MOC 6232A: Implementing a Microsoft SQL Server 2008 Database ...

MOC 6232A: Implementing a Microsoft SQL Server 2008 Database
• Course Number: 6232A
• Course Length: 5 Days
Course Overview
This course provides students with the knowledge and skills to implement a Microsoft SQL
Server 2008 database. It focuses on teaching individuals how to use SQL Server 2008 product
features and tools related to implementing a database.
Prerequisites
Before attending this course, students must have:
● Basic knowledge of the Microsoft Windows operating system and its core functionality
● Working knowledge of Transact-SQL.
● Working knowledge of relational databases.
● Some experience with database design.
Audience
This course is intended for IT Professionals who administer and maintain SQL Server databases.
Course Outline
Course Introduction
Course Introduction
Module 01 - Creating Databases and Database Files
Creating Databases and Database Files
Lesson 1: Creating Databases
Considerations for Creating a Database
Transaction Logging
Database Options
Data Compression
Demo - Creating Databases
Lesson 2: Creating Filegroups
What are Filegroups?
Improving Database Performance by Using Filegroups
Demo - Creating Filegroups
Lesson 3: Creating Schemas
What are Schemas?
How Object Name Resolution Works
Demo - Creating a Schema
1 hr. 19 min.
4 min.

Lesson 4: Creating Database Snapshots
How Database Snapshots Work
When to Use Database Snapshots
Demo - Creating Database Snapshots
Lab: Creating Databases and Database Files
Module 01 Review
Module 02 - Creating Data Types and Tables
Creating Data Types and Tables
Lesson 1: Creating Data Types
What Are System-Supplied Data Types?
Using System-Supplied Data Types
What Are Alias Data Types?
Demo - Creating Data Types
Lesson 2: Creating Tables
How SQL Server Organizes Data in Rows
How SQL Server Organizes Large Data Values
Types of Tables
Considerations for Creating Tables
Generating Transact-SQL Scripts
Demo - Creating Tables
Lesson 3: Creating Partitioned Tables
What Are Partitioned Tables?
What Are Partition Functions?
What Is a Partition Scheme?
What Operations Can Be Performed on Partitioned Data?
Demo - Creating a Partitioned Table
Lab: Creating Data Types and Tables
Module 02 Review
Module 03 - Creating and Tuning Indexes
Creating and Tuning Indexes
Lesson 1: Planning Indexes
How SQL Server Accesses Data
What Is a Heap?
What Is a Clustered Index?
What Is a Nonclustered Index?
SQL Server Storage Allocation
Simple B-Tree Index Structure (Balanced)
Complex B-Tree Index Structure (Balanced)
Lesson 2: Creating Indexes
Overview of Creating Indexes
What Are Unique Indexes?
Considerations for Creating Indexes with Multiple Columns
When to Create Indexes on Computed Columns
What Are Partitioned Indexes?
Options for Incorporating Free Space in Indexes
Methods for Obtaining Index Information
1 hr. 14 min.
1 hr. 9 min.

Demo - Creating Indexes
Lesson 3: Optimizing Indexes
What Is the Database Engine Tuning Advisor?
Demo - Using the Database Engine Tuning Advisor
Index Fragmentation
Options for Defragmenting Indexes
Demo - Defragmenting Indexes
Lab: Creating and Optimizing Indexes
Module 03 Review
Module 04 - Implementing Data Integrity
by Using Constraints and Triggers
Implementing Data Integrity by Using Constraints and Triggers
Lesson 1: Data Integrity Overview
Types of Data Integrity
Options for Enforcing Data Integrity
Lesson 2: Implementing Constraints
What Are Constraints?
Key Constraints
Other Constraints
Cascading Referential Integrity
Considerations for Constraint Checking
Demo - Creating Constraints
Lesson 3: Implementing Triggers
What Are Triggers?
How an INSERT Trigger Works
How a DELETE Trigger Works
How an UPDATE Trigger Works
How an INSTEAD OF Trigger Works
How Nested Triggers Work
Considerations for Recursive Triggers
Demo - Creating Triggers
Lab: Implementing Data Integrity by Using Constraints and Triggers
Module 04 Review
Module 05 - Using XML
Using XML
Lesson 1: Using the XML Data Type
What Is XML?
What Is the XML Data Type?
The Query, Value, and Exist Methods
The Modify Method
The Nodes Method
Demo - Using the XML Data Type
Lesson 2: Retrieving XML by Using FOR XML
Introduction to the FOR XML Clause
What Are RAW Mode Queries?
1 hr. 10 min.
3 hr. 19 min.

