You are on page 1of 21

Microsoft Official Course

Identity with Windows Server 2016
Thank you for joining us today.

We’ve worked together with the At the end of class, please complete
Microsoft Partner Network and an evaluation of today’s experience.
Microsoft IT Academies to bring you We value your feedback!
a world-class learning experience.
Certification Exam Benefits. After
Microsoft Certified Trainers + training, consider pursuing a
Instructors. Your instructor is a Microsoft Certification to help
premier technical and instructional distinguish your technical expertise
expert who meets ongoing and experience. Ask your instructor
certification requirements. about available exam promotions
and discounts.
Customer Satisfaction Guarantee.
Our partners offer a satisfaction We wish you a great learning
guarantee and we hold them experience and ongoing career
accountable for it. success!
Hello! Instructor introduction

• Instructor: <Name>
• <Title or other credentials, e.g.
Microsoft Certified Trainer>
• <Affiliation/Company>
• <A few words about my technical
and professional experience>
Hello! Student introductions

Let’s get acquainted:

• Your name
• Company affiliation
• Title/function
• Windows Server 2012 or Windows Server 2016
• Active Directory experience
• Your expectations for the course

• Class hours
• Building hours
• Parking
• Restrooms
• Meals
• Phones
• Messages
• Smoking
• Internet access
• Recycling
• Emergency procedures
About this course: Audience

Candidates who attend this course typically are IT professionals who:

• Have some AD DS knowledge and experience and who aim to

develop knowledge about identity and access technologies in
Windows Server 2016. This would typically include:
• AD DS administrators who want to train in identity and access technologies with
Windows Server 2016
• System or infrastructure administrators with general AD DS experience and
knowledge who want to cross-train in core and advanced identity and access
technologies in Windows Server 2016
• The secondary audience for this course includes IT professionals
who are looking to consolidate their knowledge about Active
Directory Domain Services (AD DS) and related technologies, in
addition to IT professionals who want to prepare for the 70-742
About this course: Prerequisites

Before attending this course, students should have:

• Some exposure to and experience with AD DS concepts and technologies
in Windows Server 2012 or Windows Server 2016
• Experience working with and configuring Windows Server 2012 or
Windows Server 2016
• Experience and an understanding of core networking technologies such as
IP addressing, name resolution, and Dynamic Host Configuration Protocol
• Experience working with and an understanding of Microsoft Hyper-V and
basic server virtualization concepts
• An awareness of basic security best practices
• Hands-on working experience with Windows client operating systems such
as Windows 7, Windows 8, Windows 8.1, or Windows 10
• Basic experience with the Windows PowerShell command-line interface
About this course: Objectives

After completing this course, students will be able to:

• Install and configure domain controllers
• Manage objects in AD DS by using graphical tools and Windows
• Implement AD DS in complex environments
• Implement AD DS sites, and configure and manage replication
• Implement and manage Group Policy Objects (GPOs)
• Manage user settings by using GPOs
• Secure AD DS and user accounts
• Implement and manage a certificate authority (CA) hierarchy with AD CS
• Deploy and manage certificates
• Implement and administer Active Directory Federation Services (AD FS)
• Implement and administer Active Directory Rights Management Services
• Implement synchronization between AD DS and Azure AD
• Monitor, troubleshoot, and establish business continuity for AD DS services
Your course materials

Designed to optimize your classroom learning experience

and support you back on the job

Microsoft Official Course handbook

• Organized by modules
• Includes Labs and Lab Answer Keys
• Module Reviews and Takeaways
make great on-the-job references

This is an early-to-market edition of the course. Upon release of the next edition, you
will be able to access:

Digital Companion Content

Supplemental content and helpful links
Download at:
Your course materials

Microsoft Official Course Handbook (Digital)

• Access online using the Skillpipe reader by arvato, at
• Register/sign in and redeem your digital courseware
• Easily add notes and comments, and highlight
• Organized by module
• Includes Labs and Lab Answer Keys
• Module Reviews and Takeaways make great on-the-
job references

Digital Companion Content

• Supplemental content and helpful links
• Download at:
Course outline

Module 1
Installing and configuring domain controllers

Module 2
Managing objects in AD DS

Module 3
Advanced AD DS infrastructure management

Module 4
Implementing and administering AD DS sites and replication

Module 5
Implementing Group Policy

Module 6
Managing user settings with Group Policy
Course outline, continued

Module 7
Securing Active Directory Domain Services

Module 8
Deploying and managing AD CS

Module 9
Deploying and managing certificates

Module 10
Implementing and administering AD FS

Module 11
Implementing and administering AD RMS

Module 12
Implementing AD DS synchronization with Microsoft Azure AD

Module 13
Monitoring, managing, and recovering AD DS
Related Courses

• 20740: Installing, Storing, and Computing with Windows Server 2016

• 20741: Networking with Windows Server 2016
• 20743: Upgrading Your Skills to Windows Server 2016 MCSA
• 20744: Securing Windows Server 2016

See the full line of Microsoft Training and Certification

resources at:
Microsoft Certification Program

Get trained. Get certified.

