Hello Windows Server Insiders!
Today we are pleased to release a new build of the next Windows Server Long-Term Servicing Channel (LTSC) Preview that contains both the Desktop Experience and Server Core installation options for Datacenter and Standard editions, and Azure Edition (for VM evaluation only). Branding has not yet been updated and remains as Windows Server 2022 in this preview - when reporting issues please refer to "VNext" rather than Windows Server 2022 which is currently in market.
What's New
SMB over QUIC now available in Datacenter and Standard editions
Starting with this build (Build 25997), the SMB over QUIC server feature is now available in Windows Server Datacenter and Standard editions. This changes the previous behavior, where it was only available in Windows Server Azure Edition.
For more information on this change, review https://aka.ms/SMBoverQUICServer.
For more information on SMB over QUIC, review https://aka.ms/SMBoverQUIC.
SMB firewall rule changes
Starting with this build (Build 25997), creating SMB shares changes a longtime Windows Defender Firewall default behavior. Previously, creating a share automatically configured the firewall to enable the rules in the “File and Printer Sharing” group for the given firewall profiles. Now, Windows automatically configures the new “File and Printer Sharing (Restrictive)” group, which no longer contains inbound NetBIOS ports 137-139. We plan future updates for this rule to also remove inbound ICMP, LLMNR, and Spooler Service ports and restrict down to the SMB sharing-necessary ports only.
This change enforces a higher default standard for network security as well as bringing SMB firewall rules closer to the Windows Server “File Server” role behavior. Administrators can still configure the “File and Printer Sharing” group if necessary as well as modify this new firewall group.
For more information on this change, review https://aka.ms/SMBfirewall.
For more information on SMB network security, review Secure SMB Traffic in Windows Server.
SMB NTLM blocking exception list
Starting with this build (Build 25997), the new SMB NTLM blocking feature first announced in Windows 11 Insider Preview Build 25951 now supports specifying exception lists for NTLM usage. This allows an administrator to configure a general block on NTLM usage while still allowing clients to use NTLM for specific servers that do not support Kerberos, either because they are not Active Directory domain joined or are a third party without Kerberos support.
For more information on this change, review https://aka.ms/SmbNtlmBlock.
SMB alternative client and server ports
Starting with this build (Build 25997), the SMB client now supports connecting to an SMB server over TCP, QUIC, or RDMA using alternative network ports to the hardcoded defaults. Previously, SMB only supported TCP/445, QUIC/443, and RDMA iWARP/5445. In addition, the SMB over QUIC server in Windows Server will add support for SMB over QUIC endpoints configured with different ports than 443 in a future preview release. Windows Server will not support configuring alternative SMB server TCP ports, but third parties such as Samba do.
You can specify an alternative SMB client port using the NET USE command and New-SmbMapping PowerShell cmdlet. You can also completely disable this feature with a group policy.
For more information on using this option, review https://aka.ms/SMBAlternativePorts.
For more information on configuring non-standard SMB server ports in third parties, consult their product documentation.
SMB over QUIC client access control certificate changes
Starting with this build (Build 25997), the SMB over QUIC client access control feature first announced in Windows 11 Insider Preview Build 25977 now supports using certificates with subject alternative names and not just a single subject. This means the client access control feature now supports using a Microsoft AD Certificate Authority and multiple endpoint names, just like the currently released version of SMB over QUIC. You can now evaluate the feature using the recommended options and not require self-signed test certificates.
For more information on this change, review https://aka.ms/SmbOverQUICCAC.
For more information on SMB over QUIC, review https://aka.ms/SMBoverQUIC.
The following new features are specific to Windows Server with Desktop Experience only. Some of these will require running the OS on physical systems AND having the right drivers on hand.
- Additions to <Settings>Accounts: Email & Accounts is now consistent with Windows 11. Please note, that domain join will still be necessary for most scenarios.
- Increased coverage for Bluetooth devices. Many of you want to use BT to connect mice, keyboards, and audio devices at the Edge. Please try out your favorite keyboard, mouse, headphones, or other BT peripheral!
