View
19
Download
0
Category
Preview:
Citation preview
An-Najah National University
Korean-Palestinian IT Institute of Excellence
جامعة النجاح الوطنية
المتميز الفلسطيني الكوري المعهد
المعلومات لتكنولوجيا
1
MICROSOFT CERTIFIED IT PROFESSIONAL
A BRIEF OVERVIEW
MCITP server administrator Course which consist of 3 parts (exams)
COURSE 1: #70-640 CONFIGURING WINDOWS SERVER 2008 ACTIVE DIRECTORY
Configuring Domain Name System (DNS) for Active Directory
Configuring the Active Directory Infrastructure
Configuring Additional Active Directory Server Roles
Creating and Maintaining Active Directory Objects
Maintaining the Active Directory Environment
Configuring Active Directory Certificate Services
COURSE 2: #70-642 CONFIGURING WINDOWS SERVER 2008 NETWORK INFRASTRUCTURE
Configuring IP Addressing and Services
Configuring Name Resolution
Configuring Network Access
Configuring File and Print Services
Monitoring and Managing a Network Infrastructure
COURSE 3: #70-646 WINDOWS SERVER 2008 - SERVER ADMINISTRATION
Planning for Server Deployment
Planning for Server Management
Monitoring and Maintaining Servers
Planning Application and Data Provisioning
Planning for Business Continuity and High Availability
An-Najah National University
Korean-Palestinian IT Institute of Excellence
جامعة النجاح الوطنية
المتميز الفلسطيني الكوري المعهد
المعلومات لتكنولوجيا
2
COURSE 1 (WINDOWS SERVER 2008 ACTIVE DIRECTORY 70-640)
1) Introduction to windows server 2008
2) What is Active Directory
What is Active Directory?
What is a Domain?
What is a Server Role?
What is DNS?
3) Installing Server 2008 and Active Directory
▪ Installation of ADDS
▪ Administrator Passwords
▪ Renaming Default-First-Site-Name
▪ Setting Up a Second Domain Controller
▪ Replication Testing between the Domain Controllers
4) Join Clients Computer To the Domain & Administer Your Server Remotely
▪ Joining a Client to Your Domain
▪ Troubleshooting Connection Problem
▪ Troubleshooting RPC Server Error
▪ Remote Desktop is Advantages
▪ Setting Up Remote Desktop Shortcut
5) Creating OUs, User, and Computer accounts and Groups
▪ Definition of an OU
▪ Creating an Organizational Unit
▪ Deleting on OU
▪ Creating User Accounts
▪ Introducing DSADD
▪ Creating Computer Accounts
▪ Difference Between OUs and Groups
▪ Creating Groups in AD
▪ Adding Users and Computers into Groups
▪ Automate the creation of objects .
6) Setting Up Share Folders and Printers, Mapping Drives, and Creating
Permissions (Setting Up Share Folders and Printers, Mapping Drives, and Wrestling
with Permissions: Sharing Stuff on Servers)
An-Najah National University
Korean-Palestinian IT Institute of Excellence
جامعة النجاح الوطنية
المتميز الفلسطيني الكوري المعهد
المعلومات لتكنولوجيا
3
▪ Setting Up a Member Server
▪ File Server Partitions
▪ Creating Shared Folders
▪ Share Level Permissions
▪ Using Share and Storage Management MMC
▪ Using Windows Explorer to Create Shared Folders
▪ Testing Shared Folders
▪ Groups and Permissions
▪ Making a Group a Member of Another Group
▪ Share Level vs. NTFS Permissions
▪ What is Inheritance
▪ Creating NTFS Permissions
▪ Checking NTFS Permissions
▪ Rules for Share Level and NTFS Permissions
▪ Moving Folders
▪ Mapping a Shared Drive
▪ Checking Group Memberships