What Are AUTO Mode Queries?
What Are EXPLICIT Mode Queries?
What Are PATH Mode Queries?
Syntax for Retrieving Nested XML
Demo - Using FOR XML
Lesson 3: Shredding XML by Using OPENXML
Overview of Shredding XML Data
Stored Procedures for Managing In-Memory Node Trees
OPENXML Syntax
Syntax for Working with XML Namespaces
Demo - Using OPENXML to Shred XML
Lesson 4: Introducing XQuery
What Is XQuery?
XQuery Basics
XQuery Expressions
Demo - Using XQuery Expressions
Lesson 5: Creating XML Indexes
What Are XML Indexes?
What Are the Benefits of XML Indexes?
Types of XML Indexes
Demo - Creating XML Indexes
Lesson 6: Implementing XML Schemas
What Are XML Schemas?
XML Schema Validation
What Is an XML Schema Collection?
What Is Typed and Untyped XML
Demo - Using Typed XML
Lab: Using XML
Module 05 Review
Module 06 - Implementing Views
Implementing Views
Lesson 1: Introduction to Views
What Is a View?
Types of Views
Advantages of Views
Lesson 2: Creating and Managing Views
Syntax for Creating Views
Demo - Creating a View
Syntax for Altering and Dropping Views
View Encryption
How Ownership Chains Affect Views
Sources of Information About Views
Considerations for Modifying Data in a View
Demo - Creating Views with Transact SQL
Demo - Creating a View with Schema Binding
Lesson 3: Optimizing Performance by Using Views
Performance Considerations for Views
Performance Considerations for Indexed Views
What Is a Partitioned View?
1 hr. 5 min.

Lab: Implementing Views
Module 06 Review
Module 07 - Implementing Stored Procedures
Implementing Stored Procedures
Lesson 1: Using Stored Procedures
Discussion: What Is a Stored Procedure
Syntax for Creating Stored Procedures
Guidelines for Creating Stored Procedures
Demo - Creating Stored Procedures
Syntax for Altering Stored Procedures
Syntax for Dropping Stored Procedures
Demo - Altering and Dropping Stored Procedures
Demo - Switching Execution Context
Lesson 2: Creating Parameterized Stored Procedures
Stored Procedure Parameters
Demo - Creating a Parameterized Stored Procedure
Table-valued Parameters
Demo - Using Table Value Parameters
Lesson 3: Working With Execution Plans
What Is an Execution Plan?
Viewing an Execution Plan
Execution Plan Caching
Query Compilation
Forced Stored Procedure Recompilation
Demo - Using Execution Plans
Lesson 4: Handling Exceptions
Syntax for Structured Exception Handling
Guidelines for Handling Exceptions
Demo - Handling Exceptions
Lab: Implementing Stored Procedures
Module 07 Review
Module 08 - Implementing Functions
Implementing Functions
Lesson 1: Introducing Functions
Types of Functions
What Is a Scalar Function?
Scalar Function Example
What Is an Inline Table-Valued Function?
Inline Table-Valued Function Example
What Is a Multi-Statement Table-Valued Function?
Multi-Statement Table-Valued Function Example
Demo - Creating Functions
Demo - Creating Inline Table-Valued Functions
Demo - Creating Multi-Statement Table-Valued Functions
Lesson 2: Working with Functions
Deterministic and Nondeterministic Functions
Guidelines for Creating Functions
Rewriting Stored Procedures as Functions
1 hr. 55 min.
1 hr. 11 min.

Lesson 3: Controlling Execution Context
What Is Execution Context?
The EXECUTE AS Clause
Extending Impersonation Context
Lab: Implementing Functions
Module 08 Review
Module 09 - Implementing Managed Code in a Database
Implementing Managed Code in a Database
Lesson 1: Introduction to the SQL Server Common Language Runtime
Introduction to the .NET Framework
What Is the .NET Common Language Runtime?
Advantages of Managed Code
CLR Managed Code Database Objects
Managed Code vs. Transact SQL
Lesson 2: Importing and Configuring Assemblies
What Is an Assembly?
Assembly Trust Levels
Syntax for Importing an Assembly
Demo - Importing and Configuring an Assembly
Lesson 3: Creating Managed Database Objects
Overview of Managed Database Objects
Managed Stored Procedures, Triggers and Functions
Managed Aggregates and User-Defined Types
Demo - Creating Managed Database Objects
Lab: Implementing Managed Code in a Database
Module 09 Review
Module 10 - Managing Transactions and Locks
Managing Transactions and Locks
Lesson 1: Overview of Transactions and Locks
What Are Transactions?
What Are Locks?
What Is Concurrency Control?
Demo - Introducing Transactions
Lesson 2: Managing Transactions
Autocommit Transactions
Explicit Transactions
Implicit Transactions
Transaction Recovery
Considerations for Using Transactions
Restricted Statements
Lesson 3: Understanding SQL Server Locking Architecture
What Concurrency Problems Are Prevented by Locking?
Lockable Resources
Types of Locks
Lock Compatibility
Locking Compatibility Matrix
Lesson 4: Managing Locks
Session-Level Locking Options
1 hr. 10 min.
2 hr. 2 min.

