Do you still install Windows 2008? Me too and that's why

    Already in January 2020, support for Windows 2008 R2 will end. Today I want to share a selection of subjective reasons why many (and me too) are still conducting new installations of this old woman.

    Connoisseurs, nostalgic and haters - I ask for cat.


    If we compare the minimum system requirements of Windows 2008R2 and Windows 2016, they will be identical except for a small nuance - the graphical shell of Windows 2016 requires 2 GB of RAM. But according to the subjective sensations, Windows 2008R2 works much more responsively on not-so-fresh servers and weak virtual machines, especially in terms of I / O load on the disk.

    Apparently, the matter is in a smaller number of different services and in their greater simplicity.

    Freshly installed old and new system with identical roles.

    Start button

    Even many system administrators install on servers running Windows 2012 and older software like Classic Shell to return the good old Start. What to say about users. Of course, a return to something “start-up” in Windows 10/2016 made life a little easier, but only a little. You have to search for the right application either painfully peering at the lines, or typing its name - you can't do it with one mouse.

    And besides, try to explain to the user how to exit from the terminal server not with a “cross,” if instead of the “Start” button there are tiles and under-tiles. Compare how simple it was in Windows 2008: Start - end of the session .

    Brevity is the soul of wit.

    And in Windows 2016: “ Click where start was before. Yes, with squares. Find the little man there. Yes, so small ... No, on the left! Click on it and there click on the "exit" .

    More, more mouse clicks!

    Further in the old menu there is an excellent item - “Windows Security”. The user can completely calm and relaxed change your password . Without this “ press Ctrl + Alt + End. No, not Delete. End. This is the button next to Delete . And if a user sits on a terminal server from another terminal server, you can’t get by without exploiting shell-type lifehacks for explorer shell ::: {2559a1f2-21d7-11d4-bdaf-00c04f60b9f0} .

    No, personally, I am happy when I go to the server with Windows 2008 and see the Start button. And people on the forums are sharp on the topic of tiled interfaces, that they in order to receive achievements in their Xbox account - such as “Repaired Active Directory”, “Did not break DFS when updating a domain”. Why? It would be cool.

    Full terminal server without a domain

    Suppose you want to solve a simple task - to deploy a terminal server on a distant server (real or virtual) to work with 1C in a small company.

    In Windows 2008, everything is simple: all settings are done through a snap-in, a domain controller is not needed. Starting from Windows 2012, you cannot create a collection without a domain controller. And if you want a separate server, you can customize it through local policies.

    But such a feature as RemoteApp without a domain - alas, does not work. You need to either use some third-party solutions, or deploy a domain.

    Also, if you want to connect to a user session (the so-called shadowing), then without a domain controller using standard tools will not work. Because.

    Good old tsadmin.msc.

    Even the banal sending of messages to users (for example, about an early server reboot) begins to turn into a quest. If earlier it was possible to select the necessary users in the tsadmin.msc snap -in using such selection tools as Ctrl and Shift, now either send messages one at a time, or use the command line and the msg.exe utility .

    Sending messages in Windows 2016.

    If suddenly you still want to make a full-fledged terminal server with collections and put the role of a domain controller on a terminal server - or vice versa, then even here adventures await you because of the work of the built-in Windows database and the rules for access to it. It is necessary to put also SQl Management Studio.

    Microsoft recommends using the ability to install two virtual machines under one license. That is, now, if I want to use all the capabilities of the terminal server, I am offered to install Windows on hardware and make two virtual machines - for the terminal server and for the domain controller. The drop in 1C performance in this case is from 10% to 20%, there is a need to buy a second IP from the hoster - due to the fact that the hypervisor can only play the role of the hypervisor ... Thank you, Microsoft!

    Job stability

    When at one enterprise the terminal server was modeled on Windows 2016, they encountered amazing things when working with old network printers and 1C. If printers were forwarded to RDP or connected to a terminal session as \ computer \ printer , then they either disappeared altogether or disappeared from 1C. And you had to delete user settings.

    The madness continued until a disgusting decision was made - to install the printers on the server as local with the port \ computer \ printer and hang the necessary ACL on them.

    Installed printer.

    Such interesting nuances have repeatedly emerged in different organizations. That problem with printers, then with not the freshest software up to BSOD. In one story, I had to use the right license VL on downgrade , since proprietary software categorically did not want to work on Windows 2016 and on a virtual machine.

    Therefore, if the license and the hardware component allows - Windows 2008R2 Standart does not support more than 32 GB of RAM, and there is no need for new features of the new server OS, we still install Windows 2008R2 and awfully wait for the end of support.

    It should be noted that Windows 2008R2 has actually become the benchmark for the "cloud" hosting 1C - when the client does not have a thin client , and you need full access to 1C. Fortunately, RemoteApp works with 1C in 2008R2 as bad as in 2016.


    Whoever says about the advantages of telemetry, I hate when the system sends something to someone. Especially if this system is in production. Of course, Microsoft states that there is nothing to fear, but nonetheless. The obvious way out is to turn off the Internet on the server. This is good if the Internet is not needed for the functioning of the server. Otherwise, it would be wise to close Microsoft addresses on the firewall or something similar.

    After all, even in the telemetry settings in group policies, the Computer Configuration parameter - Administrative Templates - Windows Components - Data Collection and Pre-Assembly can only be restricted, but the mechanism cannot be completely disabled.

    Telemetry setup.

    You can also completely disable telemetry and set up monitoring, which will notify you when the service is turned on after the update. The community also created a number of scripts and utilities designed to disable telemetry completely on Windows 10 and Windows 2016.

    For example, a batch file is known that rules the registry and blocks MS domains using the host file . There is also a PowerShell solution : it also rules the registry and at the same time disables services with scheduled tasks that can transfer something to third-party servers.

    Cumulative updates

    The standard delivery of security updates on fresh versions of Windows occurs through cumulative updates. This is very convenient - you do not need to choose 100500 updates to download on a freshly installed system. True, it is convenient that the installers of systems.

    In reality, if a patch breaks something — and this happens regularly — then you will have to spend a lot of man-hours on its capture and shutdown. Therefore, there is a need to keep at least a test group of servers where you can check for updates. Well, WSUS begins to like as a tool.

    Good old mass updates.

    No, really. I prefer the old mechanism, where you can optionally select or block the necessary security systems.

    How to extend support

    Now Microsoft offers only one option, how not to remain without support since 2020 - is to move servers to Azure. Then, according to Microsoft , you can extend the agony of one of the most successful operating systems for another 3 years.

    It should be noted that this also applies to Windows 2008 (the only current 32-bit server OS) and SQL Server 2008.

    Tell me if you plan to completely get rid of Windows 2008R2 over the next couple of years?

    Also popular now: