Thursday, February 3, 2011

Security changes between Windows 2008 (Windows 7) and 2008 R2?

Coming from the questions, for ex., Sharepoint 2010 - “We did not find any results for” keyword which identified the problem (but not solution) with the help of Mike Hacker's blog Crawler Issue with SharePoint 2010 and Windows Server 2008 R2

The latter tells:

  • "The one that was working was built on Windows Server 2008 and the problem farm was built on Windows Server 2008 R2. Since Windows Server 2008 R2 and Windows 7 are built on the same core code"
  • "After several conversations with Microsoft it appears that the issue is related to security changes made in Windows Server 2008 R2 and Windows 7"

What are the security changes in Windows Server 2008 R2 (and Windows 7) in comparison with Windows Server 2008?

How is it that "Windows Server 2008 R2 and Windows 7 are built on the same core code" but Windows Server 2008 is built on a different one?
that is, workstation and server share the same core code but the different releases of the same Windows Server 2008 - not?

From serverfault vgv8

  • Windows Server 2008 R2 is not "a different release of Windows Server 2008": it's the server release of Windows 7; this becomes immediately obvious if you simply compare the taskbar of Vista, 2008, 7 and 2008 R2. It also results from the version numbers, as Vista/2008 are NT 6.0, while 7/2008 R2 are NT 6.1.

    Yes, I know the name is quite misleading; moreso as Windows Server 2003 R2 actually was only an interim release of Windows Server 2003, i.e. exactly the same O.S., but with some additional features.

    vgv8 : thanks, I upvoted your answer as helpful but still it is not satisfactory answer. I see a lot of problems in security issues in development against R2 in comparison with non-R2, I just did not cluttered my post with all. As developer, I just must know more specifically
    mfinni : 2008 non-R2 and 2008 R2 are different OS. Plain and simple. If you need a list of the differences for a given area, look at the MS documentation for that, or get a more specific question and ask it here. As I said below, for your example of SharePoint behaving differently between the two OS, it's because IIS was upgraded in R2.
    From Massimo

  • Specifically to your question : I couldn't quickly find a summary of R2 security-related changes, but IIS was upgraded to 7.5. So, there's the broad answer to the question : IIS had a serious update with Server 2008 R2. You could probably look into the documentation for IIS 7.5 to find a decent list of new features.

    I'm going to comment a little bit here - a lot of your questions are getting closed because your tone seems argumentative. If you dislike Microsoft, or things that other sysadmins/co-workers have told you that you found to not be exactly true, casting questions in that light does not incline many of us to go out of our way to answer your questions. A lot of your posts don't seem like you're trying to solve a real-world or business problem, to me they seem more like kvetching about something that doesn't make sense to you.

    vgv8 : W2008R2 is not installable without IIS? IIS cannot be upgraded to 7.5 on W2008(non-R2)? I am MS-oriented developer and came to it from Java/Linux development abandoning the latter in favor of MS. What is bad in clearing what I do not understand?
    mfinni : 1. Incorrect, Server 2008 R2 is definitely installable without IIS, I didn't say it wasn't. 2. Correct, IIS 7.5 cannot be installed/upgraded on Server 2008 non-R2. 3. This information is readily-available on the Microsoft site for what's new/included with Server 2008 R2. 4. There's nothing wrong with asking for explanations of what you don't understand. You keep getting your questions closed, and I'm saying it may be because of your argumentative tone. Did you vote my answer down? That's an example of what I'm talking about.
    vgv8 : This my question even not theoretical curiosity, it is the practical unavoidable necessity
    mfinni : I'm not sure what you mean by your last comment.
    vgv8 : I upvoted your answer now
    vgv8 : So, I've got your point and shall look into changes between IIS7.0 and 7.5 also, trying to figure out what they were in order to force the back-incompatible changes in W2008R2
    vgv8 : I am kind of lost in understanding what is not clear that changes in R2 break existing apps. And developer need to know how to code in order to fix old apps as well as how to avoid issues with newly developed apps.
    mfinni : It's not unclear that R2 has different features, and some of them may break existing apps. From my post : "I couldn't quickly find a summary of R2 security-related changes, but IIS was upgraded to 7.5. So, there's the broad answer to the question : IIS had a serious update with Server 2008 R2. You could probably look into the documentation for IIS 7.5 to find a decent list of new features." I'm telling you that unless you have a specific question for something that's not working for you, do your own research.
    squillman : @mfinni: your downvote came from someone flagging your answer as offensive, just so you know. Only thing I'd say is keep the comment in the comments, but it certainly isn't without warrant...
    mfinni : @squillman - thanks, was just wondering.
    From mfinni

  • There are a variety of security changes in 2008 R2, specific to Sharepoint would be the negotiation authentication enhancements which offer improved single sign-on options particularly in light of the option in Group Policy to restrict NTLM Authentication and introduction of PKU2U.

    There is also online identity integration, a new version of TLS and probably a couple of other things I'm missing.

    From chunkyb2002
Posted by Mu Cat at 8:51 AM

0 comments:

Post a Comment

Subscribe to: Post Comments (Atom)