- Microsoft Windows Server Training
- 6425C: Configuring Windows Server 2008 Active Directory Domain Services
This 5-day course provides students with the knowledge & skills to configure Active Directory Domain Services in a distributed environment, implement Group Policies, perform backup & restore, & monitor & troubleshoot Active Directory issues.
- Course Outline
This five-day instructor-led course provides to teach Active Directory Technology Specialists with the knowledge and skills to configure Active Directory Domain Services in a distributed environment, implement Group Policies, perform backup and restore, and monitor and troubleshoot Active Directory related issues.
The primary audience for this course are AD Technology Specialists, Server Administrators, and Enterprise Administrators who want to learn how to implement AD in a distributed environment, secure domains using Group Policies, and perform backup, restore, and monitor and troubleshoot AD configuration to ensure trouble free operation.
At Course Completion
After completing this course, students will be able to implement and configure Active Directory domain services in their enterprise environment.
Module 1: Introducing Active Directory Domain Services
This module explains how to install and configure Active Directory Domain Services and install and configure a read-only domain controller.
- Lesson 1: Overview of Active Directory, Identity, and Access
- Lesson 2: Active Directory Components and Concepts
- Lesson 3: Install Active Directory Domain Services
- Perform Post-Installation Configuration Tasks
- Install a New Windows Server 2008 Forest with the Windows Interface
- Raise Domain and Forest Functional Levels
- Describe the functionality of AD DS in an enterprise in relation to identity and access.
- Describe the major components of AD DS.
- Install AD DS and configure it as a domain controller.
This module explains how to work securely and efficiently in Active Directory.
- Work with Active Directory Administration Tools
- Custom Consoles and Least Privilege
- Find Objects in Active Directory
- Use Windows PowerShell to Administer Active Directory
- Perform Administrative Tasks by Using Administrative Tools
- Create a Custom Active Directory Administrative Console
- Perform Administrative Tasks with Least Privilege, Run As Administrator, and User Account Control
- Find Objects in Active Directory
- Use Saved Queries
- Use PowerShell Cmdlets to Administer Active Directory
- After completing this module, students will be able to:
- Describe and work with Active Directory administration tools.
- Describe the purpose and functionality of custom consoles and least privilege.
- Locate objects in Active Directory.
- Administer Active Directory by using Windows PowerShell.
This module explains how to manage and support user accounts in Active Directory.
- Create and Administer User Accounts
- Configure User Object Attributes
- Automate User Account Creation
- Create and Configure Managed Service Accounts
- Create User Accounts
- Administer User Accounts
- Examine User Object Attributes
- Manage User Object Attributes
- Create Users from a Template
- Export and Import Users with CSVDE
- Import Users with LDIFDE
- Create and Associate a Managed Service Account
- After completing this module, students will be able to:
- Create and administer user accounts.
- Configure user object attributes.
- Automate user account creation.
- Create and configure managed service accounts.
This module explains how to create, modify, delete, and support group objects in Active Directory.
- Overview of Groups
- Administer Groups
- Best Practices for Group Management
- Implement Role-Based Management by Using Groups
- (Advanced Optional) Explore Group Membership Reporting Tools
- (Advanced Optional) Understand “Account Unknown” Permissions
- Implement Best Practices for Group Management
- Describe the role of groups in managing an enterprise.
- Administer groups with by using the built-in tools in Windows Server 2008CSVDE and LDIFDE.
- Describe the best practices for managing groups.
This module explains how to create and configure computer accounts.
- Create Computers and Join the Domain
- Administer Computer Objects and Accounts
- Perform an Offline Domain Join
- Join a computer to the Domain with the Windows Interface
- Secure Computer Joins
- Manage Computer Account Creation
- Administer Computer Objects Through Their Life Cycle
- Administer and Troubleshoot Computer Accounts
- Configure an Offline Domain Join
- Create computer accounts and join them to a domain.
- Administer computer objects and accounts by using the Windows Interface and command-line tools.
- Describe and perform the Offline Domain Join process.
This module explains what Group Policy is, how it works, and how best to implement Group Policy in your organization.
