Windows Server 2003 Microsoft Training Courses | Microsoft Expert Track: Updating Systems Administrator and Systems Engineer Skills from Microsoft Windows 2000 to Windows Server 2003

Publisher:	Microsoft
Version:	2003
Length:	5 day s
Course-ID:	MS2207

Prerequisites
Course AM2278: Planning and Maintaining a Windows Server 2003 Network Infrastructure, or have the equivalent knowledge and skills.

Introduction
This five-day instructor-led course includes self-paced and instructor-facilitated components. It provides students with the knowledge and skills to successfully plan, implement, and troubleshoot a Microsoft Windows Server 2003 Active Directory directory service infrastructure. The course focuses on a Windows Server 2003 directory service environment, including forest and domain structure, Domain Name System (DNS), site topology and replication, organizational unit structure and delegation of administration, Group Policy, and user, group, and computer account strategies.

This is the sixth course in the Windows Server 2003 Systems Engineer curriculum.

Audience
This course is appropriate for individuals employed or seeking a position as a systems engineer. This course is also appropriate for individuals who currently support a competitive platform who want to enhance their skills using Windows Server 2003 Active Directory.

Professionals who take this course should meet the following entry criteria:

New to implementing Windows Server 2003 Active Directory.
Preparing for the Microsoft Certified Systems Engineer (MCSE) certification.