Locking Isolation Level Options
Setting ISOLATION for Session
Lock Escalation
Dynamic Locking
What Are Deadlocks?
Avoiding Deadlocks
Methods to View Locking Information
Demo - Viewing Locking Information
Lab: Managing Transactions and Locks
Module 10 Review
Module 11 - Using Service Broker
Using Service Broker
Lesson 1: Service Broker Overview
What Is Service Broker?
Service Broker System Architecture
Service Broker Conversation Architecture
Service Broker Conversation Process
Service Broker Conversation Priority
Syntax for Creating Conversation Broker Priority
Service Broker Security Architecture
Management Studio Enhancements
Lesson 2: Creating Service Broker Objects
Enabling Service Broker
External Activation Support
Syntax for Creating Message Types
Syntax for Creating Contracts
Syntax for Creating Queues
Syntax for Creating Services
Demo - Creating Service Broker Objects
Lesson 3: Sending and Receiving Messages
Syntax for Sending Messages
Syntax for Receiving Messages
Demo - Sending and Receiving Messages
Diagnostic Tools for Sending\Receiving Messages
Lab: Using Service Broker
Module 11 Review
Course Closure
Course Introduction
Module 1 - Designing an AD Forest Infrastructure
Designing an Active Directory Forest Infrastructure in Windows Server 2008
Overview of AD DS Forest Design Requirements
Design Requirements – AD DS Forest
Business Requirements for an AD DS Forest Design
AD Forest Design
Administrative and Security Requirements
Technical Requirements for an AD DS Forest Design
Types of AD DS Forests
1 hr. 20 min.
1h7m
8m

Benefits of a Single Forest Model
Disadvantages of Single Forest Model
Reasons for Implementing Multiple Forests
Benefits of Implementing Forest Root Domains
Types of Forest Functional Levels
Forest Functional Levels
Windows Server 2003 Forest Functional Level
Guidelines for Designing an AD DS Forest
Types of Trusts
What Is UPN Suffix Routing?
Guidelines for Designing Forest Trusts
Demo: Implementing an AD Forest Trust Design
Modifications to AD DS Schema
Guidelines for AD DS Schema Modifications
Demo: Schema Changes
How Does Windows Time Service Work?
Considerations for Configuring Windows Time Service
Member Servers and Workstations
Domain Controllers
Considerations
Module 1 Review
Module 2 - Designing an AD Domain Infrastructure
Designing an Active Directory Domain Infrastructure in Windows Server 2008
AD DS Domain Design Models
AD DS Domain Models
Factors to Consider When Accessing Domain Models
Reasons for Deploying Multiple AD DS Domains
AD DS Domain Functional Levels
Supported Domain Controller Operating Systems
Considerations for Configuring and Placing the Domain Controllers
Considerations for Deploying Domain Controllers in Branch Offices
Read Only Domain Controller (RODC)
Guidelines for Designing AD DS Domains
Choosing an AD DS Namespace Strategy
Guidelines for Integrating the Public and Private DNS Namespaces
Guidelines for Integrating Multiple Internal DNS Namespaces
Guidelines for Implementing DNS Servers
Demo: Configuring Forwarders and Delegation Records
Windows 2008 Domain Controllers
Domain Controller on a Server Core
Deploying Domain Controllers in Windows Server 2008
Deploying Domain Controllers in Windows Server 2008 - RODC
Why Deploy RODC?
Considerations When Deploying Domain Controllers
Demo: Configuring an RODC Replication Policy
Types of AD DS Domain Trusts
Security Considerations for Trusts
Demo: Trust Design
Module 02 Review
1h11m

Module 03 - Designing AD Sites and Replication
Designing Active Directory Sites and Replication in Windows Server 2008
Things to Document Before the AD Site Design
Network Information for an AD DS Site Design
Location Data for an AD DS Site Design
AD DS Site Models
Guidelines for Creating Additional AD DS Sites
Demo: Implementing AD DS Site Design
Locations
How Does Automatic Site Coverage Work?
Types of Replication Topologies
Considerations for Choosing a Replication Protocol
Levels of Connectivity
Choosing Replication Protocols
Demo: Implementing AD DS Replication
Replication of Global Catalog, RODC, and SYSVOL
Knowledge Consistency Checker
Inter Site Topology Generator
Using Site Links to Manage Replication
Considerations for Designing Site Links and Bridgehead Servers
Considerations for Designing Site-Link Bridging
Considerations for Site Link Bridging
Options for Configuring AD DS Replication
Guidelines for Configuring AD DS Replication
Guidelines for Placing Domain Controllers
Guidelines for Placing RODCs
Guidelines for Placing Global Catalog Servers
Guidelines for Placing Operations Master Servers
Module 03 Review
Module 04 - Designing AD Domain Administrative Structures
Designing Active Directory Domain Administrative Structures in Windows Server 2008
Types of IT Administrative Models
Guidelines for Gathering Information on the Current Administrative Structures
Business Requirements for Existing Structure
Legal Requirements
Guidelines for Gathering Information on Organizational Resources
Guidelines for Gathering Information on Administrative Processes
Strategies for Designing Organizational Units
Strategies for Delegating Administrative Control
Strategies for Designing Group Policy Structures
Considerations for Designing Organizational Unit Hierarchies
Guidelines for Designing an Organizational Unit Structure
Demo: Creating an AD OU Design
AD DS Groups in Windows Server 2008
Group Scope
Guidelines for Developing a Group Naming Strategy
Considerations for Group Nesting
Group Nesting
1h20m
56m

