Full Download Mcsa 70-742 cert guide: identity with windows server 2016 1st edition benjamin finkel

MCSA70-742CertGuide:IdentitywithWindows Server20161stEditionBenjaminFinkel

https://ebookmass.com/product/mcsa-70-742-cert-guideidentity-with-windows-server-2016-1st-edition-benjaminfinkel/

Instant digital products (PDF, ePub, MOBI) ready for you

Download now and discover formats that fit your needs...

MCSA Guide to Identity with Windows Server® 2016, Exam 70-742 1st Edition Greg Tomsho

https://ebookmass.com/product/mcsa-guide-to-identity-with-windowsserver-2016-exam-70-742-1st-edition-greg-tomsho/

ebookmass.com

MCSA 70-740 Cert Guide: Installation, Storage, and Compute with Windows Server 2016 1st Edition Anthony Sequeira

https://ebookmass.com/product/mcsa-70-740-cert-guide-installationstorage-and-compute-with-windows-server-2016-1st-edition-anthonysequeira/

ebookmass.com

McSa Guide to Installation, Storage, and Compute with Microsoft Windows Server2016, Exam 70-740 Greg Tomsho

https://ebookmass.com/product/mcsa-guide-to-installation-storage-andcompute-with-microsoft-windows-server2016-exam-70-740-greg-tomsho/

ebookmass.com

Calculus II Workbook For Dummies 1st Edition Mark Zegarelli

https://ebookmass.com/product/calculus-ii-workbook-for-dummies-1stedition-mark-zegarelli/

ebookmass.com

Chemistry: The Central Science, Expanded Edition, 15th Global Edition in SI Units Theodore L. Brown

https://ebookmass.com/product/chemistry-the-central-science-expandededition-15th-global-edition-in-si-units-theodore-l-brown/

ebookmass.com

Medieval Welsh Pilgrimage, c.1100–1500 1st ed. Edition

Kathryn Hurlock

https://ebookmass.com/product/medieval-welshpilgrimage-c-1100-1500-1st-ed-edition-kathryn-hurlock/

ebookmass.com

Childhood, Youth Identity, and Violence in Formerly Displaced Communities in Uganda 1st ed. Edition Victoria

Flavia Namuggala

https://ebookmass.com/product/childhood-youth-identity-and-violencein-formerly-displaced-communities-in-uganda-1st-ed-edition-victoriaflavia-namuggala/ ebookmass.com

Aggregation-Induced Emission (AIE): A Practical Guide

Jianwei Xu

https://ebookmass.com/product/aggregation-induced-emission-aie-apractical-guide-jianwei-xu/

ebookmass.com

Samurai: A Concise History Michael Wert

https://ebookmass.com/product/samurai-a-concise-history-michael-wert/

ebookmass.com

Spreading

https://ebookmass.com/product/spreading-hate-daniel-byman/

ebookmass.com

About This eBook

ePUB is an open, industry-standard format for eBooks. However, support of ePUB and its many features varies across reading devices and applications. Use your device or app settings to customize the presentation to your liking. Settings that you can customize often include font, font size, single or double column, landscape or portrait mode, and figures that you can click or tap to enlarge. For additional information about the settings and features on your reading device or app, visit the device manufacturer’s Web site.

Many titles include programming code or configuration examples. To optimize the presentation of these elements, view the eBook in single-column, landscape mode and adjust the font size to the smallest setting. In addition to presenting code and configurations in the reflowable text format, we have included images of the code that mimic the presentation found in the print book; therefore, where the reflowable format may compromise the presentation of the code listing, you will see a “Click here to view code image” link. Click the link to view the print-fidelity code image. To return to the previous page viewed, click the Back button on your device or app.

MCSA 70-742 Cert Guide

Copyright © 2017 by Pearson Education, Inc.

All rights reserved. No part of this book shall be reproduced, stored in a retrieval system, or transmitted by any means, electronic, mechanical, photocopying, recording, or otherwise, without written permission from the publisher. No patent liability is assumed with respect to the use of the information contained herein. Although every precaution has been taken in the preparation of this book, the publisher and author assume no responsibility for errors or omissions. Nor is any liability assumed for damages resulting from the use of the information contained herein.

ISBN-10: 0-7897-5703-6

ISBN-13: 978-0-7897-5703-6

Library of Congress Control Number: 2017935716

Printed in the United States of America

First Printing: June 2017

Trademark Acknowledgments

All terms mentioned in this book that are known to be trademarks or service marks have been appropriately capitalized. Pearson IT Certification cannot attest to the accuracy of this information. Use of a term in this book should not be regarded as affecting the validity of any trademark or service mark.