- Understand Group Policy
- Implement GPOs
- Deeper Look at Settings and GPOs
- Group Policy Preferences
- Manage Group Policy Scope
- Group Policy Processing
- Troubleshoot Policy Application
- Create, Edit, and Link GPOs
- Use Filtering and Commenting
- Manage Administrative Templates
- Configure Group Policy Preferences
- Verify the Application of Group Policy Preferences
- Configure GPO Scope with Links
- Configure GPO Scope with Filtering
- Configure Loopback Processing
- Perform RSoP Analysis
- Use the Group Policy Modeling Wizard
- View Policy Events
- Describe the components and technologies that comprise the Group Policy framework.
- Implement GPOs.
- Configure and understand a variety of policy setting types.
- Understand and configure Group Policy preferences.
- Scope GPOs by using links, security groups, Windows Management Instrumentation filters, loopback processing, and preference targeting.
- Describe how GPOs are processed.
- Locate the event logs containing Group Policy–related events and troubleshoot Group Policy application.
This module explains how to manage security and software installation and how to audit files and folders.
- Delegate the Support of Computers
- Manage Security Settings
- Manage Software with GPSI
- Software Restriction Policy and AppLocker
- Configure the Membership of Administrators by Using Restricted Groups
- Manage Local Security Settings
- Create a Security Template
- Deploy Software with GPSI
- Upgrade Applications with GPSI
- Configure Permissions and Audit Settings
- Configure Audit Policy
- Examine Audit Events
- Configure Application Control Policies
- Delegate the support of computers.
- Manage security settings.
- Manage software by using GPSI.
- Describe the purpose and functionality of auditing
- Describe the purpose of Software Restriction Policy and AppLocker.
This module explains how to administer Active Directory Domain Services Securely.
- Delegate Administrative Permissions
- Audit Active Directory Administration
- Delegate Permission to Create and Support User Accounts
- View Delegated Permissions
- Remove and Reset Permissions
- Audit Changes to Active Directory Using Default Audit Policy
- Audit Changes to Active Directory Using Directory Service Changes Auditing
- Delegate administrative permissions.
- Audit Active Directory administration.
This module explains the domain-side components of authentication, including the policies that specify password requirements and the auditing of authentication-related activities.
- Configure Password and Lockout Policies
- Audit Authentication
- Configure Read-Only Domain Controllers
- Configure the Domain’s Password and Lockout Policies
- Configure a Fine-Grained Password Policy
- Audit Authentication
- Exercise 1: Install an RODC
- Exercise 2: Configure Password Replication Policy
- Exercise 3: Manage Credential Caching
- Configure password and lockout policies.
- Audit authentication.
- Configure read-only domain controllers.
This module explains how to implement DNS to support name resolution both within your AD DS domain and outside your domain and your intranet.
- Review of DNS Concepts, Components, and Processes
- Install and Configure DNS in an AD DS Domain
- Integration of AD DS, DNS, and Windows
- Advanced DNS Configuration and Administration
- Add the DNS Server Role
- Configure Forward Lookup Zones and Resource Records
- Enable Scavenging of DNS Zones
- Create Reverse Lookup Zones
- Explore Domain Controller Location
- Configure Name Resolution for External Domains
- Describe DNS concepts, components, and processes.
- Install and configure DNS in an AD DS domain.
- Describe the integration of AD DS, DNS, and Windows.
- Describe advanced DNS configuration and administration tasks.
This module explains how to add Windows Server 2008 domain controllers to a forest or domain, how to prepare a Microsoft Windows Server 2003 forest or domain for its first Windows Server 2008 DC, how to manage the roles performed by DCs, and how to migrate the replication of SYSVOL from the File Replication Service (FRS) used in previous versions of Windows to the Distributed File System Replication (DFS-R) mechanism that provides more robust and manageable replication.
