55344 - Identity with Windows Server

Length 5 days

Modality Formations catalogue

2400 

Categories: ,

target Objectives

Install and configure domain controllers.
Manage objects in AD DS by using graphical tools and Windows PowerShell.
Implement AD DS in complex environments.
Implement and administer Active Directory Rights Management Services (AD RMS).
Implement AD DS sites, and configure and manage replication.
Implement and manage Group Policy Objects (GPOs).
Manage user settings by using GPOs.
Secure AD DS and user accounts.
Implement and manage a certificate authority (CA) hierarchy with AD CS.
Deploy and manage certificates.
Implement and administer AD FS.
Implement synchronization between AD DS and Azure AD.
Monitor, troubleshoot, and establish business continuity for AD DS services.

tablet Prerequistes

Some exposure to and experience with Active Directory concepts and technologies in Windows Server.
Experience working with and configuring Windows Server.
Experience and an understanding of core networking technologies such as IP addressing, name resolution, and Dynamic Host Configuration Protocol (DHCP)
Experience working with and an understanding basic server virtualization concepts.
An awareness of basic security best practices.
Hands-on working experience with Windows client operating systems such as Windows 10 or Windows 11.
Basic experience with the Windows PowerShell command-line interface.

check Description

This five-day instructor-led course teaches IT professionals how to deploy and configure Active Directory Domain Services (AD DS) in a distributed environment, how to implement Group Policy, how to perform backup and restore, and how to monitor and troubleshoot Active Directory - related issues with Windows Server. Additionally, this course teaches students how to deploy other Active Directory server roles, such as Active Directory Federation Services (AD FS) and Active Directory Certificate Services (AD CS).

Although this course and the associated labs are written for Windows Server 2022, the skills taught will also be backwards compatible for Server 2016 and Server 2019.

The course and labs also focus on how to administer Windows Server using not only the traditional tools such as PowerShell and Server manager, but also Windows Admin Center.

check user Audience profile

This course is primarily intended for existing IT professionals who have some AD DS knowledge and experience and who aim to develop knowledge about identity and access technologies in Windows Server. This would typically include:

•AD DS administrators who are looking to train in identity and access technologies with Windows Server 2016, Windows Server 2019 or Windows Server 2022.

•System or infrastructure administrators with general AD DS experience and knowledge who are looking to cross-train in core and advanced identity and access technologies in Windows Server 2016, Windows Server 2019 or Windows Server 2022.

Discover lesson plan

Module 1: Installing and configuring domain controllers

This module describes the features of AD DS and how to install domain controllers (DCs). It also covers the considerations for deploying DCs.

Lessons

  • Overview of AD DS
  • Overview of AD DS domain controllers
  • Deploying a domain controller
After completing this module, students will be able to:
  • Describe AD DS and its main components.
  • Describe the purpose and roles of domain controllers.
  • Describe the considerations for deploying domain controllers.

Module 2: Managing objects in AD DS

This module describes how to use various techniques to manage objects in AD DS. This includes creating and configuring user, group, and computer objects)

Lessons

  • Managing user accounts
  • Managing groups in AD DS
  • Managing computer objects in AD DS
  • Using Windows PowerShell for AD DS administration
  • Implementing and managing OUs
After completing this module, students will be able to:
  • Manage user accounts in AD DS.
  • Manage groups in AD DS.
  • Manage computer objects in AD DS.
  • Use Windows PowerShell for AD DS administration.
  • Implement and manage OUs.
  • Administer AD DS.

Module 3: Advanced AD DS infrastructure management

This module describes how to plan and implement an AD DS deployment that includes multiple domains and forests. The module provides an overview of the components in an advanced AD DS deployment, the process of implementing a distributed AD DS environment, and the procedure for configuring AD DS trusts.

Lessons

  • Overview of advanced AD DS deployments
  • Deploying a distributed AD DS environment
  • Configuring AD DS trusts
After completing this module, students will be able to:
  • Describe the components of an advanced AD DS deployment.
  • Deploy a distributed AD DS environment.
  • Configure AD DS trusts.

Module 4: Implementing and administering AD DS sites and replication

This module describes how to plan and implement an AD DS deployment that includes multiple locations. The module explains how replication works in a Windows Server AD DS environment.

Lessons

  • Overview of AD DS replication
  • Configuring AD DS sites
  • Configuring and monitoring AD DS replication
After completing this module, students will be able to:
  • Describe how AD DS replication works.
  • Configure AD DS sites to help optimize authentication and replication traffic.
  • Configure and monitor AD DS replication.

