Microsoft Certifications – How They Know You Know Windows Server 2008 – Mega Evento de...
Transcript of Microsoft Certifications – How They Know You Know Windows Server 2008 – Mega Evento de...
![Page 1: Microsoft Certifications – How They Know You Know Windows Server 2008 – Mega Evento de Certificação 70-640 TS: Windows Server 2008 Active Directory, Configuring.](https://reader036.fdocuments.in/reader036/viewer/2022062418/552fc0fa497959413d8b8ed8/html5/thumbnails/1.jpg)
Microsoft Certifications – How They Know You Know
Windows Server 2008 – Mega Evento de Certificação70-640 TS: Windows Server 2008 Active Directory,
Configuring
Rogério Melo (MCT, MCSE,MCTS, MVP)Silvio Reis (MCT,MCSE,MCITP)
70-640 TS: Windows Server 2008 Active Directory, Configuring
Rogério Melo (MCT, MCSE,MCTS, MVP)Silvio Reis (MCT,MCSE,MCITP)
![Page 2: Microsoft Certifications – How They Know You Know Windows Server 2008 – Mega Evento de Certificação 70-640 TS: Windows Server 2008 Active Directory, Configuring.](https://reader036.fdocuments.in/reader036/viewer/2022062418/552fc0fa497959413d8b8ed8/html5/thumbnails/2.jpg)
2
Agenda
• Valor da Certificação e Dicas Gerais• Exame 70-640: Dicas e Truques• Programa Technet• Encerramento
![Page 3: Microsoft Certifications – How They Know You Know Windows Server 2008 – Mega Evento de Certificação 70-640 TS: Windows Server 2008 Active Directory, Configuring.](https://reader036.fdocuments.in/reader036/viewer/2022062418/552fc0fa497959413d8b8ed8/html5/thumbnails/3.jpg)
3
Valor da Certificação e Dicas Gerais
• Experiência com certificações– Progresso na carreira– Validade internacional (inclusive currículo
MOC)• Dicas gerais sobre provas de
certificação Microsoft
![Page 4: Microsoft Certifications – How They Know You Know Windows Server 2008 – Mega Evento de Certificação 70-640 TS: Windows Server 2008 Active Directory, Configuring.](https://reader036.fdocuments.in/reader036/viewer/2022062418/552fc0fa497959413d8b8ed8/html5/thumbnails/4.jpg)
4
Exame 70-640: Dicas e truques
• TS: Windows Server 2008 Active Directory, Configuring
![Page 5: Microsoft Certifications – How They Know You Know Windows Server 2008 – Mega Evento de Certificação 70-640 TS: Windows Server 2008 Active Directory, Configuring.](https://reader036.fdocuments.in/reader036/viewer/2022062418/552fc0fa497959413d8b8ed8/html5/thumbnails/5.jpg)
5
Exame 70-640: Dicas e truques• Configurando o DNS para o AD (Active
Directory) (16%)
• Configurando a infra-estrutura do AD (25%)
• Configurando funções de servidor adicionais do AD (9%)
• Criando e mantendo objetos do AD (24%)
• Mantendo um ambiente do AD (13%)
• Configurando o AD Certificate Services (13%)
![Page 6: Microsoft Certifications – How They Know You Know Windows Server 2008 – Mega Evento de Certificação 70-640 TS: Windows Server 2008 Active Directory, Configuring.](https://reader036.fdocuments.in/reader036/viewer/2022062418/552fc0fa497959413d8b8ed8/html5/thumbnails/6.jpg)
6
Configurando a infra-estrutura do AD
• Configurar uma floresta ou domínio
• Configurar relações de confiança (trusts)
• Configurar sites
• Configurar replicação do AD
• Configurar o catálogo global
• Configurar os Mestres de operações
![Page 7: Microsoft Certifications – How They Know You Know Windows Server 2008 – Mega Evento de Certificação 70-640 TS: Windows Server 2008 Active Directory, Configuring.](https://reader036.fdocuments.in/reader036/viewer/2022062418/552fc0fa497959413d8b8ed8/html5/thumbnails/7.jpg)
7
Configurando a infra-estrutura do AD
• AD DS (Active Directory Domain Services)– Nova nomenclatura do Active Directory
– Serviço de diretório usado para armazenar informações sobre os recursos de rede
– É uma função de servidor (server role) no Windows 2008• Após instalar o AD DS, executar o dcpromo para
promover o servidor a Domain Controller (DC)
![Page 8: Microsoft Certifications – How They Know You Know Windows Server 2008 – Mega Evento de Certificação 70-640 TS: Windows Server 2008 Active Directory, Configuring.](https://reader036.fdocuments.in/reader036/viewer/2022062418/552fc0fa497959413d8b8ed8/html5/thumbnails/8.jpg)
8
Configurando a infra-estrutura do AD• AD DS (Active Directory Domain
Services)?– Só disponível no Windows Server 2008
Standard, Enterprise e Datacenter• Não disponível no Web Edition
– Dcpromo /adv• Permite usar mídia de backup como origem do
AD– Evita replicação entre os DCs novo e antigo– Ideal para DCs localizados em filiais
• Permite definir replicação de senha para o RODC
![Page 9: Microsoft Certifications – How They Know You Know Windows Server 2008 – Mega Evento de Certificação 70-640 TS: Windows Server 2008 Active Directory, Configuring.](https://reader036.fdocuments.in/reader036/viewer/2022062418/552fc0fa497959413d8b8ed8/html5/thumbnails/9.jpg)
9
Configurando a infra-estrutura do AD
• Configurar uma floresta ou domínio– O que é uma floresta?
