O'Reilly logo

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Microsoft 70-742: Identity in Windows Server 2016

Video Description

This 70-742: Identity in Windows Server 2016 course teaches IT professionals on the deployment, configuration and troubleshooting of identity services such as Active Directory Domain Services (AD DS) and Group Policy in Windows Server 2016. Additionally, this course also covers the deployment and installation of other Active Directory server roles, such as Active Directory Federation Services (AD FS) and Active Directory Certificate Services (AD CS). The course 70-742: Identity in Windows Server 2016 is part of a three course series required to pass the MCSA: Windows Server 2016 certification. The course curriculum is designed keeping in view the exam topics covered in the Microsoft exam 70-742. In this way, this course is equally helpful for IT professionals looking to gain their knowledge as well as the candidates willing to appear in the said exam.

Table of Contents

  1. Course Introduction
    1. Introduction 00:00:10
    2. Course Introduction 00:03:08
    3. Instructor Introduction 00:01:25
  2. Chapter 01 - Installing and Configuring Domain Controllers
    1. Chapter 1 Introduction 00:01:11
    2. Topic A: Overview of Active Directory Domain Services 00:00:51
    3. Information Protection Concepts 00:03:28
    4. Identity and Access (IDA) 00:01:38
    5. Authentication and Authorization 00:05:21
    6. AD DS Terms 00:02:51
    7. Access Tokens 00:02:10
    8. Access Control Lists 00:02:07
    9. The Kerberos Logon Process 00:06:05
    10. Workgroup vs. Domain 00:02:30
    11. Understanding AD DS Domains 00:02:12
    12. AD DS Components and Concepts 00:01:03
    13. Active Directory Database 00:02:21
    14. Physical Data Store 00:01:33
    15. Logical Partitions 00:04:23
    16. Active Directory Schema 00:04:18
    17. Domains 00:03:09
    18. Trees and Forests 00:03:00
    19. Organizational Units 00:02:29
    20. AD DS Sites 00:02:27
    21. Controlling Replication 00:00:51
    22. Trust Relationships 00:03:41
    23. Topic B: Overview of Domain Controllers 00:00:18
    24. Introducing Domain Controllers 00:01:59
    25. Global Catalog Servers 00:04:02
    26. Read-Only Domain Controllers 00:01:40
    27. FSMO Roles 00:07:06
    28. Demo - Working with FSMO Roles 00:06:49
    29. Locating Domain Controllers 00:03:26
    30. Demo - Viewing SRV Records 00:04:25
    31. Topic C: Deploying Domain Controllers 00:00:13
    32. Reasons for Multiple Domain Controllers 00:02:47
    33. Installing from Server Manager 00:02:54
    34. Considerations for Installing Domain Controllers 00:03:10
    35. Demo - Installing a Domain Controller 00:09:13
    36. Installing on Server Core 00:02:30
    37. Demo - Promoting a Server Core DC 00:14:41
    38. Upgrading Domain Controllers 00:02:00
    39. Additional Installation Options 00:01:34
    40. Cloning Domain Controllers 00:02:37
    41. Demo - Cloning Domain Controllers 00:17:31
    42. Chapter 01 Summary 00:01:39
    43. Chapter 01 Review 00:00:10
  3. Chapter 02 - Managing Active Directory Objects
    1. Chapter 2 Introduction 00:01:01
    2. Topic A: Overview of AD DS Object Management 00:00:18
    3. Understanding AD DS Objects 00:02:01
    4. Names for AD DS Objects 00:02:51
    5. Management Tools 00:04:06
    6. Demo - Overview of AD DS Management Tools 00:13:34
    7. Topic B: Managing User Accounts 00:00:18
    8. The Importance of the User Account 00:01:50
    9. Naming Considerations 00:03:05
    10. Configuring User Passwords 00:03:29
    11. Creating User Accounts 00:02:06
    12. Demo - Creating AD DS Users 00:32:39
    13. Managing User Attributes 00:01:56
    14. User Account Management 00:01:47
    15. Demo - Managing Users 00:20:29
    16. Topic C: Managing Groups 00:00:16
    17. Group Types and Scopes 00:03:13
    18. Types of Groups 00:02:01
    19. Group Scopes 00:01:45
    20. Domain Local and Global Groups 00:01:42
