Windows Server^® 2008 Active Directory Domain Services: Hands-On

Windows Server 2008 AD Fundamentals

• Exploring the AD infrastructure
• The role of DNS in an AD environment

Deploying a Windows Server 2008 AD

Upgrading existing AD environments

• Planning and preparing for the upgrade
• Analysing supported paths
• Modifying the Active Directory with ADPREP

Managing domain controllers with Server Manager

• Adding and removing server roles
• Enhancing server functionality with features
• Analysing security logs with Event Viewer
• Monitoring current server status

Creating the Active Directory Forest

Building domain controllers and domains

• Troubleshooting domain creation
• Working with new DCPROMO features

Cleaning up metadata from the AD

• Properly retiring domains and domain controllers
• Removing unwanted objects with NTDSUTIL

Managing Flexible Single Master Operation (FSMO) roles

• Documenting the role holders
• Transferring roles between domain controllers
• Recovering from FSMO failures

Planning and configuring Active Directory sites

• Creating sites to delineate the replication topology
• Defining site properties to control replication traffic
• Assigning clients to sites dynamically

Enumerating domain logon service requirements

• Assessing the impact of Global Catalog availability
• Analysing the role of DNS
• Building a Kerberos time convergence hierarchy

Managing Active Directory Replication

The fundamentals of multimaster replication

• Identifying the Update Sequence Numbers (USN)
• Monitoring replication data with administrative tools
• Resolving data collision issues

Creating and customising replication topology

• Analysing the role of the Knowledge Consistency Checker (KCC)
• Monitoring intra- and inter-site replication
• Troubleshooting replication failures
• Controlling replication with site-links and site-link bridges
• Configuring site-link transitivity

Distributed File System Replication (DFSR)

• Minimising the impact on network traffic with Remote Differential Compression (RDC)
• Migrating SYSVOL replication to DFSR

Recovering from Active Directory disasters

• Viewing and reanimating deleted objects
• Backing up and restoring the database
• Comparing authoritative and non-authoritative restores

Securing the Active Directory

Enforcing object security

• Configuring security settings
• Utilising inheritance to control object access

Leveraging AD auditing

• Monitoring object access
• Minimising the impact of auditing on domain controller performance

Troubleshooting Active Directory services

• Diagnosing AD service failures
• Identifying AD service malfunctions with operating system tools
• Recovering from AD service failures
• Developing a consistent troubleshooting technique

Installing a Read-Only Domain Controller (RODC)

• Setting a password replication policy
• Adding DNS and the Global Catalog to an RODC
• Delegating RODC management

Windows Server Core benefits

• Adding supported roles
• Building a domain controller on Server Core

Windows Server 2008 Functionality Modes

Domain functionality levels

• Setting the domain functionality
• Analysing features at various domain functionality modes

Forest functionality levels

• Forest functionality requirements
• Setting the functionality of the forest