Page

s 1

Page

s 1

20742: Identity with Windows Server 2016

Course Overview

This instructor-led course teaches IT professionals how to deploy and config-ure Active Directory Domain Services (AD DS) in a dis-tributed environment, how to implement Group Policy,

how to perform backup and restore, and how to monitor and troubleshoot Active Di-rectory–related issues with Windows Server 2016. Addi-tionally, this course teach-es students how to deploy other Active Directory serv-er roles, such as Active Di-rectory Federation Services (AD FS) and Active Directory Certificate Services (AD CS).

What you will learn.

This course will teach you how to:

• Install and configure domain controllers.• Manage objects in AD

Page

s 2

• Manage user settings by using GPOs.• Secure AD DS and user ac-counts.• Implement and manage a certificate authority (CA) hi-erarchy with AD CS.• Deploy and manage cer-tificates.• Implement and adminis-ter AD FS.• Implement synchroniza-tion between AD DS and Azure AD.• Monitor, troubleshoot, and establish business continuity for AD DS services.

Who is this course for?

This IT professionals who have some AD DS knowledge and ex-perience and who aim to de-velop knowledge about identi-ty and access technologies in Windows Server 2016. Are ad-vice to take this course. Also, IT professionals who are looking to consolidate their knowledge

DS by using graphical tools and Windows PowerShell.• Implement AD DS in com-plex environments.• Implement and adminis-ter Active Directory Rights Man-agement Services (AD RMS).• Implement AD DS sites, and configure and manage replication.• Implement and manage Group Policy Objects (GPOs).

Page

s 3

about AD DS and related tech-nologies, in addition to IT profes-sionals who want to prepare for the 70-742 exam

This would typically include:• AD DS administrators who are looking to train in identity

and access technologies with Windows Server 2012 or Win-dows Server 2016.• System or infrastructure administrators with general AD DS experience and knowledge who are looking to cross-train in core and advanced identity

and access technologies in Windows Server 2012 or Windows Server 2016.

Requirement • Some exposure to and experience with AD DS concepts and

Page

s 4

technologies in Windows Serv-er 2012 or Windows Server 2016.• Experience working with and configuring Windows Server 2012 or Windows Server 2016• Experience and an un-derstanding of core network-ing technologies such as IP addressing, name resolution, and Dynamic Host Configura-tion Protocol (DHCP).• Experience working with and an understanding of Mic-rosoft Hyper-V and basic serv-er virtualization concepts.• An awareness of basic security best practices.• Hands-on working expe-rience with Windows client op-erating systems such as Win-dows 7, Windows 8, Windows 8.1, or Windows 10.• Basic experience with the Windows PowerShell com-mand-line interface.

Module 1: Installing and config-uring domain controllers

Lessons

• Overview of AD DS• Overview of AD DS do-main controllers• Deploying a domain con-trollerLab : Deploying and adminis-tering AD DS• Deploying AD DS• Deploying domain con-trollers by performing domain controller cloning• Administering AD DSAfter completing this module, students will be able to:• Describe AD DS and its main components.• Describe the purpose and roles of domain controllers.• Describe the consider-ations for deploying domain controllers.

Module 2: Managing objects in AD DS

Lessons • Managing user accounts• Managing groups in AD DS• Managing computer ob-jects in AD DS

Page

s 5

• Using Windows Power-Shell for AD DS administration• Implementing and man-aging OUsLab : Managing AD DS objects• Creating and managing groups in AD DS• Creating and configuring user accounts in AD DS• Managing computer ob-jects in AD DSLab : Administering AD DS• Delegate administration for OUs• Creating and modifying AD DS objects with Windows PowerShellAfter completing this module, students will be able to:• Manage user accounts in AD DS.• Manage groups in AD DS. • Manage computer ob-jects in AD DS.• Use Windows PowerShell for AD DS administration. • Implement and manage OUs.• Administer AD DS.

Module 3: Advanced AD DS in-

frastructure management

Lessons • Overview of advanced AD DS deployments• Deploying a distributed AD DS environment• Configuring AD DS trustsLab : Domain and trust man-agement in AD DS• Implementing forest trusts• Implementing child do-mains in AD DSAfter completing this module, students will be able to:• Describe the compo-nents of an advanced AD DS deployment.• Deploy a distributed AD DS environment.• Configure AD DS trusts.

Module 4: Implementing and administering AD DS sites and replication

Lessons • Overview of AD DS repli-cation• Configuring AD DS sites

Page

s 6

• Configuring and moni-toring AD DS replicationLab : Implementing AD DS sites and replication• Modifying the default site• Creating additional sites and subnets• Configuring AD DS repli-cation• Monitoring and trouble-shooting AD DS replicationAfter completing this module, students will be able to:• Describe how AD DS repli-cation works.• Configure AD DS sites to help optimize authentication and replication traffic.• Configure and monitor AD DS replication.

