MOC 20742: Identity with Windows Server 2016
- Some exposure to and experience with AD DS concepts and technologies in Windows Server 2012 or Windows Server 2016.
- Experience working with and configuring Windows Server 2012 or Windows Server 2016.
- Experience and an understanding of core networking technologies such as IP addressing, name resolution, and Dynamic Host Configuration Protocol (DHCP).
- Experience working with and an understanding of Microsoft Hyper-V and basic server virtualization concepts.
- An awareness of basic security best practices.
- Hands-on working experience with Windows client operating systems such as Windows 7, Windows 8, Windows 8.1, or Windows 10.
- Basic experience with the Windows PowerShell command-line interface.
- Install and configure domain controllers.
- Describe the various storage options, including partition table formats, basic and dynamic disks, file systems, virtual hard disks, and drive hardware, and explain how to manage disks and volumes
- Implement AD DS in complex environments..
- Implement AD DS sites, and configure and manage replication.
- Implement and manage Group Policy Objects (GPOs).
- Manage user settings by using GPOs.
- Secure AD DS and user accounts.
- Implement and manage a certificate authority (CA) hierarchy with AD CS.
- Deploy and manage certificates.
- Implement and administer AD FS.
- Implement and administer Active Directory Rights Management Services (AD RMS).
- Implement synchronization between AD DS and Azure AD.
- Monitor, troubleshoot, and establish business continuity for AD DS services.
Module 1: Installing and configuring DCsThis module describes features of AD DS and how to install domain controllers (DCs). It also covers the considerations for deploying DCs.
- Overview of AD DS
- Overview of AD DS DCs
- Deploying DCs
Lab : Deploying and administering AD DS
Module 2: Managing objects in AD DSThis module describes how to use various techniques to manage objects in AD DS. This includes creating and configuring user, group, and computer objects.
- Managing user accounts
- Managing groups in AD DS
- Managing computer accounts
- Using Windows PowerShell for AD DS administration
- Implementing and managing organizational units
Lab : Deploying and administering AD DS
Lab : Administering AD DS
Module 3: Advanced AD DS infrastructure managementThis module describes how to plan and implement an AD DS deployment that includes multiple domains and forests. The module provides an overview of the components in an advanced AD DS deployment, the process of implementing a distributed AD DS environment, and the procedure for configuring AD DS trusts.
- Overview of advanced AD DS deployments
- Deploying a distributed AD DS environment
- Configuring AD DS trusts
Lab : Domain and trust management in AD DS
Module 4: Implementing and administering AD DS sites and replicationThis module describes how to plan and implement an AD DS deployment that includes multiple locations. The module explains how replication works in a Windows Server 2016 AD DS environment.
- Overview of AD DS replication
- Configuring AD DS sites
- Configuring and monitoring AD DS replication
Lab : Managing and implementing AD DS sites and replication
Module 5: Implementing Group PolicyThis module describes how to implement a GPO infrastructure. The module provides an overview of the components and technologies that compose the Group Policy framework.
- Overview of Hyper-V
- Introducing Group Policy
- Implementing and administering GPOs
- Group Policy scope and Group Policy processing
- Troubleshooting the application of GPOs
Lab : Implementing a Group Policy infrastructure
Lab : Troubleshooting a Group Policy infrastructure
Module 6: Managing user settings with GPOsThis module describes how to configure Group Policy settings and Group Policy preferences. This includes implementing administrative templates, configuring folder redirection and scripts, and configuring Group Policy preferences.
- Implementing administrative templates
- Configuring Folder Redirection and scripts
- Configuring Group Policy preferences
Lab : Managing user settings with GPOs
Module 7: Securing AD DSThis module describes how to configure domain controller security, account security, password security, and Group Managed Service Accounts (gMSA).
- Securing domain controllers
- Implementing account security
- Audit authentication
- Configuring managed service accounts (MSAs)
Lab : Securing AD DS
Module 8: Deploying and managing AD CSThis module describes how to implement an AD CS deployment. This includes deploying, administering, and troubleshooting CAs.
- Deploying CAs
- Administering CAs
- Troubleshooting and maintaining CAs
Lab : Deploying and configuring a two-tier CA hierarchy
Module 9: Deploying and managing certificatesThis module describes how to deploy and manage certificates in an AD DS environment. This involves deploying and managing certificate templates, managing certificate revocation and recovery, using certificates in a business environment, and implementing smart cards.
- Deploying and managing certificate templates
- Managing certificate deployment, revocation, and recovery
- Using certificates in a business environment
- Implementing and managing smart cards
Lab : Deploying certificates
Module 10: Implementing and administering AD FSThis module describes AD FS and how to configure AD FS in a single-organization scenario and in a partner-organization scenario.
- Overview of AD FS
- AD FS requirements and planning
- Deploying and configuring AD FS
- Overview of Web Application Proxy
Lab : Implementing AD FS
Module 11: Implementing and administering AD RMSThis module describes how to implement an AD RMS deployment. The module provides an overview of AD RMS, explains how to deploy and manage an AD RMS infrastructure, and explains how to configure AD RMS content protection.
- Overview of AD RMS
- Deploying and managing an AD RMS infrastructure
- Configuring AD RMS content protection
Lab : Implementing an AD RMS infrastructure
Module 12: Implementing AD DS synchronization with Azure ADThis module describes how to plan and configure directory syncing between Microsoft Azure Active Directory (Azure AD) and on-premises AD DS. The modules describes various sync scenarios, such as Azure AD sync, AD FS and Azure AD, and Azure AD Connect.
- Planning and preparing for directory synchronization
- Implementing directory synchronization by using Azure AD Connect
- Managing identities with directory synchronization
Lab : Configuring directory synchronization
Module 13: Monitoring, managing, and recovering AD DSThis module describes how to monitor, manage, and maintain AD DS to help achieve high availability of AD DS.
- Monitoring AD DS
- Managing the AD DS database
- Recovering AD DS objects