Welcome!!Further Your Career and Education with Microsoft Certifications
Cram Class 101• Introductions• The Power of Your ITT Student email• Logon to Alex’s Cloud• Microsoft Virtual Academy• TechNet Virtual Labs• Microsoft Press & Learning• Various Student Links• ITT’s MSDN AA• Download and install Windows Server 2008 R2• Introduction of Exam 70-640: Windows Server 2008 R2, Configuring Active Directory
Your ITT Student Email• The power of your student email – Designates you as a student from a valid institution • Discounts • Free access to dozens of websites • Access to the ITT MSDN AA – Is a Microsoft Passport • Access to SkyDrive (Free 25 GB) • Access to multiple Microsoft websites• Get in the habit of using your ITT email!!
Alex’s Cloud• Send me an email to get access to Alex’s Cloud – Use your ITT email! – www.euphoriaalbums.com• Use the site to stay up-to-date with Cram Class schedules, upcoming events, and free material• Communicate with the other class members• Follow on Facebook and Google+ – Use that site until I have the other domain ready• Currently working with Microsoft to expand my Office 365 account for our classes. – www.alexscloud.sharepoint.com
Microsoft Virtual Academy• Improve your IT skill set and help advance your career with a free, easy to access training portal. Learn at your own pace, focusing on Microsoft technologies, gain points and get recognition.• Register with your ITT email!!• Click the logo to visit the website!
TechNet Virtual Labs• TechNet Virtual Labs enable you to quickly evaluate and test Microsofts newest products and technologies through a series of guided, hands-on labs that you can complete in 90 minutes or less. There is no complex setup or installation required, and you can use TechNet Virtual Labs online immediately, free.• Register with your ITT email!!• Click the logo to visit the site!
Microsoft Press & Learning• Microsoft offers a series of books entitled Exam Kits that will help you study for the associated exams at your own pace.• The books include step-by-step instructions, detailed overviews, labs, and practice exam questions.• Microsoft’s Learning site and blog will keep you up-to- date with the latest in certifications and publications• Microsoft Press• Microsoft Learning• Each of these can be followed on Facebook and Google+.
Various Student Links• Born to Learn• Microsoft Dreamspark• Microsoft Student• Microsoft Student Lounge• Microsoft IT Academy Program• Microsoft Education• MSDN• On The Hub
ITT’s MSDN AA• As an ITT student, you should have received an email at your ITT email with instructions to the MSDN Academic Alliance website. – Which is now powered by OnTheHub and Dreamspark. – ITT MSDN AA• If you have not received this email, use the link above and using your ITT email, use the password recovery.• On the MSDN AA there are over 150 Microsoft Operating Systems, programs, and applications (with Product Keys) for you to download and use.• For those of you that are IEEE members, they also have access to the MSDN AA and sometimes offer better resources, but not always.
Windows Server 2008 R2• Now that everyone has access to ITT’s MSDN AA…• Download Windows Server 2008 R2 w SP1. – Make sure to save your Product Keys in a text file with the ISO file. – The first key is for Standard, the second key is for Enterprise and Web Server, and the third key is for Datacenter.• Don’t worry, I have the ISO already downloaded! – Just use your product keys to activate it.
VM Management• The key is have one instance of each of your VMs at a neutral state. – Nothing installed, just a clean install and the product activated. – Use VMWorkstation, VMPlayer, or Virtual PC to clone the VM. – Or just copy the VM to another folder if you do not have that option.• This will save on using up your Product Keys!
