MS6425B: Configuring and Troubleshooting Windows Server 2008 Active Directory Domain Services

Level
Total time

MS6425B: Configuring and Troubleshooting Windows Server 2008 Active Directory Domain Services

Indicia Training
Logo Indicia Training

Need more information? Get more details on the site of the provider.

Starting dates and places

There are no known starting dates for this product.

Description

MS6425B: Configuring and Troubleshooting Windows Server 2008 Active Directory Domain Services

Duration

5 days

Course Overview

This five-day instructor-led course provides to teach Active Directory Technology Specialists with the knowledge and skills to configure Active Directory Domain Services in a distributed environment, implement Group Policies, perform backup and restore, and monitor and troubleshoot Active Directory related issues.

Target Audience

The primary audience for this course are AD Technology Specialists, Server Administrators, and Enterprise Administrators who want to learn how to implement AD in a distributed environment, secure domains using Group Policies, and perfor…

Read the complete description

Frequently asked questions

There are no frequently asked questions yet. If you have any more questions or need help, contact our customer service.

MS6425B: Configuring and Troubleshooting Windows Server 2008 Active Directory Domain Services

Duration

5 days

Course Overview

This five-day instructor-led course provides to teach Active Directory Technology Specialists with the knowledge and skills to configure Active Directory Domain Services in a distributed environment, implement Group Policies, perform backup and restore, and monitor and troubleshoot Active Directory related issues.

Target Audience

The primary audience for this course are AD Technology Specialists, Server Administrators, and Enterprise Administrators who want to learn how to implement AD in a distributed environment, secure domains using Group Policies, and perform backup, restore, and monitor and troubleshoot AD configuration to ensure trouble free operation.

Course Objectives

After completing this course, students will be able to implement and configure Active Directory domain services in their enterprise environment.

Prerequisites

Before attending this course, students must have:
• Basic understanding of networking.

Intermediate understanding of network operating systems.
• An awareness of security best practices.
• Basic knowledge of server hardware.
• Some experience creating objects in Active Directory.
• Foundation course (6424) or equivalent knowledge.
• Basic concepts of backup and recovery in a Windows Server Environment.
Course Content

Module 1: Introducing Active Directory Domain Services (AD DS)
This module explains how to install and configure Active Directory Domain Services and install and configure a read-only domain controller.

Lessons

Introducing Active Directory, Identity, and access
• Active Directory Components and Concepts
• Install Active Directory Domain Services
• Extend IDA with Active Directory Services
Lab: Install an AD DS DC to Create a Single Domain Forest
Exercise 1: Perform Post-Installation Configuration Tasks
Exercise 2: Install a New Windows Server 2008 Forest with the Windows Interface
After completing this module, students will be able to:

Position the strategic role a directory service in an enterprise in relation to identity and access.
• Explain authentication and authorization processes.
• Identify the major components of ADDS.
• Understand the requirements for installing a domain controller to create a new forest
• Identify the roles of and relationships between ADDS, ADLDS, ADRMS, ADFS, and ADCS
Module 2: Secure and Efficient Administration of Active Directory
This module explains how to work securely and efficiently in Active Directory.

Lessons

Work with Active Directory Snap-ins
• Custom Consoles and Least Privilege
• Find Objects in Active Directory
• Use DS Commands to Administer Active Directory
Lab: Create and Run a Custom Administrative Console
Exercise 1: Perform Basic Administrative Tasks Using the Active Directory Users and Computers Snap-in
Exercise 2: Create a Custom Active Directory Administrative Console
Exercise 3: Perform Administrative Tasks with Least Privilege, Run as Administrator and User Account Control
Exercise 4: (Advanced Optional) Advanced MMC Customization and Remote Administration
Lab: Find Objects in Active Directory
Exercise 1: Finding Objects in Active Directory
Exercise 2: Using Saved Queries
Exercise 3: (Advanced Optional) Explore Saved Queries
Lab: Use DS Commands to Administer Active Directory
Exercise 1: Use DS Commands to Administer Active Directory
After completing this module, students will be able to:

Install, locate, and describe the snap-ins used to administer AD DS
• Perform basic administrative tasks with the Active Directory Users and Computers snap-in
• Create a custom MMC console for administration
• Perform administrative tasks while logged on as a user
• Control the view of objects in the Active Directory Users and Computers snap-in
• Locate objects in Active Directory
• Work with saved queries
• Identify the distinguished name (DN), relative distinguished name (RDN), and common name (CN) of an Active Directory object
• Use the DS commands to administer Active Directory from the command line
Module 3: Manage Users
This module explains how to manage and support user accounts in Active Directory.

