Lifelong learning for working professionals
Mastering Active Directory

Mastering Active Directory

Course overview

Learn how to design, deploy, and maintain Active Directory (AD).

Three fast-paced days that delve into the depths of Active Directory Domain Services (ADDS) and the tightest integrated peripheral components.

We go through what you as an IT professional and administrator should consider when designing and implementing AD, automated installation, security aspects (how to protect your AD and infrastructure), delegation, migration and upgrades. We lab with tools for configuration and troubleshooting of ADDS, learn GPO design, DNS, Forest and domain topologies, Trusts, FSMO roles, Sites & Services, disaster/recovery, Backup & Restore, Kerberos, KDC, NTDS. DIT and time management.

The theory in each section is mixed with the instructor’s real-life experiences, giving access to a reality that cannot be read about in regular course material, TechNet or KB articles. Learn how to manage the small AD environment, how to scale it up to larger environments across several countries and how to use AD in the best way!

This product is currently out of stock and unavailable.

Course Objective

The labs will teach you how to design, deploy, and maintain Active Directory. You will learn about all the components and security mechanisms that are included in the service and gain knowledge that will allow you to troubleshoot, restructure and upgrade your Active Directory. You should be proactive and be able to make decisions about AD changes without consulting help being a must.

Target Group

Administrators of Active Directory, IT professionals who wish to immerse themselves in Active Directory

Prerequisites

As the course is fast-paced and assumes a certain level of knowledge, participants should have completed a basic course in Active Directory or have gained equivalent knowledge through working with Active Directory and Windows Server in an operational environment.

Certification

This course does not have any associated certification. Each participant who completes the course receives a course certificate.

Trainer

Daniel Ulrichs is a senior IT security consultant working in a Directory Services Expert team at Trusted Solutions Group Sweden as an architect in identity and security in enterprise environments.

With a passion for Active Directory security and the Windows platform, Daniel performs security audits, health checks, design of large Active Directory environments, Active Directory migrations and consolidations, and builds high-security environments.

With his deep understanding, Daniel has helped Swedish government agencies, banks and organizations in other industries and countries improve the security and infrastructure of their core Active Directory.

More about the course

Course content

Active Directory Design – Forest, domain and OU

  • Forest and domain topology design (how to do it right from the start)
  • Function, location and configuration of the domain controller
  • Automation and standardization of installation
  • Management of Forest and Domain Trusts
  • OU design (how less becomes more)

Active Directory Design – Namespace and DNS integration

  • Namespace selection considerations (options and conditions)
  • The integration between AD and DNS
  • Methods for DNS replication, Dynamic Updates and forwarding

Active Directory Design – Replication and site management

  • How to set up, maintain and troubleshoot AD replication
  • Directory partitions (features and differences)
  • Subnets in Active Directory (why they play a huge role)
  • How can Sites and Services help me?
  • How KCC works and how to optimize replication

Active Directory Design – Components and Roles

  • Everything you need to know about FSMO roles to survive
  • The purpose of Global Catalogs
  • Time synchronization in the domain (that’s how important it is, here’s how to make it work)
  • De-dramatization of Active Directory Schema

Active Directory Operations – How you should work with groups and rights

  • Understand the difference between global, domain-local and universal groups
  • Naming standards that last
  • Cleanups
  • Dynamic Access Control

Active Directory Operations – Disaster recovery and high availability

  • Active Directory backup and restore (the technology and the challenge)
  • The DC crashed, what do I do now?
  • Tombstone lifetime
  • Virtual domain controllers (The good, the bad and the ugly)

Active Directory Operations – How you should work with Group Policy

  • How are policies applied and how to troubleshoot them in the best way?
  • Consolidate or not, that is the question
  • Linking and filtering (old and new school)
  • Group Policy Preferences (death of the login script?)
  • SYSVOL replication
  • AGPMC

Active Directory – Security

  • What is the security model in AD
  • How accounts and data are protected in AD
  • AdminSDHolder what is it?
  • Confidentiality data bit, when is it used?
  • Read Only Domain Controllers
  • FAS
  • Fine-Grained Password Policies
  • Authentication Mechanism Assurance
  • Authentication Policies and Policy Silos

Active Directory – Kerberos

  • How does Cerberus actually work?
  • KDCn and its services
  • Claims based Authentication
  • About Trusts

Active Directory – Hosting

  • Resurs Forest/Domain
  • List object mode
  • UPN Suffix

Active Directory – Migrations

  • ADMT
  • Sid History
  • AD Migration / Upgrade

Active Directory Maintenance – Upgrades and changes

  • Upgrading Active Directory and forest/domain functional level
  • How to handle migration scenarios (e.g. acquisition of companies or adaptation to MSKD for municipalities)

Active Directory Maintenance – Overview of the new technology

  • Various Tools for troubleshooting
  • Introduction to AD management via Powershell
  • Introduction to Azure AD Premium
  • What’s coming in the next version of Active Directory

Course overview

3 days

Advanced

Can’t find a (suitable) date, but are interested in the course? Send in an expression of interest and we will do what we can to get an opportunity that suits.

Expression of interest

För samtliga utbildningar gäller våra
 Allmänna Villkor.

Company-adapted course

The course can be adapted from several perspectives:
  • Content and focus area
  • Scope of application
  • Structure

In collaboration with the course leader, we make sure that the course meets your wishes
Contact us for more information

Send an expression of interest for the training

Send an expression of interest for the training