IT Infrastructure & Networks Category Banner Image

Microsoft 20742 - Identity with Windows Server 2016

  • Length 5 days
  • Price  $4345 inc GST
  • Version B
Course overview
View dates &
book now

Why study this course

This five-day instructor-led course teaches IT professionals how to deploy and configure Active Directory Domain Services (AD DS) in a distributed environment, how to implement Group Policy, how to perform backup and restore, and how to monitor and troubleshoot Active Directory-related issues with Windows Server 2016.

Additionally, this course teaches how to deploy other Active Directory server roles such as Active Directory Federation Services (AD FS) and Active Directory Certificate Services (AD CS).

Request Course Information

What you’ll learn

After completing this course, students will be able to:

  • Install and configure domain controllers

  • Manage objects in AD DS by using graphical tools and Windows PowerShell

  • Implement AD DS in complex environments

  • Implement AD DS sites, and configure and manage replication

  • Implement and manage Group Policy Objects (GPOs)

  • Manage user settings by using GPOs

  • Secure AD DS and user accounts

  • Implement and manage a certificate authority (CA) hierarchy with AD CS

  • Deploy and manage certificates

  • Implement and administer AD FS

  • Implement and administer Active Directory Rights Management Services (AD RMS)

  • Implement synchronisation between AD DS and Azure AD

  • Monitor, troubleshoot, and establish business continuity for AD DS services

Microsoft Partner Cloud Logo

Microsoft at Lumify Work

Lumify Work is your best choice for training and certification in any of Microsoft’s leading technologies and services. We’ve been delivering effective training across all Microsoft products for over 30 years, and are proud to be Australia's and New Zealand’s first and largest Microsoft Gold Learning Solutions Partner. All Lumify Work Microsoft technical courses follow Microsoft Official Curriculum (MOC) and are led by Microsoft Certified Trainers. Join more than 5,000 students who attend our quality Microsoft courses every year.

Who is the course for?

This course is primarily intended for existing IT professionals who have some AD DS knowledge and experience and who aim to develop knowledge about identity and access technologies in Windows Server 2016. This would typically include:

  • AD DS administrators who are looking to train in identity and access technologies with Windows Server 2012 or Windows Server 2016

  • System or infrastructure administrators with general AD DS experience and knowledge who are looking to cross-train in core and advanced identity and access technologies in Windows Server 2012 or Windows Server 2016

Course subjects

Module 1: Installing and configuring domain controllers

This module describes the features of AD DS and how to install domain controllers (DCs). It also covers the considerations for deploying DCs.


  • Overview of AD DS

  • Overview of AD DS domain controllers

  • Deploying a domain controller

Lab: Deploying and administering AD DS

  • Deploying AD DS

  • Deploying domain controllers by performing domain controller cloning

  • Administering AD DS

Module 2: Managing objects in AD DS

This module describes how to use various techniques to manage objects in AD DS. This includes creating and configuring user, group, and computer objects.


  • Managing user accounts

  • Managing groups in AD DS

  • Managing computer objects in AD DS

  • Using Windows PowerShell for AD DS administration

  • Implementing and managing OUs

Lab: Managing AD DS objects

  • Creating and managing groups in AD DS

  • Creating and configuring user accounts in AD DS

  • Managing computer objects in AD DS

Lab: Administering AD DS

  • Delegate administration for OUs

  • Creating and modifying AD DS objects with Windows PowerShell

Module 3: Advanced AD DS infrastructure management

This module describes how to plan and implement an AD DS deployment that includes multiple domains and forests. The module provides an overview of the components in an advanced AD DS deployment, the process of implementing a distributed AD DS environment, and the procedure for configuring AD DS trusts.


  • Overview of advanced AD DS deployments

  • Deploying a distributed AD DS environment

  • Configuring AD DS trusts

Lab: Domain and trust management in AD DS

  • Implementing forest trusts

  • Implementing child domains in AD DS

Module 4: Implementing and administering AD DS sites and replication

This module describes how to plan and implement an AD DS deployment that includes multiple locations. The module explains how replication works in a Windows Server 2016 AD DS environment.


  • Overview of AD DS replication

  • Configuring AD DS sites

  • Configuring and monitoring AD DS replication

Lab: Implementing AD DS sites and replication

  • Modifying the default site

  • Creating additional sites and subnets

  • Configuring AD DS replication

  • Monitoring and troubleshooting AD DS replication

Module 5: Implementing Group Policy

This module describes how to implement a GPO infrastructure. The module provides an overview of the components and technologies that compose the Group Policy framework.


  • Introducing Group Policy

  • Implementing and administering GPOs

  • Group Policy scope and Group Policy processing

  • Troubleshooting the application of GPOs

Lab: Implementing a Group Policy infrastructure

  • Creating and configuring GPOs

  • Managing GPO scope

Lab: Troubleshooting Group Policy infrastructure

  • Verify GPO application

  • Troubleshooting GPOs

Module 6: Managing user settings with Group Policy

This module describes how to configure Group Policy settings and Group Policy preferences. This includes implementing administrative templates, configuring folder redirection and scripts, and configuring Group Policy preferences.