Windows is a registered trademark of Microsoft Corporation.

Warning and Disclaimer

This book is designed to provide information about the Microsoft MCSA 70-742 Identity with Windows Server 2016 exam. Every effort has been made to make this book as complete and accurate as possible, but no warranty or fitness is implied. The information provided is on an “as is” basis. The author and the publisher shall have neither liability nor responsibility to any person or entity with

respect to any loss or damages arising from the information contained in this book or from the use of the supplemental online content or programs accompanying it.

Special Sales

For information about buying this title in bulk quantities, or for special sales opportunities (which may include electronic versions; custom cover designs; and content particular to your business, training goals, marketing focus, or branding interests), please contact our corporate sales department at corpsales@pearsoned.com or (800) 382-3419.

For government sales inquiries, please contact governmentsales@pearsoned.com.

For questions about sales outside the U.S., please contact intlcs@pearsoned.com.

Editor-in-Chief

Mark Taub

Product Line Manager

Brett Bartow

Acquisitions Editor

Michelle Newcomb

Managing Editor

Sandra Schroeder

Development Editor

Christopher Cleveland

Project Editor

Lori Lyons

Copy Editor

Geneil Breeze

Technical Editor

Chris Crayton

Publishing Coordinator

Vanessa Evans

Cover Designer

Chuti Prasertsith

Composition

Bronkella Publishing

Indexer

Kenneth D. Johnson

Proofreader

Gill Editorial Services

Contents at a Glance

Introduction

Part I: Installing and Configuring Active Directory Domain Services

Chapter 1 Introducing Active Directory 2016

Chapter 2 Installing and Configuring Domain Controllers

Chapter 3 Creating and Managing Active Directory Users and Computers

Chapter 4 Creating and Managing Active Directory Groups and Organizational Units

Part II: Managing and Maintaining Active Directory Domain Services

Chapter 5 Configuring Service Authentication and Account Policies

Chapter 6 Maintaining Active Directory

Chapter 7 Configuring Active Directory in a Complex Enterprise Environment

Part III: Creating and Managing Group Policy

Chapter 8 Creating and Managing Group Policy Objects (GPOs)

Chapter 9 Configuring Group Policy Processing

Chapter 10 Configuring Group Policy Settings

Chapter 11 Configuring Group Policy Preferences

Part IV: Implementing Active Directory Certification Services

Chapter 12 Installing and Configuring Active Directory

Certificate Services

Chapter 13 Managing Certificates

Part V: Implementing Identity Federation and Access Solutions

Chapter 14 Installing and Configuring Active Directory Federation Services

Chapter 15 Implementing Web Application Proxy

Chapter 16 Installing and Configuring Active Directory

Rights Management Services

Chapter 17 Final Preparation

Part VI: Appendices

Appendix A Answers to the “Do I Know This Already?” Quizzes and End-of-Chapter Review Questions

Glossary Glossary of Key Terms

Index

Elements Available on the Book Website

Appendix B Memory Tables

Appendix C Memory Tables Answer Key

Appendix D Study Planner

Table of Contents

Introduction

Part I: Installing and Configuring Active Directory Domain Services

Chapter 1 Introducing Active Directory 2016

“Do I Know This Already?” Quiz

Foundation Topics

Identity and Active Directory 2016

Active Directory Domain Services (AD DS)

Object

Containers and Organizational Units

Domains

Domain Trees and Forests

Group Policy Objects (GPOs)

Active Directory Federation Services (AD FS)

Identity Federation

Claims-Based Authentication

Single Sign-On (SSO)

Active Directory Certificate Services (AD CS)

Active Directory Rights Management Services (AD RMS)

AD RMS Clients

AD RMS Server

Exam Preparation Tasks

Review All Key Topics

Complete Tables and Lists from Memory

Define Key Terms

End-of-Chapter

Review Questions

Chapter 2 Installing and Configuring Domain Controllers

“Do I Know This Already?” Quiz

Foundation Topics

Installing a New Forest

Planning the Domain

Installing AD DS from Server Manager

Promoting the Server to Domain Controller

Adding or Removing a Domain Controller from a Domain

Multimaster Replication and FSMO Roles

Forest and Domain Functional Levels

Adding a New Domain Controller to an Existing Domain

Demoting a Server from Domain Controller

Upgrading a Domain Controller

Installing AD DS on a Server Core Installation

Installing AD DS with PowerShell

Promoting a Server to Domain Controller with PowerShell

Installing a Domain Controller with Install from Media (IFM)

