70-640 - Windows Server 2008 - Active Directory Configuration.pdf - windows active directory - civer

Contents

Lesson 1: Overview of Active Directory

Domain Services 1

Verifying the Creation of a Forward Lookup

Zone 33

Verifying Zone and Record Creation 34

Verifying that Dynamic Updates Are Selected 35

Creating a Reverse Lookup Zone 35

Raising the Domain and Forest Functional

Levels 36

Adding a Second Domain Controller to the Forest Root

Domain 38

Installing Active Directory on Server Core 39

Removing Active Directory 41

Working with Read-Only Domain Controllers 42

Configuring a Read-Only Domain Controller 42

Performing a Staged Installation of an RODC 45

Decommissioning an RODC 47

Modifying the Active Directory Schema 48

Installing the Schema Management Snap-In 49

Configuring Active Directory Lightweight

Directory Services 50

Establishing and Maintaining Trust Relationships 52

Creating a Trust Relationship 53

Verifying a Trust Relationship 53

Revoking a Trust Relationship 54

Changing the Default Suffix for User Principal

Names 55

Summary Skill Matrix 56

Knowledge Assessment 56

Case Scenarios 58

Key Terms 1

Introducing Active Directory Domain Service 2

Identifying Active Directory's Functions and

Benefits 2

Centralizing Resource and Security

Administration 3

Providing a Single Point of Access to Resources 3

Benefiting from Fault Tolerance and Redundancy 4

Simplifying Resource Location 4

Categorizing Active Directory Components 5

Seeing the Forest 5

Deploying Domain Trees and Domains 6

Working with Organizational Units 7

Understanding the Schema 7

Creating Active Directory Sites and Subnets 8

Using Active Directory Naming Standards 9

Understanding DNS 10

Integrating DNS and Active Directory 10

Using Forest and Domain Functional Levels 11

Raising Domain Functional Levels 11

Using Forest Functional Levels 13

Understanding Active Directory Trust Models 16

Summary Skill Matrix 18

Knowledge Assessment 19

Workplace Ready 20

Lesson 2: Implementing Active

Directory 21

Lesson 3: Working with Active

Directory Sites 59

Objective Domain Matrix 21

Key Terms 21

Introducing the Server Manager 22

Designing an Active Directory Implementation 23

Understanding the Requirements for Active

Directory 23

Installing a New Active Directory Forest 24

Performing Post-Installation Tasks 31

Creating a Directory Partition 31

Configuring Aging and Scavenging 32

Objective Domain Matrix 59

Key Terms 59

Introducing Active Directory Sites 60

Understanding the Replication Process 62

Working with Intrasite Replication 63

Implementing and Managing a Site Plan 66

Creating a New Subnet 66

Configuring Intersite Replication 67

Selecting a Replication Protocol 69

Designating a Bridgehead Server 70

Configuring Manual Site Link Bridging 72

www.wiley.eom/colleg:e/microsoft or

call the MOAC Toll-Free Number: 1+(888) 764-7O01 (U.S. & Canada only)

XXXVII

xxxviii i Contents

Managing Replication 73

Triggering Manual Replication 74

Monitoring Replication 74

Summary Skill Matrix 75

Knowledge Assessment 75

Case Scenarios 77

Lesson 6: Security Planning

and Administrative

Delegation 125

Objective Domain Matrix 125

Key Terms 125

Planning and Implementing Account Security 126

Using Passwords 126

Educating Users on the Importance of Passwords 127

Configuring Strong Passwords 127

Securing Administrative Access to Active Directory 128

Planning an Organizational Unit Strategy 130

Creating an OU Structure 130

Using OUs to Delegate Active Directory

Management Tasks 131

Moving Objects Between OUs 134

Summary Skill Matrix 135

Knowledge Assessment 136

Case Scenarios 137

Lesson 4: Global Catalog and Flexible

Single Master Operations

(FSMO) Roles 79

Objective Domain Matrix 79

Key Terms 79

Understanding the Global Catalog 80

Understanding the Functions of the Global Catalog 80

Configuring Additional Global Catalog Servers 83

Understanding Flexible Single Master Operations

(FSMO) Roles 84

Placing FSMO Role Holders 88

Managing FSMO Roles 91

Viewing the FSMO Role Holders 92

Transferring a FSMO Role Holder 94

Seizing a FSMO Role 96

Summary Skill Matrix 96

Knowledge Assessment 97

Case Scenarios 99

Workplace Ready 100

Lesson 7: Introduction to Group

Policy 138

Objective Domain Matrix 138

Key Terms 138

Introducing Group Policy 139

Understanding the Benefits of Group Policy 140

Defining Group Policy Architecture 141

Viewing the Group Policy Container 142

Viewing Group Policy Templates 143

Using the Group Policy Management Console 145

Configuring Group Policy Settings 146

Understanding Group Policy Processing 148

Configuring Exceptions to GPO Processing 149

Summary Skill Matrix 152

Knowledge Assessment 152

Case Scenarios 154

Lesson 5: Active Directory

Administration 101

Objective Domain Matrix 101

Key Terms 101

Understanding User Accounts 102

U nderstanding G roup Accounts 103

Working with Default Groups 106

Understanding Special Identity Groups and Local

Groups 111

Developing a Group Implementation Plan 113

Creating Users, Computers, and Groups 114

Using Batch Files 118

Using CSVDE 119

Using LDIFDE 120

Using Windows Scripting Host 121

Summary Skill Matrix 122

Knowledge Assessment 122

Case Scenarios 124

Lesson 8: Configuring the User and

Computer Environment

Using Group Policy 155

Objective Domain Matrix 155

Key Terms 155

Configuring Security Policies Using Group Policy

Objects 156

www.wiley.com/college/microsoft or

call the MOAC Toll-Free Number: 1+(888) 764-7O01 (U.S. & Canada only)

