Cours
Identity with Windows Server («55344A»)
Description de la formation
- Installer et configurer des contrôleurs de domaine
- Gérer des objets dans AD DS grâce à des outils graphiques et Windows Power Shell
- Implémenter AD DS dans des environnements complexes
- Implémenter et administrer les services AD RMS (Active Directory Rights Management Services)
- Implémenter des sites AD DS et configurer et gérer la réplication
- Implémenter et gérer les objets de stratégie de groupe (GPOs)
- Gérer les paramètres utilisateurs grâce aux GPOs
- Sécuriser AD DS et les comptes d’utilisateurs
- Implémenter et gérer la hiérarchie d’autorité de certification (CA) avec AD CS
- Déployer et gérer les certificats
- Implémenter et administrer AD FS
- Implémenter une synchronisation entre AD DS et Azure AD
- Surveiller, résoudre des problèmes et établir une continuité opérationnelle pour les services AD DS
INFORMATION IMPORTANTE
Cette formation n’est pas une formation Microsoft officielle. Le contenu de cette formation est basé sur le MOC 20742B, aujourd’hui abandonné par Microsoft, et développé par la communauté Microsoft.
Module 1: Installing and configuring domain controllers
This module describes the features of AD DS and how to install domain controllers (DCs). It also covers the considerations for deploying DCs.
Lessons
- Overview of AD DS
- Overview of AD DS domain controllers
- Deploying a domain controller
Lab: Deploying and administering AD DS
- Deploying AD DS
- Deploying domain controllers by performing domain controller cloning
- Administering AD DS
Module 2: Managing objects in AD DS
This module describes how to use various techniques to manage objects in AD DS. This includes creating and configuring user, group, and computer objects)
Lessons
- Managing user accounts
- Managing groups in AD DS
- Managing computer objects in AD DS
- Using Windows PowerShell for AD DS administration
- Implementing and managing OUs
Lab 1: Managing AD DS objects
- Creating and managing groups in AD DS
- Creating and configuring user accounts in AD DS
- Managing computer objects in AD DS
Lab 2: Administering AD DS
- Delegate administration for OUs
- Creating and modifying AD DS objects with Windows PowerShell
Module 3: Advanced AD DS infrastructure management
This module describes how to plan and implement an AD DS deployment that includes multiple domains and forests. The module provides an overview of the components in an advanced AD DS deployment, the process of implementing a distributed AD DS environment, and the procedure for configuring AD DS trusts.
Lessons
- Overview of advanced AD DS deployments
- Deploying a distributed AD DS environment
- Configuring AD DS trusts
Lab: Domain and trust management in AD DS
- Implementing forest trusts
- Implementing child domains in AD DS
Module 4: Implementing and administering AD DS sites and replication
This module describes how to plan and implement an AD DS deployment that includes multiple locations. The module explains how replication works in a Windows Server AD DS environment.
Lessons
- Overview of AD DS replication
- Configuring AD DS sites
- Configuring and monitoring AD DS replication
Lab: Implementing AD DS sites and replication
- Modifying the default site
- Creating additional sites and subnets
- Configuring AD DS replication
- Monitoring and troubleshooting AD DS replication
Module 5: Implementing Group Policy
This module describes how to implement a GPO infrastructure. The module provides an overview of the components and technologies that compose the Group Policy framework.
Lessons
- Introducing Group Policy
- Implementing and administering GPOs
- Group Policy scope and Group Policy processing
- Troubleshooting the application of GPOs
Lab 1: Implementing a Group Policy infrastructure
- Creating and configuring GPOs
- Managing GPO scope
Lab 2: Troubleshooting Group Policy infrastructure
- Verify GPO application
- Troubleshooting GPOs
Module 6: Managing user settings with Group Policy
This module describes how to configure Group Policy settings and Group Policy preferences. This includes implementing administrative templates, configuring folder redirection and scripts, and configuring Group Policy preferences.
Lessons
- Implementing administrative templates
- Configuring Folder Redirection, software installation, and scripts
- Configuring Group Policy preferences
Lab: Managing user settings with GPOs
- Using administrative templates to manage user settings
- Implement settings by using Group Policy preferences
- Configuring Folder Redirection
- Planning Group Policy (optional)
Module 7: Securing Active Directory Domain Services
This module describes how to configure domain controller security, account security, password security, and Group Managed Service Accounts (gMSA).