Module 5: Implementing Group Policy

Lessons • Introducing Group Policy• Implementing and ad-ministering GPOs• Group Policy scope and Group Policy processing• Troubleshooting the ap-

plication of GPOsLab : Implementing a Group Policy infrastructure• Creating and configuring GPOs• Managing GPO scopeLab : Troubleshooting Group Policy infrastructure• Verify GPO application• Troubleshooting GPOsAfter completing this module, students will be able to:• Explain what Group Policy is.• Implement and adminis-ter GPOs.• Describe Group Policy scope and Group Policy pro-cessing.• Troubleshoot GPO appli-cation.

Module 6: Managing user set-tings with Group Policy

Lessons • Implementing adminis-trative templates• Configuring Folder Redi-rection, software installation,

Page

s 7

and scripts• Configuring Group Policy preferencesLab : Managing user settings with GPOs• Using administrative templates to manage user settings• Implement settings by using Group Policy preferenc-es• Configuring Folder Redi-rection• Planning Group Policy (optional)After completing this module, students will be able to:• Implement administra-tive templates.• Configure Folder Redirec-tion, software installation, and scripts.• Configure Group Policy preferences.

Module 7: Securing Active Di-rectory Domain Services

Lessons • Securing domain con-trollers

• Implementing account security• Implementing audit au-thentication• Configuring managed service accountsLab : Securing AD DS• Implementing security policies for accounts, pass-words, and administrative groups • Deploying and configur-ing an RODC• Creating and associating a group MSAAfter completing this module, students will be able to:• Secure domain control-lers.• Implement account se-curity.• Implement audit authen-tication.• Configure managed ser-vice accounts (MSAs).

Module 8: Deploying and man-aging AD CS

Lessons • Deploying CAs

Page

s 8

• Administering CAs• Troubleshooting and maintaining CAsLab : Deploying and configur-ing a two-tier CA hierarchy• Deploying an offline root CA• Deploying an enterprise subordinate CAAfter completing this module, students will be able to:• Deploy CAs.• Administer CAs.• Troubleshoot and main-tain CAs.

Module 9: Deploying and man-aging certificates

Lessons • Deploying and managing certificate templates• Managing certificate de-ployment, revocation, and re-covery• Using certificates in a business environment• Implementing and man-aging smart cardsLab : Deploying and using cer-tificates

• Configuring certificate templates• Enrolling and using certif-icates• Configuring and imple-menting key recoveryAfter completing this module, students will be able to:• Deploy and manage cer-tificate templates.• Manage certificates de-ployment, revocation, and re-covery.• Use certificates in a busi-ness environment.• Implement and manage smart cards

Module 10: Implementing and administering AD FS

Lessons • Overview of AD FS• AD FS requirements and planning• Deploying and configur-ing AD FS• Web Application Proxy Overview Lab : Implementing AD FS• Configuring AD FS pre-

Page

s 9

requisites• Installing and configuring AD FS• Configuring an internal application for AD • Configuring AD FS for fed-erated business partnersAfter completing this module, students will be able to:• Describe AD FS.• Explain how to deploy AD FS.• Explain how to implement AD FS for a single organization.• Explain how to extend AD FS to external clients.• Implement single sign-on (SSO) to support online ser-vices.Module 11: Implementing and administering AD RMS

Lessons • Overview of AD RMS• Deploying and managing an AD RMS infrastructure• Configuring AD RMS con-tent protectionLab : Implementing an AD RMS infrastructure• Installing and configuring

AD RMS• Configuring AD RMS tem-plates• Using AD RMS on clientsAfter completing this module, students will be able to:• Describe AD RMS.• Deploy and manage an AD RMS infrastructure.• Configure AD RMS con-tent protection.

Module 12: Implementing AD DS synchronization with Microsoft Azure AD

Lessons • Planning and preparing for directory synchronization• Implementing directory synchronization by using Azure AD Connect• Managing identities with directory synchronizationLab : Configuring directory synchronization• Preparing for directory synchronization• Configuring directory

Page

s 10

synchronization• Managing Active Directo-ry users and groups and mon-itoring directory synchroniza-tionAfter completing this module, students will be able to:• Plan and prepare for di-rectory synchronization.• Implement directory syn-chronization by using Microsoft Azure Active Directory Connect (Azure AD Connect).• Manage identities with directory synchronization.

Module 13: Monitoring, manag-ing, and recovering AD DS

Lessons • Monitoring AD DS• Managing the Active Di-rectory database• Active Directory backup and recovery options for AD DS and other identity and access solutionsLab : Recovering objects in AD DS• Backing up and restoring AD DS

• Recovering objects in AD DSAfter completing this module, students will be able to:• Monitor AD DS.• Manage the Active Direc-tory database.Describe the backup and re-covery options for AD DS and other identity access solutions.