Active Directory Domain Services

Module 1

Introduction to AD DS

https://docs.microsoft.com/en-us/learn/paths/active-directory-domain-services/

Learn about the fundamentals of Active Directory Domain Services (AD DS) in Windows Server 2019, including forests, domains, sites, domain controllers, organizational units (OUs), users, and groups.

• Define AD DS
• AD DS includes both logical and physical components
• What are the logical components?
• What are the physical components?
• Define users, groups, and computers
• What are managed service accounts?
  • A service account might be an account that is local to the computer, such as the built-in Local Service, Network Service, or Local System accounts. You also can configure a service account to use a domain-based account located in AD DS.
  • Many organizations choose to use a domain-based account to run program services.
  • Standard managed service accounts can’t provide managed service account functionality to services that are running on more than one server
• What are group managed service accounts?
  • Group managed service accounts enable you to extend the capabilities of standard managed service accounts to more than one server in your domain. In server farm scenarios with Network Load Balancing (NLB) clusters or IIS servers, there often is a need to run system or program services under the same service account
• What are group objects?
• Group types
• Group scopes
• What are computer objects?
• Computers container
• Define AD DS forests and domains
• What is an AD DS forest?
• What is an AD DS domain?
• What are trust relationships?
• Define OUs
• Define OUs
• Why create OUs?
• What are the generic containers?
• Use a hierarchical design
• Manage objects and their properties in AD DS
• Active Directory Administrative Center
• Windows Admin Center
• Remote Server Administration Tools
• Other AD DS management tools
• Demonstration -VIDEO
• From Server Manager, open Active Directory Administrative Center.
• Select Dynamic Access Control in the Contoso domain.
• Perform a global search and review the results.
• Reset the password for a user in the Contoso domain.
• Create a new computer object called SEA-CL4.
• Open the new computer object and review its properties, including its Extensions.
• Review the Windows PowerShell history and examine the New-ADComputer command.

Module 2

Manage AD DS domain controllers and FSMO roles

Learn about essential AD DS domain controllers management and maintenance tasks, including their deployment, backup and recovery, and schema management. Find out about design considerations for optimal number, roles, and location of domain controllers.

Module 4

Manage advanced features of AD DS

Learn about advanced AD DS administration tasks, including creating trust relationships, implementing Enhanced Security Administrative Environment (ESAE) forests, monitoring and troubleshooting AD DS replication, and creating custom AD DS partitions.