- Domain Controller Installation Options
- Install a Server Core DC
- Manage Operations Masters
- Configure DFS-R Replication of SYSVOL
- Create an Additional DC with the Active Directory Domain Services Installation Wizard
- Add a Domain Controller from the Command Line
- Remove a Domain Controller
- Create a Domain Controller from Installation Media
- Perform Post-Installation Configuration on Server Core
- Create a Domain Controller with Server Core
- Identify Operations Masters
- Transfer Operations Masters Roles
- Observe the Replication of SYSVOL
- Prepare to Migrate to DFS-R
- Migrate SYSVOL Replication to DFS-R
- Verify DFS-R Replication of SYSVOL
- Identify the domain controller installation options.
- Install a Server Core DC.
- Manage operations masters.
- Configure DFS-R replication of SYSVOL.
This module explains how to create a distributed directory service that supports domain controllers in portions of your network that are separated by expensive, slow, or unreliable links.
- Configure Sites and Subnets
- Configure the Global Catalog and Application Partitions
- Configure Replication
- Configure the Default Site
- Create Additional Sites
- Configure a Global Catalog
- Configure Universal Group Membership
- Examine DNS and Application Directory Partitions
- Create a Connection Object
- Create Site Links
- Move Domain Controllers into Sites
- Designate a Preferred Bridgehead Server
- Configure Intersite Replication
- Configure sites and subnets.
- Configure the global catalog and application partitions.
- Configure replication.
This module explains about the technologies and tools that are available to help ensure the health and longevity of the directory service. You will explore tools that help you monitor performance in real time, and you will learn to log performance over time so that you can keep an eye on performance trends in order to spot potential problems.
- Monitor Active Directory
- Manage the Active Directory Database
- Active Directory Recycle Bin
- Back Up and Restore AD DS and Domain Controllers
- Monitor Real-Time Performance Using Task Manager and Resource Monitor
- Use Reliability Monitor and Event Viewer to Identify Performance-Related Events
- Monitor Events on Remote Computers with Event Subscriptions
- Attach Tasks to Event Logs and Events
- Monitor AD DS with Performance Monitor
- Work with Data Collector Sets
- Perform Database Maintenance
- Work with Snapshots and Recovering a Deleted User
- Enable Active Directory Recycle Bin
- Restore Deleted Objects with Active Directory Recycle Bin
- Back Up Active Directory
- Restore Active Directory and a Deleted OU
- Monitor Active Directory.
- Manage the Active Directory database.
- Describe the purpose of the Active Directory Recycle Bin.
- Back up and restore AD DS and domain controllers.
This module explains how to raise the domain and forest functionality levels within your environment, how to design the optimal AD DS infrastructure for your enterprise, how to migrate objects between domains and forests, and how to enable authentication and resources access across multiple domains and forests.
- Configure Domain and Forest Functional Levels
- Manage Multiple Domains and Trust Relationships
- Move Objects between Domains and Forests
- Configure Functional Levels and DNS
- Create a Trust Relationship
- Validate a Trust Relationship
- Assign Permissions to Trusted Identities
- Implement Selective Authentication
- Configure domain and forest functional levels.
- Manage multiple domains and trust relationships.
- Move objects between domains and forests.
- Prerequisites & Certificates
Before attending this course, students must have: - Basic understanding of networking - Intermediate understanding of network operating systems - An awareness of security best practices - Basic knowledge of server hardware - Some experience creating objects in Active Directory - Basic concepts of backup and recovery in a Windows Server environment
Certificate of Completion
- Cancellation Policy
Cancellations or postponements received more than ten business days prior to the first day of the course, will be subject to a 15% administration fee, and course ware fees where applicable. The cost of the course is payable, in full, for any cancellations or postponements received within ten business days, or less, prior to the first day of the course.
- Map & Reviews
TekSource Corporate Learning
[ View Provider's Profile ]
ReviewsHere are some reviews of the training vendor.
This course has not yet been rated by one of our members.
If you have taken a course through this vendor please log into your account and leave feedback for this vendor. You will be helping ensure our members get directed to the best training facilities.
This course currently does not have any dates scheduled. Please call 1-877-313-8881 to enquire about future dates or scheduling a private, in house course for your team.
This page has been viewed 257 times.