Creating the Media for Installation

Deploying a Domain Controller Using IFM

Installing and Configuring a Read-Only Domain Controller (RODC)

Configuring Domain Controller Cloning

Requirements to Clone a Virtual Domain Controller

Creating DCCloneConfig.xml

Exporting and Importing the Cloned DC

Resolving DNS SRV Record Registration Issues

Configuring a Global Catalog Server

Transferring and Seizing Operations Master Roles

Exam Preparation Tasks

Review All Key Topics

Complete Tables and Lists from Memory

Define Key Terms

End-of-Chapter Review Questions

Chapter 3 Creating and Managing Active Directory Users and Computers

“Do I Know This Already?” Quiz

Foundation Topics

Creating, Copying, Configuring, and Deleting Users and Computers

Creating and Configuring a New User

Creating and Configuring a New Computer

Copying Users

Configuring Templates

Deleting Objects

Automating the Creation of Active Directory Accounts

Working with Users

Working with Computers

Performing Bulk Active Directory Operations

Comma Separated Value Data Exchange (csvde)

LDAP Data Interchange Format Data Exchange (ldifde)

Configuring User Rights

Implementing Offline Domain Join

Managing Inactive and Disabled Accounts

Automating Unlocking of Disabled Accounts Using Windows

PowerShell

Automating Password Resets Using Windows PowerShell

Exam Preparation Tasks

Review All Key Topics

Complete Tables and Lists from Memory

Define Key Terms

End-of-Chapter Review Questions

Chapter 4 Creating and Managing Active Directory Groups and Organizational Units

“Do I Know This Already?” Quiz

Foundation Topics

Creating, Copying, Configuring, and Deleting Groups and OUs

Active Directory Groups and Active Directory OUs

OrganizationalUnits

Groups

GroupTypes

GroupScope

Working with Active Directory Groups

Working with Active Directory OUs

Automate Groups and OUs with PowerShell

Converting Group Scope and Type

Configuring Group Nesting

IGDLA

Enumerating Group Membership

Delegating the Creation and Management of Groups and OUs

Managing Group Membership Using Group Policy

Managing Default Active Directory Containers

Exam Preparation Tasks

Review All Key Topics

Complete Tables and Lists from Memory

Define Key Terms

End-of-Chapter Review Questions

Part II: Managing and Maintaining Active Directory Domain Services

Chapter 5 Configuring Service Authentication and Account Policies

“Do I Know This Already?” Quiz

Foundation Topics

Creating and Configuring Service Accounts

Service Accounts

Managed Service Accounts

Group Managed Service Accounts (gMSAs)

Virtual Service Accounts

Configuring Kerberos Constrained Delegation (KCD)

Constrained Delegation

Managing Service Principal Names (SPNs)

Configuring Default Domain Account Policies

Configuring Domain and Local User Password Policy Settings

Configuring Account Lockout Policy Settings

Configuring Kerberos Policy Settings Within Group Policy

Configuring and Applying Password Settings Objects (PSOs)

PSO Precedence

Creating PSOs

Delegating Password Settings Management

Exam Preparation Tasks

Review All Key Topics

Complete Tables and Lists from Memory

Define Key Terms

End-of-Chapter Review Questions

Chapter 6 Maintaining Active Directory

“Do I Know This Already?” Quiz

Foundation Topics

Configuring Active Directory Snapshots

NTDSUTIL Snapshot Menu

Creating and Mounting a Snapshot

Hosting a Snapshot

Backing Up and Restoring Active Directory and SYSVOL

Backing Up Active Directory

Restoring Active Directory

Nonauthoritative Restore

Authoritative Restore

Configuring and Restoring Objects by Using the Active Directory Recycle Bin

Managing Active Directory Offline

Performing Offline Defragmentation of an Active Directory

Database

Cleaning Up Metadata

Configuring Replication to Read-Only Domain Controllers (RODCs)

Configuring Password Replication Policy (PRP) for RODC

Monitoring and Managing Replication

Upgrading SYSVOL Replication to Distributed File System

Replication (DFSR)

