2207: Expert Track: Updating Systems Administrator and Systems Engineer Skills from Microsoft Windows 2000 to Windows Server 2003 (5 Days)
About This Workshop
This five-day, instructor-led workshop provides students with the knowledge and new skills that they need to plan, implement, manage, and maintain a Microsoft Windows Server 2003 networked environment.
This discovery-based workshop consists primarily of labs that provide hands-on experience focused exclusively on the skills and objectives that align withExam 70-292: Managing and Maintaining a Microsoft Windows Server 2003 Environment for an MCSA Certified on Windows 2000, andExam 70-296: Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Environment for an MCSE Certified on Windows 2000.
This workshop is intended for expert Windows 2000 systems engineers who plan, implement, and support Windows 2000-based networks running Microsoft Active Directory directory service, and who need to quickly leverage their skills in a Windows Server 2003 environment. The workshop assumes extensive, day-to-day practical, hands-on experience using Windows 2000 and a preference for learning by doing and discovering in a non-prescriptive lab environment. For a more traditional learning experience, seeCourse 2297: Planning, Implementing, Managing and Maintaining a Microsoft Windows Server 2003 Environment for an MCSE on Windows 2000.
At Workshop Completion
After completing this workshop, students will be able to:
- Identify the systems administration tasks in Windows Server 2003 that are new or different from the tasks performed in Windows 2000.
- Manage user, computer, and group accounts in a Windows Server 2003 Active Directory-based environment.
- Use the Group Policy Management Console (GPMC) to manage Group Policy.
- Manage resources and security.
- Configure and manage DNS.
- Manage servers in remote locations.
- Manage Terminal Services.
- Manage IIS 6.0 Web Services.
- Maintain computers that run Windows operating systems by implementing and managing Software Update Services.
- Prepare for and implement disaster recovery solutions.
- Plan a Domain Name System (DNS) strategy for an enterprise organization.
- Plan for an implementation of Active Directory and for Active Directory replication.
- Implement Active Directory and DNS.
- Troubleshoot Transmission Control Protocol/Internet Protocol (TCP/IP), name resolution, and Group Policy.
- Plan and implement cross-forest trusts and new security options.
- Use Group Policy in Windows Server 2003 to deploy and restrict software.
- Use Group Policy in Windows Server 2003 to set advanced security settings.
- Plan and implement secure Routing and Remote Access.
Session 1: Introduction to Systems Administration in Windows Server 2003
This unit explains how to perform systems administration tasks in a Windows Server 2003 environment, and introduces the scenarios and tools that will be used throughout the workshop.
- Identify the products in the Windows Server 2003 family.
- Describe the tools and resources available to perform tasks throughout the workshop.
Session 2: Managing Users, Computers, and Groups
This unit explains how to manage users, computers, and groups in an Active Directory directory service environment, taking advantage of the new capabilities available in Windows Server 2003.
- Create user accounts by using CSVDE.
- Create user accounts by using the dsadd command.
- Modify the properties of multiple accounts.
- Create computer accounts by using the dsadd command.
- Create groups by using the dsadd command.
- Add members to a group by using the dsmod command.
- Copy the properties from an existing account when creating a new account.
- Find Active Directory objects.
- Move an Active Directory object by using the drag and drop technique of management in Active Directory Users and Computers.
- Reset computer accounts.
- Describe the effect of resetting passwords in Windows Server 2003.
- Determine the effective permissions on an Active Directory object.
Session 3: Using the GPMC to Manage Group Policy
This unit gives a hands-on, fast paced opportunity to experienced users to orient themselves to Windows Server 2003 and learn how to use the Group Policy Management Console (GPMC) to manage Group Policy.
- Implement Group Policy by using the GPMC.
- Manage GPOs by using the GPMC, which includes:
- Backing up a GPO.
- Copying a GPO.
- Importing a GPO.
- Use Group Policy Results to troubleshoot Group Policy-related issues.
- Use Group Policy Modeling to experiment with possible Group Policy configurations.
Session 4: Managing Resources and Security
This unit explains how to use enhancements to the tools available in Windows Server 2003 to manage resources and security by using Windows Explorer, Group Policy management tools, and the Security Configuration and Analysis tool.
- Determine the effective NTFS permissions for files and folders.
- Change the owner for an existing file or folder.
- Create custom security templates.
- Apply security templates by using Group Policy.
- Configure NTFS permissions by using security templates.
- Audit security settings by using Security Configuration and Analysis.
Session 5: Managing DNS
This unit gives a hands-on, fast paced opportunity to experienced users to orient themselves to Windows Server 2003 and learn how to configure and manage DNS.
- Install DNS by using the Manage Your Server tool.
- Create forward lookup zones.
- Create reverse lookup zones.
- Configure DNS conditional forwarding.
- Configure DNS zones, which includes:
- Configuring zone options.
- Configuring zones for secure dynamic update.
- Configuring Active Directory integrated zones.
- Create DNS stub zones.
Session 6: Managing Servers
This unit explains how to manage servers remotely using secure best practices.
- Create desktop shortcuts that run the Run as command.
- Connect to a remote server by using MMC snap-in tools.
- Connect to a remote server by using the Remote Desktop Connection utility.
- Determine the best tool to use for remote administration in specific situation.
- Configure client connection speed for the Remote Desktop Connection utility.
- Configure auto reconnect for the Remote Desktop Connection utility.
Session 7: Managing Terminal Services
This unit explains how to configure and manage Terminal Services and take advantage of the new capabilities available with that service.
