Hello Windows Insiders!
Today we are releasing Windows Server Insider Preview Build 17093 to Windows Server Insiders. This build is a preview build of the next Semi-Annual Channel release of Windows Server. For more information on the Semi-Annual channel, please see the Windows Server Semi-Annual Channel overview. Also available is Project Honolulu Technical Preview 1802.
What’s New in Build 17093 for Windows Server
There are no new features in this build.
What’s New in Project Honolulu Technical Preview 1802
In this release, much of the work was under the hood – performance improvements, accessibility, and support for high-availability deployments.
New in UI, we’ve rolled out a new settings experience – select the gear icon in the upper right of the window to check it out! The link to extension manager lives there, as well as additional settings that are described below.
Another new feature is tagging – added based on feedback we’ve heard from customers who use Honolulu to manage many machines that they would benefit from the ability to organize connections to help sort and filter.
In the Server Manager solution, you may notice that we’ve enabled some feature detection logic – for example, if you are managing a machine that does not have the Hyper-V role, you won’t see the Virtual Machines or Virtual Switches tool. Or, if you are managing the localhost, you won’t see Remote Desktop or PowerShell. This logic has not yet been added to all tools (ex. Storage Replica will always be displayed.)
Finally, many of you may be happy to hear that we’ve added Hyper-V host settings. You can find them inside settings on the server overview tool.
We took the new tree control that was added to Files and Events last release and updated the rest of the tools in the Server Manager solution.
Starting with the Shell/Navigation and data table, we have begun implementing accessibility features such as support for keyboard navigation and screen readers. We will expand on these features in subsequent releases.
You can now deploy Project Honolulu in a failover cluster for high availability of your Honolulu gateway service. We’ve provided 3 PowerShell scripts that enable you to easily install, update, or uninstall Project Honolulu onto an existing failover cluster. You’ll need a Cluster Shared Volume to persist data across the cluster, but the scripts will install Project Honolulu and configure certificates on all the nodes. By deploying Project Honolulu on a failover cluster, you can ensure that you are always able to manage the servers in your environment. See the HA deployment guide for setup instructions and link to the scripts.
Settings – Localization
The language drop-down menu is no longer disabled! Honolulu is in the process of being localized, so if you are multi-lingual, please experiment with non-English languages. If your OS or browser is configured to a supported language, Honolulu should automatically select that language. When installing, the MSI will be localized to the Windows region language setting, not the input language.
Please let us know if you discover text that has been translated incorrectly.
Settings – Access
This section only applies when you are running Honolulu as a service on Windows Server. Here you can define security groups (either Active Directory, or local machine groups) for both user and administrator access to Honolulu.
Previously, to access the Honolulu service, users were required to have logon access on the gateway machine. Now you can configure your environment in such a way that users can access the Honolulu service without the rights to log on to the gateway machine.
The default behavior is unrestricted; any user that navigates to the gateway URL will have access to the Honolulu interface. Once you add one or more security groups to the users list, access is restricted to the members of those groups. If you want to enforce the use of smartcard authentication, you can specify an additional required group for smartcard-based security groups. In this case, a user will have access if they are in any security group AND a smartcard group.
On the Administrators tab, you define the security groups that will have privileges to change Honolulu settings. Smartcard groups work the same way here as for the user list. The local administrators group on the gateway machine will always have full administrator access and cannot be removed from the list. The administrators list supports the same AND condition for smartcards groups as the users list.
To help you manage your list of connections, we’ve added the ability to assign tags to each entry in your connection list. Honolulu remembers the tags that you have previously used for easy selection. You can assign tags when adding a single connection or importing a list of connections.
Known Issues for Project Honolulu
Roles & Features – If you check multiple rows, then click the button to clear the selection, the items will remain checked in the UI, but have successfully be deselected on the back end. To reselect, you must manually uncheck and recheck the item, or refresh the page. [1802-15409823]
Access Settings – When you add or remove a security group, it can take a few minutes for the access control to be applied. [1802-15377945]
If you encounter other issues, please post on the Project Honolulu space in the Windows Server Community for Insiders.
Server Insiders have the choice of Server Core Edition in ISO or VHDX format. The images are pre-keyed – no need to enter a key during setup.
Matching Windows Server container images will be available via Docker Hub. For more information about Windows Server containers and Insider builds, See Windows Containers Documentation click Windows Containers Documentation and Using Insider Container Images.
Symbols are available on the public symbol server – see Update on Microsoft’s Symbol Server blog post and Using the Microsoft Symbol Server.
This Server Insider pre-release build will expire on July 2nd, 2018.
How to Download
To obtain the Insider software downloads, registered Insiders may navigate directly to the Windows Server Insider Preview download page. If you have not yet registered as an Insider, see GETTING STARTED WITH SERVER on the Windows Insiders for Business portal.
It’s all about your feedback!
The most important part of a frequent release cycle is to hear what’s working and what needs to be improved, so your feedback is extremely valued. Use your registered Windows 10 Insider device and use the Feedback Hub application. In the app, choose the Server category and then the appropriate subcategory for your feedback. Please indicate what build number you are providing feedback on.
Known issues with Windows Server Build 17093
On builds 17088 and higher, after Server Core OS installation, the user is requested to set the password – when the user does so, an error message is presented “The remote procedure call failed”. The install will still accept the password as expected.
Upgrading a system to a preview build, starting with build 17088, may stall at 88% for 45 or more minutes before eventually being completed due to loading registry hives for each driver.
When BitLocker is enabled and a system is started, the system prompts the user for the BitLocker PIN. Upon providing the correct PIN the first time, the system says the PIN is incorrect; however, if the user presses Enter a second time, the PIN is accepted.
In‑place OS upgrade: BitLocker. Before performing an in-place OS upgrade, suspend (disable) BitLocker protection on any drives on the system. After the upgrade is complete, resume (re-enable) BitLocker protection.
In-place OS upgrade: Domain Controllers. During an in-place OS upgrade, Active Directory (AD) Domain Controllers (DC) might not be upgraded correctly. Back up any AD DCs before performing an in-place OS upgrade.
Using container images from Windows Insider Program on a Windows Server Core host will fail, and may crash the host. As a workaround, you can add isolation=hyperv when running or building the containers; for example: docker run -isolation=hyperv microsoft/nanoserver-insider.
When Hypervisor Code Integrity (HVCI) is enabled, a system may fail to start. On affected systems, firmware locates UEFI runtime services in memory described as Memory-Mapped I/O (MMIO).
Testing of the Windows core may fail because of a timeout while attempting to load the test libraries.