6426AL: Configuring and Troubleshooting Identity and Access Solutions with Windows Server 2008 Active Directory
8 sessions; Instructor-Led

Introduction Elements of this syllabus are subject to change. This Distance Learning version of the course consists of 8 online live instructor-led sessions over 4 weeks (2hrs for each session). Additional self-paced e-learning content, scenario-based labs, and assessments accompany these sessions. This course provides students with the knowledge and skills to configure Identity and Access Solutions with Windows Server 2008 Active Directory successfully. Audience This course is intended for IT professionals who work in the complex computing environment of medium-sized to large companies. The Microsoft Certified Technology Specialist (MCTS) candidate should have a minimum of one year of experience implementing and administering a network operating system in an environment that has the following characteristics: • 250 to 5,000 or more users • Three or more physical locations • Three or more domain controllers • Network services and resources such as messaging, a database, file and print, a proxy server, a firewall, the Internet, an intranet, remote access, and client computer management • Connectivity requirements, such as connecting branch offices and individual users in remote locations to the corporate network and connecting corporate networks to the Internet Prerequisites Before attending this course, students must have: • Technical knowledge equivalent to 6424: Fundamentals of Microsoft Server 2008 Active Directory • Technical background knowledge and hands-on experience of Active Directory Domain Services (AD DS from the AD TS foundation exam) is required. This includes technical knowledge equivalent to 6425A: Configuring Windows Server 2008 Active Directory Domain Services   At Course Completion After completing this course, students will be able to: • Describe identity and access solutions. • Configure Active Directory Certificate Services. • Deploy and manage certificates. • Configure Active Directory Lightweight Directory Services. • Configure Active Directory Federation Services. • Configure Active Directory Rights Management Services. • Maintain access management solutions • Troubleshoot identity and access solutions. Important: This learning product will be most useful to people who intend to use their new skills and knowledge on the job immediately after training. Course Outline Module 1-1: Exploring Identity and Access Management Solutions Lessons • Overview of Identity and Access Management • Active Directory Server Roles in Identity and Access Management • Overview of Identity Lifecycle Manager 2007 Lab 1-1: Exploring Identity and Access Management Solutions • Exploring how Active Directory Server Roles provides IDA Management solutions After completing this module, students will be able to: • Describe identity and access management. • Identify Active Directory server roles in identity and access management. • Identify the key aspects of Identity Lifecycle Manager.   Module 1-2: Configuring Active Directory Certificate Services Lessons • Overview of Public Key Infrastructure • Deploying a Certification Authority Hierarchy • Installing Active Directory Certificate Services • Managing a CA Lab 1-2: Configuring AD CS • Installing the AD CS Server Role • Issuing and Installing a Subordinate Certificate • Publishing the CRL After completing this module, students will be able to: • Describe Public Key Infrastructure. • Deploy a Certification Authority hierarchy. • Install Active Directory Certificate Services. • Manage a Certification Authority.   Module 2-1: Deploying and Managing Certificates Lessons • Deploying Certificates by Using AD CS • Revoking Certificates • Configuring Certificate Templates • Configuring Certificate Recovery Lab 2-1: Deploying and Managing Certificates • Configuring AD CS Web Enrollment • Configuring Certificate Autoenrollment • Configuring AD CS Certificate Revocation • Configuring AD CS Certificate Templates • Managing Key Archival and Recovery After completing this module, students will be able to: • Deploy certificates by using AD CS. • Revoke certificates. • Configure certificate templates. • Configure certificate recovery.   Module 2-2: Configuring Active Directory Lightweight Directory Services Lessons • Installing and Configuring AD LDS • Configuring AD LDS Instances • Configuring AD LDS Replication • Configuring AD LDS Integration with AD DS Lab 2-2: Configuring AD LDS • Configuring an AD LDS instance and an application partition • Configuring AD LDS Access Control • Configuring AD LDS Replication • Configuring AD DS and AD LDS synchronization After completing this module, students will be able to: • Install and configure AD LDS. • Configure AD LDS instances. • Configure AD LDS replication. • Configure AD LDS integration with AD DS.   Module 3-1: Configuring Active Directory Federation Services Lessons • Overview of AD FS • Exploring AD FS Deployment Scenarios • Deploying AD FS • Implementing AD FS Claims Lab 3-1A: Configuring the Federated Web SSO with Forest Trust Scenario • Installing the AD FS Server Role • Configuring Certificate Requirements • Configuring the AD FS Web Agent • Configuring the Web Server application on 6426A-CHI-DC1 • Configuring the Forest Trust and the Federated Trust Policies • Configuring the Federation Service Within the Internal Network • Configuring the Federation Service Within the Extranet • Testing the AD FS Implementation Lab 3-1B: Configuring AD FS by Using Federated Web SSO Scenario • Installing the AD FS Server Role • Configuring Certificate Requirements • Configuring the AD FS Web Agent • Configuring the Web Server application on the 6426A-CHI-DC1 virtual computer • Configuring the Federation Trust Policies • Configuring the Account Partner Federation Service • Configuring the Resource Partner Federation Service • Testing the AD FS implementation After completing this module, students will be able to: • Identify the key aspects of AD FS. • Explore AD FS deployment scenarios. • Deploy AD FS. • Implement AD FS claims.   Module 3-2: Configuring Active Directory Rights Management System Lessons • Overview of AD RMS • Installing and Configuring AD RMS Server Components • Administering AD RMS • Implementing AD RMS Trust Policies Lab 3-2: Configuring AD RMS • Exercise1: Installing the AD RMS Server Role • Managing AD RMS rights policy templates • Configuring Trust Policies • Testing AD RMS functionality After completing this module, students will be able to: • Identify the key aspects of AD RMS. • Install and configure AD RMS server components. • Administer AD RMS. • Implement AD RMS Trust Policies.   Module 4-1: Maintaining Access Management Solutions Lessons • Supporting AD CS • Maintaining AD LDS • Maintaining and Monitoring AD FS • Preserving AD RMS Lab 4-1: Maintaining Access Management Solutions • Configuring CA Event Logging • Implementing role-based administration in AD CS • Backing up a CA • Reconfiguring AD RMS cluster settings • Generating AD RMS Reports • Configuring AD RMS logging After completing this module, students will be able to: • Support AD CS. • Maintain AD LDS. • Maintain and Monitor AD FS. • Preserve AD RMS.   Module 4-2: Troubleshooting IDA Solutions Lessons • Troubleshooting AD CS • Troubleshooting AD LDS • Resolution of AD FS Issues • Solving AD RMS Problems Lab 4-2: Troubleshooting IDA Solutions • Identifying Tools and Troubleshooting Techniques of IDA Solutions After completing this module, students will be able to: • Troubleshoot AD CS. • Troubleshoot AD LDS. • Resolve AD FS issues. • Solve AD RMS problems.