Windows 8.1 for the Network Administrator
While the development story is still quite muddled, on the operations side Windows 8.1 offers some advantages to the IT department.
NFC Tab to Print will allow Windows 8 machines to automatically add new printers just by placing the two devices in contact with each other. If the printer doesn’t support NFC, an RFID tag can be attached to it with the information Windows needs to locate the printer on the network.
Printer information is now part of the user’s roaming profile, which means a newly added printer will be available on all of the machines the employee uses. There is a caveat, printers that the computer cannot see on the network will be hidden by default. This is to avoid the “home printer showing up on the work computer” scenario. The “Add Printer” tool will know about these hidden printers and offer them when appropriate.
Microsoft is continuing to invest in their Remote Desktop functionality, including RemoteApp, the ability to remotely run a single application instead of an entire desktop. This version improves the touch support and lowers the bandwidth requirements of Remote Desktop, an area of focus in Windows 8 as well.
When a Remote Desktop connection fails in Windows 8 it can take up to 70 seconds to reconnect. With Windows 8.1 that reconnect time has dropped to 10 seconds after the network is restored.
Workplace Join is the ability to connect to a domain without formally joining it. It is sort of a hybrid state between being a domain computer completely under the control of the Active Directory and an independent computer. This was supposedly a feature of Windows 8, so it is unclear why Microsoft is promoting it as an 8.1 feature. Nor has it been clarified whether or not this will continue to be a Windows RT (i.e. ARM processors) only feature.
Web Application Proxy will allow devices to connect to internal websites without using a VPN. Each proxy can be configured to allow access by any machine, workplace joined machines, or just domain joined machines. It is unclear why the first option is available, as that would effectively be the same as a public website. This is an extension of ADFS Proxy and will be available in Windows Server 2012 R2.
Windows’ integrated VPN client has picked up support for the following third-party VPN providers:
- Check Point
- Dell SonicWall
When using the integrated VPN adapter, applications are supposed to be able to trigger VPN connections, prompting the user for the associated credentials.
Windows 8 RT has some support for the OMA Device Management protocols. This will be made available to all versions of Windows 8.1 with extended capabilities. These protocols will be able to provision machines with wireless networks, VPNs, certificates, and Work Folders (see below).
Starting in Windows 8.1, third party OMA Device Management tools will be able to manage devices. Previously the only available tool was Windows Intune.
Windows 8 devices can be remotely wiped in the event a device is lost or stolen. This is done on a per-application basis, so users can lose access to some files without having to rebuild their entire machine.
When using both Windows 8.1 and Windows Server 2012 R2, users can be given access to “Work Folders”. When a user connects to one of these folders they will automatically get an offline version on their machine. In a fashion similar to SkyDrive or Dropbox, the offline folder will automatically be synchronized with the file share on the server.
Work Folders do go beyond what is offered by normal file sharing tools. Policies can be created to enforce rules such as requiring the files are PIN protected or encrypted.
Work Folders can be pushed onto domain machines, removing the need to train users on how to connect to them for the first time.
Finger print readers are now a native part of the Windows 8.1 operating system. This replaces the vendor-specific user interfaces previously used. WinRT applications will be able to leverage the finger print infrastructure.
Additional work has been done on the Virtual Smart Card infrastructure, but Microsoft wasn’t specific on what actually changed. Virtual Smart Cards are like real smart cards, but rather than being bound to a physical card they are bound to the TPM chip in the computer.
Are you kidding me?
Are you kidding me? SSH X Forwarding on Linux available for years!
Martin Thompson Jul 27, 2014