Francis | Mastering Active Directory, Third Edition | E-Book | sack.de
E-Book

E-Book, Englisch, 780 Seiten

Francis Mastering Active Directory, Third Edition

Design, deploy, and protect Active Directory Domain Services for Windows Server 2022
3. Auflage 2021
ISBN: 978-1-80107-375-2
Verlag: De Gruyter
Format: EPUB
Kopierschutz: 0 - No protection

Design, deploy, and protect Active Directory Domain Services for Windows Server 2022

E-Book, Englisch, 780 Seiten

ISBN: 978-1-80107-375-2
Verlag: De Gruyter
Format: EPUB
Kopierschutz: 0 - No protection



Mastering Active Directory, Third Edition is a comprehensive guide for Information Technology professionals looking to improve their knowledge about MS Windows Active Directory Domain Service. The book will help you to use identity elements effectively and manage your organization's infrastructure in a secure and efficient way. This third edition has been fully updated to reflect the importance of cloud-based strong authentication and other tactics to protect identity infrastructure from emerging security threats.

Mastering Active Directory, Third Edition provides extensive coverage of AD Domain Services and helps you explore their capabilities as you update to Windows Server 2022. This book will also teach you how to extend on-premises identity presence to cloud via Azure AD hybrid setup. By the end of this Microsoft Active Directory book, you'll feel confident in your ability to design, plan, deploy, protect, and troubleshoot your enterprise identity infrastructure.

Francis Mastering Active Directory, Third Edition jetzt bestellen!

Autoren/Hrsg.


Weitere Infos & Material


Table of Contents - Active Directory Fundamentals
- Active Directory Domain Services 2022
- Designing an Active Directory Infrastructure
- Active Directory Domain Name System
- Placing Operations Master Roles
- Migrating to Active Directory 2022
- Managing Active Directory Objects
- Managing Users, Groups, and Devices
- Designing the OU Structure
- Managing Group Policies
- Active Directory Services - Part 1
- Active Directory Services - Part 2
- Active Directory Certificate Services
- Active Directory Federation Services
- Active Directory Rights Management Services
- Active Directory Security Best Practices
- Advanced AD Management with PowerShell
- Hybrid Identity
- Active Directory Audit and Monitoring
- Bonus Chapter: Active Directory Troubleshooting
- Bonus Chapter: Appendix A, References


Preface


Microsoft Active Directory is the most widely used identity management solution. It can centrally manage identities across its infrastructure. It is equipped with different role services, features, and components that help us handle identities securely and effectively according to business requirements. For the last 20 years, Microsoft has continued improving Active Directory, and Active Directory 2022 further consolidates its approach in terms of rectifying industry requirements and protecting identity infrastructures from emerging security threats. However, a technology-rich product is not simply going to make a productive, reliable, scalable, and secure identity infrastructure. It requires knowledge of Active Directory roles services, components, and features. It also requires knowledge of how to use those effectively to match different operational requirements. Only then can we plan, design, manage, and maintain a robust identity infrastructure. Over the past few years, more and more organizations have adopted cloud technologies for a variety of reasons. With the growth of the cloud footprint, organizations' identity requirements have also changed. We can no longer limit corporate identities to on-prem infrastructures. By using Microsoft Azure Active Directory, we can extend our on-prem identities to the cloud. The hybrid AD approach provides lots of benefits for modern authentication requirements. However, security-wise, it also opens up a whole new level of challenges. Therefore, the majority of new content in the third edition is related to designing the Azure AD hybrid cloud, securing a hybrid AD environment, and protecting sensitive data.

Who this book is for


If you are an Active Directory administrator, system administrator, or network professional who has basic knowledge of Active Directory and is looking to become an expert in this topic, this book is for you.

What this book covers


, , explains what Active Directory is and its capabilities. This chapter also explains the main components (physical and logical structure), object types, and role services of Active Directory. Last but not least, this chapter also covers why we need an advanced identity management solution such as Azure Active Directory.

, , explains what we can expect with Active Directory Domain Services (AD DS) 2022 and how we can use the features introduced in AD DS 2016 (as there is no new Domain Functional Level (DFL) or Forest Functional Level (FFL) ) to improve your existing Active Directory environment.

, , talks about what needs to be considered in Active Directory infrastructure design. This chapter discusses how to place the AD DS logical and physical components in the AD DS environment according to best practices. It also covers the design concepts for hybrid identity.

, , explains how DNS works with AD DS. This chapter also includes information about the DNS server component, different types of DNS records, zones, DNS delegation, and DNS policies.

, , talks about the Flexible Single Master Operations (FSMO) roles and their responsibilities. This chapter also describes things we need to consider when placing FSMO roles in an Active Directory environment.

, , covers the different AD DS deployment models. This chapter also provides a step-by-step guide to migrating from an older version of AD DS to AD DS 2022.

, , discusses how to create objects, find objects, modify objects, and remove objects (small-scale and large-scale) by using built-in Active Directory management tools and PowerShell commands.