    21. Universal Groups 00:00:36
    22. Group Nesting 00:00:59
    23. Group Naming Considerations 00:01:26
    24. Creating and Configuring Groups 00:01:15
    25. Demo - Creating and Configuring Groups 00:14:39
    26. Introduction to Default Groups 00:01:40
    27. Identifying Default Groups 00:02:33
    28. Administrative Groups 00:00:47
    29. Demo - Configuring Default Groups 00:03:56
    30. Using Special Identities 00:02:28
    31. Strategies for Using Groups 00:04:42
    32. Group Nesting Strategies 00:06:18
    33. Demo - Group Nesting 00:16:00
    34. Topic D: Managing Computer Accounts 00:00:20
    35. Introduction to Computer Accounts 00:02:11
    36. Creating Computer Accounts 00:02:02
    37. Working with Secure Channel Passwords 00:03:20
    38. Offline Domain Joins 00:02:04
    39. Demo - Working with Computer Accounts 00:09:58
    40. Topic E: Managing Organizational Units 00:00:43
    41. Planning Organizational Units 00:05:04
    42. OU Hierarchy Considerations 00:00:53
    43. Creating OUs 00:01:47
    44. Demo - Creating an OU Hierarchy 00:10:37
    45. Object Security in AD DS 00:01:21
    46. AD DS Object Permissions 00:01:34
    47. Demo - Viewing Object Permissions in Active Directory 00:05:41
    48. Delegating Administrative Control 00:01:53
    49. Modifying Delegated Rights 00:01:32
    50. Best Practices for Administrative Delegation 00:01:25
    51. Demo - Delegating Administrative Control 00:08:35
    52. Chapter 02 Summary 00:01:29
    53. Chapter 02 Review 00:00:10
  4. Chapter 03 - Securing Active Directory Domain Services
    1. Chapter 03 Introduction 00:01:25
    2. Topic A: Securing Domain Controllers 00:00:14
    3. Understanding Security Risks 00:04:13
    4. Using Group Policy 00:01:46
    5. Group Policy Security Settings 00:02:15
    6. Securing the Authentication Process 00:03:49
    7. Physical Access Security 00:03:06
    8. Branch Office Domain Controllers 00:02:07
    9. RODC Features 00:03:29
    10. RODC Limitations and Considerations 00:01:56
    11. Deploying RODCs 00:02:18
    12. Demo - Installing an RODC 00:08:13
    13. Password Replication Policies 00:02:04
    14. Topic B: Implementing Account Security 00:00:17
    15. Account Security in Windows Server 2016 00:02:04
    16. Complexity Options 00:01:36
    17. Password Policies 00:02:39
    18. Account Lockout Policies 00:03:17
    19. Configuring Domain Password and Lockout Policies 00:01:23
    20. Demo - Configuring Account Policies in Group Policy 00:05:45
    21. Configuring Fine-Grained Password Policies 1 00:01:35
    22. Configuring Fine-Grained Password Policies 2 00:02:32
    23. Configuring Fine-Grained Password Policies 3 00:01:31
    24. Demo - Configuring Fine-Grained Password Policies 00:12:02
    25. Restricted Groups 00:02:03
    26. Protected Users Security Groups 00:02:03
    27. Authentication Policies 00:02:58
    28. Authentication Silos 00:01:13
    29. Enhancing Password Authentication 00:04:14
    30. Topic C: Auditing AD DS 00:00:12
    31. Utilizing Auditing 00:01:42
    32. The Purpose of Auditing 00:01:36
    33. Types of Events 00:04:04
    34. Auditing Goals 00:01:05
    35. Auditing File and Object Access 00:02:27
    36. Advanced Auditing 00:02:07
    37. Demo - Configuring Auditing 00:13:00
    38. Topic D: Configuring Managed Service Accounts 00:00:14
    39. Overview of Service Accounts 00:02:37
    40. Challenges to Managing Service Accounts 00:01:40
    41. Managed Service Accounts 00:01:09
    42. Group MSAs 00:01:01
    43. Demo - Configuring Group MSAs 00:07:09
    44. Chapter 03 Summary 00:01:49
    45. Chapter 03 Review 00:00:10
  5. Chapter 04 - Working with Complex AD DS Infrastructures
    1. Chapter 04 Introduction 00:01:52
    2. Topic A: Overview of Advanced AD DS Deployments 00:00:13
    3. Domain Boundaries 00:03:28
    4. Forest Boundaries 00:01:32
    5. Reasons for Implementing Multiple Domains 00:03:22
    6. Reasons for Implementing Multiple Forests 00:02:39