Exam Preparation Tasks

Review All Key Topics

Complete Tables and Lists from Memory

Define Key Terms

End-of-Chapter Review Questions

Chapter 7 Configuring Active Directory in a Complex Enterprise Environment

“Do I Know This Already?” Quiz

Foundation Topics

Deploying Windows Server 2016 Domain Controllers Within a PreExisting Active Directory Environment

Upgrading Existing Domains and Forests

Configuring Domain and Forest Functional Levels

Configuring Multiple User Principal Name (UPN) Suffixes

Configuring Trusts

Configuring Forest, External, Realm, and Shortcut Trusts

Configuring SID Filtering

Configuring Name Suffix Routing

Configuring Sites

Configuring Sites and Subnets

Sites

Subnets

Creating and Configuring Site Links

Managing Sites with PowerShell

Exam Preparation Tasks

Review All Key Topics

Complete Tables and Lists from Memory

Define Key Terms

End-of-Chapter Review Questions

Part III: Creating and Managing Group Policy

Chapter 8 Creating and Managing Group Policy Objects (GPOs)

“Do I Know This Already?” Quiz

Foundation Topics

Introduction to Group Policy

Creating Group Policy Objects

Configuring GPO Links

Managing Starter GPOs

Backing Up, Importing, Copying, and Restoring GPOs

Using the Group Policy Management Editor (GPME)

Using PowerShell to Manage GPOs

Creating and Configuring a Migration Table

Resetting Default GPOs

Delegating Group Policy Management

Detecting Health Issues Using the Group Policy Infrastructure

Status Dashboard

Group Policy Infrastructure

Group Policy Infrastructure Status Dashboard

Local Group Policies

Configuring Multiple Local Group Policies

Configuring a Central Store

Exam Preparation Tasks

Review All Key Topics

Complete Tables and Lists from Memory

Define Key Terms

End-of-Chapter Review Questions

Chapter 9 Configuring Group Policy Processing

“Do I Know This Already?” Quiz

Foundation Topics

Configuring Processing Order, Precedence, and Blocking of Inheritance

Processing Order and Precedence

Blocking of Inheritance

Configuring Security Filtering and Windows Management

Instrumentation (WMI) Filtering

Security Filtering

WMI Filtering

Loopback Processing

Client-Side Processing

Configure and Manage Slow Link Processing and Group Policy

Caching

Configure Client-Side Extension (CSE) Behavior

Force a Group Policy Update

Exam Preparation Tasks

Review All Key Topics

Complete Tables and Lists from Memory

Define Key Terms

End-of-Chapter Review Questions

Chapter 10 Configuring Group Policy Settings

“Do I Know This Already?” Quiz

Foundation Topics

Configuring Software Installation

Configuring Folder Redirection

Configuring Scripts

Configuring Administrative Templates

Importing a Custom Administrative Template File

Configuring Property Filters for Administrative Templates

Exam Preparation Tasks

Review All Key Topics

Complete Tables and Lists from Memory

Define Key Terms

End-of-Chapter Review Questions

Chapter 11 Configuring Group Policy Preferences

“Do I Know This Already?” Quiz

Configuring Control Panel Settings

Configuring Printer Preferences

Configuring Power Options

Configuring Internet Explorer Settings

Configuring Item-Level Targeting

Configuring Windows Settings

Configuring Custom Registry Settings

Defining Network Drive Mappings

Configuring File and Folder Deployment

Configuring Shortcut Deployment

Exam Preparation Tasks

Review All Key Topics

Complete Tables and Lists from Memory

Define Key Terms

End-of-Chapter Review Questions

Part IV: Implementing Active Directory Certification Services

Chapter 12 Installing and Configuring Active Directory Certificate Services

“Do I Know This Already?” Quiz

Foundation Topics

Installing Active Directory Integrated Enterprise Certificate Authority

Installing AD CS on a Server

Configuring AD CS on a Server

Installing Offline Root and Subordinate CAs

Configuring Certificate Revocation List Distribution Points

Creating New CRL Distribution Points (CDPs)

