{"id":263,"date":"2014-05-15T15:17:10","date_gmt":"2014-05-15T19:17:10","guid":{"rendered":"http:\/\/adsecurity.org\/?p=263"},"modified":"2014-09-16T21:46:00","modified_gmt":"2014-09-17T01:46:00","slug":"active-directory-changes-in-windows-server-2012","status":"publish","type":"post","link":"https:\/\/adsecurity.org\/?p=263","title":{"rendered":"Active Directory Changes in Windows Server 2012"},"content":{"rendered":"<p>Active Directory, aka Directory Services, has been updated quite a bit in Windows Server 2012.<\/p>\n<p>Here are some of the major updates:<\/p>\n<ul>\n<li><a title=\"Virtualization Updates to Active Directory 2012\" href=\"http:\/\/blogs.metcorpconsulting.com\/tech\/?p=1471\">Virtualization<\/a>: Rapid deployment with cloning &amp; safeguarding<\/li>\n<li><a href=\"https:\/\/blogs.technet.com\/b\/wincat\/archive\/2012\/11\/07\/planning-for-windows-server-2012-dynamic-access-control-deployments-dac.aspx?Redirected=true\">Dynamic Access Control<\/a><\/li>\n<li><a href=\"http:\/\/technet.microsoft.com\/en-us\/library\/jj574150.aspx\">DirectAccess Offline Domain Join<\/a><\/li>\n<li><a href=\"http:\/\/technet.microsoft.com\/en-us\/library\/hh831502.aspx\">Active Directory Federation Services (AD FS)<\/a><\/li>\n<li>Active Directory Administrative Center Improvements<\/li>\n<li>PowerShell version 3 commandlets including Active Directory Replication and Topology (<a href=\"http:\/\/technet.microsoft.com\/en-us\/library\/hh831757.aspx\">Introduction <\/a>&amp; <a href=\"http:\/\/technet.microsoft.com\/en-us\/library\/jj574083.aspx\">Advanced <\/a>Topics)<\/li>\n<li>Windows PowerShell History Viewer<\/li>\n<li>Active Directory Recycle Bin User Interface<\/li>\n<li>Fine-Grained Password Policy User Interface<\/li>\n<li><a href=\"https:\/\/blogs.technet.com\/b\/askpfeplat\/archive\/2013\/02\/04\/active-directory-based-activation-vs-key-management-services.aspx?Redirected=true\">Active Directory Based Activation<\/a><\/li>\n<li><a href=\"https:\/\/blogs.technet.com\/b\/askpfeplat\/archive\/2012\/12\/17\/windows-server-2012-group-managed-service-accounts.aspx?Redirected=true\">Group Managed Service Accounts<\/a><\/li>\n<li><a href=\"http:\/\/technet.microsoft.com\/en-us\/library\/hh831747.aspx\">Flexible Authentication Secure Tunneling (FAST)<\/a> (<a href=\"http:\/\/tools.ietf.org\/html\/rfc6113\">RFC 6113<\/a>) adds additional security to Kerberos (also known as Kerberos Armoring) and requires Windows Server 2012 with Windows 8.<\/li>\n<li>RID Improvements: Protection &amp; Expansion<\/li>\n<li>Kerberos Constrained Delegation now possible across forests<\/li>\n<li>Enhanced LDAP logging and new controls<\/li>\n<li>Deferred Index Creation \u2013 DCs can be configured to build indexes at reboot or via LDAP control versus the default: immediate index creation.<\/li>\n<li>Ability to track DNT usage on Windows Server 2012 DCs using perfmon.<\/li>\n<\/ul>\n<p><a href=\"http:\/\/technet.microsoft.com\/en-us\/library\/hh831477.aspx\">Microsoft article: \u201cWhat\u2019s New in Active Directory Domain Services (AD DS)\u201d<\/a><\/p>\n<p><a href=\"http:\/\/download.microsoft.com\/download\/5\/B\/2\/5B254183-FA53-4317-B577-7561058CEF42\/WS%202012%20Evaluation%20Guide.pdf\">Microsoft WhitePaper: Windows Server 2012 Evaluation Guide (pdf download)<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Active Directory, aka Directory Services, has been updated quite a bit in Windows Server 2012. Here are some of the major updates: Virtualization: Rapid deployment with cloning &amp; safeguarding Dynamic Access Control DirectAccess Offline Domain Join Active Directory Federation Services (AD FS) Active Directory Administrative Center Improvements PowerShell version 3 commandlets including Active Directory Replication &hellip; <\/p>\n<p><a class=\"more-link btn\" href=\"https:\/\/adsecurity.org\/?p=263\">Continue reading<\/a><\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[2],"tags":[47],"class_list":["post-263","post","type-post","status-publish","format-standard","hentry","category-technical-reference","tag-windowsserver2012","item-wrap"],"_links":{"self":[{"href":"https:\/\/adsecurity.org\/index.php?rest_route=\/wp\/v2\/posts\/263","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/adsecurity.org\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/adsecurity.org\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/adsecurity.org\/index.php?rest_route=\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/adsecurity.org\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=263"}],"version-history":[{"count":1,"href":"https:\/\/adsecurity.org\/index.php?rest_route=\/wp\/v2\/posts\/263\/revisions"}],"predecessor-version":[{"id":264,"href":"https:\/\/adsecurity.org\/index.php?rest_route=\/wp\/v2\/posts\/263\/revisions\/264"}],"wp:attachment":[{"href":"https:\/\/adsecurity.org\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=263"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/adsecurity.org\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=263"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/adsecurity.org\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=263"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}