6432 Managing and Maintaining Windows Server 2008 Active Directory Servers

Code: 6432
Course duration: 2 days
Price:

6432: Managing and Maintaining Windows Server 2008 Active Directory Servers (2 Days)

About this Course

This two day instructor led course provides students with the knowledge and skills to manage and maintain Windows Server 2008 Active Directory servers. The course focuses on the Active Directory server lifecycle by creating baselines, monitoring the system health, and maintaining security for the Active Directory servers. The course also focuses on managing Active Directory Domain Services and Active Directory service roles.

Audience Profile

This course is intended for Server Administrators who are familiar with Windows Server 2008 and who are, or will be, responsible for the daily management and maintenance of Windows Server 2008 Active Directory servers. It is also intended for IT professionals who could benefit from acquiring the skills required by a Windows Server 2008 Active Directory Server Administrator, such as a Server Administrator who is responsible for network application servers and works closely with the Active Directory Server Administrator, or an Enterprise Administrator who wants to understand the operational requirements of Windows Server 2008 Active Directory servers before designing a network server infrastructure.

At Course Completion

After completing this course, students will be able to:

  • Plan an Active Directory server deployment.
  • Identify different approaches to Active Directory server deployment.
  • Add an AD DS server role.
  • Remove an AD DS server role.
  • Identify strategies for developing, monitoring, and reviewing baselines.
  • Create baselines for different Active Directory roles with the appropriate metrics using the Windows Reliability and Performance Monitor (WRPM).
  • Create a monitoring plan based on business needs and environments.
  • Evaluate a monitoring plan based on business needs and environments.
  • Determine the health of Active Directory servers using performance monitoring and event log triggers.
  • Configure effective alerts and responses as well as evaluate alternative recommendations for AD DS servers to meet a business goal.
  • Describe the methodology of maintaining Windows Server 2008 AD DS.
  • Implement the methodology of maintaining Windows Server 2008 AD DS.
  • Perform AD DS maintenance and administrative tasks.
  • Explain the proven methods to harden the Active Directory servers.
  • Deploy the proven methods to harden the Active Directory servers.
  • Decide which Windows Server 2008 security features can address a given business situation.
  • Add service roles to a Windows Server 2008 network.
  • Deploy an Active Directory Lightweight Directory Services (AD LDS) server role.
  • Operate an Active Directory Lightweight Directory Services (AD LDS) server role.

Course Outline

Module 1: Managing an Active Directory Server Lifecycle

This module explains how to support and maintain Active Directory servers to meet changing business requirements in an enterprise environment.

Lessons

  • Planning an Active Directory Server Deployment
  • Using Active Directory Server Deployment Technologies
  • Adding AD DS Server Roles
  • Removing AD DS Server Roles

Lab : Managing and Maintaining a Windows Server 2008 Domain Controller

  • Evaluating the Need for AD DS Promotion
  • Meeting the Need by Adding a Role
  • Managing a Change Request for an RODC by Using the Command Line
  • Developing a Management and Maintenance Plan
  • Evaluating the Management and Maintenance Plan

After completing this module, students will be able to:

  • Plan an Active Directory server deployment.
  • Identify different approaches to Active Directory server deployment.
  • Add an AD DS server role.
  • Remove an AD DS server role.

Module 2: Creating Baselines for Active Directory Servers

This module explains how to create baselines using the WRPM and through analysis, make decisions to improve server performance.

Lessons

  • Baseline Methodologies for Active Directory Servers
  • WRPM Overview
  • Using Metrics to Create Baselines for Active Directory Servers

Lab : Creating Baselines for Active Directory Servers

  • Involving Users in Baseline Development
  • Choosing Relevant WRPM Counters and Durations
  • Evaluating and Revising a Baseline Document in the Face of Business Changes

After completing this module, students will be able to:

  • Define strategies for developing baselines.
  • Explain the use of the WRPM as a baseline creation and revision tool.
  • Describe some of the specific metrics that may be relevant for the different Active Directory roles.

Module 3: Monitoring the System Health of Active Directory Servers

This module explains how to create and evaluate a monitoring plan based on business needs and environments. It also explains how to determine the health of Active Directory servers using performance monitoring and even log triggers.