Workshop Outline Unit 1: Introduction to Systems Administration in Windows Server 2003 This unit explains how to perform systems administration tasks in a Windows Server 2003 environment, and introduces the scenarios and tools that will be used throughout the workshop. Unit Objectives After completing this unit, students will be able to: Identify the products in the Windows Server 2003 family. Describe the tools and resources available to perform tasks throughout the workshop. Unit 2: Managing Users, Computers, and Groups This unit explains how to manage users, computers, and groups in an Active Directory directory service environment, taking advantage of the new capabilities available in Windows Server 2003. Unit Objectives After completing this unit, students will be able to: Create user accounts by using CSVDE. Create user accounts by using the dsadd command. Modify the properties of multiple accounts. Create computer accounts by using the dsadd command. Create groups by using the dsadd command. Add members to a group by using the dsmod command. Copy the properties from an existing account when creating a new account. Find Active Directory objects. Move an Active Directory object by using the drag and drop technique of management in Active Directory Users and Computers. Reset computer accounts. Describe the effect of resetting passwords in Windows Server 2003. Determine the effective permissions on an Active Directory object. Unit 3: Using the GPMC to Manage Group Policy This unit gives a hands-on, fast paced opportunity to experienced users to orient themselves to Windows Server 2003 and learn how to use the Group Policy Management Console (GPMC) to manage Group Policy. Unit Objectives After completing this unit, students will be able to: Implement Group Policy by using the GPMC. Manage GPOs by using the GPMC, which includes: Backing up a GPO. Copying a GPO. Importing a GPO. Use Group Policy Results to troubleshoot Group Policy-related issues. Use Group Policy Modeling to experiment with possible Group Policy configurations. Unit 4: Managing Resources and Security This unit explains how to use enhancements to the tools available in Windows Server 2003 to manage resources and security by using Windows Explorer, Group Policy management tools, and the Security Configuration and Analysis tool. Unit Objectives After completing this unit, students will be able to: Determine the effective NTFS permissions for files and folders. Change the owner for an existing file or folder. Create custom security templates. Apply security templates by using Group Policy. Configure NTFS permissions by using security templates. Audit security settings by using Security Configuration and Analysis. Unit 5: Managing DNS This unit gives a hands-on, fast paced opportunity to experienced users to orient themselves to Windows Server 2003 and learn how to configure and manage DNS. Unit Objectives After completing this unit, students will be able to: Install DNS by using the Manage Your Server tool. Create forward lookup zones. Create reverse lookup zones. Configure DNS conditional forwarding. Configure DNS zones, which includes: Configuring zone options. Configuring zones for secure dynamic update. Configuring Active Directory integrated zones. Create DNS stub zones. Unit 6: Managing Servers This unit explains how to manage servers remotely using secure best practices. Unit Objectives After completing this unit, students will be able to: Create desktop shortcuts that run the Run as command. Connect to a remote server by using MMC snap-in tools. Connect to a remote server by using the Remote Desktop Connection utility. Determine the best tool to use for remote administration in specific situation. Configure client connection speed for the Remote Desktop Connection utility. Configure auto reconnect for the Remote Desktop Connection utility. Unit 7: Managing Terminal Services This unit explains how to configure and manage Terminal Services and take advantage of the new capabilities available with that service. Unit Objectives After completing this unit, students will be able to: Install Terminal Services. Install a Terminal Services Licensing server. Configure Terminal Services, which includes: Setting the level of encryption for terminal server user sessions. Controlling terminal server user connection access. Configuring time-out settings from remote connections. Monitoring remote desktop connection sessions. Manage user sessions by using Terminal Services Manager. Diagnose and resolve issues related to Terminal Services security. Unit 8: Managing IIS 6.0 Web Services This unit explores the new skills needed to manage and maintain the IIS service on Windows Server 2003. This unit provides students with hands-on experience in configuring and managing the IIS service, and highlights the default state of the service when Windows Server 2003 is installed. Unit Objectives After completing this unit, students will be able to: Install IIS 6.0 Configure authentication Install ASP.NET Allow ASP.NET in Web service extensions Manage ASP.NET configuration files Implement Web applications Implement application pooling Manage the IIS 6.0 metabase Manage an IIS server in a remote location Monitor and optimize IIS 6.0 Unit 9: Maintaining Software by Using Software Update Services This unit explains how to use Software Update Services (SUS) to perform patch management for a networked environment. Unit Objectives After completing this unit, students will be able to: Install and configure SUS on a server. Configure automatic updates. Use Group Policy to configure SUS clients. Manage a software update infrastructure. Back up and restore an SUS configuration. Test an SUS implementation. Unit 10: Managing Disaster Recovery This unit explains how to use the new capabilities available with Windows Server 2003 to restore a system to a previous state. The students will practice troubleshooting and repairing a system by using features such as ASR and driver rollback in a lab environment to restore a system to a predefined state. Unit Objectives After completing this unit, students will be able to: Use Automatic System Recovery (ASR) to back up and restore a server. Restore data from shadow copies. Roll back to a previous version of a device driver. Configure security for backup operations. Troubleshoot problems associated with restoring data. Unit 11: Planning a DNS Namespace Design This unit shows students the new features of DNS in Windows Server 2003, focusing on planning issues such as improving fault tolerance in DNS, ensuring DNS resolution across forests, planning for _MSDCS zone availability and security to DNS servers in a forest, and creating DNS zones securely and with the least administrative effort. Unit Objectives After completing this unit, students will be able to: Evaluate existing DNS infrastructure and determine where new Windows Server 2003 features can improve name resolution. Determine when to use stub zones versus conditional forwarding. Ensure availability of the _MSDCS zone. Plan Active Directory partitions to replicate zone data when needed. Evaluate DNS zone security. Unit 12: Planning Active Directory Deployment This unit shows students new features of Active Directory in Windows Server 2003, focusing on planning issues. Unit Objectives After completing this unit, students will be able to: Evaluate the placement of global catalog servers. Plan optimal replication by exploiting replication enhancements such as: Linked value replication (LVR). Partial attribute set (PAS) replication. Inter-Site Topology Generator (ISTG) improvements. Evaluate forest and domain functionality (versioning) levels. Unit 13: Implementing DNS with Active Directory This unit gives students a hands-on opportunity to experience new features of Windows Server 2003 and learn how to use them to implement Active Directory and DNS. Unit Objectives After completing this unit, students will be able to: Install Active Directory by using the advanced features of the Active Directory Installation Wizard. Install and configure DNS. Implement a conditional forwarder. Create stub zones. Ensure high availability on the _MSDCS subdomain. Create a DNS forward lookup zone. Raise domain and forest functionality. Create a new application directory partition. Set the replication scope of a new application directory partition. Unit 14: Troubleshooting TCP/IP, Name Resolution, and Group Policy This unit gives students a hands-on opportunity to experience new features of Windows Server 2003 and learn how to use them to troubleshoot TCP/IP, name resolution, and Group Policy. Unit Objectives After completing this unit, students will be able to: Diagnose and resolve issues related to DNS services. Troubleshoot Group Policy. Diagnose and resolve issues related to client computer configuration. Troubleshoot network connectivity issues. Unit 15: Planning and Implementing Multiple Forests in Active Directory This unit asks students to plan and implement multiple forests in Active Directory by using the model of adding a new organization to an existing company. Students will implement cross-forest trust, manage user authentication, identify possible security concerns, and come to understand how to resolve naming conflicts between two forests. Unit Objectives After completing this unit, students will be able to: Evaluate the need for security identifier (SID) filtering, selective authentication, resolving naming conflicts, and routing name suffixes in a multi-forest environment. Establish forest trusts. Unit 16: Using Group Policy in Windows Server 2003 to Deploy and Restrict Software This unit gives students a hands-on opportunity to experience new features of Windows Server 2003 pertaining to Group Policy and to learn how they can use it to deploy and restrict software. Unit Objectives After completing this unit, students will be able to: List reasons for controlling a computer user's environment. Create a software restriction policy. Deploy software so that an application is completely installed at user logon. Use Windows Management Instrumentation (WMI) filters to restrict the application of Group Policy objects (GPOs). Unit 17: Using Group Policy in Windows Server 2003 to Set Advanced Security Settings This unit gives students a hands-on opportunity to experience new features of Windows Server 2003 and to learn how to use Group Policy to implement advanced security settings. Unit Objectives After completing this unit, students will be able to: Configure wireless network settings. Configure a user environment. Apply Encrypting File System (EFS) enhancements. Unit 18: Planning and Implementing Secure Routing and Remote Access This unit gives students a hands-on opportunity to experience new features of Windows Server 2003 and to learn how to use them in implementing Routing and Remote Access. Unit Objectives After completing this unit, students will be able to: Plan, implement, and maintain Routing and Remote Access. Create and implement an Internet Protocol (IP) Security (IPSec) policy. Configure IPSec by using Netsh. Set up IPSec policy monitoring.

