The Windows Server Notebook

July 12, 2016  3:48 PM

Microsoft announces Windows Server 2016 will launch at Ignite conference

Tom Walat Tom Walat Profile: Tom Walat

All the prognostication about when Windows Server 2016 will be available was laid to rest in multiple blogs from Microsoft today when the company announced the next version of the server operating system will launch at the Microsoft Ignite event in Atlanta September 26-30.

Windows Server 2016 will come in the usual three editions of Datacenter, Standard and Essentials. Datacenter, being the most costly at $6,155 for two processors at eight cores, is geared toward larger organizations that have demanding virtualization needs and want to use the more innovative software-defined storage and networking features in this upcoming release. Some of the new enhancements such as the more secure Shielded VMs in Hyper-V and the software-defined storage feature Storage Spaces Direct are only available in the Datacenter edition.

Mid-sized companies would most likely use the Standard edition while organizations with fewer than 50 employees may land on the least expensive Essentials edition.

For Standard and Datacenter users, Microsoft will have three installation options: Server with Desktop Experience, Server Core and Nano Server. The Desktop Experience version is what some in IT would call the “full server installation”; it’s meant for users who require a user interface (UI) to manage applications. Server Core has no UI and is a lighter installation that has eliminated some of the roles and features found on the Desktop Experience option. Nano Server is the smallest server OS possible and is tailored for running containers but can also be used as a Hyper-V host and web server. Administrators can manage Nano Server — a headless server — with PowerShell and Server Manager. Note that Nano Server only works with 64-bit applications.

Support models for Windows Server editions

Microsoft also announced that its typical five years of mainstream support (with five years of extended support) will continue with the full Windows Server 2016 installation and Server Core through the Long Term Servicing Branch (LTSB) servicing model.

But for organizations using Nano Server, Microsoft has announced it will use the Current Branch for Business (CBB) servicing model. Microsoft calls CBB “a more active servicing model similar to the experience with Windows 10” and requires Software Assurance. CBB will not be available for Server with Desktop Experience and Server Core versions.

While the CBB update feature sounds similar to what is being offered with Windows 10, don’t fret. Microsoft said Nano Server CBB releases are not automatically installed. But administrators will need to be aware Microsoft plans to support just two of the most current Nano Server CBB releases. That means, if version 3 is out, administrators will no longer have support for a Nano Server still running on version 1.

May 18, 2016  1:11 PM

Microsoft seeks bounty hunters to secure Nano Server

Tom Walat Tom Walat Profile: Tom Walat

With the release of Windows Server 2016 due sometime in the third quarter, Microsoft is crowdsourcing its efforts to smooth out any vulnerabilities with a key feature in its next major server operating release — the smaller server deployment dubbed Nano Server — by offering a financial incentive for bug hunters.

As most administrators know, patches to close remote-code execution (RCE) flaws will get a critical rating. For these types of exploits in Nano Server, Microsoft will pay $15,000 for a “high quality” report. Unlike Microsoft’s other ongoing bounty programs, this hunt is being held for a limited time. The deadline to submit a report for is July 29.

For other vulnerabilities, the payoff is a bit less. For “Remote Unauthenticated Denial of Service, Elevation of Privilege, or other higher severity vulnerabilities in specific Nano Server DLLs” vulnerabilities, bounty hunters can earn up to $9,000. Bugs that affect Nano Server DLLs, such as spoofing and information disclosure, will fetch $500.

Nano Server is a lightweight server operating system that could be of great benefit to an organization that needs to deploy and manage containers and/or virtual machines in rapid fashion, so it’s particularly suited for a DevOps environment.

Nano Server takes up about 400 MB when installed, which is a substantial reduction when you consider a full install of Windows Server 2012 eats up about 6.3 GB of drive space.

By whittling down the server installation to just the essential core services, the smaller deployment size allows organizations to maximize the number of virtual machines running on a host. Microsoft also positions Nano Server as a scale-out file server and a host for Windows Server and Hyper-V containers.

Nano Server is a headless server that has had a majority of the .NET framework removed. You can’t manage Nano Server locally. For administrators who prefer using a GUI, that isn’t an option. Administrators will need to use a remote management tool such as PowerShell Direct or the forthcoming “server management tools” application currently in preview mode in the Management section of the Azure Marketplace.

This substantial reduction in code also means the attack surface for Nano Server is much smaller. In theory, Nano Server’s small footprint means fewer vulnerabilities. But for a company moving to a container-based infrastructure where the microservices sit on top of the underlying operating system, it’s critical that the foundation remains as secure as possible.

