New features of Windows Server 2025
Please note that the file locations shown below are only applicable for Windows Server 2025 Preview iso installation file. The locations shown below may change later, when Microsoft releases the newer builds for the Windows Server 2025 Operating System.
Following are some of the new features announced by Microsoft for Windows Server 2025. Please visit the following Microsoft web page for updated information about the new features in Windows Server 2025.
New features available in AD DS (Active Directory Domain Services) and AD LDS (Active Directory Lightweight Directory Services)
There are many new features related with AD DS (Active Directory Domain Services) and AD LDS (Active Directory Lightweight Directory Services) in Windows Server 2025. Some of the main new features are listed below.
Updates related with Active Directory Schema
The Active Directory Schema related updates in Windows Server 2025 are the introduction of the new LDF files (Log Database Files). The new LDF files sch89.ldf, sch90.ldf and sch91.ldf are introduced with Windows Server 2025. These new files "sch89, sch90 and sch91" can be located inside D:\support\adprep folder, inside your Windows Server 2025 installation media. Here the D drive contains my Windows Server 2025 installation media.
The update related with AD LDS (Active Directory Lightweight Directory Services) are with MS-ADAM-Upgrade3.ldf file. You can find the MS-ADAM-Upgrade3.ldf file inside C:\Windows\ADAM folder, after the AD LDS (Active Directory Lightweight Directory Services) feature is installed on your Windows Server 2025 Operating System.
Increased database page size limit from 8KB to 32KB
AD DS (Active Directory Domain Services) was originally implemented with an 8KB database page size from the beginning of Active Directory in Windows Server 2000. This 8KB database page size caused many limitations while implementing AD DS, including AD object size. The increase in database page size from 8KB to 32KB removes the limitations caused by small page size. 32KB page size allows larger size objects in Active Directory.
Note that 32KB database page size is currently optional. If you want to implement this feature, all the Domain Controllers inside the Active Directory forest must be enabled with 32KB page size.
Forest functional level and Domain functional level
New Forest and Domain functional levels are available with Windows Server 2025. New functional levels in Windows Server 2025 are ForestLevel 10 and DomainLevel 10. Some other new features with Windows Server 2025 require new Forest and Domain functional levels be enabled.
Active Directory object repair
Windows Server 2025 has a new feature which permits enterprise administrators to repair AD objects with missing core attributes SamAccountType and ObjectCategory.
Reset the "LastLogonTimeStamp" attribute
Windows Server 2025 permits enterprise administrators to reset the LastLogonTimeStamp attribute to the current time.
NUMA (Non–uniform Memory Access) support
AD DS has a new feature, which supports NUMA (Non–uniform Memory Access). NUMA (Non–uniform Memory Access) permits Active Directory to use all processor groups. Active Directory could use only CPUs in group 0 before. Active Directory has removed the CPU 64-core limit and now AD can make use of more than 64 processors.
NUMA (Non–uniform Memory Access) is type of computer architecture where multiple logical processors (also called as nodes) are connected using high–performance connections to a shared RAM memory pool. Even though the main RAM memory is shared between many nodes, the memory looks like a single system memory image. There is a memory controller, which controls the nodes to share memory on all the nodes.
New updated algorithm for Name/SID (Security IDentifier) lookups
SID (Security IDentifier) is a unique ID that a Windows Operating System or Windows Domain Controller (AD DC) uses to identify an object. Kerberos authentication and DC Locator algorithm are used instead of legacy Netlogon secure channel. Netlogon secure channel is still available as a fallback option for previous Operating System versions.
Delegated Managed Service Accounts (dMSAs)
A Delegated Managed Service Account (dMSA) is used to run a service or application on a specific Windows Server 2025 computer. dMSA allows migration from a traditional service account to a managed service account.
Kerberos AES SHA256 and SHA384
Updated Kerberos protocol in Windows Server 2025 supports stronger hashing and encryption protocols like AES SHA256 and SHA384.
Other noticeable new features in Windows Server 2025
Bluetooth peripheral devices
Bluetooth peripheral devices such as Bluetooth keyboards, Bluetooth mice, Bluetooth headsets, audio devices are supported in Windows Server 2025.
Hotpatching
Updated Windows Server Hotpatching feature allows seamless critical security updates to your Windows Server 2025, without the need for a server reboot after hotpatch installation. Windows Server 2025 Hotpatching patches the code of running processes in memory, without the need to restart.
Desktop shell experience of Windows Server 2025
The desktop shell experience of Windows Server 2025 is similar to that of Windows 11 Operating System.
SMB over QUIC
SMB (Server Message Block) is a network protocol used in Microsoft Windows network environments to share folders and printers over the LAN. Windows Server 2025 supports SMB over QUIC (Quick UDP Internet Connections). QUIC (Quick UDP Internet Connections) allows more secure and fast connections.
To view all the new features available in Windows Server 2025, please visit Microsoft web page What’s new in Windows Server 2025 (preview).
Written by Jajish Thomas.
Last updated on 26th May, 2024.