Introduction
This 3 day instructor-led course provides
students with an understanding of Active Directory
technology in Windows Server 2008. This course is intended
to allow individuals who already have experience with Active
Directory to upgrade their skills for Windows Server 2008.
This course is based on an interim build of Windows Server
2008.
Audience
This course is intended for IT
Professionals experienced on the technologies included in
Windows Server 2000 and Windows Server 2003, and who hold an
MCSE or MCSA certification and/or equivalent knowledge.
At Course Completion
After completing this course, students
will be able to:
| |
Describe and configure server
roles with Active Directory Services in Windows
Server 2008.
|
| |
Plan for and deploy Active
Directory Domain Services.
|
| |
Install, configure, and manage
the Server Core role as a domain controller.
|
| |
Manage accounts, subnets,
Site-Links, Group Policy, and DNS configuration with
Active Directory Domain Services.
|
| |
Manage new Active Directory
services, including Active Directory Federation
Services, Active Directory Lightweight Directory
Services, and Active Directory Rights Management
Services.
|
| |
Set up and manage Read-Only
Domain Controllers (RODC).
|
| |
Use auditing features in Active
Directory Domain Services.
|
| |
Manage credentials with Active
Directory Certificate Services, including Credential
Roaming.
|
Prerequisites
Before attending this course, students
must have one or more of the following:
| |
On-the-job experience in
planning, implementing, managing, or supporting
Microsoft Windows Server 2000 or 2003, including
Active Directory and Network Infrastructure
|
| |
Working knowledge of networking,
for example, TCP/IP and Domain Name System (DNS).
|
| |
Designed a Microsoft Windows
Server 2003 Active Directory and Network
Infrastructure
|
| |
Designed Security for a Microsoft
Windows Server 2003 Network
|
| |
Installed, Configured, and
Administered Microsoft Windows 2000, Windows XP
Professional, or Microsoft Vista.
|
Course Outline
Module 1: Introduction to Active
Directory Technology in Windows Server 2008
This module describes and demonstrates
improvements to Active Directory in Windows Server 2008,
including new server roles and server configuration.
Lessons
| |
Active Directory Improvements
|
Lab 1: Introduction to Active Directory
Technology in Windows Server 2008
| |
Use Three Phases to Configure a
Server
|
| |
Deploy New Server Roles and
Features
|
| |
Change a Servers Role
|
| |
Change Role Services and Features
|
After completing this module, students
will be able to:
| |
List improvements in Active
Directory roles.
|
| |
Describe how to configure roles
on Windows Server 2008.
|
Module 2: Planning for Windows Server
2008 Active Directory Services
This module explains how to install and
configure the Active Directory Domain Services (ADDS) server
role and administering it with Server Manager. It also
explores planning for deploying an Active Directory Domain
Services infrastructure.
Lessons
| |
Planning for ADDS Deployment
|
| |
Upgrade Considerations
|
Lab 1: Installing a Windows Server 2008
Forest
Lab 2: Installing Windows Server 2008 in
an Existing Forest
| |
Install a Windows Server 2008 DC
in an Existing Forest
|
| |
Install a RODC in an Existing
Forest
|
| |
Verify Active Directory
InstallationInstall a New Forest
|
After completing this module, students
will be able to:
| |
Plan for a Windows Server 2008
Active Directory Domain Services deployment.
|
| |
Identify considerations when
upgrading from a Windows Server 2003 to a Windows
Server 2008 Active Directory infrastructure.
|
| |
Install Windows Server 2008 AD
DS.
|
Module 3: Server Core Domain Controllers
This module explains how to install and
configure the Server Core role in Windows Server 2008 as a
domain controller. It also covers adding roles and features
and managing Server Core.
Lessons
| |
Server Core Domain Controllers
|
Lab 1: Server Core Domain Controller
| |
Installing Server Core
|
| |
Configure Server Core
|
| |
Adding Roles and Features
|
| |
Managing Server Core
|
After completing this module, students
will be able to:
| |
Describe Server Core.
|
| |
List Server Core benefits.
|
| |
Add Server Core roles.
|
| |
Configure a Server Core Domain
Controller.
|
Module 4: Active Directory Domain
Services
This module explains how to create and
manage accounts, subnets, Site-Links, and Group Policy with
new features in Active Directory Domain Services.
