|
COURSE
SERIES |
400 |
|
TITLE |
Windows Server 2003 Infrastructure
Services Upgrade |
|
DURATION |
5
days |
|
CONTENT
LEVEL |
Advanced
/ Subject Matter Expert |
|
KEYWORDS |
Installation,
Domain, Telnet, Terminal Services, DNS, Server, DCPROMO, Group
Policy, TCP/IP, DHCP, ASR, Active Directory, Architecture,
Forest, Kerberos, Administration, Disaster Recovery,
Partition, UPN, Script, Remote, Migration, Trust, Scripting,
Automation |
|
COURSE
FOCUS |
Architecture,
Configuration, Administration,
Internals |
|
DELIVERY
METHOD |
Instructor
Led / VIL |
|
LEARNING
TECHNIQUES |
Interactive
Lecture, Hands-on |
|
COURSEWARE
PROVIDED |
MSEtechnology
digital curriculum, Procedural guides, Whitepapers, Automation
scripts, available Microsoft curriculum (post class study
aids) |
Course
Summary
This class is designed for
Microsoft infrastructure personnel specializing in Windows 2000/Server 2003
. It provides
detailed information on the upgraded/new features incorporated
within Windows Server 2003. The learning time is balanced between
theoretical tuition, hands-on labs and demonstrations which are
designed to reflect an understanding of the technology topics
previously covered. The
course will provide students with the necessary skills to
successfully work in environments utilizing the latest Windows based
operating systems.
Upon completion of the class,
students will be able to:
§
Install/upgrade and configure
Windows Server 2003
§
Define the architectural
enhancements to Windows Server 2003
§
Define and configure a Windows
Server 2003 Active Directory
§
Design and implement a
multi-forest solution
§
Define and implement Windows
Server 2003 DNS
§
Define and configure Windows
Server 2003 Kerberos
§
Define and conduct an Automated
System Recovery (ASR)
§
Define, implement and administer
Windows Server 2003 Group Policy
§
Perform a migration (including
account passwords) using the Active Directory Migration Tool
§
Enable and configure Windows
Server 2003 Terminal Services
§
Utilize the enhanced command
line management tools
§
Script repetitive administrative
tasks
Classroom
Dynamics
The learning
environment is highly interactive and geared toward real world
product usage employing a balance of detailed architectural
information and practical design and configuration scenarios.
Students are continually tasked with simulation exercises and work
individually or together as a team in order to achieve a pre-defined
objective. The class provides a forum that allows the students to
put into practice many of the advanced technologies discussed
throughout the training program. Course progression and content
depth are tailored dynamically.
Curriculum
Focus
Deployment and product
overview
Integrated lecture and lab
DURATION 2 hours
(Estimated
duration 2 hours)
- Fresh
installation
- Upgrading/
Windows Server 2003 product offerings
- Unattended
installation
- Bulk
deployment
Architectural
enhancements/Product changes
Integrated lecture and lab
DURATION 4 hours
- Miscellaneous
enhancements
(Estimated
duration 2.5 hours)
- 64 bit
support
- Graphical
interface
- Transport
protocols
- DNS
client
- NIC
(Network Interface Card) repair
- Stored
Usernames and password applet
- Volume
shadow copies
- Help and
Support
(Estimated
duration 0.5 hours)
- Effective
permissions
- Drag and
Drop behavior
- Enhanced
object picker
Infrastructure services
Integrated lecture and lab
DURATION 6 hours
(Estimated
duration 1 hour)
- DDNS client
registration (alternate credentials (downlevel available via
Service Pack))
(Estimated
duration 5 hours)
- Application
partitions
- Forest wide zone
replication
- DNS server
only zone replication
- Domain wide
zone replication (downlevel compatible)
- Stub
zones
- Conditional
forwarding
- EDNS0
Active Directory Internals (common
functionality)
Integrated lecture and lab DURATION 4
hours
- Active
Directory design, configuration and replication internals
(Estimated
duration 4 hours)
o
Replication
fundamentals
§
Multi-master
§
Loose
consistency with convergence
§
Naming
contexts/Partitions
§
Replication
partners
§
Replication
topologies
§
Originating
updates
§
Replicated
updates
§
Conflict
resolution
§
The
physical repository
§
SYSVOL
§
File
Replication Service (FRS)
o
Naming
contexts (logical database structure)
§
Configuration
§
Schema
§
Domain
§
Partial
replicas
o
Schema
§
Defining
the schema
§
Defining
a schema change policy
o
Instantiating
and referencing objects
§
Constructing
a distinguished name
o
Security
principals
§
Security
Identifiers (SID)
§
SID
history
o
Replication
transports
§
Remote
Procedure Call (RPC)
·
Encrypted
- Intrasite
·
Compressed
- Intersite
§
Simple
Message Transfer Protocol (SMTP)
·
Encrypted
Intersite only
o
Replication
topologies
§
Knowledge
Consistency Checker (KCC)
§
Intersite
Topology Generator (ISTG)
o
Selecting
a replication transport
§
High
bandwidth vs. low bandwidth
§
Persistent
connections vs. dial-on-demand
§
Uni-directional
dial-on-demand
o
Creating
replication routes through the network
§
Defining
sites
§
Defining
subnets
§
Bridgehead
servers
o
Object
storage
§