Strategies for Using Groups to Access Resources
Strategies for Placing Group Objects
Guidelines for Designing an AD DS Group Strategy
Guidelines for Designing a User Account Strategy
Guidelines for Designing a Computer Account Strategy
Naming Strategies for Computer Accounts
Guidelines for Securing User and Computer Account Management
Demo: Automating User Account Management
Tools for Automating User and Computer Account Management
Module 04 Review
Module 05 - Designing AD Group Policy
Designing Active Directory Group Policy in Windows Server 2008
Gathering Organizational Information
Gathering Information on Security Requirements
Gathering Information on Desktop Management Requirements
Gathering Information on Desktop Management
Gathering Information on Administrative Processes
Configuring Group Policy Settings
Demo: Designing AD Group Policy
Applying Group Policy Settings
Demo: Implementing AD Group Policy
Group Policy Storage Locations
ADMX Format for Administrative Template
Guidelines for Designing Administrative Templates
Slow Link Detection
Best Practices for Group Policy Model Design
Guidelines for Designing Group Policy Inheritance
Guidelines for Designing Group Policy Filtering
Guidelines for Designing Group Policy Application
GPO Backup and Recovery Strategy
GPO Migration Strategy
Delegating GPO Administration
GPO Administration
Module 05 Review
Module 06 - Designing AD Security
Designing Active Directory Security in Windows Server 2008
Gathering Information for Designing Account Security Policies
Key Components for Designing Account Security Policies
Guidelines for Designing Account and Password Policy
Guidelines for Designing Secure Account Management
Fine-Grained Password Policies
What Are Fine-Grained Password Policies?
Storing Fine-Grained Password Policies
Demo: Designing AD DS Security
Password Setting Object Attributes
How PSOs Are Processed and Applied
Guidelines for Designing Fine-Grained
Key Components that Affect Domain Controller Security
1h21m
1h52m

Why Modify the Default Domain Controller Security Policy?
Server Core Server Roles
Server Core as a Solution for Domain Controller Deployment
What is the Security Configuration Wizard?
Scenarios for Using the Security Configuration Wizard
What Are Read-Only Domain Controllers?
Prerequisites for Deploying RODCs
Administrator Role Separation on RODCs
Demo: Domain Controller/RODC Security Policies
Administrator Responsibilities
Service Administrator and Service Management
Data Administrators and Data Management
What Are Administrative Autonomy
Delegation of Administrative Permission
Attributes of a Good Delegation Model
Guidelines for Creating a Delegation Model
Guidelines for Using and Securing Administrator Accounts
Demo: Restricted Groups
Auditing Administrative Access
Module 06 Review
Module 07 - Designing AD High Availability
Designing Active Directory High Availability in Windows Server 2008
What is High Availability?
Components of an Active Directory High Availability Design
Active Directory High Availability
Business Requirements for AD DS High Availability
Infrastructure Requirements for AD DS High Availability
High Availability Options for Network Infrastructure
Process of Planning for High Availability
Guidelines for Designing Highly Available Domain Controllers
Global Catalog Placement and High Availability
Demo: Designing AD DS Availability
High Availability of DNS
Guidelines for Designing Highly Available Network Infrastructure
Module 07 Review
Module 08 - Designing AD Disaster Recovery
Designing Active Directory Disaster Recovery in Windows Server 2008
Overview of Database Maintenance
NTDSUtil.exe
Benefits of Restartable AD DS in Windows Server 2008
Considerations for Using Restartable AD DS
Overview of AD DS Backup and Recovery
Windows Server Backup
AD DS Backup and Recovery in Windows Server 2008
Active Directory Domain Services Backup System Components
System State Data
Critical Volumes – Review
Options for Restoring AD DS
57m
27m

