Microsoft Active Directory Domain Objectives:- Learn what s new and what s updated in Active Directory Domain Services Install, upgrade and configure Windows Server 2012 Domain Controllers Work with the new Active Directory management tools Migrate and restructure AD domains Work with virtualized domain controllers Configure Read-Only and Server Core domain controllers Configure Dynamic Access Control to apply data governance Deploy Rights Management Encryption Learn what s new in Kerberos Configure Constrained Delegation Work with Active Directory Federation Services Attendance:- This course is intended for Administrators, Consultants, IT Professionals and other people wanting to upgrade their current skills to Microsoft Active Directory Domain Services 2012. Experienced IT Pros with either an MCSE or MCSA on Windows Server 2012, or verifiably equivalent knowledge and skills Outlines:- Module 1: What s New in Active Directory Domain Services This module provides an introduction to Active Directory Domain Services (ADDS) in Windows Server 2012. Lessons presented in this module will provide an overview of the updated and new features. You will also learn about the new management and scalability and availability tools. Introducing Windows Server 2012 Windows Server 2012 and Private Cloud New Management Tools New Scalability and Availability Tools Updated Features New DC Promotion Features
Active Directory Federation Services (ADFS) Kerberos Constrained Delegation (KCD) Across Domains Group Managed Service Accounts (GMSAs) New Features UI for Fine-Grained Password Policies GUI for Recycle Bin Dynamic Access Control (DAC) Windows PowerShell History Viewer Active Directory-Based Activation (ADBA) Flexible Authentication Secure Tunneling (FAST) Virtual Snapshot and Cloning Support Module 2: Upgrading Active Directory to Windows Server 2012 This module describes how to upgrade ADDS to Windows Server 2012. Lessons presented in this module will detail the preparation and prerequisites required prior to upgrading and migrating. You will then learn to upgrade the domain controller (DC) using the in-place upgrade method and promote the DC using PowerShell and then you will work with the various migration tools. Overview of the AD-DS Role Understanding the AD-DS Role Active Directory Schema Deprecated Features in AD-DS Requirements for AD-DS Remote Server Administration for Windows 2012 DC Promotion via PowerShell Practice: Working with the AD-DS Role Upgrading the Domain Controller In-Place Upgrade: Available Paths Preparing an In-Place Upgrade Upgrading Paths from Legacy Versions Preparing to Upgrade Legacy Version Manually Transferring FSMO Roles Practice: In-Place Upgrade from Windows 2008 Migrating and Restructuring AD Domains Migrating and Restructuring Scenarios SID History and Password Retention Active Directory Migration Tool Preparing for a Migration Practice: Migrating to Windows 2012 Working with Post-Update Tasks
Log Files Shared Folders Event Viewer BPA for Active Directory Practice: Working with Post-Update Tasks Module 3: Working with Domain Controllers This module describes the various domain controllers available in Windows Server 2012. You will learn about virtualizing domain controllers and how to clone a domain controller. You will then learn to configure Read-Only and Server Core domain controllers. Overview of Virtualizing Domain Controllers Issues with Virtualized Domain Controllers Managing Snapshots Understanding VM-GenerationID Understanding USN-Rollback Practice: Performing an USN Rollback Virtualizing Domain Controllers USN-Rollback Awareness and Solving with VM-GUID Understanding DC-Cloning System Requirements for Cloning a Domain Controller Cloning for Rapid Deployment and Disaster Recovery Practice: Cloning a Virtual Domain Controller Read-Only Domain Controllers Understanding RODC Securing the AD-DS Configuring RODC RODC for Multiple Sites Server Core Domain Controllers Benefits of Server Core Domain Controllers Server Core and BitLocker Server Core and RODC Practice: Setting up a Server Core RODC Module 4: Working with Dynamic Access Control This module describes how to apply data governance using Dynamic Access Control. Lessons presented in this module will explain and configure central access policies and expression based access control. You will also learn how to deploy rights management encryption and how to use expression based auditing. Introduction to Dynamic Access Control Using Data Classification Using Expression Based Auditing
Using Expression Based Access Conditions Deploying Encryption for RMS Introduction to Central Access Policies Understanding User Claims Understanding Device Claims Defining Resource Properties Using Expression Based Access Control Practice: Working with Expression Based Access Control Deploying Central Access Policy Defining Resource Property Configuring Central Policies Configuring User Claims Assigning Central Policy Practice: Deploying Central Access Policy Introduction to Automatic Rights Management Encryption Understanding Rights Management Encryption Deploying Rights Management Encryption Requirements Using File Classification with RMS Encryption Practice: Deploying Rights Management Encryption Using Expression Based Auditing What is Expression Based Auditing? Planning for File Access Auditing Deploying Security Auditing with Central Audit Policies Practice: Managing Expression Based Auditing Module 5: Maintaining Active Directory This module describes how to maintain and manage ADDS. Lessons presented in this module will explain and configure the AD Recycle Bin and Fine Grained Password Policies. You will learn about Active Directory- Based Activation (online and proxy). You will also learn what s new in Kerberos and how to configure constrained delegation. Active Directory Recycle Bin Overview of AD-DS Objects Deletion of AD-DS Objects Activating AD-DS Recycle Bin Working with the Recycle Bin Practice: Working with Active Directory Recycle Bin Configuring Fine Grained Password Policies Default Domain Policy and Passwords Users and Groups
Using ADSI Edit Using AD Administrative Center Practice: Configuring Fine Grained Password Policies Active Directory-Based Activation What is Active Directory-Based Activation? Online Activation Proxy Activation Practice: Working with Active Directory-Based Activation What's New in Kerberos in 2012? Branch Office Support Claims Compound Authentication Kerberos Armoring (FAST) Requirements to Deploy FAST Practice: Working with FAST Configuring Constrained Delegation What is Constrained Delegation? Scenarios of Constrained Delegation Configuring Constrained Delegation Practice: Configuring Constrained Delegation Module 6: Working with Active Directory Federation Services This module describes how to work with Active Directory Federation Services. Lessons presented in this module will detail what ADFS is and how work with Web Single Sign-On (SSO). You will learn how to federate with a partner organization and how to extend and customize ADFS. You will also learn how to work with the various federation scenarios using the Cloud. Introduction to ADFS Understanding ADFS Authentication Process Federation Terminology Web Single Sign-On (SSO) Understanding Federated Web SSO Deploying Federated Web SSO with Forest Trust Federating with a Partner Organization Introduction to Claims-Aware Directory Services Technologies Used for Claim Based Identity Planning On-Premise and Cloud Scenarios Using Enhanced Identity Privacy Practice: Federating with a Partner Organization Extending and Customizing ADFS
Home Realm Discovery Customizing the Sign In Page Optimizing for Mobile Devices Practice: Customizing ADFS Working with Cloud and Federation Scenarios Overview of Cloud and Federation Services Integrating Active Directory with Office 365 Integrating Active Directory with Windows Azure Video: Integrating Active Directory with Cloud