The release of Windows Server 2025 brings numerous updates and improvements, particularly in security and Active Directory functionalities.
Active Directory Enhancements: Windows Server 2025 introduces significant changes to Active Directory, including new forest and domain functional levels, increased database page size, and improvements in replication and name resolution.
Security Improvements: Security enhancements include default machine account password randomization, LDAP encryption by default, support for TLS 1.3, and the inclusion of Credential Guard enabled by default.
Performance Upgrades: Active Directory now supports Non-Uniform Memory Access (NUMA) on capable hardware, improving CPU utilization, and additional performance counters have been added.
New Features and Tools: Windows Server 2025 includes tools like the Dtrace tool for real-time debugging, Windows Terminal, WinGet, and the OpenSSH server side component by default.
In-Place Upgrades: In-place upgrades are supported back to Windows Server 2012 R2, potentially making the upgrade process more reliable by installing the OS afresh and migrating necessary data.
Azure Integration: Azure Arc setup is built into Windows Server 2025, simplifying management by allowing quick installation and integration.
Storage and Cluster Management: Improvements include performance optimizations for NVMe SSDs, the introduction of VBS Keys for securing cryptographic keys, and a new Network ATC feature for automating network configuration in clusters.
Deprecation of WSUS: Windows Server Update Services (WSUS) is deprecated, with no new features being added, pushing users towards cloud-based management and updating solutions.