Some days ago, Microsoft released a white paper, giving an overview of Windows 7's new manageability enhancements. This post is an overview of the overview.
Latest posts by Michael Pietroforte (see all)
- Results of the 4sysops member and author competition in 2018 - Tue, Jan 8 2019
- Why Microsoft is using Windows customers as guinea pigs - Reply to Tim Warner - Tue, Dec 18 2018
- PowerShell remoting with SSH public key authentication - Thu, May 3 2018
Powershell 2.0 ^
PowerShell 2.0 will certainly include some very interesting improvements. I wouldn't call it a Windows 7 feature, however, as it is also available for other Windows versions. Of course, Windows 7 and Windows Server 2008 R2 are the only two Windows versions that include PowerShell 2.0 installed by default.
Its most interesting new features are PowerShell Integrated Scripting Environment (ISE), PowerShell Remoting (run scripts remotely multiple PCs), PowerShell Eventing (listening, acting on, and forwarding management and system events), Automating Management of Group Policy Objects (creating and modifying GPOs), and executing PowerShell scripts via Group Policy.
Troubleshooting Platform ^
The Windows 7 Troubleshooting Platform consists of 20 built-in Windows Troubleshooting Packs and the Troubleshooting Pack Builder. Microsoft’s white paper states that, "Troubleshooting Packs are a collection of PowerShell scripts that attempt to diagnose a problem and, if possible, solve the problem with the user’s approval." Most significant here are the terms "attempt" and "if possible." I have come across Troubleshooting Packs already several times during my tests of Windows 7. Thus far, all "diagnostic attempts" failed and solving my problems was "not possible." I am still skeptical as to whether computer programs will ever be smart enough to solve computer problems. The Troubleshooting Pack Builder is a Software Development Kit (SDK) that enables you to create your own Troubleshooting Packs using PowerShell.
Problem Steps Recorder ^
I blogged about Problem Steps Recoder yesterday. This tiny tool alone might make a migration to Windows 7 worthwhile for some organizations. End users can use it to record problems they encounter with an application and send the screenshots, with comments, to the service desk.
System Restore ^
I always feel uncomfortable whenever I have to use System Restore on a PC to undo all of the changes that have been made since the last System Restore point was created. A new feature of Windows 7 is that you can now view a list of the programs and drivers that would be deleted if you rolled back to a particular System Restore point. You can also now use PowerShell to remotely create or restore System Restore points.
Windows Recovery Environment ^
Windows RE was introduced as part of Windows Vista, and can be used to resolve Windows startup problems. What is new is that it is now installed by default. It will cost you about 200MB of disk space, but the fact that it might help you or your users to recover from a messed-up system is worth the sacrifice of a little space on your hard disk. The Windows RE tools can now also be started via Action Center's Recovery Control Panel.
Resource Monitor ^
The Resource Overview section of Vista's Reliability and Performance Monitor is now a stand-alone tool called Resource Monitor. Microsoft's white paper states that some enhancements have been made, but does not really say what these are. I will soon have a chance to figure out whether any important changes have actually been made, and to report on this.
Reliability Monitor ^
The Reliability Monitor is now integrated into Problem Reports and Solutions. There is a new row that provides information about system changes. Whereas Vista's Reliability Monitor only covered problematic events. You can now use WMI to centrally collect or inspect reliability information.
AppLocker enables administrators to prevent users from running unauthorized programs. It works in a similar fashion to the Software Restriction Polices of former Windows versions, but AppLocker is more flexible and easier to configure. Unfortunately, AppLocker will only be available for Windows 7 Enterprise and Ultimate. I have blogged about AppLocker before. Check it out. It might be worth the extra cost of Windows 7 Enterprise.
Auditing allows you to track the activities of users, groups, and processes. In Windows 7, you can configure everything using Group Policy. In former Windows versions detailed settings could only be configured by using scripts.
Group Policy Preferences ^
Group Policy Preferences were introduced with Windows Server 2008, although Microsoft's paper makes it sound as if they are new to Windows 7. To be fair, there are quite a few new configuration options. Microsoft's paper doesn't really say what is new, but I plan to dig into this in a later post.
Update: There are no important Group Policy Preferences features. Microsoft's paper is very misleading here.
DirectAccess would probably have a good chance of replacing VPN at many corporations if Windows 7 Professional would support it too. It enables mobile computers to connect securely to the corporate network. It is not only a security feature but is also helpful for management tasks, as it allows admins to control external computers as if they were part of the intranet. I blogged about DirectAccess before and will have another look at it as soon as Windows 7 RC is out.