Lessons

Create and Administer User Accounts
• Configure User Object Attributes
• Automate User Account Creation
Lab: Create and Administer User Accounts
Exercise 1: Create User Accounts
Exercise 2: Administer User Accounts
Exercise 3: (Advanced Optional) Explore User Account Name Attributes
Lab: Configure User Object Attributes
Exercise 1: Examine User Object Attirbutes
Exercise 2: Manage User Object Attributes
Exercise 3: Create Users from a Template
Exercise 4: (Advanced Optional) Create Users with a Batch File
Lab: Automate User Account Creation
Exercise 1: Export and Import Users with CSVDE
Exercise 2: Import Users with LDIFDE
After completing this module, students will be able to:

Create and configure the account-related properties of a user object
• Identify the purpose and requirements of user account attributes
• Perform common administrative tasks to support user accounts including password reset and account unlock
• Enable and disable user accounts
• Delete, move and rename user accounts
• View and modify hidden attributes of user objects
• Identify the purpose and requirements of user object attributes
• Create users from user account templates
• Modify attributes of multiple users simultaneously
• Export user attributes with CSVDE
• Import users with CSVDE
• Import users with LDIFDE
Module 4: Manage Groups
This module explains how to create, modify, delete, and support group objects in Active Directory.

Lessons

Manage an Enterprise with Groups
• Administer Groups
• Best Practices for Group Management
Lab: Administer Groups
Exercise 1: Implement Role-Based Management Using Groups
Exercise 2: Manage Group Membership from the Command Line
Exercise 3: (Advanced Optional) Explore Group Membership Reporting Tools
Exercise 4: (Advanced Optional) Understand “Account Unknown” Permissions
Lab: Best Practices for Group Management
Exercise 1: Implement Best Practices for Group Management
After completing this module, students will be able to:

Understand the role of groups in managing an enterprise
• Create well-documented, secure, delegated groups
• Understand group types, scope, and nesting
• Understand the best practice for group nesting to achieve role-based management
• Create, delete and manage groups with DSCommands, CSVDE and LDIFDE
• Enumerate and copy group membership
• Understand Default (Built In) groups
• Understand Special Identities
Module 5: Support Computer Accounts
This module explains how to create and configure computer accounts.

Lessons

Create Computers and Join the Domain
• Administer Computer Objects and Accounts
Lab: Create Computers and Join the Domain
Exercise 1: Join a Computer to the Domain with the Windows Interface
Exercise 2: Securing Computer Joins
Exercise 3: Managing Computer Account Creation with Best Practices
Lab: Administer Computer Objects and Accounts
Exercise 1: Administer Computer Objects through their Lifecycle
Exercise 2: Administer and Troubleshoot Computer Accounts
After completing this module, students will be able to:

Understand the relationship between a domain member and the domain in terms of identity and access
• Identify the requirements for joining a computer to the domain
• Implement best practice processes for computer joins
• Secure AD DS to prevent the creation of unmanaged computer accounts
• Manage computer objects and their attributes using the Windows Interface and command line tools
• Administer computer accounts through their lifecycle
Module 6: Implement a Group Policy Infrastructure
This module explains what Group Policy is, how it works, and how best to implement Group Policy in your organization.