If this all sounds familiar, it’s because it is. Microsoft has been down this minimal server footprint path before with the Server Core release that came out with Windows Server 2008. But Server Core never caught on with most administrators. It was marginally more secure than Windows Server, and administrators had to surmount a learning curve to manage it.

So what is different with Nano Server? Maybe it’s not so different, but it’s the times they have a-changed. More companies are deploying servers at scale, which has lead to a significant uptick of interest in PowerShell.  And Microsoft could not just sit idly by while competitors such as VMware were courting cloud customers with Photon, its own stripped-down Linux OS geared for hosting containers.

You could look at this bug bounty one of two ways. First, one could say this effort is indicative of the culture shift under Microsoft CEO Satya Nadella where transparency is emphasized.

Or perhaps it’s a more calculated move where Microsoft is thumping its chest at the collective Internet and calling out all comers who have knocked the company for its security failings. What better way for Microsoft to prove to potential customers that its new deployment model is bullet-proof than through this type of public display.

Click this link for more information about the Nano Server bug bounty.

August 3, 2015  3:06 PM

July in review: the top Windows Server content

Toni Boger Toni Boger Profile: Toni Boger
Microsoft Patch Tuesday, PowerShell cmdlets, Windows Server 2003, Windows Server 2016

In our monthly feature, we recap the most popular content with our readers from the previous month and share it with you.

For the month of July, Windows Server readers kept cool by learning more about what’s coming in Windows Server 2016, what was included in the latest Patch Tuesday updates and how to use certain PowerShell cmdlets to ease management tasks.

Essential security updates in Windows Server 2016

The upcoming version of Windows Server includes a number of important new security features, including more options for authentication methods, restricting accounts, additional Web protection and more.

Windows Server 2003 gets its swan song in Patch Tuesday

Microsoft released 14 security updates in its latest Patch Tuesday cycle, including four critical updates. Two critical updates applied to Windows Server 2003, the last updates Microsoft will provide for admins before it ends technical support for the version.

How PowerShell Server Manager juggles multiple servers

This tool can be especially useful for Windows Server admins looking for a way to manage multiple servers, roles in Windows and features from a single console.

Run PowerShell cmdlets on remote servers

There are two PowerShell commands that Windows Server admins can use if they need to manage multiple servers. This expert provides a deep dive into these commands and what they’re capable of.

Which content was most helpful for you in July? Was it something we didn’t include in our list? Let us know in the comments below or on Twitter @SearchWinServer.

July 1, 2015  7:31 PM

The top Windows Server tips and news of June 2015

Tayla Holman Tayla Holman Profile: Tayla Holman
Exchange Server, Microsoft Patch Tuesday, Windows 10, Windows Server 2016

For our monthly feature, we look at the most popular stories on from the previous month and share it with you.

In June, readers wanted to learn what tools could aid a Windows 10 deployment and what to expect from Group Policy in Windows Server 2016.

Patch Tuesday includes Exchange Server, IE and Office fixes
Last month’s Patch Tuesday was relatively light, with Microsoft issuing patches across eight bulletins addressing 45 vulnerabilities. Internet Explorer received a security update that addressed 24 vulnerabilities, while Microsoft Office and Exchange Server received important patches for remote code execution and elevation of privilege vulnerabilities.

The top tools to deploy Windows 10
With the release of Windows 10 quickly approaching, admins have several first- and third-party tools at their disposal to deploy the operating system, including the Windows Assessment and Deployment Kit and SmartDeploy.

Walk through Group Policy in Windows Server 2016
While the structure of Group Policy hasn’t changed in Windows Server 2016, the configuration process is different from previous versions. Admins can edit Group Policies with PowerShell or the Group Policy Editor.

Five tips to manage Microsoft Azure
As Microsoft continues to push its cloud message, resources such as Azure Active Directory Premium and Azure Right Management Services will help admins manage Microsoft Azure with ease.

Deploy Nano Server in Windows Server 2016
Admins looking to deploy Nano Server in Windows Server 2016 may be confused at the lack of an option to do so from Windows Setup. This tip breaks down how to install Nano Server by converting a WIM file into a bootable VHD.

What Windows Server content was most helpful to you last month? Was it something we didn’t cover in our list? Let us know in the comments or on Twitter @SearchWinServer.

June 2, 2015  7:43 PM

The top Windows Server tips and news of May 2015

Tayla Holman Tayla Holman Profile: Tayla Holman
Data Deduplication, Windows Server 2016

For our monthly feature, we look at the most popular stories on the previous month and share it with you.

In May, our readers were curious about the lack of containers in the second technical preview of Windows Server 2016, and how update deployment would change with the release of Windows 10. Readers also wanted to know how to use SCCM 2012 to see Linux systems.