Workshop Outline

Unit 1: Introduction to Systems Administration in Windows Server 2003
This unit explains how to perform systems administration tasks in a Windows Server 2003 environment, and introduces the scenarios and tools that will be used throughout the workshop.

Unit Objectives
After completing this unit, students will be able to:
Identify the products in the Windows Server 2003 family.
Describe the tools and resources available to perform tasks throughout the workshop.

Unit 2: Managing Users, Computers, and Groups
This unit explains how to manage users, computers, and groups in an Active Directory directory service environment, taking advantage of the new capabilities available in Windows Server 2003.

Unit Objectives
After completing this unit, students will be able to:
Create user accounts by using CSVDE.
Create user accounts by using the dsadd command.
Modify the properties of multiple accounts.
Create computer accounts by using the dsadd command.
Create groups by using the dsadd command.
Add members to a group by using the dsmod command.
Copy the properties from an existing account when creating a new account.
Find Active Directory objects.
Move an Active Directory object by using the drag and drop technique of management in Active Directory Users and Computers.
Reset computer accounts.
Describe the effect of resetting passwords in Windows Server 2003.
Determine the effective permissions on an Active Directory object.

Unit 3: Using the GPMC to Manage Group Policy
This unit gives a hands-on, fast paced opportunity to experienced users to orient themselves to Windows Server 2003 and learn how to use the Group Policy Management Console (GPMC) to manage Group Policy.