Lessons

Understand Group Policy
• Implement a Group Policy
• Explore Group Policy Settings and Features
• Manage Group Policy Scope
• Group Policy Processing
• Troubleshoot Policy Application
Lab: Implement Group Policy
• Create, Edit and Link GPOs
Lab: Explore Group Policy Settings and Features
Exercise 1: Use Filtering and Commenting
Exercise 2: Mange Administrative Templates
Lab: Manage Group Policy Scope
Exercise 1: Configure GPO Scope with Links
Exercise 2: Configure GPO Scope with Filtering
Exercise 3: Configure Loopback Processing
Lab: Troubleshoot Policy Application
Exercise 1: Perform RSoP Analysis
Exercise 2: using the Group Policy Results Wizard
Exercise 3: View Policy Events
After completing this module, students will be able to:

Identify the business drivers for configuration management
• Understand the components and technologies that comprise the Group Policy framework
• Manage Group Policy objects
• Configure and understand a variety of policy setting types
• Scope GPOs using links, security group, WMI filters, loopback processing, and Preference targeting
• Explain GPO storage, replication, and versioning
• Administer a Group Policy infrastructure
• Evaluate GPO inheritance, precedence, and Resultant Set of Policy (RSoP)
• Locate the event logs containing Group Policy related events
Module 7: Manage Enterprise Security and Configuration with Group Policy Settings
This module explains how to manage security and software installation and how to audit files and folders.

Lessons

Delegate the Support of Computers
• Manage Security Settings
• Manage software with GPSI
• Auditing
Lab: Delegate the Support of Computers
Exercise 1: Configure the Membership of Administrators Using Restricted Groups Policies
Lab: Manage Security Settings
Exercise 1: Manage Local Security Settings
Exercise 2: Create a Security Template
Exercise 3: Use Security Configuration and Analysis
Exercise 4: Use the Security Configuration Wizard
Lab: Manage Software with GPSI
Exercise 1: Deploy Software with GPSI
Exercise 2: Upgrade Applications with GPSI
Lab: Audit File System Access
Exercise 1: Configure Permissions and Audit Settings
Exercise 2: Configure Audit Policy
Exercise 3: Examine Audit Events
After completing this module, students will be able to:

Delegate the administration of computers
• Use Restricted Groups policies to modify or enforce the membership of groups
• Use Group Policy Preferences to modify the membership of groups
• Configure security settings using the Local Security policy
• Create and apply security templates to manage security configuration
• Analyze security configuration based on security templates
• Create, edit, and apply security policies using the Security Configuration Wizard
• Deploy security configuration with Group Policy
• Deploy software using GPSI
• Remove software originally installed with GPSI
Module 8: Secure Administration
This module explains how to administer Active Directory Domain Services Securely.

Lessons

Delegate Administrative Permissions
• Audit Active Directory Changes
Lab: Delegate Administration
Exercise 1: Delegate Permission to create and support User Accounts
Exercise 2: View Delegated Permissions
Exercise 3: Remove and Reset Permissions
Lab: Audit Active Directory Changes
Exercise 1: Audit Changes to Active Directory using Default Audit Policy
Exercise 2: Audit Changes to Active Directory using Directory Service Changes auditing
After completing this module, students will be able to:

Describe the business purpose of delegation.
• Assign permissions to Active Directory objects using the security editor user interfaces and the Delegation of Control Wizard.
• View and report permissions on Active Directory objects by using user interface and command line tools.
• Reset the permissions on an object to its default.
• Describe the relationship between delegation and OU design.
• Configure Directory Service Changes auditing
• Specify auditing settings on Active Directory objects
• Identify event log entries created by Directory Access auditing and Directory Service Changes auditing
Module 9: Improve the Security of Authentication in an Active Directory Domain Services (AD DS) Domain
This module explains the domain-side components of authentication, including the policies that specify password requirements and the auditing of authentication-related activities.

