Updating your Active Directory Services Technology Skills  to Windows Server 2008
Course 6416A: Three days; Instructor-Led

Introduction Elements of this syllabus are subject to change. This 3 day instructor-led course provides experienced IT Professionals with an understanding of Active Directory Services technology in Windows Server code name "Longhorn". This course is intended to allow individuals who already have experience with Windows Active Directory Services to update their skills to Windows Server code name "Longhorn". This course is based on an interim build of Windows Server code name "Longhorn". Audience This course is intended for IT Professionals experienced on the technologies included in Windows Server 2000 and Windows Server 2003, and who hold an MCSE or MCSA certification and/or equivalent knowledge. At Course Completion After completing this course, students will be able to: • Describe and configure server roles with Active Directory Services in Windows Server code name "Longhorn". • Plan for and deploy Active Directory Domain Services. • Install, configure, and manage the Server Core role as a domain controller. • Manage accounts, subnets, Site-Links, Group Policy, and DNS configuration with Active Directory Domain Services. • Manage new Active Directory services, including Active Directory Federation Services, Active Directory Lightweight Directory Services, and Active Directory Rights Management Services. • Set up and manage Read-Only Domain Controllers (RODC). • Use auditing features in Active Directory Domain Services. • Manage credentials with Active Directory Certificate Services, including Credential Roaming.   Prerequisites Before attending this course, students must have one or more of the following: • On-the-job experience in planning, implementing, managing, or supporting Microsoft Windows Server 2000 or 2003, including Active Directory and Network Infrastructure • Working knowledge of networking, for example, TCP/IP and Domain Name System (DNS). • Designed a Microsoft Windows Server 2003 Active Directory and Network Infrastructure • Designed Security for a Microsoft Windows Server 2003 Network • Installed, Configured, and Administered Microsoft Windows 2000, Windows XP Professional, or Microsoft Vista. Module 1: Introduction to Active Directory Technology in Windows Server code name "Longhorn" This module describes and demonstrates improvements to Active Directory in Windows Server code name "Longhorn", including new server roles and server configuration. Lessons • Active Directory Improvements Lab 1: Introduction to Active Directory Technology in Windows Server code name "Longhorn" • Use Three Phases to Configure a Server • Deploy New Server Roles and Features • Change a Server’s Role • Change Role Services and Features After completing this module, students will be able to: • List improvements in Active Directory roles. • Describe how to configure roles on Windows Server code name "Longhorn". Module 2: Planning for Windows Server code name "Longhorn" Active Directory Services This module explains how to install and configure the Active Directory Domain Services (ADDS) server role and administering it with Server Manager. It also explores planning for deploying an Active Directory Domain Services infrastructure. Lessons • Planning for ADDS Deployment • Upgrade Considerations Lab 1: Installing a Windows Server code name "Longhorn"Forest • Install a New Forest Lab 2: Installing Windows Server code name "Longhorn"in an Existing Forest • Install a Windows Server code name "Longhorn" DC in an Existing Forest • Install a RODC in an Existing Forest • Verify Active Directory InstallationInstall a New Forest After completing this module, students will be able to: • Plan for a Windows Server code name "Longhorn" Active Directory Domain Services deployment. • Identify considerations when upgrading from a Windows Server 2003 to a Windows Server code name "Longhorn" Active Directory infrastructure. • Install Windows Server code name "Longhorn" AD DS. Module 3: Server Core Domain Controllers This module explains how to install and configure the Server Core role in Windows Server code name "Longhorn" as a domain controller. It also covers adding roles and features and managing Server Core. Lessons • Server Core Domain Controllers Lab 1: Server Core Domain Controller • Installing Server Core • Configure Server Core • Adding Roles and Features • Managing Server Core After completing this module, students will be able to: • Describe Server Core. • List Server Core benefits. • Add Server Core roles. • Configure a Server Core Domain Controller. Module 4: Active Directory Domain Services This module explains how to create and manage accounts, subnets, Site-Links, and Group Policy with new features in Active Directory Domain Services. Lessons • What’s New in AD DS • Improved Security • Manageability and Reliability Lab 1: Exploring Active Directory Domain Services • Create Accounts • Review Operations Masters Role • Review Sites • Working with Subnets • Working with Site-Links • AD DS and Group Policy • Review DNS Configuration After completing this module, students will be able to: • Identify new features of AD DS with Windows Server “Longhorn” • Use all Active Directory Domain Services management consoles • Describe how Read-Only Domain Controllers and Server Core work with Active Directory • List reliability and manageability improvements with AD DS Module 5: Active Directory Federation Services, Active Directory Lightweight Directory Services, Active Directory Rights Management Services This module introduces Windows Server code name "Longhorn" Active Directory Services: • Active Directory Federation Services for identity access solution • Active Directory Lightweight Directory Services (replaces Active Directory Account Management with Windows Server 2003), providing directory services for applications. • Active Directory Right Management Services, enabling the creation of information-protection solutions. Lessons • Active Directory Federation Services • Active Directory Lightweight Directory Services • Active Directory Rights Management Services Lab 1: Active Directory Federation Services • Install AD FS • Configure Web Server • Configure Federation Server • Access Application from Client Computer Lab 2: Active Directory Rights Management Services • Install and Configure AD RMS • Add New AD RMS Cluster • Register the Service Connection Point in Active Directory • Verify AD RMS Functionality After completing this module, students will be able to: • Use Active Directory Federation Services • Explain Active Directory Lightweight Directory Services • Use Active Directory Rights Management Services Module 6: Read-Only Domain Controllers This module explains how to set up and manage a read-only domain controller. Lessons • Read-Only Domain Controllers • Read-Only Domain Controller Operation Lab 1: Read-Only Domain Controllers • Deploying an RODC • Administering an RODC After completing this module, students will be able to: • Describe the role of Read-Only Domain Controllers. • List the prerequisites for RODC deployment. • Describe how the RODC can be used to achieve Administrator role separation. • Describe scenarios in which RODC usage is recommended. Module 7: Auditing Active Directory Domain Services Changes This module explores new auditing features in Active Directory Domain Services and how to set up and manage auditing events. Lessons • What’s new in AD DS auditing • Who should use this new feature • Benefits of auditing changes in AD DS • Summary of new AD DS auditing events • Summary of attribute syntaxes Lab 1: Auditing Active Directory Domain Services Changes • Prerequisites • Steps to set up auditing • Example audit events After completing this module, students will be able to: • Describe the new auditing features in Active Directory Domain Services. • Set up auditing events. Module 8: Enterprise PKI (PKIView) Active Directory Certificate Services (ADCS) This module explains how to set up and manage Active Directory Certificate Services using PKIView. Lessons • Certificate Authority • Certificate Policy Settings • Microsoft Simple Certificate Enrollment Protocol • Online Revocation Services • Network Device Enrollment Services • Web Enrollment Services Lab 1: Enterprise PKI (PKIView) Active Directory Certificate Services (ADCS) • Add a Certificate Server Role • Exploring the PKIView UI • Introducing Expiry Notifications • Introducing Credential Roaming • Introducing CA performance monitors • Exploring delegated enrollment • Introducing OCSP configuration • Revocation After completing this module, students will be able to: • Describe Active Directory Certificate Services management with PKIView. • Set up and revoke certificates. • Use Credential Roaming.