book

Exam Ref 70-742 Identity with Windows Server 2016, First Edition

by Andrew Warren

March 2017

Intermediate to advanced

384 pages

10h 3m

English

Microsoft Press

Read now

Unlock full access

Organization of this bookMicrosoft certificationsAcknowledgmentsFree ebooks from Microsoft PressMicrosoft Virtual AcademyQuick access to online referencesErrata, updates, & book supportWe want to hear from youStay in touch
Skill 1.1: Install and configure domain controllersAD DS fundamentalsInstall a new forestAdd or remove a domain controllerInstall AD DS on a Server Core installationInstall a domain controller using Install from MediaInstall and configure a read-only domain controllerConfigure a global catalog serverConfigure domain controller cloningUpgrade domain controllersTransfer and seize operations master rolesResolve DNS SRV record registration issuesSkill 1.2: Create and manage Active Directory users and computersCreate, copy, configure, and delete users and computersImplement offline domain joinConfigure user rightsPerform bulk Active Directory operationsSkill 1.3: Create and manage Active Directory groups and organizational unitsCreate and manage groupsCreate and manage OUsDelegate management of Active Directory with groups and OUsChapter summaryThought experimentThought experiment answer
Skill 2.1: Configure service authentication and account policiesCreate and configure MSAs and gMSAsManage SPNsConfigure Kerberos Constrained DelegationConfigure virtual accountsConfigure account policiesConfigure and apply Password Settings ObjectsDelegate password settings managementSkill 2.2: Maintain Active DirectoryManage Active Directory offlineActive Directory backup and recoveryManage Read Only Domain ControllersManaging AD DS replicationSkill 2.3: Configure Active Directory in a complex enterprise environmentConfigure a multi-domain and multi-forest AD DS infrastructureDeploy Windows Server 2016 domain controllers within a preexisting AD DS environmentUpgrade existing domains and forestsConfigure domain and forest functional levelsConfigure multiple user principal name suffixesConfigure trustsConfigure AD DS sites and subnetsChapter summaryThought experimentThought experiment answers
Skill 3.1: Create and manage Group Policy ObjectsConfigure multiple local Group PoliciesOverview of domain-based GPOsManage starter GPOsConfigure GPO linksBack up, restore, import, and copy GPOsCreate and configure a migration tableReset default GPOsDelegate Group Policy managementDetect health issues using the Group Policy Infrastructure Status dashboardSkill 3.2: Configure Group Policy processingConfigure processing order and precedenceConfiguring inheritanceConfigure security filtering and WMI filteringConfigure loopback processingConfigure and manage slow-link processing and Group Policy cachingConfigure client-side extension behaviorForce a Group Policy updateSkill 3.3: Configure Group Policy settingsConfigure software installationConfigure scriptsImport security templatesConfigure folder redirectionConfigure administrative templatesSkill 3.4: Configure Group Policy preferencesConfiguring Group Policy preferencesConfigure item-level targetingChapter summaryThought experimentThought experiment answers

Skill 4.1: Install and configure AD CSChoosing between a standalone and an enterprise CAInstall standalone CAsInstall an AD DS integrated enterprise CAInstall offline root and subordinate CAsInstall and configure an Online ResponderImplement administrative role separationConfigure CA backup and recoverySkill 4.2: Manage certificatesManage certificate templatesImplement and manage certificate deployment, validation, and revocationConfigure and manage key archival and recoveryChapter summaryThought experimentThought experiment answers
Skill 5.1: Install and configure AD FSExamine AD FS requirementsInstall the AD FS server roleConfigure the AD FS server roleImplement claims-based authentication, including relying party trustsConfigure authentication policiesImplement and configure device registrationConfigure for use with Microsoft Azure and Microsoft Office 365Configure AD FS to enable authentication of users stored in LDAP directoriesUpgrade and migrate previous AD FS workloads to Windows Server 2016Skill 5.2: Implement Web Application ProxyInstall and configure Web Application ProxyIntegrate Web Application Proxy with AD FSImplement Web Application Proxy in pass-through modePublish Remote Desktop Gateway applicationsSkill 5.3: Install and configure AD RMSAn AD RMS overviewDeploying an AD RMS serverManage rights policy templatesConfigure exclusion policiesBackup and restore AD RMSChapter summaryThought experimentThought experiment answers

Overview

Prepare for Microsoft Exam 70-742–and help demonstrate your real-world mastery of Windows Server 2016 identity features and functionality. Designed for experienced IT professionals ready to advance their status, Exam Ref focuses on the critical-thinking and decision-making acumen needed for success at the MCSA level.

Focus on the expertise measured by these objectives:

· Install and configure Active Directory Domain Services (AD DS)

· Manage and maintain AD DS

· Create and manage Group Policy

· Implement Active Directory Certificate Services (AD CS)

· Implement identity federation and access solutions

This Microsoft Exam Ref:

· Organizes its coverage by exam objectives

· Features strategic, what-if scenarios to challenge you

· Assumes you have experience working with Windows Server, Windows clients, and virtualization; are familiar with core networking technologies, and are aware of basic security best practices