No changes. No changes.Added greater flexibility for AppLocker to control programs in your enterprise. For more information, see AppLocker Technical Overview.
TLS/SSL (Schannel SSP) TLS/SSL (Schannel SSP) OverviewSchannel is a Security Support Provider (SSP) that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) Internet standard authentication protocols. Supports server-side “TLS/SSL Session Resumption without Server-Side State extension” (also known as RFC 5077).Addition of the client-side Application Protocol Negotiation

For more information, see New and changed functionality in Windows Server 2012 R2.

Changed how trusted issuers for client authentication can be managed, added TLS support for Server Name Indicator (SNI) Extensions, and added Datagram Transport Layer Security (DTLS) for the provider. For more information, see New and changed functionality in Windows Server 2012.
Trusted Platform Module (TPM) Trusted Platform Module Technology OverviewTrusted Platform Module (TPM) technology is designed to provide hardware-based, security-related functions. Improvements to the TPM Key Storage Provider for platform and key attestation.For more information, see Malware resistance and What’s New for the TPM in Windows 8.1. Improved administration and functionality, including automated provisioning and management, Measured Boot with support for attestation, TPM-based Virtual Smart Card, and secure storage for critical elements. For more information, see New and changed functionality.
User Account Control (UAC) User Account Control OverviewUAC helps mitigate the impact of malicious programs. No changes. Refined to allow easier administration of UAC configuration and messages. For more information, see New and changed functionality.
Virtual Smart Card Virtual smart cards offer multifactor authentication and compatibility with many smart card infrastructures, and offer users the convenience of not having to carry a physical card, so users are more likely to follow their organization’s security guidelines rather than working around them.Understanding and Evaluating Virtual Smart Cards The process to enroll TPM-enabled devices as a virtual smart card device has improved. APIs are added to simplify the enrollment process, making it easier to enroll a device with a virtual smart card regardless of whether they are domain joined and regardless of the hardware.For more information, see Virtual smart cards Introduced in Windows Server 2012.
Windows Biometric Framework and Windows Biometrics Windows Biometric Framework OverviewThe Windows Biometric Framework (WBF) is a set of services and interfaces that permit consistent development and management of biometric devices, such as fingerprint readers. WBF improves the reliability and compatibility with biometric services and drivers. Enhanced the client and associated APIs.For more information, see Fingerprint biometrics. Better integration of fingerprint readers with Fast User Switching, and synchronization of passwords with fingerprints. For more information, see New and changed functionality
Windows Defender Windows Defender is a full-featured antimalware solution that is capable of detecting and stopping a wider range of potentially malicious software, including viruses. Available and enabled by default on Server Core installation options and Core System Server (without the user interface).For more information, see Windows Defender. Upgraded from antispyware to a full-featured antimalware solution that is capable of detecting and stopping a wider range of potentially malicious software, including viruses.

What’s New in Windows PowerShell

Windows PowerShell 4.0 includes several significant features that extend its use, improve its usability, and allow you to control and manage Windows-based environments more easily and comprehensively.

Windows PowerShell 4.0 is backward-compatible. Cmdlets, providers, modules, snap-ins, scripts, functions, and profiles that were designed for Windows PowerShell 3.0 and Windows PowerShell 2.0 work in Windows PowerShell 4.0 without changes.

New Features in Windows PowerShell 4.0


What’s New in Windows Server 2012 R2 Essentials

Windows Server Essentials is now available in two forms:

  • As a server role – Windows Server Essentials Experience, in the Standard and Datacenter editions of Windows Server 2012 R2 Preview. Installing the Windows Server Essentials Experience role on Windows Server 2012 R2 Preview provides you all the features and functionalities (such as dashboard, client computer backups, and Remote Web Access) of Windows Server 2012 R2 Essentials Preview without the locks and limits imposed on it. For more information about this new server role, see Windows Server Essentials Experience Overview.
  • As a core Windows Server edition – Windows Server 2012 R2 Essentials Preview. As a part of your installation process, you can now opt to install Windows Server 2012 R2 Essentials Preview as a virtual machine using a wizard.