  • Implementing administrative templates

  • Configuring Folder Redirection, software installation, and scripts

  • Configuring Group Policy preferences

Lab: Managing user settings with GPOs

  • Using administrative templates to manage user settings

  • Implement settings by using Group Policy preferences

  • Configuring Folder Redirection

  • Planning Group Policy (optional)

After completing this module, students will be able to:

  • Implement administrative templates.

  • Configure Folder Redirection, software installation, and scripts.

  • Configure Group Policy preferences.

Module 7: Securing Active Directory Domain Services

This module describes how to configure domain controller security, account security, password security, and Group Managed Service Accounts (gMSA).


  • Securing domain controllers

  • Implementing account security

  • Implementing audit authentication

  • Configuring managed service accounts

Lab: Securing AD DS

  • Implementing security policies for accounts, passwords, and administrative groups

  • Deploying and configuring an RODC

  • Creating and associating a group MSA

Module 8: Deploying and managing AD CS

This module describes how to implement an AD CS deployment. This includes deploying, administering, and troubleshooting CAs.


  • Deploying CAs

  • Administering CAs

  • Troubleshooting and maintaining CAs

Lab: Deploying and configuring a two-tier CA hierarchy

  • Deploying an offline root CA

  • Deploying an enterprise subordinate CA

Module 9: Deploying and managing certificates

This module describes how to deploy and manage certificates in an AD DS environment. This involves deploying and managing certificate templates, managing certificate revocation and recovery, using certificates in a business environment, and implementing smart cards.


  • Deploying and managing certificate templates

  • Managing certificate deployment, revocation, and recovery

  • Using certificates in a business environment

  • Implementing and managing smart cards

Lab: Deploying and using certificates

  • Configuring certificate templates

  • Enrolling and using certificates

  • Configuring and implementing key recovery

Module 10: Implementing and administering AD FS

This module describes AD FS and how to configure AD FS in a single-organisation scenario and in a partner-organisation scenario.


  • Overview of AD FS

  • AD FS requirements and planning

  • Deploying and configuring AD FS

  • Overview of Web Application Proxy

Lab: Implementing AD FS

  • Configuring AD FS prerequisites

  • Installing and configuring AD FS

  • Configuring an internal application for AD

  • Configuring AD FS for federated business partners

Module 11: Implementing and administering AD RMS

This module describes how to implement an AD RMS deployment. The module provides an overview of AD RMS, explains how to deploy and manage an AD RMS infrastructure, and explains how to configure AD RMS content protection.


  • Overview of AD RMS

  • Deploying and managing an AD RMS infrastructure

  • Configuring AD RMS content protection

Lab: Implementing an AD RMS infrastructure

  • Installing and configuring AD RMS

  • Configuring AD RMS templates

  • Using AD RMS on clients

Module 12: Implementing AD DS synchronisation with Microsoft Azure AD

This module describes how to plan and configure directory syncing between Microsoft Azure Active Directory (Azure AD) and on-premises AD DS. The modules describes various sync scenarios, such as Azure AD sync, AD FS and Azure AD, and Azure AD Connect.


  • Planning and preparing for directory synchronisation

  • Implementing directory synchronisation by using Azure AD Connect

  • Managing identities with directory synchronisation

Lab: Configuring directory synchronisation

  • Preparing for directory synchronisation

  • Configuring directory synchronisation

  • Managing Active Directory users and groups

Module 13: Monitoring, managing, and recovering AD DS

This module describes how to monitor, manage, and maintain AD DS to help achieve high availability of AD DS.


  • Monitoring AD DS

  • Managing the Active Directory database

  • Active Directory backup and recovery options for AD DS and other identity and access solutions

Lab: Recovering objects in AD DS

  • Backing up and restoring AD DS

  • Recovering objects in AD DS


Before attending this course, students must have:

  • Some exposure to and experience with AD DS concepts and technologies in Windows Server 2012 or Windows Server 2016

  • Experience working with and configuring Windows Server 2012 or Windows Server 2016

  • Experience and an understanding of core networking technologies such as IP addressing, name resolution, and Dynamic Host Configuration Protocol (DHCP)

  • Experience working with and an understanding of Microsoft Hyper-V and basic server virtualisation concepts

  • An awareness of basic security best practices

  • Hands-on working experience with Windows client operating systems such as Windows 7, Windows 8, Windows 8.1, or Windows 10

  • Basic experience with the Windows PowerShell command-line interface

Terms & Conditions

The supply of this course by Lumify Work is governed by the booking terms and conditions. Please read the terms and conditions carefully before enrolling in this course, as enrolment in the course is conditional on acceptance of these terms and conditions.

Request Course Information

Personalise your schedule with Lumify USchedule

Interested in a course that we have not yet scheduled? Get in touch, and ask for your preferred date and time. We can work together to make it happen.