These last week, I had the same question :
What’s new about Active Directory in Windows 2008 R2.
Well, some of you have probably already read this page : http://www.microsoft.com/windowsserver2008/en/us/ad-main.aspx
Ok, now here’s my own opinion about the topic.
Active Directory Domain Services
One largely discussed was the RODC, this read only DC is something good but implementation will require a serious study. This because it’s a very new feature, not only at a technical point, but also a new way of working with AD.
The interesting improvement are more about the view, control and restartability by a(n) :
- Auditing
- Restartable AD .
- Database Mounting Tool
Well Right Management Service is not new, it’s something more “integrated”
Active Directory Federation Services
This is something I recommend for analyse by IT Manager. Do you deal with Trust ? If yes, you surely have to read if you can simplify your infrastructure. But even if you didn’t have any trust and you want to give access to your application/data to “external” users read more on the topics is recommended.
Active Directory Certificate Services
Here also it’s not something new, but largely improved by better integration and manageability.