Windows Server 2012 R2 Enables Bring Your Own Device (BYOD) Page 2
Windows Server 2012 R2 Enables Bring Your Own Device (BYOD)
Like it or not, more and more users expect to be able to access their work files and applications from anywhere and at any time, regardless of what device they are working on and regardless of whether that device is domain joined or not.
With the release of Windows Server 2012 R2, Microsoft has introduced several new features to allow admins to securely grant access to corporate applications and data for those users who want to bring their own device (BYOD).
Firstly, this involves allowing devices to be associated with the company's Active Directory environment. Secondly, it uses that association to provide single sign-on capabilities to seamlessly access content and applications, either internally or from the net.
Workplace Join for sharing files and folders
Using Workplace Join, users can associate their personal devices to the domain to access files and folders. Workplace Join is made possible using the new device registration service (DRS). When a device connects with Workplace Join the DRS creates a device object in Active Directory and hands out an authentication certificate, which is then subsequently used to confirm the identity of the device, without the device needing to join the domain.
Web Application Proxy for apps and services outside of the firewall
Web Application Proxy is a new Remote Access role service in Windows 2012 R2, and when used in conjunction with Workplace Join, administrators can provide end users located outside the organization with access to applications and services running on servers inside the organization.
Work Folders for file synchronization
Work Folders add to the functionality provided by Workplace Join and allow users to sync files on a Windows Server 2012 R2 file server with folders on their own device, and provide administrators with the ability to centrally manage the files and folders.
One Thing to Mourn
While Windows Server 2012 R2 has introduced new features in areas such as group policy, IPAM, Remote Desktop Services, DHCP and more, there is one area that has been de-emphasized that I'm particularly sad about. And when Microsoft de-emphasizes a feature, it is very rare we see further development on it.
Network Access Protection (NAP) has been de-emphasized in Windows Server 2012 R2. It isn't a feature that I have seen deployed extensively, but it is one that I believe had so much promise. With the rise of Direct Access, WSUS, NPS and other 3rd party technologies such as CISCO Network Admission Control, it seems that duplicating work with NAP was likely seen as unnecessary. File it under "a good service that didn't fulfill its potential."
Author Bio: Mike Brown is the Lead Windows Server Instructor for Firebrand Training and is a Microsoft Certified Trainer. When not in the class room, Mike is writing a range of How-to and information articles on Windows Server 2012.
Read more on "Server OS Spotlight" »