▪ Creating and Sharing Printers
▪ Adding a Printer
7) Group Policy Objects
▪ Group Policy Management Console
▪ Default Domain Policy
▪ Local Vs. Domain Policy
▪ Configuring Domain Level Policy
▪ Linking GPOs
▪ GPO’s Processing Order
▪ Setting Policies
▪ Desktop Wallpaper Policy
▪ Preventing Users from Installing Software
▪ Removable Storage Policy
▪ Testing Our Policies
8) Security Filtering and Setting Up OUs for Better Group Policy
Implementation (Setting Up Your Organizational Units for Better Group Policy Implementation, Security
Filtering for GPOs Using Groups)
▪ implement GPO filtering
▪ Using a Combination of Techniques
▪ Reorganizing Users & Computers
▪ Running “gpupdate” Command
▪ Checking DCs Replication
An-Najah National University
Korean-Palestinian IT Institute of Excellence
جامعة النجاح الوطنية
المتميز الفلسطيني الكوري المعهد
المعلومات لتكنولوجيا
4
▪ Testing Our Reorganized Active Directory
9) Locking Down Machines at the Computer Level and Mapping Drives
( with Group Policy Preferences)
▪ Quick Review of Our Network
▪ Policy Settings to Computer Lockdown
▪ Reorganizing Computer OUs
▪ Creating Computer GPOs
▪ Loopback Processing
▪ Group Policy Intervals
▪ Testing Computer GPOs
▪ Mapping Network Drives with Preferences
▪ Testing Preferences – Mapped Drives
10) Using GPOs to Install Software (How to Push Software onto a Lot of
Machines easily : Using Group Policy Objects to Install
Software and Adjusting Group Policy that Affects Group Policy at the Domain Level)
▪ Our Scenario
▪ Options for Installing Software
▪ What You Need for a Software Installing GPO
▪ Steps for Creating GPO for Software Installation
▪ Creating a Shared Folder for software.msi Package
▪ Creating and Linking a New GPO to the an OU
▪ Testing Our New GPO Software Installation
▪ Default Domain Policy Settings
11) Domain and Fine Grained Password Policies
▪ The Default Domain Password Policy
▪ Account Lockout Policy
▪ what is fine Password Polices
▪ Server 2008 Functional Level
12) Providing Permissions to an Account for Administrative Tasks (Delegation )
▪ Giving Someone Else the Ability to Reset Passwords
▪ Additional Built-In Groups in OUs
▪ Delegation of Control Wizard
▪ Additional Built-In Groups
▪ Installing & Configure RSAT to windows 7 Client for Easy Server Management
13) Windows Server Backup, WBADMIN, and NTDSUTIL (How to Use Windows Server Backup, WBADMIN,
and NTDSUTIL to Create Backup Media)
An-Najah National University
Korean-Palestinian IT Institute of Excellence
جامعة النجاح الوطنية
المتميز الفلسطيني الكوري المعهد
المعلومات لتكنولوجيا
5
▪ why we need a backup .
▪ WBADMIN – Stronger Tools and More Options
▪ NTDSUTIL – Super-Powered Utility for Lots of Operations
▪ Installing Windows Server Backup
▪ Windows Server Backup Setup and Configuration
▪ Selecting Backup Once Wizard
▪ System State Backup with WBADMIN
▪ Creating Install for Media (IFM) Media
14) Moving Operations Masters and Adding a DC with IFM (Reducing Single Points of Failure: Changing Up
the Operations Masters and How to Add a Domain Controller with IFM)
▪ A Little Future Planning to Prevent Major Problems
▪ What Are Operations Masters?
▪ Restructuring The DCs a Bit
▪ Moving PDC Emulator and RID to the second AD.
