Introduction

Get Hands-on instruction and practice administering Active Directory technologies in Windows Server 2012 and Windows Server 2012 R2 in this 10-day Microsoft Official Course. You will learn the skills you need to better manage and protect data access and information, simplify deployment and management of your identity infrastructure, and provide more secure access to data.

You will learn how to configure some of the key features in Active Directory such as Active Directory Domain Services (AD DS), Group Policy, Dynamic Access Control (DAC), Work Folders, Work Place Join, Certificate Services, Rights Management Services (RMS), Federation Services, as well as integrating your on-premise environment with cloud-based technologies such as Windows Azure Active Directory. As part of the learning experience, you will perform hands-on exercises in a virtual lab environment.

TARGET AUDIENCE

• AD DS Administrators who are looking to further develop skills in the latest Access and Information Protection technologies with Windows Server 2012 and Windows Server 2012 R2.
• System or Infrastructure administrators with general AD DS experience and knowledge who are looking to build upon that core knowledge and cross-train into advanced Active Directory technologies in Windows Server 2012 and Windows Server 2012 R2.
• IT Professionals who have taken the 10967A: Fundamentals of a Windows Server Infrastructure course and are looking to build upon that Active directory knowledge.

COURSE OBJECTIVES

• Understand available solutions for identity management and be able to address scenarios with appropriate solutions.
• Deploy and administer AD DS in Windows Server 2012.
• Secure AD DS deployment.
• Implement AD DS sites, configure and manage replication
• Implement and manage Group Policy
• Manage user settings with Group Policy
• Implement certification authority (CA) hierarchy with AD CS and how to manage CAs.
• Implement, deploy and manage certificates.
• Implement and manage AD RMS.
• Implement and administer AD FS.
• Secure and provision data access using technologies such as Dynamic Access Control, Work Folders and , Workplace Join
• Monitor, troubleshoot, and, establish business continuity for AD DS services.
• Implement Windows Azure Active Directory.
• Implement and administer Active Directory Lightweight Directory Services (AD LDS).

COURSE PREREQUISITES

• Experience working with Active Directory Domain Services (AD DS)
• Experience working in a Windows Server Infrastructure enterprise environment
• Experience working with and troubleshooting core networking infrastructure technologies such as name resolution, IP Addressing, Domain Name System (DNS) and Dynamic Host Configuration Protocol (DHCP)
• Experience working with Hyper-V and Server Virtualization concepts
• An awareness and understanding of general security best practices
• Experience working hands-on with Windows client operating systems such as Windows Vista, Windows 7, or Windows 8

COURSE CONTENT

Module 1: Overview of Access and Information Protection

• Introduction to Access and Information Protection Solutions in Business
• Overview of AIP Solutions in Windows Server 2012
• Overview of FIM 2010 R2

Lab: Choosing an Appropriate Access and Information Protection Management Solution

• Analyze the Lab Scenario and Identify Business Requirements
• Propose a Solution

Module 2: Advanced Deployment and Administration of AD DS

• Deploying AD DS
• Deploying and Cloning Virtual Domain Controllers
• Deploying Domain Controllers in Windows Azure
• Administering AD DS

Lab: Deploying and Administering AD DS

• Deploying AD DS
• Deploying Domain Controllers by Performing Domain Controller Cloning
• Administering AD DS

Module 3: Securing AD DS

• Securing Domain Controllers
• Implementing Account Security
• Implementing Audit Authentication

Lab: Securing AD DS

• Implementing Security Policies for Accounts, Passwords, and Administrative Groups
• Deploying and Configuring an RODC

Module 4: Implementing and Administering AD DS Sites and Replication

• Overview of AD DS Replication
• Configuring AD DS Sites
• Configuring and Monitoring AD DS Replication

Lab: Implementing AD DS Sites and Replication

• Creating Subnets and Sites
• Deploying an Additional Domain Controller
• Configuring AD DS Replication
• Troubleshooting AD DS Replication

Module 5: Implementing Group Policy

• Introducing Group Policy
• Implementing and Administering GPOs
• Group Policy Scope and Group Policy Processing
• Troubleshooting the Application of GPOs

Lab: Implementing and Troubleshooting a Group Policy Infrastructure

• Creating and Configuring GPOs
• Managing GPO Scope
• Verifying GPO Application
• Managing GPOs
• Troubleshooting GPOs

Module 6: Managing User Settings with Group Policy

• Implementing Administrative Templates
• Configuring Folder Redirection and Scripts
• Configuring Group Policy Preferences

Lab: Managing User Desktops with Group Policy

• Implementing Settings by Using Group Policy Preferences
• Configuring Folder Redirection

Module 7: Deploying and Managing AD CS

• Deploying CAS
• Administering CAs
• Troubleshooting, Maintaining, and Monitoring CAs

Lab: Deploying and Configuring a Two-Tier CA Hierarchy

• Deploying an Offline Root CA
• Deploying an Enterprise Subordinate CA

Module 8: Deploying and Managing Certificates

• Using Certificates in a Business Environment
• Deploying and Managing Certificate Templates
• Managing Certificates Deployment, Revocation, and Recovery
• Implementing and Managing Smart Cards

Lab: Deploying and Using Certificates

• Configuring Certificate Templates
• Enrolling and using certificates
• Configuring and Implementing Key Recovery

Module 9: Implementing and Administering AD RMS

• Overview of AD RMS
• Deploying and Managing an AD RMS Infrastructure
• Configuring AD RMS Content Protection
• Configuring External Access to AD RMS

Lab: Implementing an AD RMS Infrastructure

• Install and Configure AD RMS
• Configure AD RMS Templates
• Verifying AD RMS on clients
• Configure AD RMS Monitoring and Reporting

Module 10: Implementing and Administering AD FS

• Overview of AD FS
• Deploying AD FS
• Implementing AD FS for a Single Organization
• Deploying AD FS in a Business-to-Business Federation Scenario
• Extending AD FS to External Clients

Lab: Implementing AD FS

• Installing and Configuring AD FS
• Configure an Internal Application for AD FS
• Configuring AD FS for a Federated Business Partner
• Configuring Web Application Proxy

Module 11: Implementing Secure Shared File Access

• Overview of Dynamic Access Control
• Implementing DAC Components
• Implementing DAC for Access Control
• Implementing Access Denied Assistance
• Implementing and Managing Work Folders
• Implementing Workplace Join

Lab: Implementing Secure File Access

• Preparing for DAC Deployment
• Implementing DAC
• Validating and Remediating DAC
• Implementing Work Folders

Module 12: Monitoring, Managing, and Recovering AD DS

• Monitoring AD DS
• Managing the AD DS Database
• AD DS Backup and Recovery Options for AD DS and Other Identity and Access Solutions

Lab: Monitoring AD DS

Monitoring AD DS with Performance Monitor

Lab: Recovering Objects in AD DS

• Backing Up and Restoring AD DS
• Recovering Objects in AD DS

Module 13: Implementing Windows Azure Active Directory

• Overview of Windows Azure ADManaging Windows Azure AD Accounts

Lab: Implementing Windows Azure AD

• Implementing Windows Azure AD for Office 365
• Implementing Windows Azure AD for a Cloud-Based Application

Module 14: Implementing and Administering AD LDS

• Overview of AD LDS
• Deploying AD LDS
• Configuring AD LDS Instances and Partitions
• Configuring AD LDS Replication
• Integrating AD LDS with AD DS

Lab: Implementing and Administering AD LDS

• Configuring AD LDS Instances and Partitions
• Configuring AD LDS Replication
• Synchronizing AD LDS with AD DS