Lessons
- Securing domain controllers
- Implementing account security
- Implementing audit authentication
- Configuring managed service accounts
Lab: Securing AD DS
- Implementing security policies for accounts, passwords, and administrative groups
- Deploying and configuring an RODC
- Creating and associating a group MSA
Module 8: Deploying and managing AD CS
This module describes how to implement an AD CS deployment. This includes deploying, administering, and troubleshooting CAs.
Lessons
- Deploying CAs
- Administering CAs
- Troubleshooting and maintaining CAs
Lab: Deploying and configuring a two-tier CA hierarchy
- Deploying an offline root CA
- Deploying an enterprise subordinate CA
Module 9: Deploying and managing certificates
This module describes how to deploy and manage certificates in an AD DS environment. This involves deploying and managing certificate templates, managing certificate revocation and recovery, using certificates in a business environment, and implementing smart cards.
Lessons
- Deploying and managing certificate templates
- Managing certificate deployment, revocation, and recovery
- Using certificates in a business environment
- Implementing and managing smart cards
Lab: Deploying and using certificates
- Configuring certificate templates
- Enrolling and using certificates
- Configuring and implementing key recovery
Module 10: Implementing and administering AD FS
This module describes AD FS and how to configure AD FS in a single-organization scenario and in a partner-organization scenario.
Lessons
- Overview of AD FS
- AD FS requirements and planning
- Deploying and configuring AD FS
- Web Application Proxy Overview
Lab: Implementing AD FS
- Configuring AD FS prerequisites
- Installing and configuring AD FS
- Configuring an internal application for AD
- Configuring AD FS for federated business partners
Module 11: Implementing and administering AD RMS
This module describes how to implement an AD RMS deployment. The module provides an overview of AD RMS, explains how to deploy and manage an AD RMS infrastructure, and explains how to configure AD RMS content protection.
Lessons
- Overview of AD RMS
- Deploying and managing an AD RMS infrastructure
- Configuring AD RMS content protection
Lab: Implementing an AD RMS infrastructure
- Installing and configuring AD RMS
- Configuring AD RMS templates
- Using AD RMS on clients
Module 12: Implementing AD DS synchronization with Microsoft Azure AD
This module describes how to plan and configure directory syncing between Microsoft Azure Active Directory (Azure AD) and on-premises AD DS. The modules describes various sync scenarios, such as Azure AD sync, AD FS and Azure AD, and Azure AD Connect.
Lessons
- Planning and preparing for directory synchronization
- Implementing directory synchronization by using Azure AD Connect
- Managing identities with directory synchronization
Lab: Configuring directory synchronization
- Preparing for directory synchronization
- Configuring directory synchronization
- Managing Active Directory users and groups and monitoring directory synchronization
Module 13: Monitoring, managing, and recovering AD DS
This module describes how to monitor, manage, and maintain AD DS to help achieve high availability of AD DS.
Lessons
- Monitoring AD DS
- Managing the Active Directory database
- Active Directory backup and recovery options for AD DS and other identity and access solutions
Lab: Recovering objects in AD DS
- Backing up and restoring AD DS
- Recovering objects in AD DS
Cette formation s’adresse avant tout aux professionnels de l’IT qui ont des connaissances et de l’expérience avec AD DS et de l’expérience et qui désirent maîtriser les technologies d’identité et d’accès de Windows Server. Ce sont avant tout :
- Des administrateurs AD DS qui désirent maîtriser les technologies d’identité et d’accès de Windows Server 2016, Windows Server 2019 ou Windows Server 2022.
- Des administrateurs systèmes ou d’infrastructure avec une expérience et connaissance générale d’AD DS qui désirent acquérir des connaissances avancées des technologies d’identité et d’accès de Windows Server 2016, Windows Server 2019 ou Windows Server 2022.
- De l’expérience avec les concepts et technologies Active Directory sur Windows Server
- De l’expérience dans le travail avec Windows Server et la configuration de Windows Server
- De l’expérience et des connaissances des technologies centrales de mise en réseau comme l’adressage IP, la résolution de noms et le Dynamic Host Configuration Protocol (DHCP)
- De l’expérience et des connaissances de base des concepts de virtualisation de serveurs
- Une connaissance et une sensibilité aux bonnes pratiques en matière de sécurité
- De l’expérience pratique avec le système d’exploitation client Windows comme Windows 10 ou Windows 11
- De l’expérience de base avec l’interface en ligne de commande PowerShell