Considerations for Restoring AD DS
Guidelines for Designing Backup and Recovery in AD DS
Why Monitor AD DS?
Tools for Monitoring AD DS
Reliability and Performance Monitor
Demo: Disaster Recovery and Monitoring
Guidelines for Monitoring Active Directory Domain Controllers
NTDS Counters – Monitoring AD
Module 08 Review
Module 09 - Designing Public Key Infrastructure
Designing Public Key Infrastructure in Windows Server 2008
What is a PKI?
Key Components of a PKI
PKI Solution Requirements
Applications That Use PKI
Certification Authorities and PKI
Comparison of Enterprise and Standalone
Internal and Public Certification Authorities
Using Both Internal and External Public CA’s
Active Directory Certificate Services in Windows Server 2008
Features in AD CS
Gathering Information for Designing Certification Authority Hierarchy
Certification Authority Hierarchy Roles
Common Roles in a CA Hierarchy
Demo: Designing PKI for Windows Server
Options for Designing Certification Authority Hierarchy
Types of CA Hierarchies
Guidelines for Designing a Certification Authority Hierarchy
What Are Certificate Templates?
Certificate Templates in Windows Server 2008
Managing Certificate Templates
Superseding Templates Feature
Designing Certificate Templates
Designing Certificate Templates with Customized Add-ons
Demo: Updating Templates
Guidelines for Designing Certificate Templates
Certificate Distribution and Enrollment
Choosing Enrollment Method
Certificate Autoenrollment
Demo: Implementing Autoenrollment
What is Certificate Revocation?
Guidelines for Designing Certificate Revocation
Module 09 Review
Module 10 - Designing an AD RMS Infrastructure
Designing an Active Directory RMS Infrastructure in Windows Server 2008
What is AD RMS?
Key Components of AD RMS
Scalability Requirements for AD RMS Design
1h29m
45m

Considerations for External Client AD RMS Access
What are AD RMS Rights Policy Templates?
Options for Configuring AD RMS Clusters
Guidelines for Designing AD RMS Clusters
Options for Granting External Users Access to AD RMS
Guidelines for Designing AD RMS Access
AD RMS Backup Components
Options for Restoring AD RMS
Troubleshooting AD RMS Restores – Different Processes
Restoring a Cluster Member
Restoring a Non-Cluster Server
Demo: Exploring RMS
RMS Root Server
Guidelines for Implementing an AD RMS Backup and Recovery Strategy
Module 10 Review
Module 11 - Designing an AD Federation Services Implementation
54m
Designing an Active Directory Federation Services Implementation in Windows Server 2008
What is Active Directory Federation Services?
Key Components of AD FS
Deployment Scenarios for AD FS
AD FS Server Roles
AD FS Server Placement
AD FS User Account Stores
Components of a B2B Federation Trust
B2B Federation Trust
Demo: Adding the Federation Service Role
Demo: Exporting Certificates
Demo: Importing Certificates
Key Components of B2B Federation Trust
Guidelines for Configuring Certificates and Applications
Guidelines for Designing the Account and Resource Partner Components
Guidelines for Deploying and Securing AD FS Servers
Deploy Federation Server Proxy In Perimeter Network When…
Additional Guidelines for Deploying and Securing ADFS Servers
Options for Configuring AD FS Claims
AD FS Group Claims
Guidelines for Usage of AD FS Claims
Understanding AD FS Applications
Guidelines for Usage of Token-based and Claims-aware Applications
Module 11 Review
Module 12 - Designing an AD LDS Implementation
Designing an Active Directory LDS Implementation
What is AD LDS?
AD LDS Usage
LDAP-Compliant Application Directories
Definitions - LDAP Application Directories
LDAP Compliant Applications - Defined
Extranet Authentication Scenarios
1h

Using AD LDS for Developing Schema Modifications
Key Sizing Factors for AD LDS Servers
AD LDS Replication Scenarios
Integration of AD LDS with AD DS
Guidelines for Designing AD LDS Instances and Application Partitions
Schema Changes and AD LDS
Replication of AD LDS Data
Planning AD LDS Replication Traffic across WAN Links
AD LDS Sites and Site Links
Guidelines for Designing AD LDS Schema and Replication
User Proxies in AD LDS
Authentication and Authorization in AD LDS
Implementing Synchronization between AD DS and AD LDS
Demo: Working with AD LDS
Module 12 Review
Module 13 - Designing AD Migrations
Designing Active Directory Migrations in Windows Server 2008
AD DS Migration Strategies
Domain Upgrade Strategy
Domain Restructure Strategy
Domain Upgrade and Restructure
Criteria for Choosing a Migration Strategy
Guidelines for Choosing the Domain Upgrade Strategy
Guidelines for Choosing the Domain Restructure Strategy
Guidelines for Choosing the Domain Upgrade and Restructure Strategy
Documenting the Current Environment
Active Directory Structure
Current Network Services
Current Domain Controller Hardware and Software
Cleaning Up the Current Active Directory Environment
Hardware and Application Compatibility
Preparing a Domain and Forest for Upgrade
Upgrade Guidelines
Domain Functional Levels in Windows Server 2008
Windows 2000 Native Functional Level
Windows Server 2003 Functional Level
Windows Server 2008 Functional Mode
SID History
Active Directory Migration Tool
ADMT Scenarios
Preparing a Domain to Run ADMT
Demo: Installing ADMT
Intraforest and Interforest Restructuring
Demo: Using ADMT Trusts
59m

