O'Reilly logo

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Exam Ref 70-742 Identity with Windows Server 2016, First Edition

Book Description

Prepare for Microsoft Exam 70-742–and help demonstrate your real-world mastery of Windows Server 2016 identity features and functionality. Designed for experienced IT professionals ready to advance their status, Exam Ref focuses on the critical-thinking and decision-making acumen needed for success at the MCSA level.

Focus on the expertise measured by these objectives:

·       Install and configure Active Directory Domain Services (AD DS)

·       Manage and maintain AD DS

·       Create and manage Group Policy

·       Implement Active Directory Certificate Services (AD CS)

·       Implement identity federation and access solutions

This Microsoft Exam Ref:

·       Organizes its coverage by exam objectives

·       Features strategic, what-if scenarios to challenge you

·       Assumes you have experience working with Windows Server, Windows clients, and virtualization; are familiar with core networking technologies, and are aware of basic security best practices

Table of Contents

  1. Cover
  2. Title Page
  3. Copyright Page
  4. Contents at a glance
  5. Contents
  6. Introduction
    1. Organization of this book
    2. Microsoft certifications
    3. Acknowledgments
    4. Free ebooks from Microsoft Press
    5. Microsoft Virtual Academy
    6. Quick access to online references
    7. Errata, updates, & book support
    8. We want to hear from you
    9. Stay in touch
  7. Important: How to use this book to study for the exam
  8. Chapter 1. Install and configure Active Directory Domain Services
    1. Skill 1.1: Install and configure domain controllers
      1. AD DS fundamentals
      2. Install a new forest
      3. Add or remove a domain controller
      4. Install AD DS on a Server Core installation
      5. Install a domain controller using Install from Media
      6. Install and configure a read-only domain controller
      7. Configure a global catalog server
      8. Configure domain controller cloning
      9. Upgrade domain controllers
      10. Transfer and seize operations master roles
      11. Resolve DNS SRV record registration issues
    2. Skill 1.2: Create and manage Active Directory users and computers
      1. Create, copy, configure, and delete users and computers
      2. Implement offline domain join
      3. Configure user rights
      4. Perform bulk Active Directory operations
    3. Skill 1.3: Create and manage Active Directory groups and organizational units
      1. Create and manage groups
      2. Create and manage OUs
      3. Delegate management of Active Directory with groups and OUs
    4. Chapter summary
    5. Thought experiment
    6. Thought experiment answer
  9. Chapter 2. Manage and maintain AD DS
    1. Skill 2.1: Configure service authentication and account policies
      1. Create and configure MSAs and gMSAs
      2. Manage SPNs
      3. Configure Kerberos Constrained Delegation
      4. Configure virtual accounts
      5. Configure account policies
      6. Configure and apply Password Settings Objects
      7. Delegate password settings management
    2. Skill 2.2: Maintain Active Directory
      1. Manage Active Directory offline
      2. Active Directory backup and recovery
      3. Manage Read Only Domain Controllers
      4. Managing AD DS replication
    3. Skill 2.3: Configure Active Directory in a complex enterprise environment
      1. Configure a multi-domain and multi-forest AD DS infrastructure
      2. Deploy Windows Server 2016 domain controllers within a preexisting AD DS environment
      3. Upgrade existing domains and forests
      4. Configure domain and forest functional levels
      5. Configure multiple user principal name suffixes
      6. Configure trusts
      7. Configure AD DS sites and subnets
    4. Chapter summary
    5. Thought experiment
    6. Thought experiment answers
  10. Chapter 3. Create and manage Group Policy
    1. Skill 3.1: Create and manage Group Policy Objects
      1. Configure multiple local Group Policies
      2. Overview of domain-based GPOs
      3. Manage starter GPOs
      4. Configure GPO links
      5. Back up, restore, import, and copy GPOs
      6. Create and configure a migration table
      7. Reset default GPOs
      8. Delegate Group Policy management
      9. Detect health issues using the Group Policy Infrastructure Status dashboard
    2. Skill 3.2: Configure Group Policy processing
      1. Configure processing order and precedence
      2. Configuring inheritance
      3. Configure security filtering and WMI filtering
      4. Configure loopback processing
      5. Configure and manage slow-link processing and Group Policy caching
      6. Configure client-side extension behavior
      7. Force a Group Policy update
    3. Skill 3.3: Configure Group Policy settings
      1. Configure software installation
      2. Configure scripts
      3. Import security templates
      4. Configure folder redirection
      5. Configure administrative templates
    4. Skill 3.4: Configure Group Policy preferences
      1. Configuring Group Policy preferences
      2. Configure item-level targeting
    5. Chapter summary
    6. Thought experiment
    7. Thought experiment answers
  11. Chapter 4. Implement Active Directory Certificate Services
    1. Skill 4.1: Install and configure AD CS
      1. Choosing between a standalone and an enterprise CA
      2. Install standalone CAs
      3. Install an AD DS integrated enterprise CA
      4. Install offline root and subordinate CAs
      5. Install and configure an Online Responder
      6. Implement administrative role separation
      7. Configure CA backup and recovery
    2. Skill 4.2: Manage certificates
      1. Manage certificate templates
      2. Implement and manage certificate deployment, validation, and revocation
      3. Configure and manage key archival and recovery
    3. Chapter summary
    4. Thought experiment
    5. Thought experiment answers
  12. Chapter 5. Implement identity federation and access solutions
    1. Skill 5.1: Install and configure AD FS
      1. Examine AD FS requirements
      2. Install the AD FS server role
      3. Configure the AD FS server role
      4. Implement claims-based authentication, including relying party trusts
      5. Configure authentication policies
      6. Implement and configure device registration
      7. Configure for use with Microsoft Azure and Microsoft Office 365
      8. Configure AD FS to enable authentication of users stored in LDAP directories
      9. Upgrade and migrate previous AD FS workloads to Windows Server 2016
    2. Skill 5.2: Implement Web Application Proxy
      1. Install and configure Web Application Proxy
      2. Integrate Web Application Proxy with AD FS
      3. Implement Web Application Proxy in pass-through mode
      4. Publish Remote Desktop Gateway applications
    3. Skill 5.3: Install and configure AD RMS
      1. An AD RMS overview
      2. Deploying an AD RMS server
      3. Manage rights policy templates
      4. Configure exclusion policies
      5. Backup and restore AD RMS
    4. Chapter summary
    5. Thought experiment
    6. Thought experiment answers
  13. Index
  14. About the author
  15. Free ebooks
  16. Hear about it first
  17. Visit us today
  18. Survey
  19. Code Snippets