Containers absent from Windows Server 2016 second preview

Microsoft released the second technical preview of Windows Server 2016 during last month’s Ignite conference, but attendees were disappointed by the lack of containers.  The company said Windows Server containers and Hyper-V containers would be included in the next preview, which is due for release this summer.

Windows Update for Business allows admins to choose update pace

New in Windows 10, Windows Update for Business will let admins choose when they want to deploy updates. Those who want to deploy updates right away can choose the “fast” ring, while admins who want to be more cautious can choose a “slow” ring.

IE, Office, SharePoint Server get Patch Tuesday fixes

Microsoft issued patches across 13 bulletins addressing 48 vulnerabilities for May’s Patch Tuesday, with one cumulative security update for Internet Explorer addressing 22 vulnerabilities. Office and SharePoint Server also received updates for user input and specially crafted page content.

Learn about data deduplication in Windows  Server 2012  R2

Data deduplication in Windows Server 2012 R2 helps admins reclaim available storage space by looking at a volume, finding repeating content and removing all but one copy of that content, all while replacing the deleted areas with “links” back to the single copy.

Using SCCM 2012 to see Linux systems

With SCCM 2012, admins can collect and organize inventory data for Linux and UNIX client systems using a Common Information Model (CIM) server. When the CIM server is installed with the SCCM Linux and UNIX clients, the two ends are able to communicate directly without a Web  Services Management interface.

What Windows Server content helped you last month? Was it something we didn’t include in our list? Let us know in the comments or on Twitter @SearchWinServer.

May 1, 2015  9:05 PM

The top Window Server tips and news of April 2015

Tayla Holman Tayla Holman Profile: Tayla Holman

For our monthly feature, we look at the most popular stories on in April and share them with our readers.

Last month, readers wanted to know more about Nano Server, a new installation option that will be available in Windows Server 2016, and were eager to learn how to configure their machines to their liking with PowerShell Desired State Configuration.

Microsoft strips down with Nano Server

The 2016 version of Windows Server will include a stripped-down installation option called Nano Server, which can only be run remotely through PowerShell. While Nano Server removes local logon, Remote Desktop, GUI and 32-bit support, it fully supports Visual Studio and API compatibility for certain components.

Patch Tuesday tackles IE and HTTP flaws

April’s Patch Tuesday included 11 bulletins addressing 25 vulnerabilities, including security flaws in Internet Explorer and HTTP.  Microsoft also rolled out Skype for Business as an update for Office 2013, and said all customers are expected to be transitioned by the end of May.

Get to know PowerShell Desired State Configuration

PowerShell Desired State Configuration uses standards-based Web services to allow admins to configure their machines the way they want. Since it is already included in Windows Server there are no additional expenses and no additional management overhead since it requires only PowerShell to be installed.

How to address SSL/TLS flaws on Windows Server

If you’re running one of the known vulnerable versions of SSL or TLS, your servers and sensitive data may be at risk for attacks. It is important to make sure the proper patches are installed and to determine whether your servers are accessible over an unsecured wireless network.

Test your Microsoft Azure knowledge

Think you know Microsoft Azure, the latest version of Microsoft’s Azure cloud software? This quiz will test your familiarity with the cloud hosting platform providers and its features.

What Windows Server content helped you last month? Was it something we didn’t include in our list? Let us know in the comments or on Twitter @SearchWinServer.

April 2, 2015  4:11 PM

The top Windows Server tips and news of March 2015

Tayla Holman Tayla Holman Profile: Tayla Holman

For our monthly feature, we look at the most popular stories on in March and share them with our readers.

Last month, our experts weighed the pros and cons of the free Hyper-V server, suggested five questions Windows administrator candidates could expect during an interview, and gave tips for fixing three security flaws that may affect Windows servers.

Patch Tuesday fixes issues in IE, Office 

Microsoft issued five critical updates for March’s Patch Tuesday, including fixes for vulnerabilities in Internet Explorer and Office. Last month’s patches also addressed issues with Remote Desktop and OWA.

Should you download the free Hyper-V server?

Microsoft Hyper-V Server 2012 R2 became available for download last month, but as a free product it does have limitations. One major drawback is the lack of support from Microsoft and paid third parties.

Five questions to expect during a Windows administrator interview

Candidates for a Windows administrator position will need to be prepared in order to stand out in a crowded field. Here are five questions you may be asked during an interview.

How to fix SSL/TLS security flaws 

There have been several SSL and TLS security flaws uncovered in the past year, but patching may not be enough to protect your servers. Here are three flaws and how to fix them.