Lessons

Configure Password and Lockout Policies
• Audit Authentication
• Configure Read-Only Domain Controllers
Lab: Configure Password and Account Lockout Policies
Exercise 1: Configure the Domain’s Password and Lockout Policies.
Exercise 2: Configure Fine-Grained Password Policy
Lab: Audit Authentication
Exercise 1: Audit Authentication
Lab: Configure Read-Only Domain Controllers
Exercise 1: Install RODC
Exercise 2: Configure Password Replication Policy
Exercise 3: Manage Credential Caching
After completing this module, students will be able to:

Implement your domain password and account lockout policy
• Configure and assign fine-grained password policies
• Configure auditing of authentication-related activity
• Distinguish between account logon and logon events
• Identify authentication-related events in the Security log
• Identify the business requirements for RODCs
• Install an RODC
• Configure password replication policy
• Monitor the caching of credentials on an RODC
Module 10: Configure Domain Name System (DNS)
This module explains how to implement DNS to support name resolution both within your AD DS domain and outside your domain and your intranet.

Lessons

Review DNS Concepts, Components, and Processes
• Install and Configure DNS Server in an AD DS Domain
• AD DS,DNS, and Windows
• Advanced DNS Configuration and Administration
Lab: Installing the DNS Service
Exercise 1: Add the DNS Server Role
Exercise 2: Configure Forward Lookup Zones and Resource Records
Lab: Advanced Configuration of DNS
Exercise 1: Enable Scavenging of DNS Zones
Exercise 2: Create Reverse Lookup Zones
Exercise 3: Explore Domain Controller Location
Exercise 4: Configure Name Resolution for External Domains
After completing this module, students will be able to:

Understand the structure role, structure and functionality of the domain name system (DNS)
• Describe client and server name resolution processes
• Install DNS
• Manage DNS records
• Configure DNS server settings
• Understand the integration between AD DS and DNS
• Choose a DNS domain for an Active Directory domain
• Create a zone delegation for a new Active Directory domain
• Configure replication for Active Directory integrated zones
• Describe the purpose of SRV records in the domain controller location process
• Understand read-only DNS servers
• Understand and configure single-label name resolution
• Configure advanced DNS server settings
• Audit, maintain, and troubleshoot the DNS server role
Module 11: Administer Active Directory Domain Services (AD DS) Domain Controllers
This module explains how to add Windows Server 2008 domain controllers to a forest or domain, how to prepare a Microsoft Windows Server 2003 forest or domain for its first Windows Server 2008 DC, how to manage the roles performed by DCs, and how to migrate the replication of SYSVOL from the File Replication Service (FRS) used in previous versions of Windows to the Distributed File System Replication (DFS-R) mechanism that provides more robust and manageable replication.

Lessons

Domain Controller Installation Options
• Install a Server Core DC
• Manage Operations Masters
• Configure DFS Replication of SYSVOL
Lab: Install Domain Controllers
Exercise 1: Create an Additional DC with the Active Directory Domain Services Installation Wizard.
Exercise 2: Add ad Domain Controller from the Command Line
Exercise 3: Remove a Domain Controller
Exercise 4: Create a Domain Controller from Installation Media
Lab: Install a Server Core DC
Exercise 1: Perform Post-Installation Configuration on Server Core
Exercise 2: Create a Domain Controller with Server Core
Lab: Transfer Operations Master Roles
Exercise 1: Identify Operations Masters.
Exercise 2: Transfer Operations Master Roles
Lab: Configure DFS-R Replication of SYSVOL
Exercise 1: Observe the Replication of SYSVOL
Exercise 2: Prepare to Migrate to DFS-R
Exercise 3: Migrate SYSVOL Replication to DFS-R
Exercise 4: Verify DFS-R Replicaton of SYSVOL
After completing this module, students will be able to:

Install a standard or read-only domain controller into new or existing domains or trees
• Add and remove domain controllers using a variety of GUI or command-line methods
• Configure a domain controller on Server Core
• Understand and identify operations master roles
• Manage the placement, transfer, and seizure of operations master roles
• Migrate SYSVOL replication from FRS to DFS-R
Module 12: Manage Sites and Active Directory Replication
This module explains how to create a distributed directory service that supports domain controllers in portions of your network that are separated by expensive, slow, or unreliable links.

