Designing a Microsoft Windows Server 2003 Active Directory and Network Infrastructure

MOC 2282; 5 Day Training Class

Introduction

This five-day instructor-led Server 2003 Active Directory Services training course provides students with the knowledge and skills to design a Microsoft Active Directory directory service and network infrastructure for a Microsoft Windows Server 2003 environment. The course is intended for systems engineers who are responsible for designing directory service and/or network infrastructures.

Audience

This course is intended for individuals who are employed as or seeking employment as a systems engineer in a Windows Server 2003-based environment.

At Course Completion

After completing this course, students will be able to:

• Describe the process of designing an Active Directory infrastructure and a network infrastructure that supports Active Directory.
• Design a forest and domain infrastructure that meets the needs of an organization.
• Design a site infrastructure that meets the needs of an organization.
• Design a Group Policy structure that meets the needs of an organization.
• Design an administrative structure that meets the needs of an organization.
• Design a physical network structure that supports Active Directory and meets the needs of an organization.
• Design a Dynamic Host Configuration Protocol (DHCP) structure that supports Active Directory and meets the needs of an organization.
• Create a design for network connectivity that supports Active Directory and meets the needs of an organization.
• Design a name resolution strategy that supports Active Directory and meets the needs of an organization.
• Design a network access infrastructure that supports Active Directory and meets the needs of an organization.

Prerequisites

This course requires that students meet the following prerequisites:

• They have taken Course 2278, Planning and Maintaining a Microsoft Windows Server 2003 Network Infrastructure and Course 2279, Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure

OR

• They have equivalent knowledge and experience

Microsoft Certified Professional Exams

This workshop will help students prepare for this Microsoft Certified Professional exam:

Exam 70-297: Designing a Microsoft Windows Server 2003 Active Directory and Network Infrastructure

Server 2003 Active Directory Services Training Course Materials

The student kit includes a comprehensive workbook and other necessary materials for this class.

Course Outline

Module 1: Introduction to Designing an Active Directory and Network Infrastructure

This module introduces general design principles and the process of designing a Windows Server 2003 Active Directory infrastructure.

Module Objectives

After completing this module, students will be able to:

• Explain basic design principles.
• Describe the process of and the tasks involved in designing an Active Directory infrastructure.

Module 2: Designing a Forest and Domain Infrastructure

This module covers the first major design decisions when creating an Active Directory and network infrastructure. The Active Directory logical structure and the design of forests and domains. Key elements of the forest and domain design are naming and, in the case of a multiple-forest design, trusts. These decisions must take into account any existing structure and provide a migration solution from the existing structure to the new design.

Module Objectives

After completing this module, students will be able to:

• Gather and analyze the information that you need to design a forest and domain infrastructure.
• Create a logical forest design.
• Create a domain design.
• Design a DNS namespace strategy for forests and domains.
• Create a trust strategy for forests.
• Determine a migration plan for the existing infrastructure.
• Design a schema management policy.

Module 3: Designing a Site Infrastructure

This module explains how to design a site topology to organize the Windows Server 2003 network in your organization and optimize the exchange of data and directory information.

Module Objectives

After completing this module, students will be able to:

• Determine the information needed to design a site infrastructure.
• Create a site design.
• Modify the site design for replication.
• Determine the placement of domain controllers in the site design.
• Determine the placement of global catalog servers in the site design.
• Determine the placement of single operations masters in the site design.

Module 4: Designing the Administrative Structure

This module explains how to design your administrative structure to delegate authority and simplify administrative overhead and design an organizational unit structure in a Windows Server 2003 environment.

Module Objectives

After completing this module, students will be able to:

• Determine the information needed to design an administrative structure.
• Design a network administration model.
• Design an organizational unit structure.
• Design an account strategy.

Module 5: Designing for Group Policy

This module describes how to gather and analyze business requirements and other data and then use that data to design a Group Policy structure and integrate the structure into an organizational unit design. It describes the role of Group Policy in the Active Directory infrastructure and factors in choosing particular implementations, such as security, software deployment, and administrative requirements. The module also covers why and how to design a change management structure.

Module Objectives

• After completing this module, students will be able to:
• Determine the information needed to design for Group Policy.
• Design a Group Policy structure.
• Create an organization unit (OU) structure for Group Policy.
• Create a Group Policy management design.

Module 6: Designing the Physical Network

This module describes how to gather business requirements and other data and then analyze and use that data to design the physical network. It explains how to design a connectivity infrastructure, with considerations for intrasite and intersite connectivity, router placement, connection types, and virtual private networks (VPNs). It also describes how to design a domain controller structure and how to use the Active Directory Sizer tool.

The module also covers why and how to design a change management structure for networking, including monitoring. Finally, the students will create a physical network according to a scenario.

Module Objectives

After completing this module, students will be able to:

• Explain the preparation necessary to design a network infrastructure.
• Create an IP addressing scheme.
• Design a DHCP infrastructure.
• Design a change management structure for networking.

Module 7: Designing for Network Connectivity

This module describes how to design networking services for connectivity and protocol requirements for organizations. Also, this module describes networking solutions that establish a network foundation, provide access to public networks, and support network-based applications and authentication methods.

Module Objectives

After completing this module, students will be able to:

• Determine the information that you need to design for network connectivity.
• Evaluate connection types.
• Design a connectivity infrastructure.
• Create a design for Internet connectivity.

Module 8: Designing a Name Resolution Strategy

This module describes the relationship between Active Directory and DNS domain names, Windows Internet Name Service (WINS), and other name-resolution strategies.

Module Objectives

After completing this Server 2003 Active Directory Services training module, students will be able to:

• Determine the information needed to design a name-resolution strategy.
• Design a strategy for interoperability with Active Directory, BIND, WINS, and DHCP.
• Design a WINS replication strategy.
• Design a name resolution strategy for clients.

Module 9: Designing the Network Access Infrastructure

This module describes how to design a network access infrastructure by gathering relevant data, and then analyzing and using that data to design for network access security, remote access, and wireless access. The module includes strategies for authentication, administration, access monitoring, interoperability, and user education.

Module Objectives

After completing this module, students will be able to:

• Gather data for network access design.
• Design network access security.
• Choose remote access methods.
• Design a remote access infrastructure.
• Design a wireless access infrastructure.