Course Description
Course Overview
This five-day instructor-led course provides to teach Active Directory Technology Specialists with the knowledge and skills to configure Active Directory Domain Services in a distributed environment, implement Group Policies, perform backup and restore, and monitor and troubleshoot Active Directory related issues.
Target Audience
The primary audience for this course are AD Technology Specialists, Server Administrators, and Enterprise Administrators who want to learn how to implement AD in a distributed environment, secure domains using Group Policies, and perform backup, restore, and monitor and troubleshoot AD configuration to ensure trouble free operation.
Upon Course Completion
After completing this course, students will be able to implement and configure Active Directory domain services in their enterprise environment.
Course Outline
Module 1: Introducing Active Directory Domain Services (AD DS)
This module explains how to install and configure Active Directory Domain Services and install and configure a read-only domain controller.
Lessons
- Introducing Active Directory, Identity, and access
- Active Directory Components and Concepts
- Install Active Directory Domain Services
- Extend IDA with Active Directory Services
Lab : Install an AD DS DC to Create a Single Domain Forest
- Perform Post-Installation Configuration Tasks
- Install a New Windows Server 2008 Forest with the Windows Interface
After completing this module, students will be able to:
- Position the strategic role a directory service in an enterprise in relation to identity and access.
- Explain authentication and authorization processes.
- Identify the major components of ADDS.
- Understand the requirements for installing a domain controller to create a new forest
- Identify the roles of and relationships between ADDS, ADLDS, ADRMS, ADFS, and ADCS
Module 2: Secure and Efficient Administration of Active Directory
This module explains how to work securely and efficiently in Active Directory.
Lessons
- Work with Active Directory Snap-ins
- Custom Consoles and Least Privilege
- Find Objects in Active Directory
- Use DS Commands to Administer Active Directory
Lab : Create and Run a Custom Administrative Console Perform Basic Administrative Tasks Using the Active Directory Users and Computers Snap-in
- Create a Custom Active Directory Administrative Console
- Perform Administrative Tasks with Least Privilege, Run as Administrator and User Account Control
- (Advanced Optional) Advanced MMC Customization and Remote Administration
Lab : Find Objects in Active Directory
- Finding Objects in Active Directory
- Using Saved Queries
- (Advanced Optional) Explore Saved Queries
Lab : Use DS Commands to Administer Active Directory
- Use DS Commands to Administer Active Directory
After completing this module, students will be able to:
- Install, locate, and describe the snap-ins used to administer AD DS
- Perform basic administrative tasks with the Active Directory Users and Computers snap-in
- Create a custom MMC console for administration
- Perform administrative tasks while logged on as a user
- Control the view of objects in the Active Directory Users and Computers snap-in
- Locate objects in Active Directory
- Work with saved queries
- Identify the distinguished name (DN), relative distinguished name (RDN), and common name (CN) of an Active Directory object
- Use the DS commands to administer Active Directory from the command line
Module 3: Manage Users
This module explains how to manage and support user accounts in Active Directory.
Lessons
- Create and Administer User Accounts
- Configure User Object Attributes
- Automate User Account Creation
Lab : Create and Administer User Accounts
- Create User Accounts
- Administer User Accounts
- (Advanced Optional) Explore User Account Name Attributes
Lab : Configure User Object Attributes
- Examine User Object Attirbutes
- Manage User Object Attributes
- Create Users from a Template
- (Advanced Optional) Create Users with a Batch File
Lab : Automate User Account Creation
- Export and Import Users with CSVDE
- Import Users with LDIFDE
After completing this module, students will be able to:
- Create and configure the account-related properties of a user object
- Identify the purpose and requirements of user account attributes
- Perform common administrative tasks to support user accounts including password reset and account unlock
- Enable and disable user accounts
- Delete, move and rename user accounts
- View and modify hidden attributes of user objects
- Identify the purpose and requirements of user object attributes
- Create users from user account templates
- Modify attributes of multiple users simultaneously
- Export user attributes with CSVDE
- Import users with CSVDE
- Import users with LDIFDE
Module 4: Manage Groups
This module explains how to create, modify, delete, and support group objects in Active Directory.
Lessons
- Manage an Enterprise with Groups
- Administer Groups
- Best Practices for Group Management
Lab : Administer Groups
- Implement Role-Based Management Using Groups
- Manage Group Membership from the Command Line
- (Advanced Optional) Explore Group Membership Reporting Tools
- (Advanced Optional) Understand “Account Unknown” Permissions
Lab : Best Practices for Group Management
- Implement Best Practices for Group Management After completing this module, students will be able to:
- Understand the role of groups in managing an enterprise
- Create well-documented, secure, delegated groups
- Understand group types, scope, and nesting
- Understand Before attending this course, students must have:
- Basic understanding of networking.
- Intermediate understanding of network operating systems.
- An awareness of security best practices.
- Basic knowledge of server hardware.
- Some experience creating objects in Active Directory.
- Foundation course (6424) or equivalent knowledge.
- Basic concepts of backup and recovery in a Windows Server Environment.