AZ-800: Administering Windows Server Hybrid Core Infrastructure

Video description

Explore the intricacies of Active Directory (AD) deployment for hybrid environments, beginning with an overview of the logical and physical components of AD Domain Services (AD DS). The course introduces key structural components and operational roles essential for deploying domain controllers both on-premises and in Azure, managing functional levels, and understanding Flexible Single Master Operations (FSMO) roles.

As the course advances, it delves into more sophisticated configuration and management strategies. You'll learn about Read-Only Domain Controllers (RODCs), configuring sites and subnets, and using PowerShell to automate FSMO roles transfers. The course includes practical demonstrations on configuring trust relationships and managing replication across varied AD DS setups, arming you with vital skills for modern IT environments.

In its concluding segments, the course focuses on integrating AD DS with Azure AD, creating a strong hybrid identity framework. Topics covered include implementing Azure AD Connect, managing synchronization services, and exploring Azure AD Connect Cloud Sync. Designed to build progressively, the course ensures a thorough understanding of deploying and managing AD in a hybrid setting and mastering the management of authentication and policies within your infrastructure.

What you will learn

  • Deploy and manage AD components in on-premises and Azure environment.
  • Secure and manage trust in hybrid AD setups.
  • Use Azure AD Connect for identity synchronization.


This course is designed for IT professionals, system administrators, and network engineers who have a basic understanding of networking principles and Windows Server administration. Participants should be familiar with Active Directory basics and interested in expanding their skills to include hybrid environments.

About the Authors

ACI Learning: ACI Learning trains leaders in Cybersecurity, Audit, and Information Technology. Whether starting an IT career, mastering a profession, or developing a team, they provide essential support at every step.

Robin Abernathy: Robin Abernathy's path to the IT world was filled with unexpected turns. Initially resistant to writing and computer careers, she ended up managing a computer store, igniting her passion for IT. With over two decades in the field, she's specialized in cybersecurity, project management, and CompTIA training materials. Joining ACI Learning in 2022, Robin overcame her aversion to her southern accent to present on camera. Robin holds a BS in Communications, focusing on Technical Writing, and boasts certifications including CompTIA's A+, Network+, Security+, and more. Her distinctions include BS in Communications, Author and certifications include CompTIA A+, Network+, Security+, Project+, Server+, CASP+, ITIL v3, CAPM, MCP.

Wes Bryan: Wes Bryan embarked on his IT career path in 2009, initially as a mentored learning instructor, and later transitioning into a technical IT instructor. His exceptional teaching skills were recognized with three global teaching awards for 'Global Technical Instructor' during his early teaching years. Wes has made notable contributions as a member of the CIN (CompTIA Instructor Network) Advisory Board and the Board of Directors for CompTIA AITP (Association of Information Technology Professionals). Certifications: CompTIA A+, Network+, Security+, Server+, Cloud+, CySA+; MCSA; MTA; MCTS; MCP; MS; MCT

