AD 2008 features
Comparing the features of Active Directory server roles in Windows 2008 and 2003 are
2003 auditing you will only know the present values of the changed attribute
previous and present values for the changed attributes of the active directory object using the new auditing feature in windows 2008
In windows 2008 password policy support for specific group of peoples with in the domain.
In windows 2003 all the user account in the domain should use the same password policy configured in domain level.
Read-Only Domain Controller
It is likely to be old NT style BDC,designed for requirements like branch office setup and to managing
In any Active Directory environment if one Domain Controller not replicated with the partner Domain Controller more then one month, then it’s a very critical issue you have to rectify the replication problem as soon as possible or the Domain Controller needs to be decommissioned with in the tombstone lifetime, since its read-only domain controller no worries about the tombstone time.
Restartable Active Directory Domain Services
In windows 2008 active directory is a services, you can stop or restart the services (no need to restart the domain controller)for maintenance without restarting the domain controller and restarting it in Directory Services Restore Mode is not required for most maintenance functions, however still some maintenance function require Directory Services Restore Mode
Database Mounting Tool
Active Directory Database mounting tool can be called Snapshot Viewer, Snapshot Browser, and Active Directory data mining tool( snapshot is a shadow copy created by the Volume Shadow Copy Service, at different times so that you can better choose which data to restore after object deletion).
Active Directory Recycle Bin
without Active Directory authoritative restore,you can restore the accidentally deleted Active Directory object.
(single object restore like a accidental deletion of user or OU) .
Active Directory module for Windows PowerShell
PowerShell is available on windows 2003,but not fully supported for AD.But in
itself, however it’s Active Directory, you can’t manage the Active Directive using the PowerShell in windows 2008 windows 2008 Windows PowerShell provides command-line scripting for administrative, configuration, and diagnostic tasks.
Active Directory Administrative Center
A new tool in windows 2008 R2 to manage active directory, we already have ADUC(active directory users and computer) to manage the active directory.
Active Directory Best Practices Analyzer
To identify and implement the best practices(this will scan your network and find the best practice) in the configuration of your AD environment.
Active Directory Web Services
Active Directory Web Services is give you the Web service interface to Active Directory domains and AD LDS instances (Active Directory Lightweight Directory Services)
Offline domain join
Offline domain join makes to join a member server to the domain even the domain controller not reachable from the member server.
Managed Service Accounts
Managed service accounts and virtual accounts in windows 2008, now you can easily manage the service principal names (SPNs), it will provide Automatic password management
You can use the domain account for the application (services), this can isolate the privileges for the application.
Active Directory Management Pack
Active Directory service on windows 2008 can monitor using the Active Directory Management Pack (MOM, SCOM),
specifically to monitor the performance and availability of Active Directory Domain Services (AD DS), also monitors the overall health of AD DS and alerts you to critical performance issues.