▪ Building another DC with IFM Media
15) Monitoring, Auditing, and Maintaining Your AD Database
▪ Watching Your AD Stuff
▪ Your Monitoring Toolbox
▪ Task Manager
▪ Event Viewer
▪ Performance Monitor
▪ Reliability Monitor
▪ Data Collector Sets
▪ Watch Who’s Doing What to Your Active Directory
▪ Enabling Auditing for Our New Your OU
▪ Steps for Defragging Your AD Database
▪ Defragging Your AD Database with NTDSUTIL
16) Adding a Child Domain and Configuring Replication (Creating the
Another Location: Adding a Child Domain, Creating Sites and Subnets, and Configuring
Replication)
▪ Creating The New Site in AD
▪ Creating Subnet for The New Site
▪ Installing Domain Controller for New Site
▪ Configuring Replication
An-Najah National University
Korean-Palestinian IT Institute of Excellence
جامعة النجاح الوطنية
المتميز الفلسطيني الكوري المعهد
المعلومات لتكنولوجيا
6
17) Creating Universal Groups and the AGUDLP Strategy (Creating Universal Groups, the AGUDLP Strategy,
and Making Sure Your People Can Log in Anywhere in Your Enterprise)
▪ Organizing Users into Groups
▪ The Types of Groups
▪ Setting Up Your Groups for Access Between Domains
▪ AGUDLP Setup
▪ Checking Our Settings
▪ Making Sure Your Users Can Log in Anywhere in Your Enterprise
▪ Turning on Universal Group Membership Cashing
18) Building a Read-Only Domain Controller (for a Less Secure Location)
▪ What is a Read-Only Domain Controller?
▪ Building RODC
▪ Server Core Installation
▪ Running dcpormo on Server Core
▪ Verifying Our Installation
▪ Configuring RODC
▪ Setting Up Users
19) Restoring OUs and User Accounts (How to Restore Individual Organizational Units and User Accounts
AFTER They’ve Been Deleted)
▪ The Two Types of Restorations
▪ Authoritative Restore
▪ Checking Our Recovery Files and Objects
▪ How to Put Resurrected Users Back Into Groups Using Backlinks
20) Strategies for Recreating a Domain Controller (What Do You Do When a
Domain Controller Blows Up? Strategies to Use When Recreating a Dead Domain
Controller)
▪ Seizing Operations Masters for Quick Restoration of Functionality
▪ Possible Solutions for Restoring Domain Controllers
21) Upgrading a Server 2003 Machine to Server 2008
22) Connecting Two Active Directory Networks (Connecting the Continents:
How to Connect Two Active Directory Networks for Fun and Profit {and By Using Trusts
and DNS})
▪ What You Need for a Trust
▪ Trust Directions
▪ The forests Trusts relation
▪ Creating a Stub Zone
An-Najah National University
Korean-Palestinian IT Institute of Excellence
جامعة النجاح الوطنية
المتميز الفلسطيني الكوري المعهد
المعلومات لتكنولوجيا
7
▪ Raising Forest Functional Level
▪ Creating Trusts
▪ Checking and Updating User Permissions
23) Domain Name Service (A Primer on Domain Name Service and How it Fits
in with Active Directory)
▪ A Quick Overview of DNS
▪ What are DNS Zones Really?
▪ The Different Kinds of DNS Records
▪ Forward Lookup Zones
▪ Reverse Lookup Zones
▪ Conditional Forwarders
▪ Forwarders and Root Hints
▪ Global Name Zones & the WINS
24) AD Certificate Services (A Primer on Active Directory Certificate
Services and Public Key Infrastructure)
25) Active Directory Lightweight Directory Services 101 (A Primer on AD LDS)
26) AD Rights Management (ADRMS)
COURSE 2:WINDOWS SERVER 2008 NETWORK INFRASTRUCTURE TRAINING - COURSE OUTLINE
1 - Introduction to TCP/IP And Addressing .
2 - Windows Server 2008 Network Infrastructure
What’s Covered in this Course?
Our Scenario
3 - Configuring DHCP
Introduction to DHCP
How Does DHCP Work.
How to Configuring DHCP in Windows Server 2008?
Authorizing DHCP
Creating Scopes
An-Najah National University
Korean-Palestinian IT Institute of Excellence
جامعة النجاح الوطنية
المتميز الفلسطيني الكوري المعهد
المعلومات لتكنولوجيا
8
Configuring Scope Options
Address Leases
Reservations
Using DHCP in a Routed Network
How Does DHCP Relay Agent Work.
How to Configuring a DHCP Relay Agent in Windows Server 2008
4 - Managing DHCP
Add and Remove Bindings
Location of Database
Backup & Restore
DHCP Service
DHCP Management Permissions
Statistics
Scope Reconciliation
Audit Logging
Conflict Detection
Integration with DNS and NAP
Performance Counters
5 - Setting Up Routing
What is a Router.
