Implementing
and Administering Microsoft Windows 2000 Directory Services
Course Length: 5 days
Course
Overview
This course is
designed to provide students with the knowledge and skills necessary to install,
configure, and administer Microsoft Windows 2000 Active Directory directory
services. The course also focuses on implementing Group Policy and performing
the Group Policy–related tasks that are required to centrally manage users and
computers.
At
Course Completion
At
the end of the course, students will be able to:
- Identify the concepts of the Active Directory directory
service and its logical and physical structures.
- Implement a Domain Name System (DNS) infrastructure
in preparation for installing Active Directory.
- Install Active Directory on a computer running
Windows 2000 Server, and perform post-installation tasks.
- Set up and administer domain user accounts and
groups.
- Publish resources, including printers and shared
folders, in Active Directory.
- Delegate administrative control of Active Directory
objects in Windows 2000.
- Implement Group Policy.
- Manage user environments by using Group Policy.
- Use Group Policy to deploy software.
- Create and manage trees and forests in a Windows 2000
network, and administer forest-wide resources.
- Manage Active Directory replication within a site
and between sites.
- Manage operations masters.
- Manage and restore the Active Directory database.
- Implement an Active Directory infrastructure that
is based on the business requirements of a fictitious organization.
Exam Preparation
This course will help you prepare for Microsoft exams 70-217 and 70-219.
Prerequisites
- Course 2151, Microsoft Windows
2000 Network and Operating System Essentials, or equivalent skills and knowledge.
- Course 2152, Implementing Microsoft Windows 2000 Professional
and Server, or equivalent knowledge and skills. These include:
- Installing Windows 2000
- Using administrative tools in Windows 2000
- Configuring hard disks and partitions
- Creating users
- Creating and using security groups to manage access to
resources
- Creating and administering printers
- Setting up and administering permissions for files and
folders
- Course 2153, Implementing a Microsoft Windows 2000 Network
Infrastructure, or equivalent knowledge and skills. This includes installing
and configuring Transmission Control Protocol/Internet Protocol (TCP/IP),
DNS, and Certificate Services.
- A thorough understanding of DNS, including hands-on experience
configuring DNS, and setting up forward and reverse lookup zones.
Course Outline
Section
1: Introduction to Active Directory in Windows 2000
Introduction to
Active Directory
Active Directory Logical Structure
Active Directory Physical Structure
Methods for Administering a Windows 2000 Network
Students will be able to:
- Describe the function of Active Directory.
- Describe the logical structure of Active Directory.
- Describe the physical structure of Active Directory.
- Describe the methods for administering a Windows 2000
network.
Section 2: Implementing DNS to Support
Active Directory
Introduction to
the Role of DNS in Active Directory
DNS and Active Directory
DNS Name Resolution in Active Directory
Active Directory Integrated Zones
Installing and Configuring DNS to Support Active Directory
Students
will be able to:
- Install and configure
DNS to support an installation of Active Directory.
Section 3: Creating a Windows 2000
Domain
Introduction to
Creating a Windows 2000 Domain
Installing Active Directory
The Active Directory Installation Process
Examining the Default Structure of Active Directory
Performing Post Active Directory Installation Tasks
Troubleshooting the Installation of Active Directory
Removing Active Directory
Students
will be able to:
- Create a Windows 2000 domain by installing Active Directory.
- Examine the default structure of Active Directory.
- Perform post Active Directory installation tasks.
- Troubleshoot common problems that may occur when
installing Active Directory.
- Remove Active Directory by using the Active Directory
Installation wizard.
Section 4: Setting Up and Administering
Users and Groups
Introduction to
User Accounts and Groups
User Logon Names
Creating Multiple User Accounts
Administering User Accounts
Using Groups in Active Directory
Strategies for Using Groups in a Domain
Troubleshooting Domain User Accounts and Groups
Students
will be able to:
- Create multiple user accounts by importing user information
into Active Directory.
- Administer user accounts.
- Use groups to manage access to domain resources.
- Implement strategies for using security groups
to manage access to domain resources.
- Troubleshoot common problems with administering
user accounts and groups.
Section 5: Publishing Resources
in Active Directory
Introduction to
Publishing Resources
Setting Up and Administering Published Printers
Implementing Printer Locations
Setting Up and Administering Published Shared Folders
Comparing Published Objects and Shared Resources
Troubleshooting Published Resources
Students
will be able to:
- Set up and administer published printers in Active Directory.
- Set up printer locations for published printers.
- Set up and administer published shared folders
in Active Directory.
- Troubleshoot common problems with publishing resources
in Active Directory.
Section 6: Delegating Administrative
Control
Object
Security in Active Directory
Controlling Access to Active Directory Objects
Delegating Administrative Control of Active Directory Objects
Customizing MMC Consoles
Setting Up Taskpads
Students
will be able to:
- Manage object security in Active Directory.
