Browse Library
Sign In Start Free Trial
Close icon Search icon
Account
Browse Library Advanced Search Sign In Start Free Trial

Add to playlist

Create a Playlist

Modal Close icon
You need to login to use this feature.
  • Mastering Active Directory
  • Toc
  • feedback
Mastering Active Directory

Mastering Active Directory

By : Dishan Francis
3 (7)
close
Mastering Active Directory

Mastering Active Directory

3 (7)
By: Dishan Francis

Overview of this book

Active Directory (AD) is a centralized and standardized system that automates networked management of user data, security, and distributed resources and enables inter-operation with other directories. This book will first help you brush up on the AD architecture and fundamentals, before guiding you through core components, such as sites, trust relationships, objects, and attributes. You will then explore AD schemas, LDAP, RMS, and security best practices to understand objects and components and how they can be used effectively. Next, the book will provide extensive coverage of AD Domain Services and Federation Services for Windows Server 2016, and help you explore their new features. Furthermore, you will learn to manage your identity infrastructure for a hybrid cloud setup. All this will help you design, plan, deploy, manage operations, and troubleshoot your enterprise identity infrastructure in a secure and effective manner. You’ll later discover Azure AD Module, and learn to automate administrative tasks using PowerShell cmdlets. All along, this updated second edition will cover content based on the latest version of Active Directory, PowerShell 5.1 and LDAP. By the end of this book, you’ll be well versed with best practices and troubleshooting techniques for improving security and performance in identity infrastructures.
Table of Contents (25 chapters)
close
close
Preface
Preface
Who this book is for
What this book covers
To get the most out of this book
Get in touch
Free Chapter
1
Section 1: Active Directory Planning, Design, and Installation
Section 1: Active Directory Planning, Design, and Installation
2
Active Directory Fundamentals
Active Directory Fundamentals
Benefits of using Active Directory
Understanding Active Directory components
Understanding Active Directory objects
Active Directory server roles
Azure AD
Summary
3
Active Directory Domain Services 2016
Active Directory Domain Services 2016
Features of AD DS 2016
PAM
Time-based group memberships
Microsoft Passport
AD FS improvements
Time sync improvements
Azure AD join
Summary
4
Designing an Active Directory Infrastructure
Designing an Active Directory Infrastructure
What makes a good system?
Gathering business data
Designing the forest structure
Designing the domain structure
Designing the OU structure
Designing the physical topology of Active Directory
Global catalog server placement
Designing a Hybrid Identity
Summary
5
Active Directory Domain Name System
Active Directory Domain Name System
What is DNS?
Hierarchical naming structures
How DNS works
DNS essentials
Summary
6
Placing Operations Master Roles
Placing Operations Master Roles
FSMO roles
FSMO role placement
Moving FSMO roles
Seizing FSMO roles
Summary
7
Migrating to Active Directory 2016
Migrating to Active Directory 2016
AD DS installation prerequisites
AD DS deployment scenarios
How to plan Active Directory migrations
Summary
8
Section 2: Active Directory Administration
Section 2: Active Directory Administration
9
Managing Active Directory Objects
Managing Active Directory Objects
Tools and methods for managing objects
Creating, modifying, and removing objects in AD
Finding objects in AD
Summary
10
Managing Users, Groups, and Devices
Managing Users, Groups, and Devices
Object attributes
User accounts
Groups
Devices and other objects
Best practices
Summary
11
Designing the OU Structure
Designing the OU Structure
OUs in operations
OU design models
Managing the OU structure
Summary
12
Managing Group Policies
Managing Group Policies
Benefits of group policies
Group Policy capabilities
Group Policy objects
Group Policy processing
Group Policy inheritance
Group Policy conflicts
Group Policy mapping and status
Group Policy filtering
Group Policy preferences
Item-level targeting
Loopback processing
Group Policy best practices
Summary
13
Section 3: Active Directory Service Management
Section 3: Active Directory Service Management
14
Active Directory Services
Active Directory Services
Overview of AD LDS
AD replication
AD sites and replication
Sites
Managing AD sites and other components
How does replication work?
RODCs
AD database maintenance
AD backup and recovery
Summary
15
Active Directory Certificate Services
Active Directory Certificate Services
PKI in action
Planning PKI
PKI deployment models
Setting up a PKI
Summary
16
Active Directory Federation Services
Active Directory Federation Services
How does AD FS work?
AD FS components
AD FS deployment topologies
AD FS deployment
Integrating with Azure MFA
Summary
17
Active Directory Rights Management Services
Active Directory Rights Management Services
What is AD RMS?
AD RMS components
How does AD RMS work?
How do we deploy AD RMS?
AD RMS configuration
Summary
18
Section 4: Best Practices and Troubleshooting
Section 4: Best Practices and Troubleshooting
19
Active Directory Security Best Practices
Active Directory Security Best Practices
AD authentication
Delegating permissions
Implementing fine-grained password policies
Pass-the-hash attacks
JIT administration and JEA
Azure AD PIM
AIP
Summary
20
Advanced AD Management with PowerShell
Advanced AD Management with PowerShell
AD management with PowerShell – preparation
Azure Active Directory PowerShell
Summary
21
Azure Active Directory Hybrid Setup
Azure Active Directory Hybrid Setup
Integrating Azure AD with on-premises AD
Step-by-step guide to integrating an on-premises AD environment with Azure AD
Summary
22
Active Directory Audit and Monitoring
chevron up
Active Directory Audit and Monitoring
Auditing and monitoring AD using in-built Windows tools and techniques
AD audit
Demonstration
Microsoft ATA
Demonstration
Azure Monitor
Demonstration
Azure AD Connect Health
Summary
23
Active Directory Troubleshooting
Active Directory Troubleshooting
Troubleshooting AD DS replication issues
Troubleshooting replication issues
Issues involving DFS Replication
How to troubleshoot Group Policy issues
How to troubleshoot AD DS database-related issues
Summary
24
Other Books You May Enjoy
Other Books You May Enjoy
Leave a review - let other readers know what you think

Microsoft ATA

Once there is an identity infrastructure breach, sometimes it can take a long time to detect, for the following reasons:

  • We fight against human adversaries, and they keep changing their tactics for attacks so they cannot be detected by traditional perimeter defense solutions.
  • Existing security solutions require time and knowledge to set up, fine-tune, and maintain.
  • Going through a large number of logs and reports to identify risks and issues is not practical, as engineers could miss important events.
  • Most of the existing security solutions are for preventing attackers at the perimeter level. They do not have a way to detect the attackers once they have successfully logged into the infrastructure.

Microsoft built AD and has maintained it for more than 20 years now. Many engineers are working daily on the product to make further improvements. Every day, they are...

Unlock full access

Continue reading for free

A Packt free trial gives you instant online access to our library of over 7000 practical eBooks and videos, constantly updated with the latest in tech
Start a 7-day FREE trial
End of Section 5
Next Section
bookmark search playlist download
font-size

Change the font size

margin-width

Change margin width

day-mode

Change background colour

Close icon Search
Country selected
Close icon Your notes and bookmarks

Delete Bookmark

Modal Close icon
Are you sure you want to delete it?
Cancel
Yes, Delete