Record/Page
size
§
Group
Policy
§
Physical storage and replication
Advanced Active Directory
Internals (common functionality)
Integrated lecture and lab
continued
o
Single
domain vs. multiple domain structures
§
Business
motivators
§
Placeholder
forest root
§
Domain
trees
§
Determining
the need
o
Replication
internals
§
Incremental
replication
§
Propagation
dampening
§
Time
synchronization
§
Conflict
resolution
o
Flexible
Single Masters of Operation (FSMO)
§
Schema
§
Domain
Naming
§
Primary
Domain Controller (PDC)
§
Infrastructure
Master (IM)
§
Relative
Identifier (RID)
o
Critical
non FSMO Active Directory roles
§
Bridgehead
servers (BHS)
§
Intersite
Topology Generator (ISTG)
§
Global
Catalog Servers (GC)
o
Automatic
and manual role assignment
§
FSMO
role assignment
·
Transfer
vs. seize
·
Implication
of role seizure
§
Non
FSMO role assignment
o
Foreign
Security Principals and Phantoms
§
Definition
§
Differences
§
Implications
o
Physical
database structure
§
Joint
Engine Technologies (JET)
§
Extensible
Storage Engine (ESE)
§
Distinguished
Name Tag (DNT)
§
Globally
Unique Identifiers (GUID)
§
Table
structure
o
Optimization
§
Online
compression vs. offline compression
§
Requirements
§
Recommendations
o
Proven
extensibility
§
Maximum
number of objects
§
Maximum
size of repository
Active Directory
enhancements
Integrated lecture and lab
DURATION 15 hours
- Active
Directory enhancements
(Estimated
duration 11 hours)
- DCPROMO
from media
- Reset DSRM
password
- Domain
modes/Forest modes (Behavioral
versioning)
- Downlevel/Uplevel
mixed environments
- Active
Directory internals
- Schema
delete
- Containerized
indexing
- Support
for inetOrgPerson (RFC 2798)
- Attribute
scoped queries
- Dynamic
objects
- Operational
attributes
- Display
specifiers
- Search
flags
- AdminSDholder
- Linked
value multi-value replication
- Multi-site
scalability
- LogonTimeStamp
replication
- Extending
the interface
- Display
Specifiers
- Custom
scripting
- Global
Catalog
- Universal
group membership caching
- Efficient
schema extension replication
- Domain
Controller renames
- Behavioral
requirements
- Potential
impact
- Domain
renames
- Behavioral
requirements
- Potential
impact
- Multi-Forest
enhancements
(Estimated
duration 4 hours)
- Cross-forest
trusts
- Downlevel
trust management
- Single
forest vs. multiple forests
- Business
justification
- Ntier
service constraints
- SID
filtering/SID spoofing/Authentication firewall
- UPN
suffix name routing between forests
- Behavioral
requirements
- Limitations
Centralized
configuration
Integrated lecture and lab
DURATION 4 hours
(Estimated
duration 4 hours)
- Policy
application
- Operating
System defaults
- Asynchronous
vs. synchronous
- Implications
- Resultant
Set of Policy (RSoP)
- Planning
mode vs. logging mode
- Software
restriction policies
- File name
or path
- Certificate
- URL
- MD5
hash
- Refreshing
Group Policy
- Manual
refresh (GPUPDATE.EXE)
- Automatic
refresh frequency
- Limitations
- Group
Policy Template enhancements and
deployment
- WMI
filtering
- WMI
syntax
- Command
line interface
- Group
Policy in a mixed environment
Authentication
Integrated lecture and
lab/demonstration
DURATION 3 hours
(Estimated
duration 3 hours)
- Kerberos
objectives
- Kerberos
concepts
- Encryption
and digest technologies
- Dependencies
- The
authentication procedure
- Implementation
specific details
- Configuration
Disaster recovery
Integrated lecture and
lab/demonstration
DURATION 3 hours
- Automated
System Recovery (ASR)
(Estimated
duration 3 hours)
- Downlevel
manual system recovery (overview)
- ASR
concepts
- 3rd
party extensions
- Supported
backup tools
- Supported
backup media
Disaster recovery
Integrated lecture and
lab/demonstration
continued
- Temporal
service issues
- Active
Directory
- Certificate
Services
- DHCP/WINS
- Limitations
- Plug and
Play
- Disk
constraints
- Network
and video issues
Remote usage and
Administration
Integrated lecture and lab
DURATION 5 hours
(Estimated
duration 5 hours)
- Client
support
- Console
redirection
- Terminal
Server modes
- Remote
Administration vs. Application
- Fast User
Switching (FUS)
- Remote
Assistance
- Miscellaneous
enhancements
- Device
redirection
- Audio
mapping
- Smartcards
- Local
media and devices
- Enhanced
security
- Group
Policy integration
-
Enterprise
configuration
- Improved
scalability
- Clustering
- Session
directory
Scripted Administration
Integrated lecture and lab
DURATION 3 hours
- Enhanced
command line interface
(Estimated
duration 3 hours)
- Command
shell overview
- Shell
scripting overview
- For, in,
do loops
- Conditional
branching
- Special
operators
- String
manipulation
- File
handling
- Piping
and redirection
- Miscellaneous
tools
- Process
management
- Service
management
- Event
management
Scripted Administration
Integrated lecture and lab
continued
- Disk
management
- IPsec
policy management
- Active
Directory tools
- DS*.EXE
- Query,
create, modify, move, delete
- Resultant
Set of Policy (RSoP)
- Other
Group Policy related tools
- Telnet
services
- Server
administration and configuration
- Security