Get ahead.
Microsoft Certifications demonstrate that Microsoft Certified
you have the skills to design, deploy, and Solutions Expert
optimize the latest technology solutions.
Ask your Microsoft Learning Partner how you
can prepare for certification.

For more information about Microsoft Microsoft Certified

Certifications, go to:
Solutions Associate
certification (MCSA)
Windows Server 2016 certification path

MCSA: Windows Server 2016

Exam 70-740 Exam 70-741 Exam 70-742 Exam 70-743

Installation, Storage Networking with Identity with Upgrading Your

and Compute with Windows Server Windows Server Skills to MCSA:
Windows Server 2016 2016 Windows Server
2016 2016


Course 20740A Course 20741A Course 20742A Course 20743A

Installation, Storage, Networking with Identity with Upgrading Your

and Compute with Windows Server Windows Server Skills to MCSA:
Windows Server 2016 2016 Windows Server
2016 2016
Preparing for the labs

Your lab activities will be centered around a fictitious company that we will call
A. Datum Corporation, through which you will learn how to:

• Deploy and administer AD DS

• Manage AD DS objects
• Administer AD DS
• Manage domains and trust in AD DS
• Implement AD DS sites and replication
• Implement a Group Policy infrastructure
• Troubleshoot a Group Policy infrastructure
• Manage user settings with GPOs
• Secure AD DS
• Deploy and configure a two-tier CA hierarchy
• Deploy and use certificates
• Implement AD FS
• Implement an AD RMS infrastructure
• Configure directory synchronization
• Recover objects in AD DS
VM environment

VM name: Use as:

20742A-LON-DC1 Domain controller in the domain

20742A-LON-DC2 Domain controller in the domain

20742A-TOR-DC1 Domain controller in the domain (in another

20742A-TREY-DC1 Domain controller in domain

20742A-LON-SVR1 Member server in the domain

20742A-LON-SVR2 Member server in the domain with Web

server role
20742A-CA-SRV1 Server not joined to the domain to be used as offline root
20742A-LON-CL1 Windows 10 client with Microsoft Office 2016 installed

20742A-LON-CL2 Windows 10 client with Office 2016 installed

Microsoft Learning Azure Pass

• You will use the Microsoft Learning Azure Pass to provide access to
Microsoft Azure for demonstrations and labs

• Microsoft Learning Azure Pass access and configuration

• Best practices for Microsoft Learning Azure Pass usage:

• Check the dollar balance of your Azure Pass within Microsoft Azure once
you have set up your subscription, and be aware of how much you are
consuming as you proceed through the labs
• Do not allow Microsoft Azure components to run overnight or for extended
periods unless you need to do so
• Remove any Microsoft Azure–created components or services such as
storage, virtual machines, or cloud services, after you finish your lab to
help minimize cost usage and extend the life of your Microsoft Learning
Azure Pass
WARNING – You might experience UI discrepancies

Given the dynamic nature of Microsoft cloud tools, you

may experience Microsoft Office 365 and/or Azure user
interface (UI) changes that were made following
courseware development and that do not match up
with lab instructions.

The Microsoft Learning team will document these

changes for instructors as they are brought to our
attention. However, given the dynamic nature of cloud
updates, you may run into changes before we become
aware of them.

If this occurs, you will have to adapt to the changes and

work through them in the labs as necessary.
Demonstration: Using Microsoft Labs Online (optional)

In this demonstration, you will learn how to:

• Access the Microsoft Labs Online lab environment
• Switch between VMs

Read the online Lab Notes carefully, because some procedures

related to on-premises lab versus online labs may have slightly
different steps. Any differences will be called out in the Lab Notes.
Demonstration: Using Hyper-V Manager (optional)

In this demonstration, you will learn how to:

• Open Hyper-V Manager
• Navigate the various sections/panes within Hyper-V Manager:
• VMs, snapshots, and actions (server-specific and VM-specific)
• Identify the VMs that you will use in the labs for this course
• Take a snapshot and apply a snapshot
• Connect to a VM
• Start and sign in to a VM
• Switch between full screen and window modes
• Revert to the previous snapshot
• Shut down a VM
• Know when to shut down versus turn off a VM
• Close Hyper-V Manager