Module 4: Managing Security

Download Report

Transcript Module 4: Managing Security 

Module 12: Implementing
an Active Directory
Domain Services
Infrastructure
®
Module Overview
• Overview of the AD DS Deployment
• Planning a Group Policy Strategy
Lesson 1: Overview of the AD DS Domain
• Overview of the Current AD DS Domain Design
• Overview of the Required AD DS Domain Design
• Overview of the AD DS Site Design
Overview of the Current AD DS Domain Design
Forest Root
Domain
WoodgroveBank.com
EMEA.WoodgroveBank.com
Asia.WoodgroveBank.com
Overview of the Required AD DS Domain Design
Forest Root
Domain
Separate Tree
WoodgroveBank.com
Contoso.com
EMEA.WoodgroveBank.com Asia.WoodgroveBank.com
Contoso.com will join the WoodgroveBank forest in a separate tree
Overview of the AD DS Site Design
London_Site
New Site
NYC-Head-Office
NYC-Branch-Office
New Site
Tokyo_Site
Contoso
Miami_Site
Two new sites will be created
•Contoso site
•NYC-Branch-Office site
Lesson 2: Planning a Group Policy Strategy
• Overview of the AD DS Domain Controller Deployment
• Overview of Forest Trust Relationships
Overview of Domain Controller Deployment
New
RODC
NYC-DC3
London_Site
NYC_Site
NYC-Branch-Office
New
ContosoDC
Tokyo_Site
Contoso
RODC
Miami_Site
Lab A: Deploying Active Directory
Domain Services
• Exercise 1: Installing an RODC onto Server Core and
Creating a Branch Office Site
• Exercise 2: Creating a Domain in a Separate Tree and
Separate Site
Logon information
Virtual machine
NYC-DC1, NYC-SRV1
User name
Administrator
Password
Pa$$w0rd
Estimated time: 120 minutes
Lab A: Review
• How do sites control logon traffic?
• What is the advantage of having separate trees in the
forest for Woodgrove Bank?
Overview of Forest Trust Relationship
Forest Root
Domain
Separate Tree
Forest Root
Domain
Forest Trust
WoodgroveBank.com
Contoso.com
Fabrikam.com
EMEA.WoodgroveBank.com Asia.WoodgroveBank.com
The Fabrikam.com forest will have a forest trust relationship
with the WoodgroveBank forest
Lab B: Configuring Forest Trusts
• Exercise: Upgrading the Fabrikam Domain and Create a
Forest Trust with Woodgrove Bank
Logon information
Virtual machine
NYC-DC1, NYC-DC2, VAN-DC1, NYC-SRV1,
NYC-RAS
User name
Administrator
Password
Pa$$w0rd
Estimated time: 60 minutes
Lab B Review
• What tasks must be performed before a Windows Server
2008 can be added to a Windows 2003 domain as a
member server?
• What tasks must be performed before a Windows Server
2008 can be added to a Windows 2003 domain as a
domain controller?
Overview of the AD DS Group Policy
Object Design
Miami
NYC
Toronto
Executives
ITAdmins
BranchManagers
BranchManagers
BranchManagers
Users
CustomerService
CustomerService
CustomerService
Computers
Investments
Investments
Workstations
Marketing
Marketing
Workstations
Workstations
WoodgroveBank.com
Lab C: Designing a Group Policy Strategy
• Exercise 1: Planning Group Policies
• Exercise 2: Planning a Group Policy Strategy
Logon information
Virtual machine NYC-DC1
User name
Administrator
Password
Pa$$w0rd
Estimated time: 30 minutes
Lab C: Review
• How would you ensure that a policy will always be applied?
• How would you exempt certain users or computers from
being affected by a GPO?
Module Review and Takeaways
• Considerations
Beta Feedback Tool
Beta feedback tool helps:
•



•
Collect student roster information, module feedback, and
course evaluations.
Identify and sort the changes that students request, thereby
facilitating a quick team triage.
Save data to a database in SQL Server that you can later
query.
Walkthrough of the tool
Beta Feedback
Overall flow of module:
•


Which topics did you think flowed smoothly, from topic to
topic?
Was something taught out of order?
Pacing:
•



Were you able to keep up? Are there any places where the
pace felt too slow?
Were you able to process what the instructor said before
moving on to next topic?
Did you have ample time to reflect on what you learned? Did
you have time to formulate and ask questions?
Learner activities:
•



Which demos helped you learn the most? Why do you think
that is?
Did the lab help you synthesize the content in the module?
Did it help you to understand how you can use this
knowledge in your work environment?
Were there any discussion questions or reflection questions
that really made you think? Were there questions you
thought weren’t helpful?
Course Evaluation