Installing and Configuring Online Responders

Configuring CA Backup, Recovery, and Administrative Role

Separation

Configuring CA Backup and Recovery

Administrative Role Separation

Exam Preparation Tasks

Review All Key Topics

Complete Tables and Lists from Memory

Define Key Terms

End-of-Chapter Review Questions

Chapter 13 Managing Certificates

“Do I Know This Already?” Quiz

Foundation Topics

Managing Certificate Templates

Enabling Certificate Templates

Creating New Templates

Managing Certificate Deployment, Validation, Revocation, and Renewal

Manual Enrollment

CA Web Enrollment

Revoking Certificates

Managing Certificate Autoenrollment Using Group Policies

Configuring Key Archival and Recovery

Exam Preparation Tasks

Review All Key Topics

Complete Tables and Lists from Memory

Define Key Terms

End-of-Chapter Review Questions

Part V: Implementing Identity Federation and Access Solutions

Chapter 14 Installing and Configuring Active Directory Federation Services

“Do I Know This Already?” Quiz

Foundation Topics

Implementing Claims-Based Authentication

Installing a Standalone AD FS Server

Installing an AD FS Server Farm

Configuring Authentication

Configuring Authentication Policies

Configuring Multi-Factor Authentication

Implementing and Configuring Device Registration

Integrating AD FS with Microsoft Passport

Configuring AD FS to Enable Authentication of Users Stored in LDAP Directories

Exam Preparation Tasks

Review All Key Topics

Complete Tables and Lists from Memory

Define Key Terms

End-of-Chapter Review Questions

Chapter 15 Implementing Web Application Proxy

“Do I Know This Already?” Quiz

Foundation Topics

Installing and Configuring Web Application Proxy

Installing Web Application Proxy

Implementing WAP in Pass-Through Mode

Implementing WAP as AD FS Proxy

Exam Preparation Tasks

Review All Key Topics

Complete Tables and Lists from Memory

Define Key Terms

End-of-Chapter Review Questions

Chapter 16 Installing and Configuring Active Directory

Rights Management Services

“Do I Know This Already?” Quiz

Foundation Topics

Installing an Active Directory Rights Management Services Server

Installing AD RMS

Configuring AD RMS

Managing AD RMS Service Connection Point

Managing AD RMS Templates and Exclusion Policies

AD RMS Policy Templates

Configuring Exclusion Policies

Backing Up and Restoring AD RMS

Exam Preparation Tasks

Review All Key Topics

Complete Tables and Lists from Memory

Define Key Terms

End-of-Chapter Review Questions

Chapter 17 Final Preparation

Tools for Final Preparation

Pearson Cert Practice Test Engine and Questions on the Website

AccessingthePearsonTestPrepSoftwareOnline

AccessingthePearsonTestPrepSoftwareOffline

Customizing Your Exams

Updating Your Exams

Premium Edition

Memory Tables

Chapter-Ending Review Tools

Suggested Plan for Final Review/Study

Summary

Part VI: Appendices

Appendix A Answers to the “Do I Know This Already?” Quizzes and End-of-Chapter Review Questions

Glossary of Key Terms

Index

Elements Available on the Book Website

Appendix B Memory Tables

Appendix C Memory Tables Answer Key

Appendix D Study Planner

About the Author

Benjamin Finkel has had his hands on a keyboard since his father brought home the original Compaq portable when he was just four years old. He began professional consulting in 1997 directly out of high school. Ben spent the next 17 years developing and supporting systems in a wide variety of industries, from health care to finance to medical research, before becoming a full-time trainer with CBT Nuggets. Today he lives near Niagara Falls, New York, with his wife and two children. When he’s not busy learning about the next big thing in IT, he enjoys snowboarding, reading, and dissuading his wife from adopting yet another cat.

Dedication

Thisbookisdedicatedtomyparents,SidneyandAnnaFinkel. They’rethereasonIfoundapassioninITinthefirstplaceand throughoutmyentirelifehavealwayssupported,encouraged,and believedinme.Thanksguys!

About the Technical Reviewer

Chris Crayton (MCSE) is an author, technical consultant, and trainer. He has worked as a computer technology and networking instructor, information security director, network administrator, network engineer, and PC specialist. Chris has authored several print and online books on PC repair, CompTIA A+, CompTIA Security+, and Microsoft Windows. He has also served as technical editor and content contributor on numerous technical titles for several leading publishing companies. He holds numerous industry certifications, has been recognized with many professional teaching awards, and has served as a state-level SkillsUSA competition judge.

Acknowledgments

I want to thank the small army of individuals at Pearson who helped to make this book possible, especially Michelle Newcomb for her introduction to and guidance through the process, Chris Cleveland for his patience with me and thoroughness in review, and Chris Crayton for his invaluable and detailed feedback. Thank you as well to all the additional people at Pearson whose hard work is reflected in these pages. This book is a collaborative effort and only exists by virtue of all their input. I would also like to thank Anthony Sequeira for getting me into this mess in the first place.