– O que é uma árvore?
– O que é um domínio?
– Níveis funcionais de floresta e de domínio
![Page 10: Microsoft Certifications – How They Know You Know Windows Server 2008 – Mega Evento de Certificação 70-640 TS: Windows Server 2008 Active Directory, Configuring.](https://reader036.fdocuments.in/reader036/viewer/2022062418/552fc0fa497959413d8b8ed8/html5/thumbnails/10.jpg)
10
Sistemas operacionais dos DCs suportados
Windows 2000Windows 2000 native
Windows Server 2003
Windows Server2003
Windows Server 2008
Windows Server 2008
FlorestasDomínio
• Windows Server 2008 • Windows Server 2003• Windows 2000
• Windows Server 2008 • Windows Server 2003
• Windows Server 2008
Níveis funcionais com suporte:
Configurando a infra-estrutura do AD
![Page 11: Microsoft Certifications – How They Know You Know Windows Server 2008 – Mega Evento de Certificação 70-640 TS: Windows Server 2008 Active Directory, Configuring.](https://reader036.fdocuments.in/reader036/viewer/2022062418/552fc0fa497959413d8b8ed8/html5/thumbnails/11.jpg)
11
Configurando a infra-estrutura do AD• Configurar uma floresta ou domínio
– ADMT – Active Directory Migration Tool v3
– Sufixo UPN – User Principal Name alternativo
– Adprep /forestprep
– Adprep /Domainprep e /gpprep
– Adprep /rodcprep
![Page 12: Microsoft Certifications – How They Know You Know Windows Server 2008 – Mega Evento de Certificação 70-640 TS: Windows Server 2008 Active Directory, Configuring.](https://reader036.fdocuments.in/reader036/viewer/2022062418/552fc0fa497959413d8b8ed8/html5/thumbnails/12.jpg)
12
Antes de instalar
adprep /forestprepWindows 2000 Windows 2003
adprep /domainprep /gpprep
Windows Server2000
adprep /domainprepWindows Server 2003
Execute o comandoVersão atual
• Windows Server 2008 domain controllers
• Windows Server 2008 domain controllers
• Windows Server 2008 domain controllers
adprep /rodcprepWindows Server
2003
• Windows Server 2008 RODCs
Configurando a infra-estrutura do AD
![Page 13: Microsoft Certifications – How They Know You Know Windows Server 2008 – Mega Evento de Certificação 70-640 TS: Windows Server 2008 Active Directory, Configuring.](https://reader036.fdocuments.in/reader036/viewer/2022062418/552fc0fa497959413d8b8ed8/html5/thumbnails/13.jpg)
13
Configurando a infra-estrutura do AD
• Configurar relações de confiança (trusts)– Trust de floresta
• Somente a partir de nível de floresta Windows 2003
– Autenticação seletiva X Autenticação de floresta
– Trusts externos, transitivos e de atalho (shortcut)
– Filtragem de SID
![Page 14: Microsoft Certifications – How They Know You Know Windows Server 2008 – Mega Evento de Certificação 70-640 TS: Windows Server 2008 Active Directory, Configuring.](https://reader036.fdocuments.in/reader036/viewer/2022062418/552fc0fa497959413d8b8ed8/html5/thumbnails/14.jpg)
14
Configurando a infra-estrutura do AD
• Configurar sites– Criar subredes do AD
– Criar links de sites
– Custo de links
![Page 15: Microsoft Certifications – How They Know You Know Windows Server 2008 – Mega Evento de Certificação 70-640 TS: Windows Server 2008 Active Directory, Configuring.](https://reader036.fdocuments.in/reader036/viewer/2022062418/552fc0fa497959413d8b8ed8/html5/thumbnails/15.jpg)
15
Configurando a infra-estrutura do AD• Configurar replicação do AD
– Distributed File System
– Replicação One Way
– Servidor Bridgehead
– Agendamento de replicação
– Protocolos de replicação
– Replicação entre sites
![Page 16: Microsoft Certifications – How They Know You Know Windows Server 2008 – Mega Evento de Certificação 70-640 TS: Windows Server 2008 Active Directory, Configuring.](https://reader036.fdocuments.in/reader036/viewer/2022062418/552fc0fa497959413d8b8ed8/html5/thumbnails/16.jpg)
16
Configurando a infra-estrutura do AD
• Configurar o catálogo global– Universal Group Membership Caching
– Partial Attribute Set
– Promover a catálogo global (GC)
![Page 17: Microsoft Certifications – How They Know You Know Windows Server 2008 – Mega Evento de Certificação 70-640 TS: Windows Server 2008 Active Directory, Configuring.](https://reader036.fdocuments.in/reader036/viewer/2022062418/552fc0fa497959413d8b8ed8/html5/thumbnails/17.jpg)
17
Configurando a infra-estrutura do AD
• Configurar os Mestres de operações– Seize e transfer
– Posicionamento de Mestres de Operação
– Extensão de esquema do AD
– Time service
Domain controllersDomain controllers
PDC EmulatorPDC Emulator
Client computers
Client computers