- Control access to Active Directory objects.
- Delegate administrative control of Active Directory
objects.
- Create and deploy customized consoles.
- Create and deploy customized taskpads.
- Apply best practices for delegating administrative
control.
Section 7: Implementing Group Policy
Introduction to
Group Policy
Group Policy Structure
Working with Group Policy Objects
How Group Policy Settings Are Applied in Active Directory
Modifying Group Policy Inheritance
Delegating Administrative Control of Group Policy
Monitoring and Troubleshooting Group Policy
Students
will be able to:
- Describe the role of SMTP, Extension
to SMTP (ESMTP), and DNS in Exchange 2000.
- Configure multiple SMTP domain names.
- Configure an SMTP virtual server.
- Configure an SMTP connector.
- Choose the tools for troubleshooting SMTP connectivity.
Section
8: Message Routing and Microsoft Exchange 2000
Message Routing and Routing Groups
Connecting Routing Groups
Determining Link Status
Routing Messages
Students
will be able to:
- Define message routing and routing groups, create routing
groups, explain how message transfer works between servers running Exchange
2000 installed in the same routing group and installed in different routing
groups, and compare how routing groups work in mixed and native mode.
- Describe each of the connectors you can use to
connect routing groups, including the routing group connnector, SMTP connector,
and the X.400 connector.
- Describe how Exchange uses the link state table
and the link state algorithm to determine link status.
- Outline how Exchange 2000 selects a message route,
how Exchange routes messages between multiple routing groups, and how Exchange
routes messages outside of an Exchange 2000 organization.
Section
9: Message Flow in Microsoft Exchange 2000
Message Flow Architecture
Working with Failed Links
Message Tracking
Students
will be able to:
- Describe
the message flow architecture in Exchange 2000.
- Describe how Exchange 2000 handles failed links,
including recovering a link and rerouting messages.
- Enable message tracking as well as subject logging,
and explain how to use tracking to troubleshoot message delivery.
Section
10: Configuring Internet Protocols
IIS Integration with Exchange 2000
Examining Client Connectivity and Security
Kerberos Authentication
Front-End/Back-End Server Configuration and Security
Configuring NNTP Services
Troubleshooting Client Connectivity by Using Telnet
Students will be able to:
- Describe the functionality that is provided by the integration
of IIS with Exchange 2000.
- Describe the message transfer process and the security
options for Internet clients using IMAP4 and POP3. In addition, describe how
Lightweight Directory Access Protocol (LDAP) is used in the message transfer
process.
- Describe the Kerberos protocol version 5 authentication
process.
- Explain the authentication process and the different
firewall configuration options when using front-end/back-end servers.
- Configure a NNTP virtual server, create and store
newsgroups, and create newsfeeds.
- Troubleshoot client connectivity using by Telnet.
Section
11: Accessing Microsoft Exchange 2000 with Outlook Web Access
Examining Outlook Web Access Components
and Process
Configuring an HTTP Virtual Server
Securing Outlook Web Access Communication
Students
will be able to:
- Describe
the benefits of Outlook Web access, the capabilities that Web Distributed
Authoring and Versioning (WebDAV) provide to Outlook Web Access users, and
the clients that are supported by Outlook Web Access.
- Explain the function of each component used by
Outlook Web Access to process a client request in a single server environment
and front-end/back-end environment.
- Create and configure an HTTP virtual server.
- Describe the authentication and encryption methods
available when using Outlook Web Access with a single server configuration
and a back-end/front-end server configuration.
Section
12: Configuring Instant Messaging
Introduction to Instant Messaging
Basics of Instant Messaging
Instant Messaging Terminology
Instant Messaging Components
Installing and Configuring Instant Messaging
Instant Messaging Operations and Considerations
Best Practices
Students
will be able to:
- Describe how Instant Messaging works and how it is configured.
- Identify and describe the components of Instant
Messaging.
- Install and configure Instant Messaging server
components and Instant Messaging clients.
- Describe the Instant Messaging process and identify
security considerations.
- Identify best practices for working with Instant
Messaging.
Section
13: Monitoring Microsoft Exchange 2000
Tools for Monitoring Exchange 2000
Monitoring Exchange 2000 by Using The Performance Console
Monitoring Exchange 2000 by Using Monitoring And Status
Logging and Viewing Diagnostic Data
Students
will be able to:
- Describe the tools that you use to monitor the performance
of a computer running Exchange 2000.
- Identify resource bottlenecks by monitoring Exchange
2000 and Windows® 2000 performance objects and
counters using Performance Logs and Alerts and System Monitor.
- Monitor services and resources, create notifications,
and view server and connector status by using Monitoring and Status.
- Assess system efficiency by configuring diagnostic
logging on components and using Event Viewer to view the log files.
Section
14: The Microsoft Exchange 2000 Challenge
The Exchange 2000
Challenge is an activity used to review the entire course and inspire classroom
discussions.