Course Introduction 4m
Course Introduction
Chapter 01 – Installing the Active Directory Role 1h 23m
Lesson 1: What is IDA?
What is Active Directory Identity and Access (IDA)
Five Components of the IDA Platform
What Windows 2008 Server Offers Beyond the IDA
Lesson 2: How to Install the AD DS Role
What are the Different Components?
Preparation Checklist for Creating a Windows Server 2008 Forest
How to Add the Directory Service Role
Demo – Creating a Windows Server 2008 Forest
Lesson 3: The New Windows 2008 Server Core
Understanding Server Core
Lesson 4: Installing AD DS Server Core
Installing Server Core
Demo – Installing a Server Core Domain Controller
Chapter 01 Review
Chapter 02 – Working With Active Directory Objects 2h 30m
Lesson 1: Working with the MMC
Understanding the MMC
How to Use the Microsoft Management Console (MMC)
Customize the MMC with Snap-ins
Learn How to Use the Alternate Login Credentials
Demo – Custom MMC
Lesson 2: Working with Objects in Active Directory
Creating an OU
Creating a User Object
Creating a Group Object
Lesson 3: How to Search Through Active Directory
How to Find Objects in Active Directory
Introducing LDAP
Demo – Using Active Directory
Lesson 4: Securing and Delegating AD Objects
Understanding Delegation
What are User Rights?
Using the Delegation of Control Wizard
Demo – Delegation
Lesson 5: Adding Computer Accounts to AD
Understanding Workgroups, Domains, and Trusts
Identifying Requirements for Joining a Computer to the Domain
Offline Domain Join
Lesson 6: Organizing AD with Container Objects
Understanding Containers
Creating OUs for Computers
Adding a Computer to the Domain
Restricting the Ability of Users to Create Computers
Demo – Joining the Domain
Lesson 7: Working With Computer Objects and Accounts
Configuring Computer Properties
Moving a Computer
Managing a Computer with the AD Users and Computers
Recognizing a Computer Account Problem
How to Reset a Computer Account
How to Rename a Computer
Ways to Disable/Enable Computer Accounts
How to Delete a Computer Account
Recycling the Computer Account
Demo – Recycling the Computer Account
Lesson 8: Automating Computer Account Creation
Importing Computers with CSVDE
Importing Computers with LDIFDE
Creating Computers with DSadd
Creating Computers with Netdom
Windows PowerShell
Creating Computers with VBScript
Demo – Automating Computer Creation
Chapter 02 Review
Chapter 03 – Understanding GPOs 2h 18m
Lesson 1: Using Group Policy
Review of Group Policy
Lesson 2: What Are Group Policy Objects
Group Policy Objects
Scope
Policy Settings
Filtering Administrative Template Policy Settings
Demo – Group Policy
Lesson 3: Restricted Group Policies
Understanding Restricted Groups Policies
Demo – Restricted Groups
Lesson 4: Analyzing Security Settings
How to Configure the Local Security Policy
Using Security Templates and Deploying the GPOs
Analyzing the Security Configuration of a Computer
Creating Security Templates from the Results
Lesson 5: Using The Security Configuration Wizard
The Security Configuration Wizard
Security Policy
Demo – SCW
Lesson 6: Deploying Software with Group Policy
Understanding GP Software Installation
Windows Installer Programs
Preparing an SDP
Creating a Software Deployment GPO
Managing the Scope of Software Deployment GPO
Demo – Software Deployment
Lesson 7: Understanding Group Policy Scope
GPO Links
What is Inheritance and Precedence?