Module 5: Implementing Group Policy

This module describes how to implement a GPO infrastructure. The module provides an overview of the components and technologies that compose the Group Policy framework.

Lessons

  • Introducing Group Policy
  • Implementing and administering GPOs
  • Group Policy scope and Group Policy processing
  • Troubleshooting the application of GPOs
After completing this module, students will be able to:
  • Explain what Group Policy is.
  • Implement and administer GPOs.
  • Describe Group Policy scope and Group Policy processing.
  • Troubleshoot GPO application.

Module 6: Managing user settings with Group Policy

This module describes how to configure Group Policy settings and Group Policy preferences. This includes implementing administrative templates, configuring folder redirection and scripts, and configuring Group Policy preferences.

Lessons

  • Implementing administrative templates
  • Configuring Folder Redirection, software installation, and scripts
  • Configuring Group Policy preferences
After completing this module, students will be able to:
  • Implement administrative templates.
  • Configure Folder Redirection, software installation, and scripts.
  • Configure Group Policy preferences.

Module 7: Securing Active Directory Domain Services

This module describes how to configure domain controller security, account security, password security, and Group Managed Service Accounts (gMSA).

Lessons

  • Securing domain controllers
  • Implementing account security
  • Implementing audit authentication
  • Configuring managed service accounts
After completing this module, students will be able to:
  • Secure domain controllers.
  • Implement account security.
  • Implement audit authentication.
  • Configure managed service accounts (MSAs).

Module 8: Deploying and managing AD CS

This module describes how to implement an AD CS deployment. This includes deploying, administering, and troubleshooting CAs.

Lessons

  • Deploying CAs
  • Administering CAs
  • Troubleshooting and maintaining CAs
After completing this module, students will be able to:
  • Deploy CAs.
  • Administer CAs.
  • Troubleshoot and maintain CAs.

Module 9: Deploying and managing certificates

This module describes how to deploy and manage certificates in an AD DS environment. This involves deploying and managing certificate templates, managing certificate revocation and recovery, using certificates in a business environment, and implementing smart cards.

Lessons

  • Deploying and managing certificate templates
  • Managing certificate deployment, revocation, and recovery
  • Using certificates in a business environment
  • Implementing and managing smart cards
After completing this module, students will be able to:
  • Deploy and manage certificate templates.
  • Manage certificates deployment, revocation, and recovery.
  • Use certificates in a business environment.
  • Implement and manage smart cards

Module 10: Implementing and administering AD FS

This module describes AD FS and how to configure AD FS in a single-organization scenario and in a partner-organization scenario.

Lessons

  • Overview of AD FS
  • AD FS requirements and planning
  • Deploying and configuring AD FS
  • Web Application Proxy Overview
After completing this module, students will be able to:
  • Describe AD FS.
  • Explain how to deploy AD FS.
  • Explain how to implement AD FS for a single organization.
  • Explain how to extend AD FS to external clients.
  • Implement single sign-on (SSO) to support online services.

Module 11: Implementing and administering AD RMS

This module describes how to implement an AD RMS deployment. The module provides an overview of AD RMS, explains how to deploy and manage an AD RMS infrastructure, and explains how to configure AD RMS content protection.

Lessons

  • Overview of AD RMS
  • Deploying and managing an AD RMS infrastructure
  • Configuring AD RMS content protection
After completing this module, students will be able to:
  • Describe AD RMS.
  • Deploy and manage an AD RMS infrastructure.
  • Configure AD RMS content protection.

Module 12: Implementing AD DS synchronization with Microsoft Azure AD

This module describes how to plan and configure directory syncing between Microsoft Azure Active Directory (Azure AD) and on-premises AD DS. The modules describes various sync scenarios, such as Azure AD sync, AD FS and Azure AD, and Azure AD Connect.

Lessons

  • Planning and preparing for directory synchronization
  • Implementing directory synchronization by using Azure AD Connect
  • Managing identities with directory synchronization
After completing this module, students will be able to:
  • Plan and prepare for directory synchronization.
  • Implement directory synchronization by using Microsoft Azure Active Directory Connect (Azure AD Connect).
  • Manage identities with directory synchronization.

Module 13: Monitoring, managing, and recovering AD DS

This module describes how to monitor, manage, and maintain AD DS to help achieve high availability of AD DS.

Lessons

  • Monitoring AD DS
  • Managing the Active Directory database
  • Active Directory backup and recovery options for AD DS and other identity and access solutions
After completing this module, students will be able to:
  • Monitor AD DS.
  • Manage the Active Directory database.
  • Describe the backup and recovery options for AD DS and other identity access solutions.

Related training