Lessons

Configure Sites and Subnets
• Configure the Global Catalog and Application Partitions
• Configure Replication
Lab: Configure Sites and Subnets
Exercise 1: Configure the Default Site
Exercise 2: Create Additional Sites
Lab: Configure the Global Catalog and Application Partitions
Exercise 1: Configure a Global Catalog
Exercise 2: Configure Universal Group Membership
Exercise 3: Examine DNS and Application Directory Partitions
Lab: Configure Replication
Exercise 1: Create a Connection Object
Exercise 2: Create Site Links
Exercise 3: Move Domain Controllers into Sites
Exercise 4: Designate a Preferred Bridgehead Server
Exercise 5: Configure Intersite Replication
After completing this module, students will be able to:

Configure sites and subnets
• Understand domain controller location and manage domain controllers in sites
• Configure replication of the partial attribute set to global catalog servers
• Implement universal group membership caching
• Understand the role of application directory partitions
• Configure replication topology with connection objects, bridgehead servers, site links, and site link bridges
• Report, analyze, and troubleshoot replication with repadmin.exe and dcdiag.exe
Module 13: Directory Service Continuity
This module explains about the technologies and tools that are available to help ensure the health and longevity of the directory service. You will explore tools that help you monitor performance in real time, and you will learn to log performance over time so that you can keep an eye on performance trends in order to spot potential problems.

Lessons

Monitor Active Directory
• Manage the Active Directory Database
• Back Up and Restore AD DS and Domain Controllers
Lab: Monitor Active Directory
Exercise 1: Monitor Real-Time Performance Using Task Manager and Resource Monitor
Exercise 2: Use Reliability Monitor and Event Viewer to Identify Performance-Related Events
Exercise 3: Monitor Events on Remote Computers with Event Subscriptions
Exercise 4: Attach Tasks to Event Logs and Events
Exercise 5: Monitor AD DS with Performance Monitor
Exercise 6: Work with Data Collector Sets
Lab: Manage the Active Directory Database
Exercise 1: Perform Database Maintenance
Exercise 2: Work with Snapshots and Recovering a Deleted User
Lab: Backup and Restore Active Directory
Exercise 1: Back up Active Directory
Exercise 2: Restore Active Directory and a Deleted OU
After completing this module, students will be able to:

Monitor real-time performance and events with Task Manager, Event Viewer, and Windows Reliability and Performance Monitor
• Leverage new features of Event Viewer in Windows Server 2008, including custom views and event subscriptions
• Monitor real-time and logged performance with Performance Monitor, data collection sets, and reports
• Identify sources of performance and event information for AD DS domain controllers
• Create alerts based on events and performance metrics
• Maintain and optimize the Active Directory database
• Backup and restore AD DS and domain controllers
• Recover deleted objects and attributes
Module 14: Manage Multiple Domains and Forests
This module explains how to raise the domain and forest functionality levels within your environment, how to design the optimal AD DS infrastructure for your enterprise, how to migrate objects between domains and forests, and how to enable authentication and resources access across multiple domains and forests.

Lessons

Configure Domain and Forest Functional Levels
• Manage Multiple Domains and Trust Relationships
Lab: Raise Domain and Forest Functional Levels
Exercise 1: Raise the Domain Functional Level to Windows Server 2003.
Exercise 2: Raise the Forest Functional Level to Windows Server 2003
Exercise 3: Raise the Domain Functional Level to Windows Server 2008
Lab: Administer a Trust Relationships
Exercise 1: Configure DNS
Exercise 2: Create a Trust Relationship
Exercise 3: Validate a Trust Relationship
Exercise 4: Assign Permission to Trusted Identities
Exercise 5: Implement Selective Authentication
After completing this module, students will be able to:

Understand domain and forest functional levels
• Raise domain and forest functional levels
• Identify capabilities added by each functional level
• Design an effective domain and tree structure for AD DS
• Identify the role of the Active Directory Migration Tool, and the issues related to object migration and domain restructure
• Understand trust relationships
• Configure, administer, and secure trust relationships

There are no reviews yet.

Share your review

Do you have experience with this course? Submit your review and help other people make the right choice. As a thank you for your effort we will donate £1.- to Stichting Edukans.

There are no frequently asked questions yet. If you have any more questions or need help, contact our customer service.