    7. Deploying Domain Controllers in Azure 00:06:26
    8. Managing Objects 00:02:47
    9. Topic B: Deploying a Distributed AD DS Environment 00:00:14
    10. Domain Functional Levels 00:02:36
    11. Forest Functional Levels 00:01:09
    12. Deploying AD DS Domains 00:01:40
    13. DNS Considerations 00:04:52
    14. UPN Considerations 00:01:59
    15. Demo - Deploying a Child Domain 00:05:55
    16. Understanding Trust Relationships 00:03:05
    17. Types of Trusts 00:03:23
    18. How Trusts Work 00:02:43
    19. Forest Trusts 00:01:52
    20. Advanced Trust Settings 00:03:49
    21. Demo - Configuring a Forest Trust 00:11:20
    22. Topic C: Overview of AD DS Replication 00:00:21
    23. AD DS Partitions 00:01:34
    24. AD DS Replication 00:03:31
    25. Types of Replication 00:02:47
    26. Resolving Replication Conflicts 00:03:34
    27. Topic D: Configuring AD DS Sites 00:00:23
    28. Reasons for Sites 00:02:47
    29. Planning for Sites 00:02:01
    30. Overview of Sites and Subnets 00:01:50
    31. Moving Domain Controller Accounts 00:00:49
    32. Domain Controller Placement 00:03:43
    33. Demo - Creating Sites 00:08:00
    34. Controlling Inter-Site Replication 00:01:46
    35. Defining Site Links 00:01:16
    36. Site Links 00:01:29
    37. Site Link Properties 00:02:13
    38. Demo - Creating Site Links 00:06:46
    39. Bridgehead Servers 00:01:25
    40. Bridging Site Links 00:01:48
    41. Monitor and Manage Replication 00:01:34
    42. Chapter 04 Summary 00:01:08
    43. Chapter 04 Review 00:00:10
  6. Chapter 05 - Implementing Group Policy
    1. Chapter 05 Introduction 00:01:13
    2. Topic A: Overview of Group Policy 00:00:12
    3. What is Group Policy? 00:02:23
    4. Group Policy Settings 00:01:39
    5. Local Group Policies 00:01:47
    6. Policies vs. Preferences 00:02:17
    7. Demo - Examining Policy Settings 00:06:24
    8. Domain Policies 00:02:43
    9. GPO Storage 00:01:37
    10. Linking GPOs 00:01:29
    11. GPO Processing Order 00:02:04
    12. Controlling Inheritance 00:01:39
    13. Determining Inheritance 00:00:46
    14. GPO Link Options 00:02:18
    15. Security Filtering 00:03:50
    16. WMI Filtering 00:02:21
    17. Refreshing Policies 00:02:12
    18. Other Processing Options 00:03:28
    19. Topic B: Creating and Configuring GPOs 00:00:12
    20. Creating GPOs 00:01:18
    21. Starter GPOs 00:01:59
    22. Administrative Templates 00:03:38
    23. Group Policy Preferences 00:01:12
    24. Demo - Creating and Configuring Policies 00:37:40
    25. Group Policy Management 00:00:43
    26. Delegation of Control 00:02:06
    27. Demo - Managing GPOs 00:07:54
    28. Topic C: Monitoring and Troubleshooting Group Policy 00:00:24
    29. Troubleshooting Group Policy Application 1 00:03:06
    30. Troubleshooting Group Policy Application 2 00:02:49
    31. Demo - Troubleshooting Group Policy Application 00:11:41
    32. Topic D: Security Management Using Group Policy 00:01:03
    33. Security Management Using Group Policy 00:00:50
    34. Configuring User Rights 00:01:25
    35. Managing Security Options 00:01:52
    36. User Account Control 00:02:09
    37. Demo - Managing Security Options 00:05:43
    38. Controlling Applications 00:01:09
    39. Software Restriction Policies 00:03:23
    40. Security Levels 00:01:09
    41. AppLocker 00:01:41
    42. Support for AppLocker 00:00:59
    43. AppLocker Rules 00:01:56
    44. Creating Default Rules 00:03:00
    45. Demo - Controlling Applications Using Group Policy 00:11:36
    46. Configuring the Windows Firewall 00:01:58
    47. Windows Firewall with Advanced Security 00:01:31
    48. Firewall Profiles 00:01:03
    49. Creating Firewall Rules 00:00:24
    50. Configuring the Windows Firewall 00:00:53
    51. Types of Rules 00:01:32
    52. Connection Security Rules 00:01:43
    53. Demo - Configuring Firewalls using Group Policy 00:07:30
    54. Topic E: Managing User Environments 00:00:24
    55. Using Scripts in Group Policy 00:01:18
    56. What is Folder Redirection? 00:01:54
    57. Common Folders for Redirection 00:01:06
    58. Redirection Options 00:01:39
    59. Demo - Configuring Folder Redirection 00:05:39
    60. Deploying Software Using Group Policy 00:02:10
    61. How Software Distribution Works 00:00:44
    62. Using Windows Installer 00:01:36
    63. Software Life Cycle 00:00:58
    64. Deploying Software 00:01:06
    65. Deployment Options 00:02:04
    66. Maintaining Software through Group Policy 00:00:57
    67. Removing Software Deployments 00:00:45
    68. Chapter 05 Summary 00:01:43
    69. Chapter 05 Review 00:00:10
  7. Chapter 06 - Understanding Microsoft Azure AD and Directory Synchronization
    1. Chapter 06 Introduction 00:01:19
    2. Topic A: Planning Directory Synchronization 00:00:19
    3. Overview of Azure AD 00:05:39
    4. Limitations of AD DS 00:02:38
    5. Extending AD DS Authentication 00:03:36
    6. Comparing AD DS and Azure AD 00:01:59
    7. Authentication Options 00:04:55
    8. Planning Directory Synchronization 00:02:57
    9. Enabling AD DS Synchronization 00:02:04
    10. Topic B: Implementing Azure AD Connect 00:00:11
    11. What is Azure AD Connect? 00:01:51
    12. Azure AD Connect Requirements 00:04:02
    13. Azure AD Connect Express Settings 00:01:06
    14. Azure AD Connect Custom Installation 00:02:07
    15. Monitoring Azure AD 00:01:06
    16. Privileged Identity Management 00:01:24
    17. Topic C: Managing Identities with Directory Synchronization 00:00:07
    18. Managing Users 00:08:02
    19. Managing Groups 00:00:56
    20. Filtering Azure AD Connect 00:02:04
    21. Monitoring Directory Synchronization 00:01:47
    22. Troubleshooting Directory Synchronization 00:01:24
    23. Chapter 06 Summary 00:01:29
    24. Chapter 06 Review 00:00:10
  8. Chapter 07 - Monitoring and Recovering AD DS
    1. Chapter 07 Introduction 00:01:26
    2. Topic A: Monitoring AD DS 00:00:16
    3. Performance Monitoring Benefits 00:02:05
    4. Establishing Performance Baselines 00:02:14
    5. Introduction to Monitoring Tools 00:00:51
    6. Event Viewer 00:02:34
    7. Demo - Using Event Viewer 00:05:13
    8. Reliability Monitor 00:01:52
    9. Real-Time Monitoring 00:02:42
    10. Data Collector Sets 00:01:26
    11. Data Collection Points 00:00:49
    12. Common AD DS Counters 00:04:35
    13. Best Practices 00:02:48
    14. Topic B: Database Management 00:00:08
    15. Physical Data Store 00:03:00
    16. Using NTDSUtil 00:02:36
    17. AD DS Maintenance 00:01:28
    18. Topic C: Backup and Recovery in AD DS 00:00:12
    19. Disaster Recovery for Active Directory 00:01:27
    20. Backing Up Active Directory 00:04:17
    21. Using Backup Tools 00:00:40
    22. Backup Requirements 00:01:44
    23. Restoring Data 00:04:28
    24. Additional Restore Options 00:03:54
    25. Demo - Enabling the AD Recycle Bin 00:03:23
    26. Best Practices for Backup and Recovery 00:01:27
    27. Chapter 07 Summary 00:01:58
    28. Chapter 07 Review 00:00:10
  9. Chapter 08 - Implementing Active Directory Certificate Services
    1. Chapter 08 Introduction 00:01:27
    2. Topic A: Overview of Public Key Infrastructure and AD CS 00:00:09
    3. What is a PKI? 00:01:38
    4. Encryption Types 00:02:06
    5. PKI Components 00:01:57
    6. PKI Enabled Applications 00:01:49
    7. Certificate Authorities 00:01:45
    8. CA Types 00:00:50
    9. Internal vs. External CAs 00:03:24
    10. AD CS in Windows Server 2016 00:03:16
    11. Topic B: Deploying Certificate Authority Hierarchy 00:00:14
    12. Decision Factors for CA Hierarchy 00:00:39
    13. CA Hierarchy Roles 00:01:40
    14. Best Practices for CA Hierarchies 00:01:23
    15. Installing Root CAs Part 1 00:01:18
    16. Installing Root CAs Part 2 00:01:17
    17. Demo - Installing a Root CA 00:08:02
    18. Installing Subordinate CAs 00:00:50
    19. Benefits of Using Subordinates 00:01:36
    20. Automating Installations 00:01:59