Lessons
| |
Whats New in AD DS
|
| |
Improved Security
|
| |
Manageability and Reliability
|
Lab 1: Exploring Active Directory Domain
Services
| |
Create Accounts
|
| |
Review Operations Masters Role
|
| |
Review Sites
|
| |
Working with Subnets
|
| |
Working with Site-Links
|
| |
AD DS and Group Policy
|
| |
Review DNS Configuration
|
After completing this module, students
will be able to:
| |
Identify new features of AD DS
with Windows Server 2008
|
| |
Use all Active Directory Domain
Services management consoles
|
| |
Describe how Read-Only Domain
Controllers and Server Core work with Active
Directory
|
| |
List reliability and
manageability improvements with AD DS
|
Module 5: Active Directory Federation
Services, Active Directory Lightweight Directory Services,
Active Directory Rights Management Services
This module introduces Windows Server
2008's new Active Directory Services:
| |
Active Directory Federation
Services for identity access solution
|
| |
Active Directory Lightweight
Directory Services (replaces Active Directory
Account Management with Windows Server 2003),
providing directory services for applications.
|
| |
Active Directory Right Management
Services, enabling the creation of
information-protection solutions.
|
Lessons
| |
Active Directory Federation
Services
|
| |
Active Directory Lightweight
Directory Services
|
| |
Active Directory Rights
Management Services
|
Lab 1: Active Directory Federation
Services
| |
Install AD FS
|
| |
Configure Web Server
|
| |
Configure Federation Server
|
| |
Access Application from Client
Computer
|
Lab 2: Active Directory Rights Management
Services
| |
Install and Configure AD RMS
|
| |
Add New AD RMS Cluster
|
| |
Register the Service Connection
Point in Active Directory
|
| |
Verify AD RMS Functionality
|
After completing this module, students
will be able to:
| |
Use Active Directory Federation
Services
|
| |
Explain Active Directory
Lightweight Directory Services
|
| |
Use Active Directory Rights
Management Services
|
Module 6: Read-Only Domain Controllers
This module explains how to set up and
manage a read-only domain controller.
Lessons
| |
Read-Only Domain Controllers
|
| |
Read-Only Domain Controller
Operation
|
Lab 1: Read-Only Domain Controllers
| |
Deploying an RODC
|
| |
Administering an RODC
|
After completing this module, students
will be able to:
| |
Describe the role of Read-Only
Domain Controllers.
|
| |
List the prerequisites for RODC
deployment.
|
| |
Describe how the RODC can be used
to achieve Administrator role separation.
|
| |
Describe scenarios in which RODC
usage is recommended.
|
Module 7: Auditing Active Directory
Domain Services Changes
This module explores new auditing
features in Active Directory Domain Services and how to set
up and manage auditing events.
Lessons
| |
Whats new in AD DS auditing
|
| |
Who should use this new feature
|
| |
Benefits of auditing changes in
AD DS
|
| |
Summary of new AD DS auditing
events
|
| |
Summary of attribute syntaxes
|
Lab 1: Auditing Active Directory Domain
Services Changes
| |
Prerequisites
|
| |
Steps to set up auditing
|
| |
Example audit events
|
After completing this module, students
will be able to:
| |
Describe the new auditing
features in Active Directory Domain Services.
|
| |
Set up auditing events.
|
Module 8: Enterprise PKI (PKIView) Active
Directory Certificate Services (ADCS)
This module explains how to set up and
manage Active Directory Certificate Services using PKIView.
Lessons
| |
Certificate Authority
|
| |
Certificate Policy Settings
|
| |
Microsoft Simple Certificate
Enrollment Protocol
|
| |
Online Revocation Services
|
| |
Network Device Enrollment
Services
|
| |
Web Enrollment Services
|
Lab 1: Enterprise PKI (PKIView) Active
Directory Certificate Services (ADCS)
| |
Add a Certificate Server Role
|
| |
Exploring the PKIView UI
|
| |
Introducing Expiry Notifications
|
| |
Introducing Credential Roaming
|
| |
Introducing CA performance
monitors
|
| |
Exploring delegated enrollment
|
| |
Introducing OCSP configuration
|
| |
Revocation
|
After completing this module, students
will be able to:
| |
Describe Active Directory
Certificate Services management with PKIView.
|
| |
Set up and revoke certificates.
|
| |
Use Credential Roaming.
|
