Many people have slammed the Microsoft tablet effort. Can new Windows Server 2012 R2 features for mobile workers,...
especially the capabilities Microsoft has termed "people-centric IT," change the company's tablet game?
Let's take a closer look at the two new major people-centric IT features, Workplace Join and Work Folders.
Workplace Join partially solves domain join issues
There are two flavors of Windows tablets available today: the Surface RT and Surface 2, which run Windows RT, and the Surface Pro and Surface Pro 2, which run a full-fledged copy of Windows 8. The distinction here is quite big.
Windows RT-based tablets cannot join a domain. They can only be managed by a combination of System Center Configuration Manager (SCCM) and the cloud-based Windows Intune service, both of which require additional licensing investments. The domain join limitation isn't really understandable since it appears to be an artificial limitation rather than a technical obstacle Microsoft could not overcome. It may relate to the fact that the company sees Windows RT tablets as primarily consumer-owned. Perhaps Microsoft thinks customers wouldn't be happy with the management-based limitations and restrictions domain Group Policy objects would impose on their devices.
The Workplace Join feature in Windows Server 2012 R2 partially solves the lack of domain join. The feature essentially matches a set of trusted credentials with a machine certificate, and the resulting pair -- which identifies a user and his or her Windows device -- is stored in a company's Active Directory database. While Workplace Join doesn't allow the application of management policy, it allows devices to be trusted so more sensitive applications can be side-loaded. Using the feature means you can control access to internal resources from outside the corporate network on personally owned devices; it also allows IT departments to easily revoke access when a person's relationship with that company ends. With Workplace Join, even if you don't own a user's tablet, you can at least trust that the user has authenticated it and is using a device you know about. Simply put, Workplace Join solves about 50% of the problems with managing Windows RT tablets.
Tablets running Windows 8, however, don't suffer from this problem because Windows 8 supports a traditional, full-fledged domain join. You can apply policies to them; you can install agents. You can restrict installation, patch them and generally wipe them. But tablets running Windows 8 now suffer from poor battery life, making them undesirable. Users want a simple, thin device that lasts all day, instantly comes on and does what they want it to do.
Workplace Join works with iOS and Android out of the box, but it's hard to argue that these Windows Server 2012 R2 features do much for the Windows tablet situation.
Work Folders, file syncing and protection
Another new Windows Server 2012 R2 feature is Work Folders. This feature lets user-owned tablets sync files and folders with a sync share on the corporate network. This allows administrators to segregate data in an encrypted container on the user's device so they can wipe it if the device is lost or if the end user leaves the company; they can do this without deleting the user's personal content, such as personal photos and files.
This sounds like a decent idea. But Microsoft has at least two other sync options with significant overlap. Having multiple sync options that store user data off devices and in places other entities control is inefficient and confusing for end users. How Microsoft names these sync facilities does not help, either. There's SkyDrive -- the consumer service like Dropbox or Google Drive. Then there's SkyDrive Pro -- a SharePoint component that combines the old Offline Files feature set in Windows with synchronizing files and folders among a user's devices. And, now, there's Work Folders.
Even Microsoft admits the Work Folders feature is primarily an option for enterprises without a SharePoint 2013 rollout. If you have SharePoint 2013 and its attendant SkyDrive Pro feature, rolling out the Work Folders does nothing that SkyDrive Pro cannot already do. It also doesn't include the rich collaboration features and shared library support SkyDrive Pro includes. Windows Server 2012 R2 features introduce capabilities that only change the tablet acceptance situation for organizations that don't have, or don't plan to upgrade to, SharePoint 2013.
In the end, Windows tablet still lags behind iPad
One big tenet for Microsoft in Windows Server 2012 R2 was to create an OS that let any user work with any device anywhere. It's absolutely worth acknowledging that significant progress has been made along those goals. But Windows Server 2012 R2 features do not give much to Windows tablets or Windows RT-based devices any leg up over an iOS or Android device.
The Work Folders feature essentially duplicates several technologies Microsoft already has on the market. The Workplace Join feature gets around a technical limitation by about half, but the feature also works for iOS and Android tablets.
If you were waiting to see if Microsoft had any juice in Windows Server 2012 R2 worth squeezing for Windows tablet buyers, or if you hoped the latest version would give significant advantages for Windows tablets over the iPads your users want, you will likely be disappointed.
About the author:
Jonathan Hassell is an author, consultant and speaker on a variety of IT topics. His published works include RADIUS, Hardening Windows, Using Microsoft Windows Small Business Server 2003 and Learning Windows Server 2003. Jonathan also speaks worldwide on topics ranging from networking and security to Windows administration. He is president of 82 Ventures LLC, based in North Carolina, and is currently an editor for Apress Media LLC, a publishing company that specializes in books for programmers and IT professionals.