Microsoft Active Directory Architect

Instructor: Atif Mazhar
Students: 630
Duration: 10 weeks

Categories: Microsoft

Curriculum

Schema

- What’s schema? General definition
- What’s schema? AD definition
- Schema Management tool
- Enabling the schema management tool
- Security risk
- Usage
- Change in Schema
- Recommended or not recommended
- Editing schema as per the vendor or per the admin discretion
- Impact
  - Individual users, few or all users
  - Forest wide or domain wide
- Scenarios where the change can bring the AD down
Object Identification
- SID
  1. - Applies to Security principal (Users, computer, groups, etc)
    - Formation
    - Structure (Standard – Domain – RID)
    - Uniqueness Level (Will vary domain to domain)
    - Word of caution (Disable not delete)
    - Importance of SID history in migrations/mergers
- GUID
  1. - Applies to every object
    - Uniqueness: global (world-wide)
- RID
  1. - Part of SID
Global Catalog
- Concept of a catalog
- Keeps partial and full info
- Keeps frequently accessed info
- Schema Management tool’s option for making an attribute available in GC
- Minimum number of GC required per domain, forest, site.
- How vital is global catalog for AD – Test labs
  - Creating a user without GC
  - Creating a new domain without GC
  - Creating a user in different domain without GC
  - DC with GC crashes – Now what?
  - FSMO transfers without GC
- GC role transfer from one DC to another
AD multimaster. Myth or Reality? FSMOs – Flexible single master operation
- Domain Naming Master
- RID Master
- PDC Emulator
- Infrastructure Master
- Schema Master
Dissecting NTDS
- Partitions
  - Official
    1. Schema
    2. Config
    3. Domain
    4. Application
  - Unofficial
  - DB Engine & Structure
  - MS Database engines
    1. SQL
    2. JET
- JET Red (Access)
  - JET Blue (ESE)
  - NTDS Structure
    - ESE Concepts
    - Memory, disk, Read and Write buffer
    - Transaction Logs
    - Check Point
    - Size of Logs
    - Circular Logging
    - DB maintenance
    - Defrag utility
    - NTDS DB Path Location
    - SYSVOL files location
    - ESENTUTIL Intro
DSRM – Directory Service Restore Mode
AD Groups
- Group Type
  - Distribution
  - Security
- Global
- Domain Local
- Universal
AD Functional Levels
- Mixed Mode
- Native Mode
AD Trusts
- Types of Trust
  - One way
  - Two way
  - Transitive
  - Non-transitive
- Difference between trust within and between forest
Group Policy
- Enterprise Environment Administration issues
  - Standardizing the company settings for users and computers
  - Discussion on chaos without controlling the environment
  - Viruses outbreak
  - Restricting Wall paper
  - Untrusted devices connected to the network (USB devices)
  - Data leakage threats
  - Password restrictions
  - Application/software access and installation
  - MS gives admins tools to manage this all
- Introducing Group Policies
Group Policy on every Windows machine
- Group Policy on Centralized environment ; e.g. AD Domain
GP Application order
- GP Settings
- GP concepts
- Managing multiple GP
- GPMC tool intro
- Introducing GPOs
- Logon
- Log off
- GP Troubleshooting
- Filtering

Classroom Training

Onsite Training

Online Training

Classroom - Fee

$600

Enroll Now

Atif Mazhar

ITIL, VCP, MCT, MDT, MCP, MCSE, MCSA, BCCA, BCCP, MCITP

Atif Mazhar has been in the IT industry for the last 20+ years with experience in teaching and consulting. He has worked for various MNC companies and specializes in many Microsoft Technologies. Industry Certifications: ITIL, VCP, MCT, MDT, MCP, MCSE, MCSA, BCCA, BCCP, MCITP, Quest Certified Professional QMM AD/ QMM Exchange SME Technologies: Azure, Office 365, SCOM, SCCM, Clustering, NLB, Active Directory, One Drive for Business, Skype for Business/Lync Server, Microsoft SQL 2008/2012/2014/2016, Microsoft Exchange 2003/2007/2010/2013/2016, Microsoft Windows Server 2003/2008/2012/2016, Windows 10.