O'Reilly logo

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Deploying and Managing Active Directory with Windows PowerShell: Tools for cloud-based and hybrid environments

Book Description

Streamline and modernize the way you manage Active Directory

Use Windows PowerShell to simplify and accelerate Active Directory domain controller management, whether you’re running Active Directory entirely in the cloud, on-premises, or in a hybrid environment. In this concise reference, Microsoft MVP Charlie Russel presents the commands, tested scripts, and best-practice advice you need to deploy and run Active Directory in a modern environment and to migrate smoothly to cloud or hybrid deployments wherever they offer more value.

Supercharge your productivity as an Active Directory administrator

  • Get proven scripts that leverage the power of Windows Server 2012 and Windows Management Framework 4.0 and 5.0

  • Deploy forests and Active Directory Domain Services (AD DS)

  • Manage DNS and DHCP

  • Create and manage users and groups

  • Deploy additional domain controllers, read-only domain controllers (RODCs), and domains

  • Implement and manage fine-grained password policies

  • Perform fast, reliable backups and restores

  • Quickly extend on-premises Active Directory deployments to the cloud

  • Efficiently manage roles and sites

  • Table of Contents

    1. Cover
    2. Title Page
    3. Copyright Page
    4. Dedication Page
    5. Contents
    6. Introduction
    7. Chapter 1. Deploy your first forest and domain
      1. Before you start
        1. Prerequisites
        2. Versions
        3. Code
      2. Deploy your first forest
        1. Configure the server IP address
        2. Set the server name
        3. Install Active Directory Domain Services
        4. Create the forest (dcpromo)
      3. Summary
    8. Chapter 2. Manage DNS and DHCP
      1. Manage DNS zones
        1. Manage primary zones
        2. Manage secondary zones
        3. Manage stub zones
        4. Configure conditional forwards
        5. Manage zone delegation
      2. Manage DNS records
        1. Create name (A and AAAA) resource records
        2. Create CNAME resource records
        3. Create MX resource records
        4. Create additional resource records
        5. Configure zone scavenging and aging
        6. Configure record options including Time To Live (TTL) and weight
      3. Manage DHCP
        1. Deploy DHCP
        2. Configure IPv4
        3. Configure IPv6
      4. Summary
    9. Chapter 3. Create and manage users and groups
      1. Create users
        1. Create a single user
        2. Add users in a batch
      2. Create and manage groups
        1. Create a new group
        2. Add users to a group
        3. Manage groups
      3. Create and manage OUs
        1. Create an OU
        2. Add computers and users to an OU
      4. Summary
    10. Chapter 4. Deploy additional domain controllers
      1. Deploy domain controllers
        1. Configure networking
        2. Install the Active Directory role on the server
        3. Join the server to the domain
        4. Promote a server to domain controller
      2. Clone a domain controller
        1. Verify the environment
        2. Prepare the source domain controller
        3. Create the cloned domain controller
      3. Manage FSMO roles
        1. Transfer FSMO roles
        2. Seize FSMO roles
      4. Summary
    11. Chapter 5. Deploy read-only domain controllers (RODCs)
      1. Prepare the forest and domain
      2. Staged deployment of an RODC
        1. Prepare the RODC account
        2. Prepare the RODC target server
        3. Deploy the RODC target server
      3. Non-staged deployment of an RODC
        1. Prepare the RODC target server
        2. Deploy the non-staged RODC target server
      4. Summary
    12. Chapter 6. Deploy additional domains and forests
      1. Create a child domain
        1. Prepare the server
        2. Install the Active Directory Domain Services role
        3. Create the new domain
      2. Create a tree domain
        1. Prepare the server
        2. Install the Active Directory Domain Services role
        3. Create the new domain
      3. Create a new forest
        1. Configure networking
        2. Test the promotion to domain controller
        3. Deploy the new forest
      4. Create a trust
        1. Create a shortcut trust
        2. Create a forest trust
      5. Summary
    13. Chapter 7. Configure service authentication and account policies
      1. Manage service authentication
        1. Create service accounts
        2. Configure managed service accounts (MSAs)
        3. Configure group managed service accounts (gMSAs)
        4. Configure virtual accounts
      2. Configure account policies
        1. Configure domain user password policy
        2. Configure password settings objects (PSOs)
      3. Summary
    14. Chapter 8. Back up and restore AD DS
      1. Back up Active Directory
        1. Windows Server Backup
        2. Create offline media
        3. Configure Active Directory snapshots
      2. Restore Active Directory
        1. Perform a non-authoritative restore
        2. Perform an authoritative restore
        3. Restore an object by using the Active Directory Recycle Bin
        4. Restore an object by using Active Directory snapshots
      3. Summary
    15. Chapter 9. Manage sites and replication
      1. Configure sites
        1. Create a new site
        2. Create a replication subnet
        3. Rename a site
        4. Remove a site
        5. Configure Universal Group Membership Caching (UGMC)
        6. Create a site link
      2. Manage replication
        1. Set the replication schedule
        2. Change the replication server
      3. Summary
    16. Chapter 10. Deploy Active Directory in the cloud
      1. Install the Windows PowerShell Azure model
        1. Install the Windows PowerShell Azure module
        2. Load the Windows PowerShell Azure module
      2. Connect to an Azure account
        1. Authenticate to your Azure account
        2. Set the current subscription
      3. Create a VPN
        1. Create self-signed certificates
        2. Create a point-to-site VPN
      4. Create a virtual machine
        1. Connect to the subscription
        2. Set a location
        3. Provision a service
        4. Provision a storage account
        5. Create a virtual machine
      5. Configure the domain controller
      6. Summary
    17. Index
    18. About the author
    19. Free ebooks
    20. Survey
    21. Code Snippets