Contents 1 xxxix

Configuring Account Policies 157

Configuring Fine-Grained Password Policies 159

Configuring the Kerberos Policy 161

Defining Local Policies 162

Planning and Configuring an Audit Policy 163

Customizing Event Log Policies 167

Understanding Restricted Groups 168

Customizing System Services, Registry, and File System

Settings 169

Configuring Folder Redirection 170

Configuring Offline Files 173

Using Disk Quotas 174

Maintaining and Optimizing Group Policy 176

Manually Refreshing Group Policy 177

Optimizing Group Policy Processing 177

Summary Skill Matrix 178

Knowledge Assessment 179

Case Scenarios 180

Filtering Group Policy Scope 208

Configuring Security Group Filtering 208

Configuring WMI Filtering 210

Determining and Troubleshooting Effective Policy

Settings 211

Using the Resultant Set of Policy Wizard 212

Creating a Group Policy Modeling Query 214

Creating a Group Policy Results Query 216

Using GPRESULT 217

Summary Skill Matrix 218

Knowledge Assessment 218

Case Scenarios 220

Lesson 11: Active Directory

Maintenance,

Troubleshooting, and

Disaster Recovery 221

Lesson 9: Performing Software

Installation with Group Policy 181

Objective Domain Matrix 221

Key Terms 221

Maintaining Active Directory 222

Backing Up Active Directory 225

Restoring Active Directory 232

Restoring Active Directory Using Normal

Replication 232

Restoring Active Directory Using WBADMIN and

NTDSUTIL 232

Performing an Authoritative Restore 233

Monitoring Active Directory 234

Understanding Event Logs 235

Using the Reliability and Performance Monitor 236

Diagnosing and Troubleshooting Active

Directory 239

Summary Skill Matrix 240

Knowledge Assessment 241

Case Scenarios 243

Objective Domain Matrix 181

Key Terms 181

Managing Software through Group Policy 182

Repackaging Software 183

Implementing Software Using Group Policy 184

Assigning an Application to a User or Computer 185

Publishing an Application 185

Customizing Software Installation Packages 189

Using Software Categories 191

Configuring Software Restriction Policies 192

Configuring Software Restriction Rules 193

Summary Skill Matrix 197

Knowledge Assessment 198

Case Scenarios 200

Lesson 1O: Planning a Group

Policy Management

and Implementation

Strategy 202

Lesson 12: Configuring Name

Resolution and Additional

Services 244

Objective Domain Matrix 202

Key Terms 202

Managing Group Policy 203

Introducing the Group Policy Management MMC

Snap-In 203

Managing an Individual GPO 206

Configuring Starter GPOs 207

Objective Domain Matrix 244

Key Terms 244

DNS Name Resolution 245

Understanding Name Resolution 245

Introducing the Domain Name System (DNS) 247

Understanding Domain Hierarchy Levels 250

Understanding DNS Referrals and Queries 252

www.wiley.com/college/microsoft or

call the MOAC Toil-Free Number: 1 +(888) 764-7OO1 (U.S. & Canada only)

xl Contents

Understanding Reverse Name Resolution 254

Combining Internal and External DNS Name

Resolution 254

Understanding DNS Server Types 255

Creating DNS Zones 256

Configuring a Standard DNS Zone 257

Configuring Zone Transfers 258

Configuring Active Directory-Integrated

Zones 259

Configuring Custom Application Directory

Partitions 260

Configuring DNS Client Settings and DHCP/WINS

Integration 261

Configuring Additional Services 263

Summary Skill Matrix 264

Knowledge Assessment 264

Case Scenarios 266

Installing Active Directory Certificate

Services 271

Configuring Certificate Revocation 272

Configuring Certificate Templates 275

Managing Certificate Enrollments 278

Configuring Certificate Auto-Enrollment for Wireless

Networks 282

Configuring CA Server Settings 283

Configuring Key archival and Recovery 284

Maintaining a Windows Server

2008 CA 287

Summary Skill Matrix 289

Knowledge Assessment 289

Case Scenarios 291

Appendix A 292

Appendix B 293

Glossary 298

Index 310

Lesson 13: Configuring Active Directory

Certificate Services 267

Objective Domain Matrix 267

Key Terms 267

Introducing Active Directory Certificate

Services 268

Introducing the Public Key Infrastructure 268

www.wiley.com/college/microsoft or

call the MOAC Toil-Free Number: 1+(888) 764-7OO1 (U.S. & Canada only)

70-640 - Windows Server 2008 - Active Directory Configuration.pdf

Plik z chomika:

Inne pliki z tego folderu:

Inne foldery tego chomika: