Цель курса:
Обеспечить знаниями по решениям защищенного доступа. В ходе курса дается материал по настройке служб сертификации, внедрению сертификатов, рассматриваются возможности Active Directory Lightweght, рассматривается настройка федераций и типичные сценарии их использования, дается понимание RMS.
После окончания курса Вы будете уметь:
- Описывать различные системы защищенного доступа
- Настраивать службы сертификации Active Directory и внедрять с их помощью сертификаты на предприятии
- Настраивать службы Active Directory Lightweght
- Настраивать федерации в Active Directory
- Настраивать службы Rights Management
- Решать проблемы, которые могут возникнуть в процессе эксплуатации таких решений.
Предварительная подготовка:
Требуется успешное окончание курса 6425С Конфигурирование и устранение неполадок службы каталогов Windows Server 2008 Active Directory и 6419B Configuring, Managing and Maintaining Windows Server 2008 Servers или эквивалентная подготовка.
Before attending this course, students must have:
- Technical skills in Active Directory Domain Services (AD DS). This includes technical skills equivalent to 6425C: Configuring Windows Server 2008 Active Directory Domain Services.
- Technical skills in Windows Server 2008 equivalent to 6419B: Configuring, Managing and Maintaining Windows Server 2008 Servers.
Module 1: Exploring Identity and Access Solutions
This module introduces Identity and Access Management (IDA Management) solutions. You will learn the fundamental IDA components and Windows Server 2008 and Windows Server 2008 R2 IDA technologies. This module also provides an overview of Microsoft Forefront technologies that further enhance IDA solutions.
Lessons
- Overview of Identity and Access Techniques
- Active Directory Identity and Access Solutions Server Roles
- Additional Identity and Access Management Tools and Solutions
Lab : Identifying IDA Roles to Meet Business Requirements
- Exploring How Active Directory Server Roles Provide IDA Management Solutions
After completing this module, students will be able to:
- Describe IDA techniques
- Describe Windows Server 2008 IDA server roles
- Describe additional IDA tools and solutions
Module 2: Deploying and Configuring Active Directory Certificate Services
This module explains the concepts of public key infrastructure (PKI) and certification authority (CA). You will learn how to deploy a CA hierarchy and install AD CS. This module also describes how to configure AD CS and how to resolve common AD CS issues.
Lessons
- Overview of Public Key Infrastructure
- Overview of Certification Authorities
- Deploying Certification Authorities
- Configuring Certification Authorities
- Troubleshooting Active Directory Certificate Services
Lab : Deploying and Configuring Active Directory Certificate Services
- Deploying an Standalone Root CA
- Deploying and Configuring an Enterprise Subordinate CA
After completing this module, students will be able to:
- Describe Public Key Infrastructure
- Describe Certification Authorities
- Deploy Certification Authorities
- Configure Certification Authorities
- Resolve common Active Directory Certificate Services issues
Module 3: Deploying and Configuring Certificates
This module describes the deployment of certificates by using AD CS. In addition, the module elaborates on managing enrollment to deploy certificates, certificate revocation, and configuration of certificate template and certificate recovery.
Lessons
- Managing Certificate Templates
- Deploying Certificates and Managing Enrollment
- Managing Certificate Revocation
- Configuring Certificate Recovery
Lab : Deploying Certificates and Managing Enrolment
- Configuring Certificate Templates
- Configuring Autoenrollment
- Managing Certificate Revocation
- Configuring Key Recovery
After completing this module, students will be able to:
- Manage certificate templates
- Deploy certificates and manage enrollment
- Manage certificate revocation
- Configure certificate recovery
Module 4: Deploying and Configuring Active Directory Lightweight Directory Services
This module explains the concept of AD LDS. You will learn how to install AD LDS, configure AD LDS instances and partitions, and configure AD LDS replication. This module also describes how to resolve common AD LDS issues.
Lessons
- Overview of Active Directory Lightweight Directory Services
- Deploying and Configuring Active Directory Lightweight Directory Services
- Configuring AD LDS Instances and Partitions
- Configuring Active Directory Lightweight Directory Services Replication
- Troubleshooting Active Directory Lightweight Directory Services
Lab : Deploying and Configuring Active Directory Lightweight Directory Services
- Configuring AD LDS Instances and Partitions
- Configuring AD LDS Replication
- Identifying AD LDS Solution Tools and Troubleshooting Steps
After completing this module, students will be able to:
- Describe Active Directory Lightweight Directory Services
- Deploy and configure Active Directory Lightweight Directory Services
- Configure Active Directory Lightweight Directory Services instances and partitions
- Configure Active Directory Lightweight Directory Services replication
- Resolve common Active Directory Lightweight Directory Services issues
Module 5: Deploying and Configuring Active Directory Federation Services
This module presents the concept of AD FS 2.0 and its deployment scenarios. You will learn how to deploy AD FS 2.0 and implement AD FS claims. This module also describes how to resolve common AD FS issues.
Lessons
- Overview of Active Directory Federation Services 2.0
- Deploying Active Directory Federation Services
- Configuring Active Directory Federation Services Partner Organizations and Claims
- Troubleshooting Active Directory Federation Services
Lab : Deploying and Configuring Active Directory Federation Services
- Installing the PKI Infrastructure and Preparing for Federated Collaboration with ADFS 2.0
- Installing and Configuring Active Directory Federation Services (ADFS) 2.0
- Configuring AD FS 2.0 for Internal Users to Access an Internal Claim Aware Application
- Configuring AD FS 2.0 for Internal Users to Access a Partner’s Claim Aware Application
After completing this module, students will be able to:
- Describe Active Directory Federation Services
- Deploy Active Directory Federation Services
- Configure Active Directory Federation Services partner organizations and claims
- Resolve common Active Directory Federation Services issues
Module 6: Deploying and Configuring Active Directory Rights Management Services
This module explains the concept of AD RMS. You will learn how to install and configure AD RMS server components, administer AD RMS rights policy templates, and implement AD RMS trust policies. This module also describes how to resolve common AD RMS issues.
Lessons
- Overview of Active Directory Rights Management Services
- Deploying and Configuring Active Directory Rights Management Services
- Configuring AD RMS Rights Policy Templates and Exclusion Policies
- Configuring Active Directory Rights Management Services Trust Policies
- Troubleshooting Active Directory Rights Management Services
Lab : Deploying and Configuring Active Directory Rights Management Services
- Installing and Configuring AD RMS
- Configuring AD RMS Templates
- Configuring AD RMS Trust Policies
- Testing AD RMS Functionality
- Generating AD RMS Reports
After completing this module, students will be able to:
- Describe Active Directory Rights Management Services
- Deploy and configure Active Directory Rights Management Services
- Configure Active Directory Rights Management Services rights policy templates and exclusion policies
- Configure Active Directory Rights Management Services trust policies
- Resolve common Active Directory Rights Management Services issues
Module 7: Maintaining Windows Server 2008 Active Directory Identity and Access Solutions
This module explains the maintenance of AD CS, AD LDS, AD FS 2.0, and AD RMS.
Lessons
- Maintaining Active Directory Certificate Services
- Maintaining Active Directory Lightweight Directory Services
- Maintaining Active Directory Federation Services
- Maintaining Active Directory Rights Management Services
Lab : Maintaining Windows Server 2008 Active Directory Identity and Access Solutions
- Configuring CA Event Auditing
- Backing up Active Directory Certificate Services
- Backing up and Restoring an Active Directory Lightweight Directory Services Instance
- Configuring AD RMS Logging
After completing this module, students will be able to:
- Maintain Active Directory Certificate Services
- Maintain Active Directory Lightweight Directory Services
- Maintain Active Directory Federation Services
· Maintain Active Directory Rights Management Services