Security Filtering to Modify GPO Scope
WMI Filters
Enabling or Disabling GPOs and GPO Nodes
Lesson 8: How Group Policy Settings are Processed
Group Policy Processing
Group Policy Options
Demo – Group Policy Scope
Lesson 9: Verifying Group Policy Settings
Resultant Set of Policy
GP Results Wizard
GPresult.exe
Group Policy Modeling Wizard
Demo – Verifying Group Policy
Lesson 10: Enabling Auditing
Audit Policy
How to Audit Access to Files and Folders
Global Access Auditing
“Reason for Access” Reporting
Enabling the Audit Policy
Demo – Auditing
Chapter 03 Review
Chapter 04 – Managing Users and Groups with AD 2h 19m
Lesson 1: Automating User Account Creation
Automating the Creation of User Accounts with Templates
Introduction to the Active Directory Command-Line Tools
Demo – Automating User Accounts
Lesson 2: Working with User Attributes
How to Manage User Attributes
Understanding the Name and Other User Attributes
Account Properties
Managing User Attributes without the GUI
Lesson 3: User Account Administrative Tasks
Administrative Tasks
Protected Admin
Demo – Supporting User Accounts
Lesson 4: Using PowerShell to Create User Accounts
What is Windows PowerShell?
Key Elements of PowerShell
User Creation with PowerShell
PowerShell Scripting
Demo – Creating Users with PowerShell
Lesson 5: Group Creation and Management
Managing Your Enterprise with Groups
Defining Group Naming Conventions
Lesson 6: The Basics of Groups
Understanding Groups
What’s a Group Scope?
Allowed Group Scope Conversions
Managing Group Membership
Using Groups for Permissions
AGDLP and AGGUDLP Illustrated
Local vs. Domain
Demo – Managing Groups
Lesson 7: Best Practices for Using AD Groups
Best Practices for Group Attributes
Default Windows Groups
Lesson 8: Automating Group Creation
Creating and Managing Groups
Managing Group Membership with Windows PowerShell and VBScript
Demo – Automating Creation of Groups
Lesson 9: Advanced Group Options
Protecting Groups from Accidental Deletion
Delegating the Management of Group Membership
What are Shadow Groups?
Special Groups
Demo – Administering Groups
Chapter 04 Review
Chapter 05 – Working With Domain Controllers 46m
Lesson 1: Installation Options
Creating a New Forest
Creating a New Tree
Migrating a Domain
Deleting a Domain
Lesson 2: How to Install a Domain Controller
Installing a DC with the Windows GUI
Using Unattended Installation and Answer Files
Installation Options
Lesson 3: Introducing the Operations Masters
Single Master Operations
Forest Wide Roles
Domain-Wide Roles
Lesson 4: Designing Where to Deploy the Operation Masters
Where to Place These Operations Masters
Identifying the Operations Masters
Transferring Operations Master Roles
Seizing Operations Masters
How to Seize or Transfer Operation Master Roles
Extending the Schema
Demo – FSMO
Lesson 5: SYSVOL Replication with DFS
How to Raise the Domain Functional Level
Understanding the Migration Steps
Chapter 05 Review
Chapter 06 – Adding DNS 59m
Lesson 1: DNS Basics
Overview
DNS and IPv6
Peer Name Resolution Protocol
Types of DNS Servers
Dynamic DNS
Secure Dynamic DNS (SDDNS)
The Split Brain Option
Lesson 2: DNS Definitions and Terms
Understanding DNS
DNS Terms
Types of Records
Windows Server DNS Features
Demo – DNS
Lesson 3: Setting up DNS for the Enterprise
Configuring DNS
Considerations for Security
Working with DNS Server Settings
Application Directory Partitions
Administering DNS Servers
Demo – Global Names
Chapter 06 Review
Chapter 07 – Securing the Authentication Process 40m
Lesson 1: Password Security Policies
Understanding Password Policies
Understanding Password Settings Object
Demo – Passwords
Lesson 2: Introducing the Read-Only Domain Controller
Why RODC
RODC Options
Lesson 3: Installing the RODC
Deploying an RODC
Password Replication Policy
Lesson 4: Auditing Authentication Events
Account Logon Events
Configuring Authentication-Related Audit Polices
Demo – Account Logging
Chapter 07 Review
Chapter 08 – Monitoring and Supporting AD 58m
Lesson 1: Preparing for Recovery
Important Concepts
Twelve Categories of AD DS Administration
Lesson 2: Active Directory Tools
Tools
Performing Online/Offline Maintenance
Offline Maintenance
Built-in Directory Protection Measures
Backups
Proactive Restores
Restarting in DSRM
Identifying the Backup Set
Other Options
Backup/Restore GPOs
Using the AD Recycle Bin
Lesson 3: Monitoring Active Directory Performance
Managing System Resources
Task Manager
Event Viewer
WRPM
WSRM
Server Manager
PowerShell
Baselines
Demo – Performance Monitor
Chapter 08 Review
Chapter 09 – Planning Active Directory Deployment 2h 2m
Lesson 1: What Are Sites?
