We review what you should consider when designing and implementing Active Directory (AD), automated installation, security aspects (how to protect your AD and infrastructure), delegation, migration, and upgrades.
On your own, you will get plenty of time to try and test:
- ADDS configuration and troubleshooting tools
- learn about GPO Design
- Forest and Domain Topologies
- FSMO roles
- Sites and services
- Backup and Restore
- Time management
Theory sections are mixed with Daniel Ulrich's experience from real customer cases and provide access to material that cannot be read in common course material, TechNet, or KB articles.
Learn how to manage the small AD environment, scale it to larger environments across multiple countries, and how to use AD in the best possible way!
Tailored Training or a Scheduled Course?
We can help you or your team understand your specific skills and development needs. Send us a request, and we’ll guide you, or reserve a spot on our next scheduled course.
Active Directory administrators, IT professionals wishing to immerse themselves in Active Directory
As the course is at a high pace and requires a certain level of knowledge, participants should have completed a basic course in Active Directory or have obtained equivalent knowledge through work with Active Directory and Windows Server in the operating environment.
The lab should teach you how to design, deploy and maintain Active Directory. You will learn about all the components and security mechanisms that are included in the service, and gain knowledge that will enable you to troubleshoot, restructure, and upgrade your Active Directory. You will be proactive and able to make decisions about AD changes without consulting a need.
Lab manual and exercise booklet
Active Directory Design – Forest, Domain, and OU
– Forest and domain topology design (how to do right from the start)
– Domain Controller’s function, location, and configuration
– Automation and standardization of installation
– Forest and domain trust management
– OU design (how less becomes more)
Active Directory Design – Namespace and DNS integration
– Considerations when selecting namespace (options and conditions)
– Integration between AD and DNS
– DNS replication methods, Dynamic Updates, and forwarding methods
Active Directory Design – Replication and Site Management
– Then configure, maintain and troubleshoot AD Replication
– Catalog partitions (functions and differences)
– Subnet in Active Directory (therefore they play a huge role)
– How can Sites and Services help me?
– How KCC works and how to optimize the replication
Active Directory Design – Components and Roles
– All you need to know about FSMO roles to survive
– The purpose of Global Catalogs
– Time synchronization in the domain (so important, you’ll get it working)
– Deactivation of Active Directory Schema
Active Directory Drift – Then you should work with groups and rights
– Understand the difference between global, domain, and universal groups
– Name standards that hold
– Dynamic Access Control
Active Directory Drift – Disaster recovery and high availability
– Backup and restore of Active Directory (technology and challenge)
– DC crashed, what am I doing now?
– Tombstone lifetime
– Virtual domain controllers (The good, the bad, and the ugly)
Active Directory Drift – Then you should work with Group Policy
– How are policies applied and how do you best get it wrong?
– Consolidate or not, that’s the question
– Linking and filtering (the old and new school)
– Group Policy Preferences?
– SYSVOL replication
Active Directory – Security
– What does the security model look like in AD
– How are accounts and data protected in AD
– AdminSDHolder what is it?
– Confidentiality data bit, when is it used?
– Read-only Domain Controllers
– Fine-Grained Password Policies
– Authentication Mechanism Assurance
– Authentication Policies and Policy Silos
Active Directory – Kerberos
– How does Kerberos really work?
– KDCn and its services
– Claims based Authentication
– Over Trusts
Active Directory – Hosting
– Resource Forest / Domain
– List object mode
– UPN Suffix
Active Directory – Migrations
– Sid History
– AD Migration / Upgrade
Active Directory Maintenance – Upgrades and Changes
– Upgrading Active Directory and forest/domain functional level
– How is the migration scenario (eg acquisition of companies or adaptation to MSKD for municipalities)
Active Directory Maintenance – Overview of the New Technology
– Various troubleshooting tools
– Introduction to AD management via Powershell
– Introduction to Azure AD Premium
– What’s in the next version of Active Directory