![Page 18: Microsoft Certifications – How They Know You Know Windows Server 2008 – Mega Evento de Certificação 70-640 TS: Windows Server 2008 Active Directory, Configuring.](https://reader036.fdocuments.in/reader036/viewer/2022062418/552fc0fa497959413d8b8ed8/html5/thumbnails/18.jpg)
18
Configurando a infra-estrutura do AD• Mestres de operações
– Schema Master -> 1 por floresta
– Domain Naming Master -> 1 por floresta
– PDC Emulator -> 1 por domínio
– Infrastructure Master -> 1 por domínio
– RID Master -> 1 por domínio
![Page 19: Microsoft Certifications – How They Know You Know Windows Server 2008 – Mega Evento de Certificação 70-640 TS: Windows Server 2008 Active Directory, Configuring.](https://reader036.fdocuments.in/reader036/viewer/2022062418/552fc0fa497959413d8b8ed8/html5/thumbnails/19.jpg)
19
Configurando o DNS para o Active Directory
• Demonstração– AD Users and Computers – AD Domains and Trusts– AD Sites and Services
![Page 20: Microsoft Certifications – How They Know You Know Windows Server 2008 – Mega Evento de Certificação 70-640 TS: Windows Server 2008 Active Directory, Configuring.](https://reader036.fdocuments.in/reader036/viewer/2022062418/552fc0fa497959413d8b8ed8/html5/thumbnails/20.jpg)
20
Configurando o DNS para o Active Directory
• Configurar zonas
• Definir configurações de servidor DNS
• Configurar transferências de zona e replicação
![Page 21: Microsoft Certifications – How They Know You Know Windows Server 2008 – Mega Evento de Certificação 70-640 TS: Windows Server 2008 Active Directory, Configuring.](https://reader036.fdocuments.in/reader036/viewer/2022062418/552fc0fa497959413d8b8ed8/html5/thumbnails/21.jpg)
21
Configurando o DNS para o Active Directory
• Configurar zonas:
• O que é uma zona DNS?
• Tipos de zonas– DDNS (Dynamic DNS)
• Eliminação (scavenging) de zona
– Non-Dynamic DNS
– Secure Dynamic DNS
![Page 22: Microsoft Certifications – How They Know You Know Windows Server 2008 – Mega Evento de Certificação 70-640 TS: Windows Server 2008 Active Directory, Configuring.](https://reader036.fdocuments.in/reader036/viewer/2022062418/552fc0fa497959413d8b8ed8/html5/thumbnails/22.jpg)
22
Configurando o DNS para o Active Directory
• Tipos de zonas– Primária
– Secundária
– Pesquisa direta
– Pesquisa reversa
– Integrada ao AD
– Stub
– GlobalNames
![Page 23: Microsoft Certifications – How They Know You Know Windows Server 2008 – Mega Evento de Certificação 70-640 TS: Windows Server 2008 Active Directory, Configuring.](https://reader036.fdocuments.in/reader036/viewer/2022062418/552fc0fa497959413d8b8ed8/html5/thumbnails/23.jpg)
23
Configurando o DNS para o Active Directory
• Zona GlobalNames– Fato: WINS funciona sobre NetBT. Ambos não têm suporte a
IPv6
– GlobalNames ajuda na migração para resolução de nomes somente DNS• Não substitui o WINS: ajuda a retirá-lo da rede
– Também indicada para migrações completas de rede para IPv6
![Page 24: Microsoft Certifications – How They Know You Know Windows Server 2008 – Mega Evento de Certificação 70-640 TS: Windows Server 2008 Active Directory, Configuring.](https://reader036.fdocuments.in/reader036/viewer/2022062418/552fc0fa497959413d8b8ed8/html5/thumbnails/24.jpg)
24
Configurando o DNS para o Active Directory
• Definir configurações de servidor DNS– Encaminhamento (forwarding)
– Dicas de raiz (root hints)
– Delegação de zonas
– Round robin
– Desativar recursão
– Debug logging
– Eliminação (Scavenging) em nível de servidor
![Page 25: Microsoft Certifications – How They Know You Know Windows Server 2008 – Mega Evento de Certificação 70-640 TS: Windows Server 2008 Active Directory, Configuring.](https://reader036.fdocuments.in/reader036/viewer/2022062418/552fc0fa497959413d8b8ed8/html5/thumbnails/25.jpg)
25
Configurando o DNS para o Active Directory
• Configurar transferência de zona e replicação– Escopo de replicação
– Transferência de zona incremental (IXFR)
– DNS Notify
– Transferências de zona seguras
– Configuração de servidores de nomes
– Partições de diretório de aplicativo
![Page 26: Microsoft Certifications – How They Know You Know Windows Server 2008 – Mega Evento de Certificação 70-640 TS: Windows Server 2008 Active Directory, Configuring.](https://reader036.fdocuments.in/reader036/viewer/2022062418/552fc0fa497959413d8b8ed8/html5/thumbnails/26.jpg)
26
Configurando o DNS para o Active Directory
• Demonstração– DNS no Windows 2008
![Page 27: Microsoft Certifications – How They Know You Know Windows Server 2008 – Mega Evento de Certificação 70-640 TS: Windows Server 2008 Active Directory, Configuring.](https://reader036.fdocuments.in/reader036/viewer/2022062418/552fc0fa497959413d8b8ed8/html5/thumbnails/27.jpg)
27