- Wi-Fi present by default. Many of you want to connect servers to Wi-Fi networks at the Edge. While Wireless LAN service has been present in Windows Server, it was disabled by default. Wi-Fi support is now currently enabled by default for Edge scenarios. You will need the appropriate hardware and drivers handy. Please verify that your wireless devices work properly. When hardware and the correct drivers are present, see the corresponding Settings and Taskbar experiences. Let us know what you think!
- First login privacy settings: This is not the final version, but you will notice a Windows 11 like first login “OOBE” experience, albeit limited to user privacy settings.
Known Issues
The new Feedback Hub and Terminal apps are not functioning properly in this release due to known issues. These will be addressed in a future release. Please continue to submit feedback as described in the "We value your feedback!" section below.
If you are validating upgrades from Windows Server 2019 or 2022, we do not recommend that you use this build as intermittent upgrade failures have been identified for this build.
This build has an issue where archiving eventlogs with "wevetutil al" command causes the Windows Event Log service to crash, and the archive operation to fail. The service must be restarted by executing "Start-Service EventLog" from an administrative command line prompt.
If you have Secure Launch/DRTM code path enabled, we do not recommend that you install this build.
Available Downloads
Downloads to certain countries may not be available. See Microsoft suspends new sales in Russia - Microsoft On the Issues
Keys: Keys are valid for preview builds only
- Windows Server Long-Term Servicing Channel Preview in ISO format in 18 languages, and in VHDX format in English only.
- Windows Server Datacenter Azure Edition Preview in ISO and VHDX format, English only.
- Microsoft Server Languages and Optional Features Preview
Symbols: available on the public symbol server – see Using the Microsoft Symbol Server.
- Server Standard: MFY9F-XBN2F-TYFMP-CCV49-RMYVH
- Datacenter: 2KNJJ-33Y9H-2GXGX-KMQWH-G6H67
- Azure Edition does not accept a key
Expiration: This Windows Server Preview will expire September 15, 2024.
How to Download
Registered Insiders may navigate directly to the Windows Server Insider Preview download page. If you have not yet registered as an Insider, see GETTING STARTED WITH SERVER on the Windows Insiders for Business portal.
We value your feedback!
The most important part of the release cycle is to hear what's working and what needs to be improved, so your feedback is extremely valued. For Windows Server, use your registered Windows 10 or Windows 11 Insider device and use the Feedback Hub application. In the app, choose the Windows Server category and then the appropriate subcategory for your feedback. In the title of the Feedback, please indicate the build number you are providing feedback on as shown below to ensure that your issue is attributed to the right version:
[Server #####] Title of my feedback
See Give Feedback on Windows Server via Feedback Hub for specifics. The Windows Server Insiders space on the Microsoft Tech Communities supports preview builds of the next version of Windows Server. Use the forum to collaborate, share and learn from experts. For versions that have been released to general availability in market, try the Windows Server for IT Pro forum or contact Support for Business.
Diagnostic and Usage Information
Microsoft collects this information over the internet to help keep Windows secure and up to date, troubleshoot problems, and make product improvements. Microsoft server operating systems can be configured to turn diagnostic data off, send Required diagnostic data, or send Optional diagnostic data. During previews, Microsoft asks that you change the default setting to Optional to provide the best automatic feedback and help us improve the final product.
Administrators can change the level of information collection through Settings. For details, see http://aka.ms/winserverdata. Also see the Microsoft Privacy Statement.
Terms of Use
This is pre-release software - it is provided for use "as-is" and is not supported in production environments. Users are responsible for installing any updates that may be made available from Windows Update. All pre-release software made available to you via the Windows Server Insider program is governed by the Insider Terms of Use.
Source:
Announcing Windows Server Preview Build 25997
Announcing Windows Server Preview Build 25997 Hello Windows Server Insiders! Today we are pleased to release a new build of the next Windows Server Long-Term..
techcommunity.microsoft.com
ISO from Microsoft:
Download Official Windows 11 ISO file from Microsoft Tutorial
This tutorial will show you how to download an official Windows 11 ISO file from Microsoft. Microsoft provides ISO files for Windows 11 to download. You can use these ISO files to clean install or in-place upgrade Windows 11. The Flight Hub can also help you keep updated on which Windows 11...
www.elevenforum.com
Attachments
Last edited:
