| Description |
1 online resource (730 pages) |
| Contents |
Cover -- Copyright -- Credits -- About the Author -- Acknowledgement -- About the Reviewers -- www.PacktPub.com -- Customer Feedback -- Table of Contents -- Preface -- Chapter 1: Active Directory Fundamentals -- Benefits of using Active Directory -- Centralized data repository -- Replication of data -- High availability -- Security -- Auditing capabilities -- Single sign-on -- Schema modification -- Querying and indexing -- Active Directory components -- Logical components -- Forests -- Domains -- Domain trees -- Organizational units -- Physical components -- Domain controllers -- Global catalog server -- Active Directory sites -- Active Directory objects -- Globally unique identifier and security identifier -- Distinguished names -- Active Directory server roles -- Active Directory Domain Service -- Read-only domain controllers -- Active Directory Federation Services -- Active Directory Lightweight Directory Services -- Active Directory Rights Management Services -- Active Directory Certification Services -- Summary -- Chapter 2: Active Directory Domain Services 2016 -- AD DS 2016 features -- Deprecation of Windows Server 2003 domain and forest functional levels -- Deprecation of File Replication Services -- Privileged Access Management -- What is it to do with AD DS 2016? -- What is the logic behind PAM? -- Time-based group memberships -- Microsoft Passport -- Active Directory Federation Services improvements -- Time sync improvements -- Summary -- Chapter 3: Designing Active Directory Infrastructure -- What makes a good system? -- New business requirements -- Correcting legacy design mistakes -- Gathering business data -- Defining security boundaries -- Identifying the physical computer network structure -- Designing the forest structure -- Single forest -- Multiple forest -- Creating the forest structure -- Autonomy -- Isolation |
|
Selecting forest design models -- Organizational forest model -- Resource forest model -- Restricted access forest model -- Designing the domain structure -- Single domain model -- Regional domain model -- The number of domains -- Deciding domain names -- Forest root domain -- Deciding domain and forest functional levels -- Designing the OU structure -- Designing the physical topology of Active Directory -- Physical or virtual domain controllers -- Domain controller placement -- Global catalog server placement -- Summary -- Chapter 4: Active Directory Domain Name System -- What is DNS? -- Hierarchical naming structure -- How DNS works -- DNS essentials -- DNS records -- Start of authority record -- A and AAAA records -- NS records -- MX records -- Canonical name record -- PTR record -- SRV records -- Zones -- Primary zone -- Secondary zone -- Stub zone -- Reverse lookup zone -- DNS server operation modes -- Zone transfers -- DNS delegation -- Summary -- Chapter 5: Placing Operations Master Roles -- FSMO roles -- Schema operations master -- Domain naming operations master -- Primary domain controller emulator operations master -- Relative ID operations master role -- Infrastructure operations master -- FSMO roles placement -- Active Directory logical and physical topology -- Connectivity -- The number of domain controllers -- Capacity -- Moving FSMO roles -- Seize FSMO roles -- Summary -- Chapter 6: Migrating to Active Directory 2016 -- Active Directory Domain Service installation prerequisites -- Hardware requirements -- Virtualized environment requirements -- Additional requirements -- Active Directory Domain Service installation methods -- Active Directory Domain Service deployment scenarios -- Setting up a new forest root domain -- Active Directory Domain Service installation checklist for first domain controller -- Design topology |
|
Installation steps -- Setting up an additional domain controller -- Active Directory Domain Service installation checklist for an additional domain controller -- Design topology -- Installation steps -- Setting up a new domain tree -- Active Directory Domain Service installation checklist for a new domain tree -- Design topology -- Installation steps -- Setting up a new child domain -- Active Directory Domain Service installation checklist for a new child domain -- Design topology -- Installation steps -- How to plan Active Directory migrations -- Migration life cycle -- Audit -- Active Directory logical and physical topology -- Active Directory health check -- System Center Operation Manager and Operation Management Suite -- Active Directory health checklist -- Application audit -- Plan -- Implementation -- Active Directory migration checklist -- Design topology -- Installation steps -- Verification -- Maintain -- Summary -- Chapter 7: Managing Active Directory Objects -- Tools and methods to manage objects -- Active Directory Administrative Center -- The Active Directory Users and Computers MMC -- Active Directory object administration with PowerShell -- Creating, modifying, and removing objects in Active Directory -- Creating Active Directory objects -- Creating user objects -- Creating computer objects -- Modifying Active Directory objects -- Removing Active Directory objects -- Finding objects in Active Directory -- Finding objects using PowerShell -- Summary -- Chapter 8: Managing Users, Groups, and Devices -- Object attributes -- Custom attributes -- User accounts -- Managed Service Accounts -- Group Managed Service Accounts -- Uninstalling Managed Service Account -- Groups -- Group scope -- Converting groups -- Setting up groups -- Devices and other objects -- Best practices -- Summary -- Chapter 9: Designing the OU Structure |
|