Guidelines for Restructuring Domains
Module 13 Review
Course Closure
Course Introduction
Module 1 - Designing an AD Forest Infrastructure
Designing an Active Directory Forest Infrastructure in Windows Server 2008
Overview of AD DS Forest Design Requirements
Design Requirements – AD DS Forest
Business Requirements for an AD DS Forest Design
AD Forest Design
Administrative and Security Requirements
Technical Requirements for an AD DS Forest Design
Types of AD DS Forests
Benefits of a Single Forest Model
Disadvantages of Single Forest Model
Reasons for Implementing Multiple Forests
Benefits of Implementing Forest Root Domains
Types of Forest Functional Levels
Forest Functional Levels
Windows Server 2003 Forest Functional Level
Guidelines for Designing an AD DS Forest
Types of Trusts
What Is UPN Suffix Routing?
Guidelines for Designing Forest Trusts
Demo: Implementing an AD Forest Trust Design
Modifications to AD DS Schema
Guidelines for AD DS Schema Modifications
Demo: Schema Changes
How Does Windows Time Service Work?
Considerations for Configuring Windows Time Service
Member Servers and Workstations
Domain Controllers
Considerations
Module 1 Review
Module 2 - Designing an AD Domain Infrastructure
Designing an Active Directory Domain Infrastructure in Windows Server 2008
AD DS Domain Design Models
AD DS Domain Models
Factors to Consider When Accessing Domain Models
Reasons for Deploying Multiple AD DS Domains
AD DS Domain Functional Levels
Supported Domain Controller Operating Systems
Considerations for Configuring and Placing the Domain Controllers
Considerations for Deploying Domain Controllers in Branch Offices
Read Only Domain Controller (RODC)
Guidelines for Designing AD DS Domains
Choosing an AD DS Namespace Strategy
Guidelines for Integrating the Public and Private DNS Namespaces
1h7m
1h11m
8m

Guidelines for Integrating Multiple Internal DNS Namespaces
Guidelines for Implementing DNS Servers
Demo: Configuring Forwarders and Delegation Records
Windows 2008 Domain Controllers
Domain Controller on a Server Core
Deploying Domain Controllers in Windows Server 2008
Deploying Domain Controllers in Windows Server 2008 - RODC
Why Deploy RODC?
Considerations When Deploying Domain Controllers
Demo: Configuring an RODC Replication Policy
Types of AD DS Domain Trusts
Security Considerations for Trusts
Demo: Trust Design
Module 02 Review
Module 03 - Designing AD Sites and Replication
Designing Active Directory Sites and Replication in Windows Server 2008
Things to Document Before the AD Site Design
Network Information for an AD DS Site Design
Location Data for an AD DS Site Design
AD DS Site Models
Guidelines for Creating Additional AD DS Sites
Demo: Implementing AD DS Site Design
Locations
How Does Automatic Site Coverage Work?
Types of Replication Topologies
Considerations for Choosing a Replication Protocol
Levels of Connectivity
Choosing Replication Protocols
Demo: Implementing AD DS Replication
Replication of Global Catalog, RODC, and SYSVOL
Knowledge Consistency Checker
Inter Site Topology Generator
Using Site Links to Manage Replication
Considerations for Designing Site Links and Bridgehead Servers
Considerations for Designing Site-Link Bridging
Considerations for Site Link Bridging
Options for Configuring AD DS Replication
Guidelines for Configuring AD DS Replication
Guidelines for Placing Domain Controllers
Guidelines for Placing RODCs
Guidelines for Placing Global Catalog Servers
Guidelines for Placing Operations Master Servers
Module 03 Review
Module 04 - Designing AD Domain Administrative Structures
Designing Active Directory Domain Administrative Structures in Windows Server 2008
Types of IT Administrative Models
Guidelines for Gathering Information on the Current Administrative Structures
Business Requirements for Existing Structure
1h20m
56m