- Install Terminal Services.
- Install a Terminal Services Licensing server.
- Configure Terminal Services, which includes:
- Setting the level of encryption for terminal server user sessions.
- Controlling terminal server user connection access.
- Configuring time-out settings from remote connections.
- Monitoring remote desktop connection sessions.
- Manage user sessions by using Terminal Services Manager.
- Diagnose and resolve issues related to Terminal Services security.
Session 8: Managing IIS 6.0 Web Services
This unit explores the new skills needed to manage and maintain the IIS service on Windows Server 2003. This unit provides students with hands-on experience in configuring and managing the IIS service, and highlights the default state of the service when Windows Server 2003 is installed.
- Install IIS 6.0
- Configure authentication
- Install ASP.NET
- Allow ASP.NET in Web service extensions
- Manage ASP.NET configuration files
- Implement Web applications
- Implement application pooling
- Manage the IIS 6.0 metabase
- Manage an IIS server in a remote location
- Monitor and optimize IIS 6.0
Session 9: Maintaining Software by Using Software Update Services
This unit explains how to use Software Update Services (SUS) to perform patch management for a networked environment.
- Install and configure SUS on a server.
- Configure automatic updates.
- Use Group Policy to configure SUS clients.
- Manage a software update infrastructure.
- Back up and restore an SUS configuration.
- Test an SUS implementation.
Session 10: Managing Disaster Recovery
This unit explains how to use the new capabilities available with Windows Server 2003 to restore a system to a previous state. The students will practice troubleshooting and repairing a system by using features such as ASR and driver rollback in a lab environment to restore a system to a predefined state.
- Use Automatic System Recovery (ASR) to back up and restore a server.
- Restore data from shadow copies.
- Roll back to a previous version of a device driver.
- Configure security for backup operations.
- Troubleshoot problems associated with restoring data.
Session 11: Planning a DNS Namespace Design
This unit shows students the new features of DNS in Windows Server 2003, focusing on planning issues such as improving fault tolerance in DNS, ensuring DNS resolution across forests, planning for _MSDCS zone availability and security to DNS servers in a forest, and creating DNS zones securely and with the least administrative effort.
- Evaluate existing DNS infrastructure and determine where new Windows Server 2003 features can improve name resolution.
- Determine when to use stub zones versus conditional forwarding.
- Ensure availability of the _MSDCS zone.
- Plan Active Directory partitions to replicate zone data when needed.
- Evaluate DNS zone security.
Session 12: Planning Active Directory Deployment This unit shows students new features of Active Directory in Windows Server 2003, focusing on planning issues.
- Evaluate the placement of global catalog servers.
- Plan optimal replication by exploiting replication enhancements such as:
- Linked value replication (LVR).
- Partial attribute set (PAS) replication.
- Inter-Site Topology Generator (ISTG) improvements.
- Evaluate forest and domain functionality (versioning) levels.
Session 13: Implementing DNS with Active Directory
This unit gives students a hands-on opportunity to experience new features of Windows Server 2003 and learn how to use them to implement Active Directory and DNS.
- Install Active Directory by using the advanced features of the Active Directory Installation Wizard.
- Install and configure DNS.
- Implement a conditional forwarder.
- Create stub zones.
- Ensure high availability on the _MSDCS subdomain.
- Create a DNS forward lookup zone.
- Raise domain and forest functionality.
- Create a new application directory partition.
- Set the replication scope of a new application directory partition.
Session 14: Troubleshooting TCP/IP, Name Resolution, and Group Policy
This unit gives students a hands-on opportunity to experience new features of Windows Server 2003 and learn how to use them to troubleshoot TCP/IP, name resolution, and Group Policy.
- Diagnose and resolve issues related to DNS services.
- Troubleshoot Group Policy.
- Diagnose and resolve issues related to client computer configuration.
- Troubleshoot network connectivity issues.
Session 15: Planning and Implementing Multiple Forests in Active Directory
This unit asks students to plan and implement multiple forests in Active Directory by using the model of adding a new organization to an existing company. Students will implement cross-forest trust, manage user authentication, identify possible security concerns, and come to understand how to resolve naming conflicts between two forests.
- Evaluate the need for security identifier (SID) filtering, selective authentication, resolving naming conflicts, and routing name suffixes in a multi-forest environment.
- Establish forest trusts.
Session 16: Using Group Policy in Windows Server 2003 to Deploy and Restrict Software
This unit gives students a hands-on opportunity to experience new features of Windows Server 2003 pertaining to Group Policy and to learn how they can use it to deploy and restrict software.
- List reasons for controlling a computer user's environment.
- Create a software restriction policy.
- Deploy software so that an application is completely installed at user logon.
- Use Windows Management Instrumentation (WMI) filters to restrict the application of Group Policy objects (GPOs).
Session 17: Using Group Policy in Windows Server 2003 to Set Advanced Security Settings
This unit gives students a hands-on opportunity to experience new features of Windows Server 2003 and to learn how to use Group Policy to implement advanced security settings.
- Configure wireless network settings.
- Configure a user environment.
- Apply Encrypting File System (EFS) enhancements.
Session 18: Planning and Implementing Secure Routing and Remote Access
This unit gives students a hands-on opportunity to experience new features of Windows Server 2003 and to learn how to use them in implementing Routing and Remote Access.
- Plan, implement, and maintain Routing and Remote Access.
- Create and implement an Internet Protocol (IP) Security (IPSec) policy.
- Configure IPSec by using Netsh.
- Set up IPSec policy monitoring.