OUs in operations -- Organizing objects -- Delegating control -- Group policies -- Containers versus OUs -- OU design models -- The container model -- The object type model -- The geographical model -- The department model -- Managing the OU structure -- Delegating control -- Summary -- Chapter 10: Managing Group Policies -- Benefits of group policies -- Maintaining standards -- Automating administration tasks -- Preventing users from changing system settings -- Flexible targeting -- No modifications to target -- Group Policy capabilities -- Group Policy objects -- Group Policy container -- The Group Policy template -- Group Policy processing -- Group Policy inheritance -- Group Policy conflicts -- Group Policy mapping and status -- Administrative templates -- Group Policy filtering -- Security filtering -- WMI filtering -- Group Policy preferences -- Item-level targeting -- Loopback processing -- Group Policy best practices -- Summary -- Chapter 11: Active Directory Services -- The AD LDS overview -- Where to use LDS? -- Application developments -- Hosted applications -- Distributed data stores for Active Directory integrated applications -- Migrating from other directory services -- The LDS installation -- The Active Directory replication -- FRS versus DFSR -- Prepared state -- Redirected state -- Eliminated state -- Active Directory sites and replication -- Replication -- Authentication -- Service locations -- Sites -- Subnets -- Site links -- Site link bridges -- Managing Active Directory sites and other components -- Managing sites -- Managing site links -- The site cost -- Inter-site transport protocols -- Replication intervals -- Replication schedules -- Site link bridge -- Bridgehead servers -- Managing subnets -- How does replication work? -- Intra-site replications -- Inter-site replications -- Knowledge Consistency Checker |
|
How update occurs? -- The update sequence number -- Directory Service Agent GUID and invocation ID -- The high watermark vector table -- The up-to-dateness vector table -- The read-only domain controllers -- Active Directory database maintenance -- The ntds.dit file -- The edb.log file -- The edb.chk file -- The temp.edb file -- Offline defragmentation -- Active Directory backup and recovery -- Preventing accidental deletion of objects -- Active Directory Recycle Bin -- Active Directory snapshots -- Active Directory system state backup -- Active Directory recovery from system state backup -- Summary -- Chapter 12: Active Directory Certificate Services -- PKI in action -- Symmetric keys versus asymmetric keys -- Digital encryption -- Digital signatures -- Signing, encryption, and decryption -- Secure Sockets Layer certificates -- Types of certification authorities -- How do certificates work with digital signatures and encryption? -- What can we do with certificates? -- Active Directory Certificate Service components -- The certification authority -- Certificate Enrollment Web Service -- Certificate Enrollment Policy Web Service -- Certification Authority Web Enrollment -- Network Device Enrollment Service -- Online Responder -- The types of CA -- Planning PKI -- Internal or public CAs -- Identifying the object types -- Cryptographic provider -- The cryptography key length -- Hash algorithms -- The certificate validity period -- The CA hierarchy -- High availability -- Deciding certificate templates -- The CA boundary -- PKI deployment models -- The single-tier model -- The two-tier model -- Three-tier models -- Setting up PKI -- Setting up a stand-alone root CA -- DSConfigDN -- CDP locations -- AIA locations -- CA time limits -- CRL time limits -- The new CRL -- Publishing the root CA data into the Active Directory -- Setting up the issuing CA |
| Summary |
Become a master at managing enterprise identity infrastructure by leveraging Active DirectoryAbout This Book* Manage your Active Directory services for Windows Server 2016 effectively* Automate administrative tasks in Active Directory using PowerShell* Manage your organization's network with easeWho This Book Is ForIf you are an Active Directory administrator, system administrator, or network professional who has basic knowledge of Active Directory and are looking to gain expertise in this topic, this is the book for you. What You Will Learn* Explore the new features in Active Directory Domain Service 2016* Automate AD tasks with PowerShell* Get to know the advanced functionalities of the schema* Learn about Flexible Single Master Operation (FSMO) roles and their placement* Install and migrate Active directory from older versions to Active Directory 2016* Manage Active Directory objects using different tools and techniques* Manage users, groups, and devices effectively* Design your OU structure in the best way* Audit and monitor Active Directory* Integrate Azure with Active Directory for a hybrid setupIn DetailActive Directory is a centralized and standardized system that automates networked management of user data, security, and distributed resources and enables interoperation with other directories. If you are aware of Active Directory basics and want to gain expertise in it, this book is perfect for you. We will quickly go through the architecture and fundamentals of Active Directory and then dive deep into the core components, such as forests, domains, sites, trust relationships, OU, objects, attributes, DNS, and replication. We will then move on to AD schemas, global catalogs, LDAP, RODC, RMS, certificate authorities, group policies, and security best practices, which will help you gain a better understanding of objects and components and how they can be used effectively. We will also cover AD Domain Services and Federation Services for Windows Server 2016 and all their new features. Last but not least, you will learn how to manage your identity infrastructure for a hybrid-cloud setup. All this will help you design, plan, deploy, manage operations on, and troubleshoot your enterprise identity infrastructure in a secure, effective manner. Furthermore, I will guide you through automating administrative tasks using PowerShell cmdlets. Toward the end of the book, we will cover best practices and troubleshooting techniques that can be used to improve security and performance in an identity infrastructure. Style and approachThis step-by-step guide will help you master the core functionalities of Active Directory services using Microsoft Server 2016 and PowerShell, with real-world best practices at the end |
| SUBJECT |
Microsoft Windows (Computer file)
|
|
Microsoft Windows (Computer file) fast |
| Subject |
Directory services (Computer network technology)
|
|
Computer networks -- Security measures.
|
|
Windows PowerShell (Computer program language)
|
|
Data protection.
|
|
COMPUTERS -- Networking -- General.
|
|
COMPUTERS -- Operating Systems -- Windows Server.
|
|
COMPUTERS -- System Administration -- General.
|
|
Computer networks -- Security measures
|
|
Data protection
|
|
Directory services (Computer network technology)
|
|
Windows PowerShell (Computer program language)
|
| Form |
Electronic book
|
| ISBN |
9781787283077 |
|
1787283070 |
|