How to Use Server 2008 as a Router
Routing Table
Adding Static Entry to a Routing Table
Inbound and Outbound Filters
Static vs. Dynamic Routing
Dynamic Routing Protocols: RIP & OSPF
How RIP Works in Server 2008
6 - Configuring DNS
Introduction to DNS
Installing the DNS Server Role in Windows Server 2008
What is a Domain Namespace?
What is a DNS Query.
How Queries Work
What is a Forwarder.
Setting Up Standard DNS Forwarders in Windows Server 2008
An-Najah National University
Korean-Palestinian IT Institute of Excellence
جامعة النجاح الوطنية
المتميز الفلسطيني الكوري المعهد
المعلومات لتكنولوجيا
9
Setting Up Conditional DNS Forwarders in Windows Server 200
How Caching Works
Clearing the DNS Cache
What is a DNS Zone?
Zone Types
Stub Zones
Active Directory Integrated Zones
Forward and Reverse Lookup
Dynamic Updates
Configuring a DNS Zone
Creating Stub Zones
DNS Records
DNS Zone Transfers
Configuring Resource Records and Zone Transfers
Zone Transfer Issues
7 - Managing DNS
What is Time to Live? (TTL)
What is Aging and Scavenging.
Setting the TTL Value and the Aging and Scavenging Parameters
Testing DNS Queries
nslookup
dnscommand
Performance Monitor
DNS Event Logs
DNS Debug Logging
8 - Name Resolution
What are Host and NetBIOS Names?
How Are Names Resolved.
Hosts & LMHosts Files / DNS & WINS Servers
DNS & WINS Servers
hostname & nbtstat Commands
Client Configuration
Troubleshooting Name Resolution
DNS Cache and Host File
GlobalNames Zone
WINS Lookup and GlobalNames Zone Demo
An-Najah National University
Korean-Palestinian IT Institute of Excellence
جامعة النجاح الوطنية
المتميز الفلسطيني الكوري المعهد
المعلومات لتكنولوجيا
10
9 - Securing Data
NTFS Permissions
Assigning NTFS Permission
Special NTFS Permissions
Inheritable Permissions
Examples - Effective User Permissions
Creating Users & Groups
Effective User Permissions
Encrypting File System (EFS)
Cryptography
Public Key Encryption
How Does EFS Work.
Enabling EFS
10 - Sharing Data
Sharing Folders
Installing File Service Role
Sharing Using Provision a Share Folder Wizard
Accessing Shared Folder
Disk Quotas
Setting Disk Quotas Using Group Policy
Quota Management Utility
Offline Files
Distributed File System (DFS)
Creating Replica on a Different Server
Raising Domain & Forest Functional Level
11 - Configuring Print Services
Installing a Printer
Sharing a Printer
Installing Print Services Role
Using Print Management Snap-In
Configuring Print Permissions
Printer Priorities and Scheduling
Printer Pooling
Setting Up Printer Pooling on Server 2008
Managing Drivers
Troubleshooting Printers
An-Najah National University
Korean-Palestinian IT Institute of Excellence
جامعة النجاح الوطنية
المتميز الفلسطيني الكوري المعهد
المعلومات لتكنولوجيا
11
Restarting Printer Spooler Service
12 - Windows Server Update Services (WSUS)
What Is WSUS.
Why Use WSUS.
Installing Necessary Services
Downloading and Installing WSUS
Configuring WSUS Server Options
Computer Groups and Server-Side Targeting
Using Group Policy and Client-Side Targeting
How to Approve Updates
13 - Backup and Recovery
How to Configure the Shadow Copy Service
Recovering Data Using Shadow Copy
Installing the Windows Server Backup Feature
Creating a Backup Volume
Scheduling Backups
Recovering Data
Complete System Recovery
Additional Backup Tips
14 - Monitoring Windows Server 2008
Task Manager
Event Viewer
Performance Monitor
Reliability Monitor
Data Collector Sets
15 - Configuring Remote Access
Installing the RRAS Component
Configuring RRAS
How to Configure a Client to Connect
Making a Connection
Manually Controlling Connections
Creating a Network Policy
Network Policy Order
An-Najah National University
Korean-Palestinian IT Institute of Excellence
جامعة النجاح الوطنية
المتميز الفلسطيني الكوري المعهد
المعلومات لتكنولوجيا
12
Testing Our New Network Policy
Configuring RRAS - True VPN Setup
What is RADIUS.