Configurando funções de servidor adicionais do AD• Configurar o serviço AD LDS (Lightweight
Directory Service)
• Configurar o serviço AD RMS (Rights Management Service)
• Configurar o Read Only Domain Controller
• Configurar o AD FS (Federation Services)
![Page 28: Microsoft Certifications – How They Know You Know Windows Server 2008 – Mega Evento de Certificação 70-640 TS: Windows Server 2008 Active Directory, Configuring.](https://reader036.fdocuments.in/reader036/viewer/2022062418/552fc0fa497959413d8b8ed8/html5/thumbnails/28.jpg)
28
Configurando funções de servidor adicionais do AD• Configurar o serviço AD LDS (Lightweight
Directory Service)– AD LDS -> fornece funcionalidade do ADAM
(presente do Windows XP e 2003)
– É um serviço de diretório para aplicações
– Fornece boa parte da funcionalidade do ADDS• Criado para aplicações que usam diretório
– Aplicações de CRM, address book, etc
• Não são necessários domínios ou DCs• Posso ter várias instâncias do AD LDS no mesmo
servidor
![Page 29: Microsoft Certifications – How They Know You Know Windows Server 2008 – Mega Evento de Certificação 70-640 TS: Windows Server 2008 Active Directory, Configuring.](https://reader036.fdocuments.in/reader036/viewer/2022062418/552fc0fa497959413d8b8ed8/html5/thumbnails/29.jpg)
29
Configurando funções de servidor adicionais do AD
• Configurar o serviço AD LDS (Lightweight Directory Service)– Replicação múltiplos mestres
– Suporte a Directory Services API
– Partições de diretório de aplicativo
– LDAP over SSL
– Não tem suporte a florestas, domínios, GPOs
![Page 30: Microsoft Certifications – How They Know You Know Windows Server 2008 – Mega Evento de Certificação 70-640 TS: Windows Server 2008 Active Directory, Configuring.](https://reader036.fdocuments.in/reader036/viewer/2022062418/552fc0fa497959413d8b8ed8/html5/thumbnails/30.jpg)
30
Configurando funções de servidor adicionais do AD
• Cenários do AD LDS– Aplicações que estendem o esquema
• Não desejo estender o esquema do ADDS
– Ambientes de homologação separados do diretório de produção
– Gerenciamento de computadores externos que acessam recursos de rede
– Uso de clientes com versões anteriores do LDAP em ambientes heterogêneos
– Transparente para aplicações desenvolvidas para o ADAM
![Page 31: Microsoft Certifications – How They Know You Know Windows Server 2008 – Mega Evento de Certificação 70-640 TS: Windows Server 2008 Active Directory, Configuring.](https://reader036.fdocuments.in/reader036/viewer/2022062418/552fc0fa497959413d8b8ed8/html5/thumbnails/31.jpg)
31
Configurando funções de servidor adicionais do AD
• Gerenciamento do AD LDS– ADSI Edit
– LDP.exe
– Outras ferramentas de esquema do AD
![Page 32: Microsoft Certifications – How They Know You Know Windows Server 2008 – Mega Evento de Certificação 70-640 TS: Windows Server 2008 Active Directory, Configuring.](https://reader036.fdocuments.in/reader036/viewer/2022062418/552fc0fa497959413d8b8ed8/html5/thumbnails/32.jpg)
32
Configurando o DNS para o Active Directory
• Demonstração– AD LDS (Lightweight Directory
Service)
![Page 33: Microsoft Certifications – How They Know You Know Windows Server 2008 – Mega Evento de Certificação 70-640 TS: Windows Server 2008 Active Directory, Configuring.](https://reader036.fdocuments.in/reader036/viewer/2022062418/552fc0fa497959413d8b8ed8/html5/thumbnails/33.jpg)
33
Configurando funções de servidor adicionais do AD• Configurar o serviço AD RMS (Rights
Management Service)– Permite criar soluções de proteção de informação
– Agora é uma função de servidor no Windows 2008
– Administrado por MMC
– Integração com o ADFS
– Auto-inscrição de servidores AD RMS
– Delegação de responsabilidade (AD RMS roles)
![Page 34: Microsoft Certifications – How They Know You Know Windows Server 2008 – Mega Evento de Certificação 70-640 TS: Windows Server 2008 Active Directory, Configuring.](https://reader036.fdocuments.in/reader036/viewer/2022062418/552fc0fa497959413d8b8ed8/html5/thumbnails/34.jpg)
34
Configurando funções de servidor adicionais do AD
• Configurar o serviço AD RMS (Rights Management Service)– Licenciamento de informação protegida por direitos
• Usuários e grupos autorizados a publicar conteúdo protegido
– Licenciamento para descriptografar conteúdo protegido e aplicar políticas de uso
– Criação de templates e arquivos protegidos por direitos
![Page 35: Microsoft Certifications – How They Know You Know Windows Server 2008 – Mega Evento de Certificação 70-640 TS: Windows Server 2008 Active Directory, Configuring.](https://reader036.fdocuments.in/reader036/viewer/2022062418/552fc0fa497959413d8b8ed8/html5/thumbnails/35.jpg)