Lessons

  • System Health Overview
  • Using Long-Term Monitoring to Identify Trends
  • Setting Thresholds and Alerts for Short-Term Monitoring
  • Choosing the Appropriate Windows Server 2008 Monitoring Tools

Lab : Monitoring the Active Directory Server Roles

  • Setting a Performance Alert to Meet a Business Goal
  • Discussing Alert Response Strategies
  • Building a Case for Configuration Change

After completing this module, students will be able to:

  • Define system health, server health, and Active Directory health.
  • Define the best procedures to ensure system health and optimal performance for Active Directory servers.
  • Set thresholds and alerts that are used for short-term monitoring.
  • Describe the Windows Server 2008 monitoring tools and how to decide when the different tools are appropriate in different business situations.

Module 4: Managing Active Directory Domain Services

This module explains how to implement the methodology of maintaining Windows Server 2008 AD DS.

Lessons

  • Restarting and Restoring Active Directory
  • Overview of the Flexible Single Master Operations (FSMO) Roles
  • Planning Sites and Replication
  • Managing RODCs
  • Methods of Managing Windows Server Core
  • Best Practices for GPOs and Links
  • Delegating Active Directory Administration

Lab : Managing AD DS

  • Offline Defragging of the Active Directory Database
  • Evaluating an RODC with Read-Only DNS Solution
  • Making Site Replication Decisions
  • Group Policy Link Strategies

After completing this module, students will be able to:

  • Describe the impact of Windows Server 2008 methods for restarting Active Directory without rebooting.
  • Define the FSMO roles and the Global Catalog pseudo-role.
  • Explain the importance of site definitions and how to optimize the AD DS replication activity.
  • Explain the functionality of RODCs and the key benefits with RODCs deployed.
  • Explain the methods of managing Windows Server Core.
  • Identify the best practices for Group Policy Objects (GPOs) and links.
  • State the pros and cons of delegating administration of Active Directory.

Module 5: Maintaining Security for Active Directory Servers

This module explains how to deploy proven methods to harden the Active Directory servers.

Lessons

  • Server Hardening Techniques
  • Using the MBSA to Discover and Remove Security Holes
  • Using Fine-Grained Password Policies to Simplify Network Organization
  • Planning Security Auditing
  • Enhancing Physical Security

Lab : Maintaining Security for the Active Directory Servers

  • Manually Implementing AD DS Server Hardening
  • Assessing Ongoing Security Requirements
  • Deploying Fine-Grained Password Policies

After completing this module, students will be able to:

  • Describe the techniques used for manual server hardening.
  • Use the MBSA to discover and remove security holes.
  • Explain why you would use fine-grained password policies and how to maintain them.
  • Explain when to perform security auditing and how to define a proper security baseline.
  • Explain how to solve physical security problems and the ramifications of lax security policies.

Module 6: Managing Active Directory Service Roles

This module explains how to add non-AD-DS service roles to a Windows Server 2008 network and manage those roles with supplied tools.

Lessons

  • Using Windows Server 2008 Tools for AD CS
  • Implementing AD LDS
  • AD FS Overview
  • AD RMS Overview

Lab : Managing Active Directory Service Roles

  • Installing the AD LDS Role
  • Identifying Ongoing Management Concerns
  • Using Windows Server 2008 Tools for Managing AD LDS

After completing this module, students will be able to:

  • Use the Windows Server 2008 tools to operate Certificate Services.
  • Explain when to use AD LDS.
  • Identify management concerns with Active Directory Federation Services (AD FS).
  • Identify management concerns with Active Directory Rights Management Services (AD RMS).

Prerequisites

In addition to their professional experience, students who attend this training should have technical knowledge equivalent to the following courses:

  • 6424A: Fundamentals of Windows Server 2008 Active Directory
  • 6425A: Configuring Windows Server 2008 Active Directory Domain Services
  • 6426A: Configuring Identity and Access Solutions with Windows Server 2008 Active Directory
  • 6430A: Planning and Administering Windows Server 2008 Servers

Course Reviews

No reviews found for this course.

Be the first to write a review