Windows Server 2008 Active Directory, Group Policy and Security DesignDuration: 5 Days | Price: Contact a Career Consultant for pricing Students Will Learn:
- Installing and Configuring DNS
- Optimizing Replication in Active Directory
- Network Security with IPSec
- Creating a Group Policy
- Filtering Group Policy with WMI
- Upgrading and Installing Active Directory
- Installing Additional Active Directory Roles
- Using AD Certificate Services
- Restricting Users and Computers with GPO
- Deploying Software with GPO
Course Description: Active Directory provides a single administration point for sign-on, policies and authentication control. This hands on course provides experience configuring Active Directory and essential network security components such as AD Certificate Services, IPSec and virtual private networking (VPN). Students will install Active Directory Domain Services (ADDS), integrate DNS for Active Directory and Internet name resolution, implement AD security for DNS, and configure logical AD components, such as forests, trees, domains and organizational units (OUs). Upgrading and migrating the ADDS structure within or between forests, troubleshooting, backup and restore methods and additional maintenance tools will be explored. Attendees will investigate additional Active Directory roles and services. With ADDS installed, we will monitor and maintain sites and replication to assure up-to-date information.
An administrator needs to control the user environment, so students will look at the architecture, scope, inheritance, replication and troubleshooting in group policy before learning to restrict and enable users with login scripts, rights, desktop policies and software deployment and control. We'll also look at further controlling computers through security policies, loopback processing, and templates. Attendees will delegate administration of the configuration policies, control application and inheritance and explore tools to refine the user experience. Comprehensive labs and exercises give the students real experience installing and configuring Active Directory while securing the network. Course Prerequisites: Completion of Windows Server 2008 Administration course or equivalent knowledge.
Windows Server 2008 Active Directory, Group Policy and Security Design Course Overview:
Domain Name Service (DNS)
- DNS Server Role Introduction
- DNS Architecture
- Creating and Managing DNS Zones
- DNS Zone Transfers
- Dynamic DNS
- Integration with Active Directory
|
Active Directory Domain Services
- Active Directory DNS Naming Strategy
- DNS AD-Integrated Zones
- Active Directory Architecture
- Scripting AD Object Configuration
- AD Trust Relationships
- Read-Only Domain Controller (RODC) Configuration
|
AD Sites and Replication
- Creating and Managing AD Sites
- Site Topology
- DFS Replication Overview
- SYSVOL Replication
- Replication Monitoring and Troubleshooting
|
AD Maintenance and Monitoring
- Server 2008 Monitoring Tools
- Flexible Single Master of Operations (FSMO) Roles
- Backing Up the AD Database
- Restore Methods
- Troubleshooting AD and Group Policy
- Cleaning Up AD with NTDSUTIL
- Global Catalog Servers
|
Active Directory Schema
- Defining the Active Directory Schema
- Administering the Active Directory Schema
- Schema Modification
- Object Classes and Attributes
- Deactivating Schema Objects
|
Group Policy Objects (GPO)
- Group Policy Overview
- Centralized Configuration
- Domain and Local Policies
- Policy Scope
- Policy Inheritance
- Security Configuration Wizard (SCW)
- GPO Replication
- Converting Legacy Policies
- Troubleshooting Conflicts and Inheritance
|
GPO User Configuration
- Logon Scripts
- Folder Redirection
- User Rights
- Desktop Restrictions
- Application Limitations
- Deploying User Software with .msi Files
|
GPO Computer Configuration
- Assigning Applications to the Desktop
- Security Settings
- Policy Refresh Interval
- Loopback Processing
|
GPO Security
- Reducing Attack Surface through GPO
- Creating Security Policies
- Using Custom Templates
- Fine-Grained Password Policies
- Software Restrictions
|
GPO Administration
- Refreshing the Policy Manually
- Delegating GPO Administration
- Group Policy Management Console (GPMC)
- Combining Policies
- Disabling GPOs
- Block Inheritance
- Enforcement
|
Group Policy Management Console
- Analyzing Resultant Set of Policy (RSoP)
- Group Policy Modeling
- Importing Policies
- Backup and Restore GPOs
- Starter GPOs
|
Group Policy Software Deployment
- Assigning Software to Users or Computers
- Publishing Applications to Users
- Upgrading and Removing Applications
- Customizing Distributed Software
|
Active Directory Certificate Services
- Public Key Infrastructure (PKI)
- Installing and Configuring Internet Information Server (IIS) 7.5
- Installing ASP.NET
- Installing Active Directory Certificate Services
- Web-Based Certificate Request
- Granting and Revoking Certificates
- Publishing the Certificate Revocation List
- PKI Applications and Uses
- Certificate Authorities
|
Remote Access
- Virtual Private Network (VPN) Configuration
- VPN and Authentication Protocols
- Remote Access Policies
- Network Policy Server (NPS)
- Configuring a RADIUS Server
- Troubleshooting
|
Student Testimonials "Great course. Fast paced learning covered exactly what I needed."
– T.W., United
States Navy
"Labs were very effective in demonstrating objectives."
– S.M., COX Target
Media |