35
Configurando funções de servidor adicionais do AD• RODCs – Read Only Domain Controllers
– Possuem uma partição somente leitura do AD• Nunca iniciam uma replicação
– Fornece segurança adicional para filiais que possuem segurança física limitada
– Podem ser implantados no Server Core• Usar dcpromo e arquivo de instalação
automatizada
– Podem armazenar credenciais em cache– Têm separação de função de administrador
• “Usuário administrador” que só faz logon no RODC
![Page 36: Microsoft Certifications – How They Know You Know Windows Server 2008 – Mega Evento de Certificação 70-640 TS: Windows Server 2008 Active Directory, Configuring.](https://reader036.fdocuments.in/reader036/viewer/2022062418/552fc0fa497959413d8b8ed8/html5/thumbnails/36.jpg)
36
Configurando funções de servidor adicionais do AD• Configurar o RODC - Read Only Domain
Controller
Controlador de Domínio Somente Leitura
Verificar as recomendações do Guia para Escritórios Remotos (Branch Office Guide)
![Page 37: Microsoft Certifications – How They Know You Know Windows Server 2008 – Mega Evento de Certificação 70-640 TS: Windows Server 2008 Active Directory, Configuring.](https://reader036.fdocuments.in/reader036/viewer/2022062418/552fc0fa497959413d8b8ed8/html5/thumbnails/37.jpg)
37
Configurando funções de servidor adicionais do AD – RODC pré-reqs.
• Funciona em ambientes existentes
• Múltiplos controladores de domínio do Windows Server 2008 por Domínio
• Recomendado um RODC por Site• ADPREP /rodcprep
• Não é necessária atualização em clientes ou controladores de domínio de nível inferior
• Modo Funcional de Floresta do Windows Server 2003
• Um controlador de domínio do Windows Server 2008
• Funciona em ambientes existentes
![Page 38: Microsoft Certifications – How They Know You Know Windows Server 2008 – Mega Evento de Certificação 70-640 TS: Windows Server 2008 Active Directory, Configuring.](https://reader036.fdocuments.in/reader036/viewer/2022062418/552fc0fa497959413d8b8ed8/html5/thumbnails/38.jpg)
38
Configurando o DNS para o Active Directory
• Demonstração– Read Only Domain Controller
![Page 39: Microsoft Certifications – How They Know You Know Windows Server 2008 – Mega Evento de Certificação 70-640 TS: Windows Server 2008 Active Directory, Configuring.](https://reader036.fdocuments.in/reader036/viewer/2022062418/552fc0fa497959413d8b8ed8/html5/thumbnails/39.jpg)
39
Configurando o DNS para o Active Directory
![Page 40: Microsoft Certifications – How They Know You Know Windows Server 2008 – Mega Evento de Certificação 70-640 TS: Windows Server 2008 Active Directory, Configuring.](https://reader036.fdocuments.in/reader036/viewer/2022062418/552fc0fa497959413d8b8ed8/html5/thumbnails/40.jpg)
40
Configurando o DNS para o Active Directory
![Page 41: Microsoft Certifications – How They Know You Know Windows Server 2008 – Mega Evento de Certificação 70-640 TS: Windows Server 2008 Active Directory, Configuring.](https://reader036.fdocuments.in/reader036/viewer/2022062418/552fc0fa497959413d8b8ed8/html5/thumbnails/41.jpg)
41
Configurando o DNS para o Active Directory
![Page 42: Microsoft Certifications – How They Know You Know Windows Server 2008 – Mega Evento de Certificação 70-640 TS: Windows Server 2008 Active Directory, Configuring.](https://reader036.fdocuments.in/reader036/viewer/2022062418/552fc0fa497959413d8b8ed8/html5/thumbnails/42.jpg)
42
Configurando o DNS para o Active Directory
![Page 43: Microsoft Certifications – How They Know You Know Windows Server 2008 – Mega Evento de Certificação 70-640 TS: Windows Server 2008 Active Directory, Configuring.](https://reader036.fdocuments.in/reader036/viewer/2022062418/552fc0fa497959413d8b8ed8/html5/thumbnails/43.jpg)
43
Configurando funções de servidor adicionais do AD
• Configurar o ADFS (AD Federation Services)– Solução de identidade de acesso transparente,
multiplataforma e com suporte à Internet– Facilita o B2B entre redes de parceiros– Fornece solução SSO (Single Sign On) Web-based
• Evita credenciais secundárias no caso de possuirmos uma aplicação em uma rede e as contas de usuário em outra
![Page 44: Microsoft Certifications – How They Know You Know Windows Server 2008 – Mega Evento de Certificação 70-640 TS: Windows Server 2008 Active Directory, Configuring.](https://reader036.fdocuments.in/reader036/viewer/2022062418/552fc0fa497959413d8b8ed8/html5/thumbnails/44.jpg)
44
Configurando funções de servidor adicionais do AD
• Pré-requisitos do ADFS – Pelo menos um ADDS ou AD LDS
– Computadores em domínio
– Computadores com acesso à Internet