Exam 70-640: Configuring Active Directory• Configuring Domain Name System (DNS) for Active • Configuring the Active Directory infrastructure (17 %) Directory (17%) • Configure a forest or a domain.• Configure zones. – May include but is not limited to: remove a domain; – May include but is not limited to: Dynamic DNS perform an unattended installation; Active Directory (DDNS), Non-dynamic DNS (NDDNS), and Secure Dynamic Migration Tool (ADMT) ; change forest and domain DNS (SDDNS); Time to Live (TTL); GlobalNames; functional levels; interoperability with previous versions of Primary, Secondary, Active Directory Integrated, Stub; SOA; Active Directory; multiple user principal name (UPN) zone scavenging; forward lookup; reverse lookup suffixes; forestprep; domainprep • Configure trusts.• Configure DNS server settings. – May include but is not limited to: forest trust; selective – May include but is not limited to: forwarding; root hints; authentication vs. forest-wide authentication; transitive configure zone delegation; round robin; disable recursion; trust; external trust; shortcut trust; SID filtering debug logging; server scavenging • Configure sites. – May include but is not limited to: create Active Directory subnets; configure site links; configure site link costing;• Configure zone transfers and replication. configure sites infrastructure – May include but is not limited to: configure replication • Configure Active Directory replication. scope (forestDNSzone; domainDNSzone); incremental zone transfers; DNS Notify; secure zone transfers; configure – May include but is not limited to: DFSR; one-way name servers; application directory partitions replication; Bridgehead server; replication scheduling; configure replication protocols; force intersite replication • Configure the global catalog. – May include but is not limited to: Universal Group Membership Caching (UGMC); partial attribute set; promote to global catalog • Configure operations masters. – May include but is not limited to: seize and transfer; backup operations master; operations master placement; Schema Master; extending the schema; time service
Exam 70-640: Configuring Active Directory• Configuring Active Directory Roles and Services (14 %) • Creating and maintaining Active Directory objects (18 %)• Configure Active Directory Lightweight Directory Service (AD LDS). • Automate creation of Active Directory accounts. – May include but is not limited to: migration to AD LDS; configure – May include but is not limited to: bulk import; configure the data within AD LDS; configure an authentication server; Server UPN; create computer, user, and group accounts Core Installation (scripts, import, migration); template accounts; contacts;• Configure Active Directory Rights Management Service (AD RMS). distribution lists; offline domain join – May include but is not limited to: certificate request and installation; self-enrollments; delegation; create RMS templates; • Maintain Active Directory accounts. RMS administrative roles; RM Add-on for IE – May include but is not limited to: manage computer• Configure the read-only domain controller (RODC). accounts; configure group membership; account resets; – May include but is not limited to: replication; Administrator role delegation; AGDLP/AGGUDLP; deny domain local group; separation; read-only DNS; BitLocker; credential caching; password local vs. domain; Protected Admin; disabling accounts vs. replication; syskey; read-only SYSVOL; staged install deleting accounts; deprovisioning; contacts; creating• Configure Active Directory Federation Services (AD FSv2). organizational units (OUs); delegation of control; protecting – May include but is not limited to: install AD FS server role; AD objects from deletion; managed service accounts exchange certificate with AD FS agents; configure trust policies; • Create and apply Group Policy objects (GPOs). configure user and group claim mapping; import and export trust – May include but is not limited to: enforce, OU policies hierarchy, block inheritance, and enabling user objects; group policy processing priority; WMI; group policy filtering; group policy loopback; Group Policy Preferences (GPP) • Configure GPO templates. – May include but is not limited to: user rights; ADMX Central Store; administrative templates; security templates; restricted groups; security options; starter GPOs; shell access policies • Deploy and manage software by using GPOs. – May include but is not limited to: publishing to users; assigning software to users; assigning to computers; software removal; software restriction policies; AppLocker • Configure account policies. – May include but is not limited to: domain password policy; account lockout policy; fine-grain password policies • Configure audit policy by using GPOs. – May include but is not limited to: audit logon events; audit account logon events; audit policy change; audit access privilege use; audit directory service access; audit object access; advanced audit policies; global object access auditing; “Reason for Access” reporting
Exam 70-640: Configuring Active Directory• Maintaining the Active Directory environment (18 • Configuring Active Directory Certificate Services %) (15 %)• Configure backup and recovery. • Install Active Directory Certificate Services. – May include but is not limited to: using Windows – May include but is not limited to: certificate authority Server Backup; back up files and system state data to (CA) types, including standalone, enterprise, root, and media; backup and restore by using removable media; subordinate; role services; prepare for multiple-forest perform an authoritative or non-authoritative deployments restores; linked value replication; Directory Services • Configure CA server settings. Recovery Mode (DSRM); backup and restore GPOs; configure AD recycle bin – May include but is not limited to: key archival; certificate database backup and restore; assigning• Perform offline maintenance. administration roles; high-volume CAs; auditing – May include but is not limited to: offline • Manage certificate templates. defragmentation and compaction; Restartable Active Directory; Active Directory database mounting tool – May include but is not limited to: certificate template types; securing template permissions; managing• Monitor Active Directory. different certificate template versions; key recovery – May include but is not limited to: event viewer agent subscriptions; data collector sets; real-time • Manage enrollments. monitoring; analyzing logs; WMI queries; PowerShell – May include but is not limited to: network device enrollment service (NDES); auto enrollment; Web enrollment; extranet enrollment; smart card enrollment; authentication mechanism assurance; creating enrollment agents; deploying multiple-forest certificates; x.509 certificate mapping • Manage certificate revocations. – May include but is not limited to: configure Online Responders; Certificate Revocation List (CRL); CRL Distribution Point (CDP); Authority Information Access (AIA)
Next Class Feb 4, 2012• At home • Class #2 – Logon to Alex’s Cloud – We will start off with and download the PDF PowerPoint slides and and CD Contents if you lecture from study haven’t already done so. material that I have. – Clone your new VM of – Get ready to dive into Server and create AD! another VM for Server – Then will we review Standard Core to use the some exam questions. labs in the book.