Previewing the Network Controller role 

A new feature in the Windows Server technical preview, the Network Controller role gives admins the ability to manage physical and virtual network infrastructure, and to configure and manage  firewall rules. The Network Controller can also configure subnets, VLANS, NICs and more.

What Windows Server content helped you last month? Was it something we didn’t include in our list? Let us know in the comments or on Twitter @SearchWinServer.

March 2, 2015  6:27 PM

The top Windows Server tips and news of February 2015

Tayla Holman Tayla Holman Profile: Tayla Holman

For our monthly feature, we look at the most popular stories on in February.

With Windows Server 2003 reaching its end of life in five months, our readers wanted to know what options they have for moving to a new server and what they should expect to pay if they delay a migration.

Microsoft issues patches for Internet Explorer and Group Policy

For February’s Patch Tuesday, Microsoft issued critical updates for over three dozen Internet Explorer vulnerabilities, making up for a lack of fixes in January’s batch of patches. The company also issued a critical update for a Group Policy vulnerability in Windows Server that could allow remote code execution.

Don’t hesitate to migrate from Windows Server 2003

Delaying a migration from Windows Server 2003 could cost large IT shops hundreds of thousands of dollars in extended support fees. One Microsoft consultant suggests enterprise customers use a custom support agreement (CSA) in the first year to keeps costs down.

Windows Server 2003 migration options

IT shops that choose to stay on Windows Server 2003 past its end-of-life open themselves up to security attacks. Fortunately, there are on-premise and cloud-based options for migrating away from the aging platform.

Tips for strengthening Active Directory password policy settings

Weak passwords can seriously jeopardize your enterprise’s security. Mitigate possible threats by determining where your risks are and fine-tuning standards and policies across the board.

How to make Windows security training work for you

career in information security is one of the best specialties out there for Windows admins. Capitalize on the growing demand by learning from pros in the field and putting your knowledge into practice in a test lab environment.

February 2, 2015  5:49 PM

Next version of Windows Server due out in 2016

Jeremy Stanley Jeremy Stanley Profile: Jeremy Stanley
Windows Server, Windows Server 2012 R2

Microsoft last week disclosed its new roadmap for the next version of Windows Server. With this release, Microsoft will buck the trend of releasing both the server and client versions of the latest software, moving the expected release of Windows Server to 2016. Windows 10 is still on track to be delivered this year.

IT administrators can expect preview versions throughout the rest of 2015, with the next release coming in spring, the company said in a blog post. The next version of System Center Configuration Manager, however, will “ship in a timeframe that aligns with [client] Windows.”

The first Technical Preview is still available from Microsoft’s website for testing. The news came along with developments for Windows 10 in the enterprise. Microsoft is delivering “Long Term Servicing branches,” which will not introduce new features within the operating system, but will keep patches and security fixes up to date. This addresses a common problem with the rollout of Windows 8.1, which is seen as too fast-moving.

What do you think of these changes? Let us know in the comments or on Twitter @SearchWinServer.

February 2, 2015  4:47 PM

The top Windows Server content of January 2015

Tayla Holman Tayla Holman Profile: Tayla Holman

In our monthly feature, we look at the most popular content on

Microsoft started off 2015 with a new notification process for Patch Tuesday, as well as plans to lure developers away from Android and Apple.

Can SharePoint keep up with collaboration competition?

Although SharePoint has long been a staple in enterprise collaboration, it faces stiff competition from Google Drive and Dropbox, among others. To regain its place in the market, Microsoft is strengthening SharePoint with hybrid-cloud functionality and social content.

Internal memo reveals plans to spur Windows app development

An internal memo sent by Steve Guggenheimer, corporate vice president and head of Microsoft’s Developer Experience (DX) team, revealed the company’s plans to reach out to a wider set of developers. The DX team will target startups, traditional client/server developers, developers transitioning to mobile and cloud platforms, and developers native to mobile and cloud platforms.

Small changes make a difference in PowerShell 5.0

PowerShell 5.0 will have several new features and capabilities, such as the remote file-editing feature and a new parameter for Desired State Configuration. Microsoft has also revised how copy and paste works and allows text wrapping withing a shrunken window.

Microsoft patches one critical flaw, rolls out new notification process

Microsoft began using the myBulletins program to deliver Patch Tuesday security bulletins last month, allowing customers to customize reports to their personal or organizational preferences. While Microsoft cited customers’ changing habits as the reason for the change, some admins felt the company should stick to sending advance notifications.

Monitoring devices for free with OpManager

Geared toward small organizations with limited budgets, ManageEngine’s OpManager Free Edition monitoring program can be licensed to manage up 10 devices. Admins can manually run workflows, set them to run on  a schedule or to respond to an alarm.

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: