Identity with Windows Server 2016

This course is designed to prepare students for the Windows Server 2016 (70-742) certification exam.

myAOLCC Hub (Online)
Intermediate, Advanced
100 Hours
What you'll learn
  • Active Directory Domain Controllers
  • Accounts and Permissions
  • Groups and OUs
  • Service Authentication and Account Policies
  • Maintenance and Recovery Techniques
  • Trusts and Sites
  • Group Policy Processing
  • Settings and Preferences
  • Certificate Authorities with Root, Subordinate, and Standalone CAs
  • Active Directory Federation Services (ADFS)
  • Web Application Proxies
  • Active Directory Rights Management Services (AD RMS)

Course Introduction

This course is designed to prepare students for the Windows Server 2016 (70-742) certification exam. The 70-742 certification exam is the third step on the path to becoming a Microsoft Certified Solutions Associate (MCSA).

In this course, students obtain the skills and knowledge required to handle Active Directory Domain Controllers, accounts and permissions, groups and OUs, service authentication and account policies, maintenance and recovery techniques, trusts, and sites. Students will learn about GPOs, group policy processing, settings, and preferences, Certificate Authorities with root, subordinate, and standalone CAs. Students will also learn about Active Directory Federation Services (ADFS), Web application proxies, and Active Directory Rights Management Services (AD RMS).

Course Prerequisites

Experience in the IT field, Installation, Storage, and Compute with Microsoft Windows Server 2016 70-740 and Networking with Microsoft Windows Server 2016 70-741, or equivalent.

Course Outline

Identity with Windows Server 2016

Module 1:

Add and remove Domain Controllers (DC), Server Cores, DC upgrades, IFM deployments, DNS SRV records, Global Catalog Servers, Operations Master Roles, RODCs

Module 2:

Automating and managing AD user and computer accounts, template accounts, bulk AD operations, configure NTFS and share permissions, offline domain join, inactive and disabled accounts, password resets, DC cloning

Module 3:

Manage group nesting, converting groups, group membership in group policy and PowerShell, enumerating group memberships, delegating management, AD containers, groups and OUs

Module 4:

Managing service accounts and gMSAs, Kerberos Constrained Delegation (KCD), Service Principal Names (SPNs), virtual accounts, Password Policy Settings Objects (PSOs) and delegation, account lockout, Kerberos, and authentication policy settings and silos

Module 5:

Backup AD, and SYSVOL, offline management of AD, AD defragmentation, metadata cleanup, object and container-level recovery, AD restore, AD recycle bin, SYSVOL replication to DFRS, multidomain and multi-forest configuration, deploy DC in existing AD environments, upgrade and configure domain and forest functional level, and multiple UPN suffixes

Module 6:

ADDS, forest, external, and realm trusts, trust authentication, SID filtering, name suffice routing, sites and subnets, site links and coverages, registration of SRV records, moving DCs between sites

Module 7:

Managing ADMX central store for GPOs, starter GPOs, GPO links, migration tables, local group policy, restoring default GPOs, delegating group policy management, status page health issues using the group policy infrastructure

Module 8:

Group Policy processing and precedence, block inheritance, enforcing GPOs, security filtering and WMI filtering, loopback processing, slow-link processing, group policy caching, ClientSide Extension (CSE), forcing a group policy update

Module 9:

AD group policy settings for software installation and redirection policies, creating scripts, administrative and import security templates, import a custom administrative template file, filtering administrative templates

Module 10:

Group policy preferences for printer preferences, map network drives, power options, custom registry settings, control panel settings, Internet Explorer settings, file and folder deployment, shortcut deployment, item-level targeting

Module 11:

Installing Active Directory Certificate Services (CAs), root and subordinate CAs, and standalone CAs, certificate revocation lists, online responders, administrative role separation, CA backup and recovery, managing certificates, templates, deployment, validation and revocation, renewal, enrollment using group policies, configure key archival and recovery

Module 12:

Upgrade and migrate AD FS workloads, client-based authentication, relying on party trusts, authentication and multi-authentication policies, configure device registration, AD FS with Microsoft Passport, AD FS with Microsoft Azure and Office 365, AD FS stored authentication in LDAP directories. Install, implement, and configure Web Application Proxy (WAP), passthrough mode, WAP as AD FS Proxy, WAP and AD FS integration, publish Web apps in WAP, HTTP and HTTPS redirects and FQDNs internal and external configurations

Module 13:

Active Directory Rights Management Services (AD RMS), Licensor Certificate AD RMS Server, AD RMS Service Connection Point (SCP), templates, exclusion policies, backup and restore AD RMS

Course Notes

A student manual is provided for ongoing reference. The course consists of 13 graded end-of-module quizzes and a final exam. Participants who receive 75% or higher on their final grade will receive a certificate.

Due to the dynamic nature of the IT industry, job success mandates that an individual not only learn the theory but also obtain the skills to locate resources that provide answers and help solve problems on the job. We encourage our students to develop research and study skills that will help them make the transition from the classroom to the work environment. Independent thinking is required of anyone considering IT courses and a career in Information Technology.

Get Started Today!
Request FREE Information

Have Questions?

Click the button below to schedule an online info session with an Admissions Advisor.

Online Info Session