Unit Objectives
After completing this unit, students will be able to:
Implement Group Policy by using the GPMC.
Manage GPOs by using the GPMC, which includes:
Backing up a GPO.
Copying a GPO.
Importing a GPO.
Use Group Policy Results to troubleshoot Group Policy-related issues.
Use Group Policy Modeling to experiment with possible Group Policy configurations.

Unit 4: Managing Resources and Security
This unit explains how to use enhancements to the tools available in Windows Server 2003 to manage resources and security by using Windows Explorer, Group Policy management tools, and the Security Configuration and Analysis tool.

Unit Objectives
After completing this unit, students will be able to:
Determine the effective NTFS permissions for files and folders.
Change the owner for an existing file or folder.
Create custom security templates.
Apply security templates by using Group Policy.
Configure NTFS permissions by using security templates.
Audit security settings by using Security Configuration and Analysis.

Unit 5: Managing DNS
This unit gives a hands-on, fast paced opportunity to experienced users to orient themselves to Windows Server 2003 and learn how to configure and manage DNS.

Unit Objectives
After completing this unit, students will be able to:
Install DNS by using the Manage Your Server tool.
Create forward lookup zones.
Create reverse lookup zones.
Configure DNS conditional forwarding.
Configure DNS zones, which includes:
Configuring zone options.
Configuring zones for secure dynamic update.
Configuring Active Directory integrated zones.
Create DNS stub zones.

Unit 6: Managing Servers
This unit explains how to manage servers remotely using secure best practices.

Unit Objectives
After completing this unit, students will be able to:
Create desktop shortcuts that run the Run as command.
Connect to a remote server by using MMC snap-in tools.
Connect to a remote server by using the Remote Desktop Connection utility.
Determine the best tool to use for remote administration in specific situation.
Configure client connection speed for the Remote Desktop Connection utility.
Configure auto reconnect for the Remote Desktop Connection utility.

Unit 7: Managing Terminal Services
This unit explains how to configure and manage Terminal Services and take advantage of the new capabilities available with that service.

Unit Objectives
After completing this unit, students will be able to:
Install Terminal Services.
Install a Terminal Services Licensing server.
Configure Terminal Services, which includes:
Setting the level of encryption for terminal server user sessions.
Controlling terminal server user connection access.
Configuring time-out settings from remote connections.
Monitoring remote desktop connection sessions.
Manage user sessions by using Terminal Services Manager.
Diagnose and resolve issues related to Terminal Services security.

Unit 8: Managing IIS 6.0 Web Services
This unit explores the new skills needed to manage and maintain the IIS service on Windows Server 2003. This unit provides students with hands-on experience in configuring and managing the IIS service, and highlights the default state of the service when Windows Server 2003 is installed.

Unit Objectives
After completing this unit, students will be able to:
Install IIS 6.0
Configure authentication
Install ASP.NET
Allow ASP.NET in Web service extensions
Manage ASP.NET configuration files
Implement Web applications
Implement application pooling
Manage the IIS 6.0 metabase
Manage an IIS server in a remote location
Monitor and optimize IIS 6.0

Unit 9: Maintaining Software by Using Software Update Services
This unit explains how to use Software Update Services (SUS) to perform patch management for a networked environment.

Unit Objectives
After completing this unit, students will be able to:
Install and configure SUS on a server.
Configure automatic updates.
Use Group Policy to configure SUS clients.
Manage a software update infrastructure.
Back up and restore an SUS configuration.
Test an SUS implementation.

Unit 10: Managing Disaster Recovery
This unit explains how to use the new capabilities available with Windows Server 2003 to restore a system to a previous state. The students will practice troubleshooting and repairing a system by using features such as ASR and driver rollback in a lab environment to restore a system to a predefined state.

Unit Objectives
After completing this unit, students will be able to:
Use Automatic System Recovery (ASR) to back up and restore a server.
Restore data from shadow copies.
Roll back to a previous version of a device driver.
Configure security for backup operations.
Troubleshoot problems associated with restoring data.