16 - Wireless Networks
Is Wireless Good or Bad.
Wireless Networking Standards
Wireless Security
Connecting to a Wireless Network
Setting Up Security on a Router
17 - Windows Firewall
Why We Need a Firewall
Windows Firewall in Server 2008
Firewall Profiles
Creating a New Firewall Rule
Creating a Program Outbound Rule
Configuring with Group Policy
18 - Securing Network Traffic with IPSec.
What is IPSec.
IPSec Protocols
Tunnel Mode vs. Transport Mode
Authentication Methods
Configuring IPSec in Server 2008
Creating New IPSec Policy
Getting IPSec to Work
Using Connection Security Rules
19 - Network Access Protection (NAP)
What is NAP?
NAP Enforcement Types
System Health Agents (SHAs) and System Health Validators (SHVs)
Health Requirement Policies
An-Najah National University
Korean-Palestinian IT Institute of Excellence
جامعة النجاح الوطنية
المتميز الفلسطيني الكوري المعهد
المعلومات لتكنولوجيا
13
Installing Necessary Roles: DHCP Role and Network Policy and Access Services
Role
Installing and Configuring NAP: DHCP Enforcement
NAP Client Configuration
Testing Our Client for NAP Enforcement
COURSE 3:WINDOWS SERVER 2008 SERVER ADMINISTRATOR TRAINING - COURSE OUTLINE
2 - Windows Server 2008 Installation and Upgrade
Windows Server 2008 & 2008 R2 Versions
Installing Windows Server 2008 from Scratch
Initial Configuration Tasks (ICT)
Adding Active Directory Role
Review - Creating Active Directory Domain Controller
Server Manager Overview
Upgrading Server 2003 to Server 2008
3 - Simplifying Installation with Windows Deployment Services (WDS)
Getting Ready for WDS
Installing DHCP Role
Installing WDS Role
Configuring WDS
Adding Image to WDS
Setting Up and Deploying Multicast Transmission
Installing Automated Installation Kit (AIK)
Creating an Answer File with Windows System Image Master (SIM) Tool
Running Unattended Installation
4 – Review - Installing Windows Server 2008 Server Core
What is Server Core.
When Should I Use Server Core.
Installing Windows Server 2008 Server Core
Installing Core Configurator Utility
Setting Up Windows Server Core with Core Configurator
Remote Management
Downloading, Installing, and Setting Up Remote Server Administration Tools
(RSAT)
Setting Up Secondary DNS Server on Server Core
An-Najah National University
Korean-Palestinian IT Institute of Excellence
جامعة النجاح الوطنية
المتميز الفلسطيني الكوري المعهد
المعلومات لتكنولوجيا
14
Remote Desktop Management
5 – Review - Deploying Read Only Domain Controllers
RODC Benefits
Installing Read Only Domain Controller (RODC)
Testing Replication Between a DC and RODC
Configuring a Password Replication Policy
Administrative Role Separation
6 - Virtualization
What is Virtualization.
Benefits of Using Virtualization
Virtualization Products
Virtualization Examples
Potential Issues
7 - Review Using Group Policy to Simplify Network Administration
Active Directory Review
Active Directory Objects
Active Directory Trusts
What is a GPO?
Group Policy Management Tool - Create and Link GPOs
Edit Block Removable Device Installation” GPO Settings
Edit Disable Add/Remove Programs” GPO Settings
Edit Create Shortcut GPO Settings
How Do GPOs Get Applied?
Enforced and Security Filtering
Block Inheritance
Group Policy Modeling and Results Wizards
Password Setting Objects (PSO)
8 - Review Delegation of Control
Different Types of Permissions
Configuring Permissions
Setting Permissions in Active Directory
An-Najah National University
Korean-Palestinian IT Institute of Excellence
جامعة النجاح الوطنية
المتميز الفلسطيني الكوري المعهد
المعلومات لتكنولوجيا
15
Delegation of Control Wizard
Creating Custom MMC
9 - Setting Up a File and Print Server
Installing File Services Role
NTFS File and Folder Permissions
What are Inherited Permissions?