    21. Topic C: Administering Certificate Authorities 00:00:26
    22. Administration Tools 00:03:09
    23. Configuring CA Security 00:01:23
    24. Security Roles for CA Administration 00:01:59
    25. Policy and Exit Modules 00:01:30
    26. Certificate Revocation Lists (CRL) 00:02:37
    27. Publishing the CRL 00:00:58
    28. Publishing AIAs and CDPs 00:01:14
    29. Topic D: Deploying and Managing Certificates 00:00:08
    30. Digital Certificates 00:01:55
    31. Certificate Templates 00:01:08
    32. Template Versions in Windows Server 2016 00:02:11
    33. Certificate Template Permissions 00:01:13
    34. Updating Templates 00:01:21
    35. Demo - Modifying and Enabling a Certificate Template 00:05:44
    36. Enrollment Types 00:02:02
    37. Manual Enrollment 00:00:58
    38. Automating Enrollment 00:00:36
    39. Autoenrollment Components 00:00:57
    40. Demo - Configuring Autoenrollment 00:07:23
    41. Credential Roaming 00:00:48
    42. Topic E: Managing Revocation and Distribution 00:00:22
    43. Certificate Revocation 00:01:25
    44. Online Responder 00:01:41
    45. Online Responder Process 00:00:51
    46. Comparing CRL and OCSP 00:01:32
    47. Configuring an Online Responder 00:01:01
    48. Topic F: Configuring Certificate Recovery 00:00:16
    49. Importance of Key Archival and Recovery 00:01:03
    50. Key Archival 00:01:27
    51. Data Recovery vs. Key Recovery 00:01:24
    52. Archival Methods 00:00:45
    53. Export Methods 00:00:46
    54. Automating Archival 00:01:01
    55. Recovering Lost Keys 00:01:12
    56. Chapter 08 Summary 00:01:57
    57. Chapter 08 Review 00:00:10
  10. Chapter 09 - Implementing Active Directory Federation Services (AD FS)
    1. Chapter 09 Introduction 00:01:17
    2. Topic A: Overview of AD FS 00:00:10
    3. What is Identity Federation? 00:03:09
    4. Federation Benefits 00:01:36
    5. AD FS Components 00:02:13
    6. Additional AD FS Terms 00:04:03
    7. Identity Federation Scenarios 00:01:49
    8. Business to Business Scenario 00:01:55
    9. Business to Employee Scenario 00:00:47
    10. Business to Consumer Scenario 00:00:32
    11. New Features in Windows Server 2016 00:01:31
    12. Topic B: Planning and Deploying AD FS 00:00:06
    13. AD FS Requirements 00:02:11
    14. Server Roles 00:02:04
    15. Planning High Availability 00:03:05
    16. AD FS Claims 00:02:35
    17. AD FS Claim Rules 00:03:39
    18. Trust Relationships 00:02:32
    19. Installing AD FS 00:02:59
    20. Demo - Installing AD FS 00:08:39
    21. Configuring Partners 00:03:35
    22. Home Realm Discovery 00:02:07
    23. Managing AD FS 00:01:53
    24. Topic C: Overview of Web Application Proxy 00:00:17
    25. Introducing the Web Application Proxy 00:02:49
    26. Web Application Proxy and AD FS Proxy 00:01:47
    27. Authentication Methods 00:02:02
    28. Publishing Software 00:01:27
    29. Chapter 09 Summary 00:01:05
    30. Chapter 09 Review 00:00:10
  11. Chapter 10 - Implementing Active Directory Rights Management Services
    1. Chapter 10 Introduction 00:00:45
    2. Topic A: Overview of AD RMS 00:00:13
    3. Introducing AD RMS 00:02:57
    4. The AD RMS Difference 00:02:58
    5. AD RMS Components 00:02:07
    6. Certificates and Licenses 00:02:36
    7. Protecting Content 00:00:59
    8. Consuming Content 00:01:33
    9. Azure RMS 00:00:58
    10. Topic B: Deploying AD RMS 00:00:10
    11. Deployment Scenarios 00:02:04
    12. Installation Overview 00:01:15
    13. AD RMS Configuration 00:01:08
    14. Demo - Installing AD RMS Cluster 00:05:59
    15. AD RMS Management 00:02:02
    16. External Sharing 00:01:44
    17. Topic C: Protecting Content with AD RMS 00:00:09
    18. Rights Policy Templates 00:01:14
    19. Configuring Templates for Offline Usage 00:00:49
    20. Demo - Configuring Rights Management Templates 00:05:37
    21. Exclusion Policies 00:01:24
    22. Chapter 10 Summary 00:00:45
    23. Chapter 10 Review 00:00:10
    24. Course Closure 00:02:29