Table of contents

  1. Chapter 1 : Deploy Active Directory for Hybrid Environments
    1. Course Overview
    2. Logical vs Physical Components
    3. AD DS Objects
    4. AD DS Structural Components
    5. Functional Levels and FSMO Roles
    6. Deploy On-Premises Domain Controllers
    7. Deploy Azure Domain Controllers
    8. Examine Read-Only Domain Controllers (RDOCs)
    9. Pre-Stage a RODC Remo
    10. Deploy a RODC Demo
    11. Configure a RODC Demo
    12. Transfer FSMO roles using Active Directory tools
    13. Examine ntdsutil.exe regarding FSMO roles
    14. Transfer FSMO roles using PowerShell
    15. Examine Forest and Domain Trusts
    16. Deploy a Child Domain Demo
    17. Configure Conditional Forwarders Demo
    18. Configure External Trust Demo
    19. Configure Shortcut Trust Demo
    20. Examine AD DS Sites
    21. Configure AD DS Sites Demo
    22. Configure Site Links Demo
    23. Configure Site Link Cost and Replication Demo
    24. Configure Subnets Demo
    25. Configure Site Link Bridging Demo
    26. Manage Replication via Active Directory Tools
    27. Manage Replication vis Commands
    28. Create and Manage Users in AD DS Demo
    29. Examine Groups in AD DS
    30. Create and Manage Groups in AD DS Demo
    31. Create and Manage Groups Using PowerShell Demo
    32. Create and Manage OUs in AD DS
    33. Manage Users and Groups in Trust Relationships
    34. Examine Group Managed Service Accounts (gMSAs)
    35. Create and Manage gMSAs Demo
    36. Join Windows Servers to On-Premise AD DS
    37. Join Windows Servers to Azure AD DS
    38. Examine AD DS, Azure AD DS, and Azure AD
    39. Deploy Azure AD DS Demo
    40. Deploy an Azure AD Custom Domain Demo
    41. Examine Hybrid Identity with Azure AD and AD DS
    42. Examine Azure AD Connect
    43. Implement Idfix to Check AD DS Demo
    44. Implement Azure AD Connect Demo
    45. Examine Azure AD Connect Synchronization
    46. Manage Azure AD Connect Synchronization Demo
    47. Examine Azure AD Connect Cloud Sync
    48. Install Azure AD Connect Cloud Sync Agent Demo
    49. Implement Azure AD Connect Cloud Sync Demo
    50. Manage Azure AD DS Demo
    51. Manage Azure AD Connect Health Demo
    52. Examine On-premises and Hybrid Authentication
    53. Examine AD DS Passwords
    54. Configure and Manage AD DS Passwords Demo
    55. Examine Group Policy in AD DS
    56. Implement Group Policy in AD DS Demo
    57. Implement Group Policy Preferences in AD DS Demo
    58. Implement Group Policy in Azure AD DS Demo
  2. Chapter 2 : Use Azure Services to Manage Workloads and Servers
    1. Deploy a WAC Gateway Server Demo
    2. Configure a WAC Target Machine Demo
    3. Examine PowerShell Remoting
    4. Configure PowerShell Remoting Demo
    5. Examine CredSSP for 2nd Hop Remoting
    6. Examine Kerberos Delegation for 2nd Hop Remoting
    7. Configure CredSSP and Kerberos Delegation Demo
    8. Examine JEA for PowerShell Remoting
    9. Turn on PowerShell Logging for JEA Demo
    10. Create a JEA Role Capability File Demo
    11. Create a JEA Session Configuration File Demo
    12. Register the JEA Session Configuration Demo
    13. Manage Windows Servers Using Azure Arc
    14. Assign Azure Policy Guest Configuration
    15. Deploy Azure Services Using Azure VM Extensions
    16. Implement Azure Automation
    17. Integrate Windows Servers with Log Analytics
    18. Manage Updates in a Hybrid Environment
    19. Integrate Windows Servers with Defender for Cloud
    20. Manage IaaS VMs with Azure DSC
    21. Create a Runbook to Automate VM Tasks
  3. Chapter 3 : Manage Hybrid Virtual Machines and Containers
    1. Enable VM Enhanced Session Mode
    2. Manage VM Using PowerShell and SSH Direct
    3. Configure Nested Virtualization
    4. Configure VM Memory
    5. Configure Integration Services
    6. Configure Discrete Device Assignment
    7. Configure VM Resource Groups
    8. Configure VM CPU Groups
    9. Configure Hypervisor Scheduling Types
    10. Manage VM Checkpoints
    11. Implement High Availability for VMs
    12. Manage VHD and VHDX Files
    13. Configure Hyper-V Network Adapter
    14. Configure NIC Teaming
    15. Configure Hyper-V Switch
    16. Create Windows Server Container Images
    17. Manage Windows Server Container Images
    18. Configure Container Networking
    19. Manage Container Instances
    20. Manage Data Disks
    21. Resize Azure VM
    22. Configure Azure VM Continuous Delivery
    23. Configure Connections to VMs
    24. Manage Azure VM Network Configuration
  4. Chapter 4 : Implement a Hybrid Network Infrastructure
    1. Integrate DNS with AD DS
    2. Create and Manage DNS Zones and Records
    3. Configure DNS Forwarding/Conditional Forwarding
    4. Integrate Windows DNS and Azure DNS Private Zones
    5. Implement DNSSEC
    6. Implement and Configure On-Premises DHCP Server
    7. Create and Manage Scopes
    8. Create and Manage IP Reservations
    9. Implement DHCP High Availability
    10. Implement and Manage IPAM
    11. Resolve IP Address Issues in Hybrid Environments
    12. Implement and Manage the Remote Access Role
    13. Implement Site-to-Site VPN
    14. Implement and Manage Network Policy Server Role
    15. Examine Web Application Proxy Implementation
    16. Implement and Manage Azure Network Adapter
    17. Implement and Manage Azure Extended Network
    18. Examine Azure Relay Implementation
    19. Implement Azure Virtual WAN
    20. Implement Azure AD Application Proxy
  5. Chapter 5 : Manage Hybrid Storage and File Services
    1. Create Azure File Sync Service
    2. Create Sync Groups and Cloud Endpoints
    3. Register Servers
    4. Create Server Endpoints
    5. Configure Cloud Tiering
    6. Monitor File Sync
    7. Migrate DFS to Azure File Sync
    8. Configure Windows Server File Share Access
    9. Configure File Screens
    10. Configure FSRM Quotas
    11. Configure BranchCache
    12. Examine Distributed File System (DFS)
    13. Implement and Configure DFS
    14. Configure Disks and Volumes
    15. Configure and Manage Storage Spaces
    16. Configure and Manage Storage Replica
    17. Configure Data Deduplication
    18. Configure SMB Direct
    19. Configure Storage QoS
    20. Configure File Systems

Product information

  • Title: AZ-800: Administering Windows Server Hybrid Core Infrastructure
  • Author(s): ACI Learning, Robin Abernathy, Wes Bryan
  • Release date: May 2024
  • Publisher(s): Packt Publishing
  • ISBN: 9781836208730