Understanding What a Site Is
Site Traffic
Planning Sites
Controlling Replication
Site Links
Bridgehead Server
Replication Scheduling
Replication Protocols
Forcing Intersite Replication
Summarizing Site Planning
Lesson 2: Deciding on Site Boundaries
Defining Sites
Managing Domain Controllers in Sites
SRVs
Site Coverage
Demo – Sites and Subnets
Lesson 3: Working with Global Catalog Placement with AD Partitions
Reviewing AD Partitions
Understanding the Global Catalog
Placing GC Servers
What’s Found in the Global Catalog
Universal Group Membership Caching (UGMC)
Partial Attribute Set
Promoting a Domain Controller to a Global Catalog
Lesson 4: Controlling Replication Between Sites
Understanding AD Replication
Replication
Intersite Replication
Monitoring Replication
Lesson 5: Managing the Global Catalog
Configuring a Global Catalog
Understanding Application Directory Partitions
Lesson 6: Configuring AD Trust Relationships
Defining the Forest Infrastructure
Moving Objects
Migration Issues
Trust Relationships
Securing Trust Relationships
Demo – Trusts
Lesson 7: Choosing the Domain and Forest Functional Levels
Functional Levels
Domain Functional Levels
Forest Functional Levels
Chapter 09 Review
Chapter 10 – IDA Solutions 1h 6m
Lesson 1: Understanding AD FS
Understanding AD FS
B2B
Support of AD FS
The AD FS Process
Working with FS Designs
AD FS Components
Lesson 2: Installing AD FS
Installing AD FS
Lesson 3: Configuring and Using AD FS
Finalizing the Configuration of AD FS
Using and Managing AD FS
Lesson 4: Understanding AD RMS
Understanding AD RMS
New AD RMS Features
Basic Concepts
AD RMS Installation Scenarios
Preparing AD RMS Installation Prerequisites
Lesson 5: Installing AD RMS
AD RMS Considerations
Understanding AD RMS Certificates
Lesson 6: Configuring and Using AD RMS
Configuring AD RMS
Lesson 7: Understanding AD LDS
What is AD LDS?
Comparing LDS with DS
AD LDS Scenarios
Lesson 8: Installing AD LDS
Installing AD LDS
Demo – Installing AD LDS
Lesson 9: Configuring and Using AD LDS
Working with AD LDS Tools
Creating an LDS Instance
Other Options
Lesson 10: Security Review
Review
Chapter 10 Review
Chapter 11 – Active Directory Certificate Services 43m
Lesson 1: Understanding AD CS
Understanding AD CS
CA Options
Creating the CA Hierarchy
Some Best Practices
Additional Planning Requirements
Certificate Enrollment Types
Network Device Enrollment Service (NDES)
AutoEnrollment
Configuring AutoEnrollment
Web Enrollment
Authentication Mechanism Assurance
Enrollment Agents
Deploying Multi-Forest Certificates
X.509 Certificate Mapping
AD CS Illustration
Lesson 2: Installing AD CS
Installing AD CS
Supported Deployments
Standalone Root & Subordinate
Enterprise Root & Subordinate
Lesson 3: Configuring and Using AD CS
Finalizing the Configuration of an Issuing CA
More about the CRL
Considerations for the Use and Management of AD CS
More on Certificate Templates
Types of Templates
Chapter 11 Review
Course Closure
Total Duration: 15hrs 47m