, , further explores the Active Directory objects by deep diving into attributes, managed service accounts, and management of different object types. Last but not least, you will also learn how to sync custom attributes to Azure Active Directory.

, , teaches you how to design the organizational unit (OU) structure properly, using different models to suit business requirements. This chapter also describes how to create, update, and remove OUs. Furthermore, this chapter also discusses how we can delegate AD administration by using OUs.

, , mainly discusses Group Policy objects and their capabilities. Group Policy processing in an AD environment depends on many different things. In this chapter, we will deep dive into group policy processing to understand the technology behind it. We are also going to look into the different methods we can use for group policy filtering. Last but not least, we will learn about most commonly use group policies.

, , walks us through the more advanced Active Directory topics, such as AD Lightweight Directory Services (LDS), Active Directory replication, and Active Directory sites.

, , sees you learn about Active Directory trusts in detail. This chapter also covers topics such as Active Directory database maintenance, Read-Only Domain Controller (RODC), AD DS backup, and recovery.

, , discusses the planning, deployment, and maintenance of Active Directory Certificate Services. Furthermore, we will also learn how signing, encryption, and decryption work in a public key infrastructure (PKI).

, , focuses on Active Directory Federation Services (AD FS) such as planning, designing, deployment, and maintenance. This chapter also covers new features of AD FS, such as built-in Azure MFA support. At the end you will also learn how to establish a federated connection with Azure AD.

, , covers the Active Directory Rights Management Service (AD RMS) role, which we can use to protect sensitive data in a business. Data is the new oil, and the value of data keeps increasing. Therefore, protection of data is important for every business. In this chapter, we will learn how AD RMS works and how to configure it.

, , covers the protection of the Active Directory environment. Recent attacks and studies prove that adversaries are increasingly targeting identities. So, we need to be mindful of protecting our Active Directory infrastructure at any cost. In this chapter, we will learn about different tools, services, and methods we can use to protect the Active Directory environment such as Secure LDAP, Microsoft LAPS, delegated permissions, restricted RDP, and Azure AD password protection.

, , is full of PowerShell scripts that can be used to manage, secure, and audit an Active Directory environment. We will also learn about the Azure Active Directory PowerShell for Graph module, which we can use to manage, query, and update AD objects in a hybrid AD environment.

, , discusses how we can extend our on-prem AD DS infrastructure to Azure Active Directory. Before we work on the implementation, we will deep dive into the planning process of the Azure AD hybrid setup. In this chapter, we will also learn about different Azure AD connects deployment models, Azure AD cloud sync, Secure LDAP, and replica sets.

, , teaches you how to monitor your on-prem/hybrid AD DS infrastructure using different tools and methods (cloud based and on-prem). This chapter also demonstrates how to audit the health of an Active Directory environment.

, , discusses how to troubleshoot the most common Active Directory infrastructure issues using different tools and methods. Furthermore, we will also look into the most common Azure AD Connect errors, which can have a direct impact on the health of the Azure AD hybrid environment. You can find this chapter available online at: https://static.packt-cdn.com/downloads/9781801070393_Chapter_20.pdf

, , covers the section chapter wise. It's freely available online for our readers and here is the link: https://static.packt-cdn.com/downloads/Mastering_Active_Directory_References.pdf.

To get the most out of this book


This book is ideal for IT professionals, system engineers, and administrators who have a basic knowledge of Active Directory Domain Services. A basic knowledge of PowerShell is also required, since most of the role deployment, configuration, and management is done by using PowerShell commands and scripts.

Download the...



Francis Dishan:

Dishan Francis is an IT professional with over 15 years of experience. He was a six-time Microsoft MVP in enterprise mobility before he joined Microsoft UK as a security consultant. He has maintained the RebelAdmin technology blog over the years, with lots of useful articles that focus on on-premises Active Directory services and Azure Active Directory. He has also written for other Microsoft-managed blogs such as canitpro and ITopsTalk. When it comes to managing innovative identity infrastructure solutions to improve system stability, efficiency, and security, his level of knowledge and experience places him among the very best in the field.



Ihre Fragen, Wünsche oder Anmerkungen
Vorname*
Nachname*
Ihre E-Mail-Adresse*
Kundennr.
Ihre Nachricht*
Lediglich mit * gekennzeichnete Felder sind Pflichtfelder.
Wenn Sie die im Kontaktformular eingegebenen Daten durch Klick auf den nachfolgenden Button übersenden, erklären Sie sich damit einverstanden, dass wir Ihr Angaben für die Beantwortung Ihrer Anfrage verwenden. Selbstverständlich werden Ihre Daten vertraulich behandelt und nicht an Dritte weitergegeben. Sie können der Verwendung Ihrer Daten jederzeit widersprechen. Das Datenhandling bei Sack Fachmedien erklären wir Ihnen in unserer Datenschutzerklärung.