Description:
About this
Course
This five-day instructor-led course provides in-depth
training on configuring Active Directory Domain Services (AD DS) in a
distributed environment, implementing Group Policies, performing backup and
restore, and monitoring and troubleshooting Active Directory related
issues.
Audience Profile
This course is intended for
Active Directory Technology Specialists, Server Administrators, and Enterprise
Administrators who want to learn how to implement Active Directory in a
distributed environment, secure domains by using Group Policies, back up,
restore, monitor, and troubleshoot Active Directory configuration to ensure
trouble-free operation.
At Course Completion
After
completing this course, students will be able to:
• Describe the
features and functionality of Active Directory Domain Services.
• Perform secure and efficient administration of Active
Directory.
• Manage users and service accounts.
• Manage
groups.
• Manage computer accounts.
• Implement a Group Policy
infrastructure.
• Manage enterprise security and configuration by using
Group Policy settings.
• Secure administration.
• Improve the
security of authentication in an AD DS Domain.
• Configure Domain Name
System.
• Administer AD DS domain controllers.
• Manage sites
and Active Directory.
• Monitor, maintain, and back up directory
Service to ensure continuity.
• Manage multiple domains and forests.
Syllabus:
Course Outline
Module 1: Introducing Active Directory Domain
Services
This module explains how to install and configure Active
Directory Domain Services and install and configure a read-only domain
controller.
After completing this module, students will be able
to:
• Describe the functionality of AD DS in an enterprise in relation
to identity and access.
• Describe the major components of AD
DS.
• Install AD DS and configure it as a domain
controller.
Module 2: Administering Active Directory Securely and
Efficiently
This module explains how to work securely and
efficiently in Active Directory.
After completing this module, students will
be able to:
• Describe and work with Active Directory administration
tools.
• Describe the purpose and functionality of custom consoles and
least privilege.
• Locate objects in Active
Directory.
• Administer Active Directory by using Windows
PowerShell.
Module 3: Managing Users and Service
Accounts
This module explains how to manage and support user
accounts in Active Directory.
After completing this module, students will be
able to:
• Create and administer user accounts.
• Configure user
object attributes.
• Automate user account creation.
• Create
and configure managed service accounts.
Module 4: Managing
Groups
This module explains how to create, modify, delete, and
support group objects in Active Directory.
After completing this module,
students will be able to:
• Describe the role of groups in managing an
enterprise.
• Administer groups with by using the built-in tools in
Windows Server 2008CSVDE and LDIFDE.
• Describe the best practices for
managing groups.
Module 5: Managing Computer
Accounts
This module explains how to create and configure computer
accounts.
After completing this module, students will be able
to:
• Create computer accounts and join them to a
domain.
• Administer computer objects and accounts by using the Windows
Interface and command-line tools.
• Describe and perform the Offline
Domain Join process.
Module 6: Implementing a Group Policy
Infrastructure
This module explains what Group Policy is, how it
works, and how best to implement Group Policy in your organization.
After
completing this module, students will be able to:
• Describe the
components and technologies that comprise the Group Policy
framework.
• Implement GPOs.
• Configure and understand a
variety of policy setting types.
• Understand and configure Group Policy
preferences.
• Scope GPOs by using links, security groups, Windows
Management Instrumentation filters, loopback processing, and preference
targeting.
• Describe how GPOs are processed.
• Locate the event
logs containing Group Policy–related events and troubleshoot Group Policy
application.
Module 7: Managing Enterprise Security and Configuration
with Group Policy Settings
This module explains how to manage
security and software installation and how to audit files and folders.
After
completing this module, students will be able to:
• Delegate the support
of computers.
• Manage security settings.
• Manage software by
using GPSI.
• Describe the purpose and functionality of
auditing
• Describe the purpose of Software Restriction Policy and
AppLocker.
Module 8: Securing Administration
his module
explains how to administer Active Directory Domain Services Securely.
• Delegate administrative permissions.
• Audit Active Directory
administration.
Module 9: Improving the Security of Authentication in
an AD DS Domain
This module explains the domain-side components of
authentication, including the policies that specify password requirements and
the auditing of authentication-related activities.
After completing this
module, students will be able to:
• Configure password and lockout
policies.
• Audit authentication.
• Configure read-only domain
controllers.
Module 10: Configuring Domain Name
System
This module explains how to implement DNS to support name
resolution both within your AD DS domain and outside your domain and your
intranet.
After completing this module, students will be able
to:
• Describe DNS concepts, components, and
processes.
• Install and configure DNS in an AD DS
domain.
• Describe the integration of AD DS, DNS, and Windows.
• Describe advanced DNS configuration and administration
tasks.
Module 11: Administering AD DS Domain
Controllers
This module explains how to add Windows Server 2008
domain controllers to a forest or domain, how to prepare a Microsoft Windows
Server 2003 forest or domain for its first Windows Server 2008 DC, how to manage
the roles performed by DCs, and how to migrate the replication of SYSVOL from
the File Replication Service (FRS) used in previous versions of Windows to the
Distributed File System Replication (DFS-R) mechanism that provides more robust
and manageable replication.
After completing this module, students will be
able to:
• Identify the domain controller installation
options.
• Install a Server Core DC.
• Manage operations
masters.
• Configure DFS-R replication of SYSVOL.
Module 12:
Managing Sites and Active Directory
This module explains how to
create a distributed directory service that supports domain controllers in
portions of your network that are separated by expensive, slow, or unreliable
links.
After completing this module, students will be able
to:
• Configure sites and subnets.
• Configure the global
catalog and application partitions.
• Configure
replication.
Module 13: Directory Service Continuity
This
module explains about the technologies and tools that are available to help
ensure the health and longevity of the directory service. You will explore tools
that help you monitor performance in real time, and you will learn to log
performance over time so that you can keep an eye on performance trends in order
to spot potential problems.
After completing this module, students will be
able to:
• Monitor Active Directory.
• Manage the Active
Directory database.
• Describe the purpose of the Active Directory
Recycle Bin.
• Back up and restore AD DS and domain
controllers.
Module 14: Managing Multiple Domains and
Forests
This module explains how to raise the domain and forest
functionality levels within your environment, how to design the optimal AD DS
infrastructure for your enterprise, how to migrate objects between domains and
forests, and how to enable authentication and resources access across multiple
domains and forests.
After completing this module, students will be able
to:
• Configure domain and forest functional levels.
• Manage
multiple domains and trust relationships.
• Move objects between domains
and forests