Legal Requirements
Guidelines for Gathering Information on Organizational Resources
Guidelines for Gathering Information on Administrative Processes
Strategies for Designing Organizational Units
Strategies for Delegating Administrative Control
Strategies for Designing Group Policy Structures
Considerations for Designing Organizational Unit Hierarchies
Guidelines for Designing an Organizational Unit Structure
Demo: Creating an AD OU Design
AD DS Groups in Windows Server 2008
Group Scope
Guidelines for Developing a Group Naming Strategy
Considerations for Group Nesting
Group Nesting
Strategies for Using Groups to Access Resources
Strategies for Placing Group Objects
Guidelines for Designing an AD DS Group Strategy
Guidelines for Designing a User Account Strategy
Guidelines for Designing a Computer Account Strategy
Naming Strategies for Computer Accounts
Guidelines for Securing User and Computer Account Management
Demo: Automating User Account Management
Tools for Automating User and Computer Account Management
Module 04 Review
Module 05 - Designing AD Group Policy
Designing Active Directory Group Policy in Windows Server 2008
Gathering Organizational Information
Gathering Information on Security Requirements
Gathering Information on Desktop Management Requirements
Gathering Information on Desktop Management
Gathering Information on Administrative Processes
Configuring Group Policy Settings
Demo: Designing AD Group Policy
Applying Group Policy Settings
Demo: Implementing AD Group Policy
Group Policy Storage Locations
ADMX Format for Administrative Template
Guidelines for Designing Administrative Templates
Slow Link Detection
Best Practices for Group Policy Model Design
Guidelines for Designing Group Policy Inheritance
Guidelines for Designing Group Policy Filtering
Guidelines for Designing Group Policy Application
GPO Backup and Recovery Strategy
GPO Migration Strategy
Delegating GPO Administration
GPO Administration
Module 05 Review
1h21m

Module 06 - Designing AD Security
Designing Active Directory Security in Windows Server 2008
Gathering Information for Designing Account Security Policies
Key Components for Designing Account Security Policies
Guidelines for Designing Account and Password Policy
Guidelines for Designing Secure Account Management
Fine-Grained Password Policies
What Are Fine-Grained Password Policies?
Storing Fine-Grained Password Policies
Demo: Designing AD DS Security
Password Setting Object Attributes
How PSOs Are Processed and Applied
Guidelines for Designing Fine-Grained
Key Components that Affect Domain Controller Security
Why Modify the Default Domain Controller Security Policy?
Server Core Server Roles
Server Core as a Solution for Domain Controller Deployment
What is the Security Configuration Wizard?
Scenarios for Using the Security Configuration Wizard
What Are Read-Only Domain Controllers?
Prerequisites for Deploying RODCs
Administrator Role Separation on RODCs
Demo: Domain Controller/RODC Security Policies
Administrator Responsibilities
Service Administrator and Service Management
Data Administrators and Data Management
What Are Administrative Autonomy
Delegation of Administrative Permission
Attributes of a Good Delegation Model
Guidelines for Creating a Delegation Model
Guidelines for Using and Securing Administrator Accounts
Demo: Restricted Groups
Auditing Administrative Access
Module 06 Review
Module 07 - Designing AD High Availability
Designing Active Directory High Availability in Windows Server 2008
What is High Availability?
Components of an Active Directory High Availability Design
Active Directory High Availability
Business Requirements for AD DS High Availability
Infrastructure Requirements for AD DS High Availability
High Availability Options for Network Infrastructure
Process of Planning for High Availability
Guidelines for Designing Highly Available Domain Controllers
Global Catalog Placement and High Availability
Demo: Designing AD DS Availability
High Availability of DNS
Guidelines for Designing Highly Available Network Infrastructure
Module 07 Review
1h52m
27m

Module 08 - Designing AD Disaster Recovery
Designing Active Directory Disaster Recovery in Windows Server 2008
Overview of Database Maintenance
NTDSUtil.exe
Benefits of Restartable AD DS in Windows Server 2008
Considerations for Using Restartable AD DS
Overview of AD DS Backup and Recovery
Windows Server Backup
AD DS Backup and Recovery in Windows Server 2008
Active Directory Domain Services Backup System Components
System State Data
Critical Volumes – Review
Options for Restoring AD DS
Considerations for Restoring AD DS
Guidelines for Designing Backup and Recovery in AD DS
Why Monitor AD DS?
Tools for Monitoring AD DS
Reliability and Performance Monitor
Demo: Disaster Recovery and Monitoring
Guidelines for Monitoring Active Directory Domain Controllers
NTDS Counters – Monitoring AD
Module 08 Review
Module 09 - Designing Public Key Infrastructure
Designing Public Key Infrastructure in Windows Server 2008
What is a PKI?
Key Components of a PKI
PKI Solution Requirements
Applications That Use PKI
Certification Authorities and PKI
Comparison of Enterprise and Standalone
Internal and Public Certification Authorities
Using Both Internal and External Public CA’s
Active Directory Certificate Services in Windows Server 2008
Features in AD CS
Gathering Information for Designing Certification Authority Hierarchy
Certification Authority Hierarchy Roles
Common Roles in a CA Hierarchy
Demo: Designing PKI for Windows Server
Options for Designing Certification Authority Hierarchy
Types of CA Hierarchies
Guidelines for Designing a Certification Authority Hierarchy
What Are Certificate Templates?
Certificate Templates in Windows Server 2008
Managing Certificate Templates
Superseding Templates Feature
Designing Certificate Templates
Designing Certificate Templates with Customized Add-ons
Demo: Updating Templates
57m
1h29m