Folder Redirection Steps
Setting up Disk Quotas
Using File Server Resource Manager to Setup Disk Quotas
Checking Redirection Settings
Installing Print Services Role
Installing and Sharing a Printer
Printer Permissions
Installing Printer on a Client
Troubleshooting Printers
NTFS Permissions Review - AGDLP
10 - Data Provisioning
Creating a Share
Managing Permissions to Share a Folder
Configuring Caching
Accessing a Shared Folder Offline
Installing DFS Role Service and Creating a DFS Namespace
Accessing DFS Share
Configuring DFS Replication
DFS Management - Configuring Fault Tolerance
11 - Setting Up a VPN Server
What is a VPN?
Supported Authentication Protocols
Choosing a VPN Protocol
Installing Remote Access Service
Configuring Routing & Remote Access Server to Support VPN Connectivity
DHCP Relay Agent Setup
Configuring DHCP Options
Authentication Protocols
Creating VPN Connection for a Client
An-Najah National University
Korean-Palestinian IT Institute of Excellence
جامعة النجاح الوطنية
المتميز الفلسطيني الكوري المعهد
المعلومات لتكنولوجيا
16
Managing VPN Users
12 - Network Policy Server
What is a RADIUS?
Installing Network Policy Server (NPS) Role
Configuring NPS Server as RADIUS Server
Configuring Remote Access Server as RADIUS Client
Creating a Network Policy
Testing the Network Policy
13 - Windows Server Update Services (WSUS)
What is Windows Server Update Services (WSUS)?
Preparing Server for WSUS Installation
Downloading & Installing WSUS
Troubleshoot WSUS
Configuring Computer Groups - Client-Site Targeting
Configuring Clients Using Group Policy
Approving Updates
Configuring WSUS in Replica Mode
14 - Using Active Directory Certificate Services
What is a Certificate?
What is a Certificate Authority (CA)?
What are the Different Types of CAs?
Creating a CA Hierarchy
How Do I Get a Certificate?
What is Credential Roaming?
What is a Certificate Revocation List (CRL)?
What is an Online Responder?
Installing Active Directory Certificate Services Role
Certification Authority Overview
Managing Certification Authority Services
Process of Setting Up Online Responder
15 - Backup and Recovery
Configuring Shadow Copy Service
Picking a Storage Location
An-Najah National University
Korean-Palestinian IT Institute of Excellence
جامعة النجاح الوطنية
المتميز الفلسطيني الكوري المعهد
المعلومات لتكنولوجيا
17
Using Shadow Copy - Restoring Previous Versions
Installing Windows Server Backup Feature
Backup Once Wizard - Creating Backup of a Volume
Setting Up Backup Schedule
Recovering Individual Files
Recovering a Complete Volume
Recovering Operating System
Additional Backup Tips
16 - Deploying Terminal Services
What is Terminal Services?
Additional Role Services
Installing TS Role with TS Gateway, TS Web Access, and TS Session Broker on
First Server
Extra Step For TS Role Installation on a Domain Controller
Configuring Session Rules for Terminal Servers on User-By-User Basis
Configuring Session Rules for Terminal Servers with Session Time Limits in
Group Policy
Configuring Session Rules for Terminal Servers in Terminal Services
Configuration Window
Configuring Maximum Connections to Terminal Server
Configuring TS Session Broker
Installing Microsoft Office on First Terminal Server
Connecting to SALES_TS_FARM from Client Computer
Upgrading Remote Desktop Connection Utility on Windows XP Client
Connecting to Terminal Server Using Web Access
Deploying Application Using RemoteApp
Testing RemoteApp from a Client Computer
17- Planning for High Availability
What Does High Availability Mean.
DNS Round Robin
Network Load Balancing (NLB)
Failover Clustering
Using RAID
Working with SANs
Quorum Models
Recommended