– Uma ou mais aplicações Web
– ASP .NET 2.0 e IIS no servidor com ADFS
![Page 45: Microsoft Certifications – How They Know You Know Windows Server 2008 – Mega Evento de Certificação 70-640 TS: Windows Server 2008 Active Directory, Configuring.](https://reader036.fdocuments.in/reader036/viewer/2022062418/552fc0fa497959413d8b8ed8/html5/thumbnails/45.jpg)
45
Configurando funções de servidor adicionais do AD
• Novas funcionalidades do ADFS (em relação ao Windows 2003 R2)– Agora é uma função de servidor do Windows 2008– Maior suporte a aplicativos
• AD RMS e Sharepoint 2007
– Melhor experiência ao estabelecer trusts federativos• Trust policies e procedimentos de exportação e
importação das políticas aprimorados
![Page 46: Microsoft Certifications – How They Know You Know Windows Server 2008 – Mega Evento de Certificação 70-640 TS: Windows Server 2008 Active Directory, Configuring.](https://reader036.fdocuments.in/reader036/viewer/2022062418/552fc0fa497959413d8b8ed8/html5/thumbnails/46.jpg)
46
Configurando o DNS para o Active Directory
• Demonstração– Active Directory Federation
Services
![Page 47: Microsoft Certifications – How They Know You Know Windows Server 2008 – Mega Evento de Certificação 70-640 TS: Windows Server 2008 Active Directory, Configuring.](https://reader036.fdocuments.in/reader036/viewer/2022062418/552fc0fa497959413d8b8ed8/html5/thumbnails/47.jpg)
47
Criando e mantendo objetos do AD
• Automatizar criação de contas no AD• Manter contas no AD• Criar e aplicar Group Policy Objects (GPOs)• Configurar modelos de GPOs• Configurar GPOs de implantação de software• Configurar diretivas de contas• Configurar diretivas de auditoria usando
GPOs
![Page 48: Microsoft Certifications – How They Know You Know Windows Server 2008 – Mega Evento de Certificação 70-640 TS: Windows Server 2008 Active Directory, Configuring.](https://reader036.fdocuments.in/reader036/viewer/2022062418/552fc0fa497959413d8b8ed8/html5/thumbnails/48.jpg)
Automatizar a criação de contas no AD
48
![Page 49: Microsoft Certifications – How They Know You Know Windows Server 2008 – Mega Evento de Certificação 70-640 TS: Windows Server 2008 Active Directory, Configuring.](https://reader036.fdocuments.in/reader036/viewer/2022062418/552fc0fa497959413d8b8ed8/html5/thumbnails/49.jpg)
Manter contas no AD• Estratégia de grupos
– AGP– AGDLP/AGGUDLP
• Desabilitar/Remover contas
• “Deprovisioning”• Delegação de
controle
49
![Page 50: Microsoft Certifications – How They Know You Know Windows Server 2008 – Mega Evento de Certificação 70-640 TS: Windows Server 2008 Active Directory, Configuring.](https://reader036.fdocuments.in/reader036/viewer/2022062418/552fc0fa497959413d8b8ed8/html5/thumbnails/50.jpg)
Criar e aplicar Group Policy Objects (GPOs)
50
![Page 51: Microsoft Certifications – How They Know You Know Windows Server 2008 – Mega Evento de Certificação 70-640 TS: Windows Server 2008 Active Directory, Configuring.](https://reader036.fdocuments.in/reader036/viewer/2022062418/552fc0fa497959413d8b8ed8/html5/thumbnails/51.jpg)
Criar e aplicar Group Policy Objects (GPOs)
51
![Page 52: Microsoft Certifications – How They Know You Know Windows Server 2008 – Mega Evento de Certificação 70-640 TS: Windows Server 2008 Active Directory, Configuring.](https://reader036.fdocuments.in/reader036/viewer/2022062418/552fc0fa497959413d8b8ed8/html5/thumbnails/52.jpg)
Demo: GPMC
52
![Page 53: Microsoft Certifications – How They Know You Know Windows Server 2008 – Mega Evento de Certificação 70-640 TS: Windows Server 2008 Active Directory, Configuring.](https://reader036.fdocuments.in/reader036/viewer/2022062418/552fc0fa497959413d8b8ed8/html5/thumbnails/53.jpg)
Configurar modelos de GPOsCentral Store - ADMX
53
![Page 54: Microsoft Certifications – How They Know You Know Windows Server 2008 – Mega Evento de Certificação 70-640 TS: Windows Server 2008 Active Directory, Configuring.](https://reader036.fdocuments.in/reader036/viewer/2022062418/552fc0fa497959413d8b8ed8/html5/thumbnails/54.jpg)
Preparação
11
Configurar GPOs de implantação de software
Instalação
1.0
22
Manutenção
2.0
33
Remoção
44
![Page 55: Microsoft Certifications – How They Know You Know Windows Server 2008 – Mega Evento de Certificação 70-640 TS: Windows Server 2008 Active Directory, Configuring.](https://reader036.fdocuments.in/reader036/viewer/2022062418/552fc0fa497959413d8b8ed8/html5/thumbnails/55.jpg)
Ponto de distribuição de software
Ponto de distribuição de software
Configurar GPOs de implantação de software
Publicar durante ativação do arquivo
Publicar durante ativação do arquivo
?
