Active Directory Domain Services

1️⃣ Introduction to AD DS

1. Introduction

2. Define AD DS

• What are the logical components?

  • Partition || Schema || Domain || Domain tree || Forest || OU || Container

• What are the physical components?

  • Domain controller || Data store || Global catalog server || Read-only domain controller (RODC) || Site || Subnet

3. Define users, groups, and computers

• What are managed service accounts?

• What are group managed service accounts?

• What are delegated managed service accounts?

• What are group objects?

• Group types

  • Security || Distribution

• Group scopes

  • Local || Domain-local || Global || Universal

• What are computer objects?

• Computers container

4. Define AD DS forests and domains

• What is an AD DS forest?

  • The following objects exist in the forest root domain:

    • The schema master role.

    • The domain naming master role.

    • The Enterprise Admins group.

    • The Schema Admins group.

  • The following objects exist in each domain (including the forest root):

    • The RID master role.

    • The Infrastructure master role.

    • The PDC emulator master role.

    • The Domain Admins group.

• What is an AD DS domain?

  • User accounts || Computer accounts || Groups

  • An AD DS domain provides: Authentication, Authorization

• What are trust relationships?

  • Parent and child || Tree-root || External || Realm || Forest || Shortcut

5. Define OUs

• Why create OUs?

• What are the generic containers?

• Use a hierarchical design

6. Manage objects and their properties in AD DS

• Active Directory Administrative Center

• Windows Admin Center

• Remote Server Administration Tools

• Other AD DS management tools

7. Module assessment

8. Summary

2️⃣ Manage AD DS domain controllers and FSMO roles

1. Introduction

2. Deploy AD DS domain controllers

3. Maintain AD DS domain controllers

• Restoring deleted AD DS objects by using Recycle Bin

• AD DS backup and restore

  • Nonauthoritative restore

  • Authoritative restore

4. Manage the AD DS Global Catalog role

5. Manage AD DS operations masters

   • What are AD DS operations masters?

     • Schema master

     • Domain-naming master

     • Infrastructure master

     • RID master

     • PDC emulator master

6. Manage AD DS schema

7. Module assessment

8. Summary

3️⃣ Implement Group Policy Objects

1. Introduction

2. Define GPOs

• What is Group Policy?

• What are GPOs?

• What are starter GPOs?

3. Implement GPO scope and inheritance

Group Policy follows the following hierarchical processing order:

1. Local GPOs.

2. Site-linked GPOs.

3. Domain-linked GPOs.

4. OU-linked GPOs.

5. Child OU-linked GPOs.

4. Define domain-based GPOs

5. Create and configure a domain-based GPO

6. Define GPO storage

   • What are Group Policy containers and templates?

     • The Group Policy container

     • The Group Policy template

7. Define administrative templates

8. Module assessment

9. Summary

4️⃣ Manage advanced features of AD DS

1. Introduction

2. Create trust relationships

3. Implement ESAE forests

4. Monitor and troubleshoot AD DS

• Repadmin.exe

• Dcdiag.exe

• Windows PowerShell AD DS replication cmdlets

5. Create custom AD DS partitions

6. Module assessment

7. Summary

5️⃣ Implement and manage Active Directory Certificate Services

1. Introduction

2. Explore the fundamentals of PKI and AD CS

3. Design and implement AD CS

4. Manage certificate enrollment

5. Manage certificate revocation

6. Manage certificate trusts

7. Module assessment

8. Summary