The below table describes the new and enhanced features in Windows Server 2012 R2 Essentials Preview.

Name

What’s New

Description

Server Deployment You have various server deployment options with Windows Server 2012 R2 Essentials Preview.

  • Windows Server 2012 R2 Essentials Preview can be installed as a member server in a domain.
  • Windows Server 2012 R2 Essentials Preview can be installed either on a physical server or as a virtual machine, depending on the OEM’s configuration.
  • You can now have more than one server running Windows Server 2012 R2 Essentials Preview in your network.
  • As a part of your installation process, you can now opt to install Windows Server 2012 R2 Essentials Preview as a virtual machine using a wizard.
Client Deployment Windows Server 2012 R2 Essentials Preview provides improved client deployment options. The following improvements and changes are made in the client deployment process for Windows Server 2012 R2 Essentials Preview:

  • The Connector can be used to connect to server running Windows Server 2012 R2 Essentials Preview from a remote location.
  • The Connector can trigger auto-VPN dialing in domain-joined clients, so that customers can always be connected to Windows Server 2012 R2 Essentials Preview when working off premise.
  • The Connector can be configured to connect to other server running Windows Server 2012 R2 Essentials Preview without reinstallation.
  • The Connector performance has been improved significantly by reducing its memory and CPU usage.
Users and Groups The following functionalities are new in users and groups management:

  • User groups management
  • Office 365 distribution groups management
  • You can now create user groups and add user accounts to them. User account permissions can be managed through their user group memberships.
  • If your server is integrated with Office 365, you can manage your Office 365 distribution groups from the dashboard.
Server Storage The following functionalities are new in Server Storage:

  • Folder management on a second server in a Windows Server 2012 R2 Essentials Preview network.
  • Server Folder quota.
  • You can create shared folders on a secondary server while keeping the same Universal Naming Convention (UNC) path prefix.
  • You can specify a space quota for a Server Folder. You receive an alert, when a Server Folder size grows beyond its defined quota.
Data Protection Windows Server 2012 R2 Essentials Preview includes improved File History. File History backups are configured per user instead of per device. Also, you can automatically restore your data through File History backups on a new computer, if your old computer is no longer functional or is unavailable.The first time you log on to your new computer in the network, you are prompted to restore your files from your File History backups.
Health Reports Health Reports is integrated with Windows Server 2012 R2 Essentials Preview and no longer needs to be installed as an add-in. The Home page includes the Alerts and Reports tabs. Depending on your business needs, you can customize the system health reports to display items that you prefer to monitor.
BranchCache BranchCache is integrated with Windows Server 2012 R2 Essentials Preview. You can turn on BranchCache to improve data access if the server running Windows Server 2012 R2 Essentials Preview is located offsite. For more information on BranchCache, see BranchCahce Overview.
Office 365 Integration The following functionalities are new in Office 365 integration with Windows Server 2012 R2 Essentials Preview:

  • SharePoint Libraries management
  • Office 365 Distribution groups management
If your server is integrated with Office 365, you can:

  • manage your Office 365 SharePoint Libraries from the dashboard.
  • manage your Office 365 distribution groups from the dashboard.
Mobile Devices Mobile Devices management can be done through the dashboard. If your server is integrated with Office 365, you can manage your mobile devices using the Exchange Active Sync functionalities, such as define email access from a mobile device, set up password policies, and remote wipe of the mobile device.
Client Full System Restore Client Full System Restore is supported by Windows Deployment Services. You can create client restore service using the Set up Client Restore Service task and perform client full system restore over the network instead of using an image saved on a DVD.
Remote Web Access Remote Web Access experience is updated. Remote Web Access is optimized for touch devices and enhanced with rich HTML5 support.

References:

(Visited 2,138 times, 1 visits today)