Publicar usando Adicionar/Remover
Programas
Publicar usando Adicionar/Remover
Programas
Atribuir durante a configuração do
computador
Atribuir durante a configuração do
computador
Atribuir durante a configuração do
usuário
Atribuir durante a configuração do
usuário
![Page 56: Microsoft Certifications – How They Know You Know Windows Server 2008 – Mega Evento de Certificação 70-640 TS: Windows Server 2008 Active Directory, Configuring.](https://reader036.fdocuments.in/reader036/viewer/2022062418/552fc0fa497959413d8b8ed8/html5/thumbnails/56.jpg)
Configurar diretivas de contas
56
![Page 57: Microsoft Certifications – How They Know You Know Windows Server 2008 – Mega Evento de Certificação 70-640 TS: Windows Server 2008 Active Directory, Configuring.](https://reader036.fdocuments.in/reader036/viewer/2022062418/552fc0fa497959413d8b8ed8/html5/thumbnails/57.jpg)
fine-grain password policies
57
![Page 58: Microsoft Certifications – How They Know You Know Windows Server 2008 – Mega Evento de Certificação 70-640 TS: Windows Server 2008 Active Directory, Configuring.](https://reader036.fdocuments.in/reader036/viewer/2022062418/552fc0fa497959413d8b8ed8/html5/thumbnails/58.jpg)
58
Mantendo um ambiente do AD
• Configurar backup e recuperação• Realizar manutenção offline• Monitorar o AD
![Page 59: Microsoft Certifications – How They Know You Know Windows Server 2008 – Mega Evento de Certificação 70-640 TS: Windows Server 2008 Active Directory, Configuring.](https://reader036.fdocuments.in/reader036/viewer/2022062418/552fc0fa497959413d8b8ed8/html5/thumbnails/59.jpg)
Alteração no AD
59
![Page 60: Microsoft Certifications – How They Know You Know Windows Server 2008 – Mega Evento de Certificação 70-640 TS: Windows Server 2008 Active Directory, Configuring.](https://reader036.fdocuments.in/reader036/viewer/2022062418/552fc0fa497959413d8b8ed8/html5/thumbnails/60.jpg)
Configurar backup e recuperação
• Windows Server Backup– Backup
• Volumes
– Restore• authoritative or non-authoritative Active Directory
restore
60
![Page 61: Microsoft Certifications – How They Know You Know Windows Server 2008 – Mega Evento de Certificação 70-640 TS: Windows Server 2008 Active Directory, Configuring.](https://reader036.fdocuments.in/reader036/viewer/2022062418/552fc0fa497959413d8b8ed8/html5/thumbnails/61.jpg)
Realizar manutenção offline
• ADDS é um serviço que pode ser reiniciado sem afetar outros serviços.
• Usado para defragmentação offline ou alteração do caminho dos arquivos do AD.
61
![Page 62: Microsoft Certifications – How They Know You Know Windows Server 2008 – Mega Evento de Certificação 70-640 TS: Windows Server 2008 Active Directory, Configuring.](https://reader036.fdocuments.in/reader036/viewer/2022062418/552fc0fa497959413d8b8ed8/html5/thumbnails/62.jpg)
Monitorar o AD
• Event Viewer• Reliability and Performance Monitor• Auditoria AD
62
![Page 63: Microsoft Certifications – How They Know You Know Windows Server 2008 – Mega Evento de Certificação 70-640 TS: Windows Server 2008 Active Directory, Configuring.](https://reader036.fdocuments.in/reader036/viewer/2022062418/552fc0fa497959413d8b8ed8/html5/thumbnails/63.jpg)
Event Viewer
63
![Page 64: Microsoft Certifications – How They Know You Know Windows Server 2008 – Mega Evento de Certificação 70-640 TS: Windows Server 2008 Active Directory, Configuring.](https://reader036.fdocuments.in/reader036/viewer/2022062418/552fc0fa497959413d8b8ed8/html5/thumbnails/64.jpg)
Reliability and Performance Monitor
64
![Page 65: Microsoft Certifications – How They Know You Know Windows Server 2008 – Mega Evento de Certificação 70-640 TS: Windows Server 2008 Active Directory, Configuring.](https://reader036.fdocuments.in/reader036/viewer/2022062418/552fc0fa497959413d8b8ed8/html5/thumbnails/65.jpg)
Auditoria AD
65
![Page 66: Microsoft Certifications – How They Know You Know Windows Server 2008 – Mega Evento de Certificação 70-640 TS: Windows Server 2008 Active Directory, Configuring.](https://reader036.fdocuments.in/reader036/viewer/2022062418/552fc0fa497959413d8b8ed8/html5/thumbnails/66.jpg)
66
Configurando o AD Certificate Services
• Instalar o AD Certificate Services• Definir configurações do servidor de CA• Gerenciar modelos de certificado• Gerenciar inscrições (enrollments)• Gerenciar revogação de certificados
