Nano Domain Controllers

  • Last Post 22 April 2017
Anthony.Vandenbossche posted this 20 April 2017

Hi All,   I am well aware that the ADDS workload is not suited for Nano at this moment. However, I was wondering if anyone has some inside information on the Roadmap for Nano Server. From a security perspective (among many others), it would be very useful to have Nano Domain Controllers.   Thanks for any response!   Kind Regards,  
Technical Consultant
Hybrid Cloud

You can mail me anthony.vandenbossche@xxxxxxxxxxxxxxxx
Call me at my UC number +32 2 801 54 59

RD Portal

This e-mail message and any attachment are intended for the sole use of the recipient(s) named above and may contain information which is confidential and/or protected by intellectual property rights. Any use of the information contained herein (including, but not limited to, total or partial reproduction, communication or distribution in any form) by other persons than the designated recipient(s) is prohibited. If you have received this e-mail in error, please notify the sender either by telephone (+32 2 801 55 55) or by e-mail and delete the material from any computer. Please note that neither Realdolmen nor the sender accept any responsibility for viruses and it is your responsibility to scan or otherwise check this e-mail and any attachments.  Realdolmen is responsible neither for the correct and complete transfer of the contents of the sent e-mail, nor for the receipt on due time.

Think green, keep it on your screen  

Order By: Standard | Newest | Votes
a-ko posted this 22 April 2017

Nope. And I don’t  really see how it would improve/enhance from a security perspective any more than it does now.


Sure, you remove a bunch of “useless” things from the OS, but you leave behind some very useful, attackable things. Most importantly being the .NET Framework.


I’m not exactly sure ADDS benefits from containers from a security perspective, but potentially from an automation perspective. But they’ve got a long way to go. Mostly being

around Kerberos and SIDs being a cornerstone of AD Authentication.


Let’s just rename AD to “ADSaaS”





patrickg posted this 22 April 2017

Smaller attack surface (less services running) and not having a GUI(like-core) keeps off “desktop admins”.


Less/faster patching and faster reboots are also a plus.


As for roadmap, in a general sense they mentioned expanding its use-cases in future release, I would suspect feature additions may follow more of a Win10 model… Build

or Ignite. If you want to do a fair amount of testing, you could always try the WS Tap program where there is a better internal roadmap there.