Unit 11: Planning a DNS Namespace Design
This unit shows students the new features of DNS in Windows Server 2003, focusing on planning issues such as improving fault tolerance in DNS, ensuring DNS resolution across forests, planning for _MSDCS zone availability and security to DNS servers in a forest, and creating DNS zones securely and with the least administrative effort.

Unit Objectives
After completing this unit, students will be able to:
Evaluate existing DNS infrastructure and determine where new Windows Server 2003 features can improve name resolution.
Determine when to use stub zones versus conditional forwarding.
Ensure availability of the _MSDCS zone.
Plan Active Directory partitions to replicate zone data when needed.
Evaluate DNS zone security.

Unit 12: Planning Active Directory Deployment
This unit shows students new features of Active Directory in Windows Server 2003, focusing on planning issues.

Unit Objectives
After completing this unit, students will be able to:
Evaluate the placement of global catalog servers.
Plan optimal replication by exploiting replication enhancements such as:
Linked value replication (LVR).
Partial attribute set (PAS) replication.
Inter-Site Topology Generator (ISTG) improvements.
Evaluate forest and domain functionality (versioning) levels.

Unit 13: Implementing DNS with Active Directory
This unit gives students a hands-on opportunity to experience new features of Windows Server 2003 and learn how to use them to implement Active Directory and DNS.

Unit Objectives
After completing this unit, students will be able to:
Install Active Directory by using the advanced features of the Active Directory Installation Wizard.
Install and configure DNS.
Implement a conditional forwarder.
Create stub zones.
Ensure high availability on the _MSDCS subdomain.
Create a DNS forward lookup zone.
Raise domain and forest functionality.
Create a new application directory partition.
Set the replication scope of a new application directory partition.

Unit 14: Troubleshooting TCP/IP, Name Resolution, and Group Policy
This unit gives students a hands-on opportunity to experience new features of Windows Server 2003 and learn how to use them to troubleshoot TCP/IP, name resolution, and Group Policy.

Unit Objectives
After completing this unit, students will be able to:
Diagnose and resolve issues related to DNS services.
Troubleshoot Group Policy.
Diagnose and resolve issues related to client computer configuration.
Troubleshoot network connectivity issues.

Unit 15: Planning and Implementing Multiple Forests in Active Directory
This unit asks students to plan and implement multiple forests in Active Directory by using the model of adding a new organization to an existing company. Students will implement cross-forest trust, manage user authentication, identify possible security concerns, and come to understand how to resolve naming conflicts between two forests.

Unit Objectives
After completing this unit, students will be able to:
Evaluate the need for security identifier (SID) filtering, selective authentication, resolving naming conflicts, and routing name suffixes in a multi-forest environment.
Establish forest trusts.

Unit 16: Using Group Policy in Windows Server 2003 to Deploy and Restrict Software
This unit gives students a hands-on opportunity to experience new features of Windows Server 2003 pertaining to Group Policy and to learn how they can use it to deploy and restrict software.

Unit Objectives
After completing this unit, students will be able to:
List reasons for controlling a computer user's environment.
Create a software restriction policy.
Deploy software so that an application is completely installed at user logon.
Use Windows Management Instrumentation (WMI) filters to restrict the application of Group Policy objects (GPOs).

Unit 17: Using Group Policy in Windows Server 2003 to Set Advanced Security Settings
This unit gives students a hands-on opportunity to experience new features of Windows Server 2003 and to learn how to use Group Policy to implement advanced security settings.

Unit Objectives
After completing this unit, students will be able to:
Configure wireless network settings.
Configure a user environment.
Apply Encrypting File System (EFS) enhancements.

Unit 18: Planning and Implementing Secure Routing and Remote Access
This unit gives students a hands-on opportunity to experience new features of Windows Server 2003 and to learn how to use them in implementing Routing and Remote Access.

Unit Objectives
After completing this unit, students will be able to:
Plan, implement, and maintain Routing and Remote Access.
Create and implement an Internet Protocol (IP) Security (IPSec) policy.
Configure IPSec by using Netsh.
Set up IPSec policy monitoring.