![Page 67: Microsoft Certifications – How They Know You Know Windows Server 2008 – Mega Evento de Certificação 70-640 TS: Windows Server 2008 Active Directory, Configuring.](https://reader036.fdocuments.in/reader036/viewer/2022062418/552fc0fa497959413d8b8ed8/html5/thumbnails/67.jpg)
Instalar o AD Certificate Services
67
![Page 68: Microsoft Certifications – How They Know You Know Windows Server 2008 – Mega Evento de Certificação 70-640 TS: Windows Server 2008 Active Directory, Configuring.](https://reader036.fdocuments.in/reader036/viewer/2022062418/552fc0fa497959413d8b8ed8/html5/thumbnails/68.jpg)
Definir configurações do servidor de CA
• Configuração da CA– key archival– certificate database
backup and restore– assigning
administration roles
68
![Page 69: Microsoft Certifications – How They Know You Know Windows Server 2008 – Mega Evento de Certificação 70-640 TS: Windows Server 2008 Active Directory, Configuring.](https://reader036.fdocuments.in/reader036/viewer/2022062418/552fc0fa497959413d8b8ed8/html5/thumbnails/69.jpg)
Gerenciar modelos de certificado
• Modelos de certificado– certificate template
types– securing template
permissions– managing different
certificate template versions
– key recovery agent
69
![Page 70: Microsoft Certifications – How They Know You Know Windows Server 2008 – Mega Evento de Certificação 70-640 TS: Windows Server 2008 Active Directory, Configuring.](https://reader036.fdocuments.in/reader036/viewer/2022062418/552fc0fa497959413d8b8ed8/html5/thumbnails/70.jpg)
Gerenciar inscrições (enrollments)
70
![Page 71: Microsoft Certifications – How They Know You Know Windows Server 2008 – Mega Evento de Certificação 70-640 TS: Windows Server 2008 Active Directory, Configuring.](https://reader036.fdocuments.in/reader036/viewer/2022062418/552fc0fa497959413d8b8ed8/html5/thumbnails/71.jpg)
Gerenciar revogação de certificados
71
![Page 72: Microsoft Certifications – How They Know You Know Windows Server 2008 – Mega Evento de Certificação 70-640 TS: Windows Server 2008 Active Directory, Configuring.](https://reader036.fdocuments.in/reader036/viewer/2022062418/552fc0fa497959413d8b8ed8/html5/thumbnails/72.jpg)
http://microsoft.com/brasil/technet
![Page 73: Microsoft Certifications – How They Know You Know Windows Server 2008 – Mega Evento de Certificação 70-640 TS: Windows Server 2008 Active Directory, Configuring.](https://reader036.fdocuments.in/reader036/viewer/2022062418/552fc0fa497959413d8b8ed8/html5/thumbnails/73.jpg)
http://microsoft.com/brasil/technet
![Page 74: Microsoft Certifications – How They Know You Know Windows Server 2008 – Mega Evento de Certificação 70-640 TS: Windows Server 2008 Active Directory, Configuring.](https://reader036.fdocuments.in/reader036/viewer/2022062418/552fc0fa497959413d8b8ed8/html5/thumbnails/74.jpg)
http://microsoft.com/brasil/technet
![Page 75: Microsoft Certifications – How They Know You Know Windows Server 2008 – Mega Evento de Certificação 70-640 TS: Windows Server 2008 Active Directory, Configuring.](https://reader036.fdocuments.in/reader036/viewer/2022062418/552fc0fa497959413d8b8ed8/html5/thumbnails/75.jpg)
http://microsoft.com/brasil/technet
![Page 76: Microsoft Certifications – How They Know You Know Windows Server 2008 – Mega Evento de Certificação 70-640 TS: Windows Server 2008 Active Directory, Configuring.](https://reader036.fdocuments.in/reader036/viewer/2022062418/552fc0fa497959413d8b8ed8/html5/thumbnails/76.jpg)
http://microsoft.com/brasil/technet
![Page 77: Microsoft Certifications – How They Know You Know Windows Server 2008 – Mega Evento de Certificação 70-640 TS: Windows Server 2008 Active Directory, Configuring.](https://reader036.fdocuments.in/reader036/viewer/2022062418/552fc0fa497959413d8b8ed8/html5/thumbnails/77.jpg)
Technet Experience
• Technet Experience Windows Server 2008 https://www.technetbrasil.com.br/experience/windowsserver2008/Home.aspx
• Windows Server 2008 Learning Portal http://www.microsoft.com/learning/windowsserver2008/default.mspx
• 70-640 Exam Preparation Guidehttp://www.microsoft.com/learning/exams/70-640.mspx
![Page 78: Microsoft Certifications – How They Know You Know Windows Server 2008 – Mega Evento de Certificação 70-640 TS: Windows Server 2008 Active Directory, Configuring.](https://reader036.fdocuments.in/reader036/viewer/2022062418/552fc0fa497959413d8b8ed8/html5/thumbnails/78.jpg)
78
Prep Guides athttp://www.microsoft.com/mcp Skills assessmentshttp://www.microsoft.com/assessmentTechNet Brasilhttp://www.microsoft.com/brasil/technet
Recursos