This course examines the key identity technologies in Windows Server 2016, including Active Directory, Group Policy, Certificate Services, Federation, and Rights Management. Identity is the cornerstone of security, and this course provides the key skills to architect and implement identity using Windows Server 2016. We explore the technologies and how solutions can be architected and managed. By the end of …
This course examines the key identity technologies in Windows Server 2016, including Active Directory, Group Policy, Certificate Services, Federation, and Rights Management. Identity is the cornerstone of security, and this course provides the key skills to architect and implement identity using Windows Server 2016. We explore the technologies and how solutions can be architected and managed. By the end of this course, you'll be able to take advantage of all the key identity technologies in Windows Server 2016 and be one step closer to the Windows Server 2016 MCSA.
What you'll learn
Prerequisites
John Savill is a Windows technical specialist, an 11-time MVP, an MCSE for Windows Server 2016 and Azure, a CISSP and he's ITIL certified. He is the author of the popular FAQ for Windows and a senior contributing editor to Windows IT Pro. John is the author of eight books, with the most recent being Mastering Azure Infrastructure Services (Wiley) and Mastering Windows Server 2016 Hyper-V (Wiley). John speaks at many major industry events such as IT/Dev Connections, TechEd, Ignite, IT Transformation, and Hybrid Identity Protection in addition to having online training available on O’Reilly plus a huge collection on his YouTube channel (https://youtube.com/NTFAQGuy). Follow John on Twitter at @NTFAQGuy.
Introduction
Welcome to the Course
About the Author
Active Directory Domain Services
Active Directory Overview
Understanding Forests and Trees
Installing Active Directory Domain Services
Creating a new Domain in a new Forest
Adding and removing Domain Controllers
Installing a DC on Server Core
Installing a DC from Media
Domain Trust Types and Advanced Trust Configuration (Trust Authentication, SID Filtering, Name Suffix Routing)
Multi-Forest Environment Management
Domain and Forest Levels
Global Catalogs
Using Read-Only Domain Controllers
Understanding Flexible Single Master Operations (FSMO) Roles
Managing FSMO Roles
Configure UPN Suffixes
Domain Controller and Site Management
Upgrading Domain Controllers
Upgrading Domains
Active Directory Site Introduction
Creating Active Directory Sites and Site Links
View DNS Service Records
Configure DNS Site Coverage
Domain Controllers in Azure
Move Domain Controllers Between Sites
Domain Controller Cloning
NTDS Management and Metadata Cleanup
Backing Up Active Directory
Performing Active Directory Restoration
Using Active Directory Snapshots
Active Directory Object Management
Active Directory Object Types
Creating Active Directory Users
Creating Active Directory Computers and Joining a Domain
Managing User and Computer Objects with Graphical Tools
Managing User and Computer Objects with PowerShell
Using Organizational Units
Active Directory Group Types
Managing Active Directory Groups
Managing Active Directory Groups with Group Policy
Using Virtual Accounts
Using the Active Direcotry Recycle Bin
Privileged Access Management Overview
Active Directory Policies
Active Directory Policies
Managed Service Accounts and Group Managed Service Accounts
Configure Kerberos Constrained Delegation
Manage Service Principal Names
Configure Password Policy Settings
Use Password Settings Objects
Configure Account Policies
Group Policy
Group Policy
Using Group Policy WMI Filters
Implementing Group Policy Preferences and Item-Level Targeting
Configuring Group Policy Slow Link Processing Options
Creating Custom Administrative Templates
Convert ADM Files to ADMX Files
Configure Software Installation, Folder Redirection and Scripts
Configure Group Policy Caching
Forcing Group Policy update
Backing up and restoring GPOs
Delegate Group Policy Management
Troubleshooting Group Policy Applications and Common Causes of Problems
Using Advanced Group Policy Management (AGPM)
Active Directory Certificate Services
Overview of Public Key Infrastructure (PKI)
Installing ADCS
Configuring Enterprise Certificate Authority (CA)
Implementing Automatic Certificate Deployment and Renewal
Implementing Key Archival and Recovery Processes
Designing Separation of Roles with ADCS
Active Directory Federation Services
The need for ADFS and how it works
Installing ADFS
Configuring ADFS
Integrating ADFS with Cloud Services
Integration with Azure Active Directory
Updating Certificates with Azure AD Connect
Web Application Proxy
WAP Overview
Deploying WAP
Publish Apps with WAP
Publish Remote Desktop Gateway with WAP
Active Directory Rights Management Services
Ways to Protect Data
Active Directory RMS and Azure RMS
Using Microsoft Rights Management Connector and RMS
Conclusion
Wrap Up and Thank You