Guidelines for Designing Certificate Templates
Certificate Distribution and Enrollment
Choosing Enrollment Method
Certificate Autoenrollment
Demo: Implementing Autoenrollment
What is Certificate Revocation?
Guidelines for Designing Certificate Revocation
Module 09 Review
Module 10 - Designing an AD RMS Infrastructure
Designing an Active Directory RMS Infrastructure in Windows Server 2008
What is AD RMS?
Key Components of AD RMS
Scalability Requirements for AD RMS Design
Considerations for External Client AD RMS Access
What are AD RMS Rights Policy Templates?
Options for Configuring AD RMS Clusters
Guidelines for Designing AD RMS Clusters
Options for Granting External Users Access to AD RMS
Guidelines for Designing AD RMS Access
AD RMS Backup Components
Options for Restoring AD RMS
Troubleshooting AD RMS Restores – Different Processes
Restoring a Cluster Member
Restoring a Non-Cluster Server
Demo: Exploring RMS
RMS Root Server
Guidelines for Implementing an AD RMS Backup and Recovery Strategy
Module 10 Review
Module 11 - Designing an AD Federation Services Implementation
Designing an Active Directory Federation Services Implementation in Windows Server 2008
54m
What is Active Directory Federation Services?
Key Components of AD FS
Deployment Scenarios for AD FS
AD FS Server Roles
AD FS Server Placement
AD FS User Account Stores
Components of a B2B Federation Trust
B2B Federation Trust
Demo: Adding the Federation Service Role
Demo: Exporting Certificates
Demo: Importing Certificates
Key Components of B2B Federation Trust
Guidelines for Configuring Certificates and Applications
Guidelines for Designing the Account and Resource Partner Components
Guidelines for Deploying and Securing AD FS Servers
Deploy Federation Server Proxy In Perimeter Network When…
Additional Guidelines for Deploying and Securing ADFS Servers
Options for Configuring AD FS Claims
45m

AD FS Group Claims
Guidelines for Usage of AD FS Claims
Understanding AD FS Applications
Guidelines for Usage of Token-based and Claims-aware Applications
Module 11 Review
Module 12 - Designing an AD LDS Implementation
Designing an Active Directory LDS Implementation
What is AD LDS?
AD LDS Usage
LDAP-Compliant Application Directories
Definitions - LDAP Application Directories
LDAP Compliant Applications - Defined
Extranet Authentication Scenarios
Using AD LDS for Developing Schema Modifications
Key Sizing Factors for AD LDS Servers
AD LDS Replication Scenarios
Integration of AD LDS with AD DS
Guidelines for Designing AD LDS Instances and Application Partitions
Schema Changes and AD LDS
Replication of AD LDS Data
Planning AD LDS Replication Traffic across WAN Links
AD LDS Sites and Site Links
Guidelines for Designing AD LDS Schema and Replication
User Proxies in AD LDS
Authentication and Authorization in AD LDS
Implementing Synchronization between AD DS and AD LDS
Demo: Working with AD LDS
Module 12 Review
Module 13 - Designing AD Migrations
Designing Active Directory Migrations in Windows Server 2008
AD DS Migration Strategies
Domain Upgrade Strategy
Domain Restructure Strategy
Domain Upgrade and Restructure
Criteria for Choosing a Migration Strategy
Guidelines for Choosing the Domain Upgrade Strategy
Guidelines for Choosing the Domain Restructure Strategy
Guidelines for Choosing the Domain Upgrade and Restructure Strategy
Documenting the Current Environment
Active Directory Structure
Current Network Services
Current Domain Controller Hardware and Software
Cleaning Up the Current Active Directory Environment
1h
59m

Hardware and Application Compatibility
Preparing a Domain and Forest for Upgrade
Upgrade Guidelines
Domain Functional Levels in Windows Server 2008
Windows 2000 Native Functional Level
Windows Server 2003 Functional Level
Windows Server 2008 Functional Mode
SID History
Active Directory Migration Tool
ADMT Scenarios
Preparing a Domain to Run ADMT
Demo: Installing ADMT
Intraforest and Interforest Restructuring
Demo: Using ADMT Trusts
Guidelines for Restructuring Domains
Module 13 Review
Course Closure
Total Duration: 16 hrs 57 min