IT training for 4 days. There are 2-3 vacancies, 50% discount.

August 8, 2014 by Munkhtuvshin Baatar
No comments

Please contact with me, if you are interested in that seminar by 99540206 or thru following link http://goo.gl/forms/3Cb3SwfY2b

Agenda of seminar

Date: 08.10.2014

Subject: Active Directory essentials, Virtualization, WDS/WSUS

Venue: Suite 601, UJM office, Peace avenue-36, Chingeltei district, 3th khoroo, Ulaanbaatar, Mongolia

Presenter and author: B.Munkhtuvshin

Language: Mongolian

Organizer: Geomon Engineering LLC

First day

Subject: Common questions, installation, configurations

  1. 9.00-9.45IntroductionWhy Active Directory/AD
  2. Pre-history
  3. For whom, how to convince management to implement AD, the main obvious benefits of AD implementation
  4. What is AD for system administration, network admin, for IT manager, business owners
  5. 9.45-10.15The main definitions and termsforest, tree, Domain, DC, GC,OU, security groups
  6. GPO
  7. Subnet and site, DNS for sites (glue records and delegation of zones for forest)
  8. Fsmo roles (PDC emulator, RID, infrastructure, domain naming, schema masters) and GC
  9. Functional levels
  10. Kerberos protocol, NTLM protocols, SAM and NTDS, KDC service
  11. Schema considerations (precautions, how activate snap-in, Schema changes for Exchange, Lync and so on)
  12. 10.15-11.15Installation and Initial configurationsPre-requisites (compatible BIND, static IP, unique name of server, unique domain name)
  13. What network changes(conflicts between DNS, DHCP setting for ISP and AD) are required in typical Mongolian company
  14. Types of AD, functional levels, when and how to rise functional levels
  15. Insides of AD (database files, used TCP/IP ports and so on)
  16. How to install AD in multisite, multi subnet and multi domain environment
  17. 11.15-11.30 Q&A
  18. 11.30-11.45 break
  19. 11.45-13.00Standard basic operations sometimes ignored or wrongly used by Mongolian sysadmins, common mistakes:Deleting domain
  20. Adding computer into domain, removing computer from domain. Duplicated netbios names for domains and computers, wrong length of names or wrong symbols. Naming computers in corporate environment – why it’s important
  21. Why pre-installed Windows versions on the notebooks cannot be added to AD
  22. Why Desktop Windows is not good as a fileservers and printer servers
  23. Sysprep – why, for what?
  24. Grouping computer accounts, user accounts by OU for GPO
  25. Usage of only one DC despite the vendor recommendations
  26. DNS considerations, proper configurations recommended by the best configurations
  27. How to promote server in AD, how to demote, how to re-add workstation/member servers to AD
  28. How to add user, group (local, global, universal) why it’s necessary to re-login after changing the membership in group
  29. Groups, which of them to use and when
  30. Assigning rights to groups for sharing, how to correctly share, how to automatically map shares, how automatically empty content of temporarily share folders
  31. Printers in AD, publishing in AD, default print rights and how to administrate printers in AD, print monitor software (who, when, what, how many pages printed)
  32. Time Service and Kerberos (time zones, NTP server, virtualization aspects, net time command, how auto check time on multiple servers by script)
  33. 13.00-14.00 break
  34. 14.00-15.00Demonstration of the provisioning stereotype AD domain in average Mongolian company. IT policy best practices for ADRestricting LocalAdmins, and what resistance it causes from user side, how to solve
  35. How to solve problems to launch some programs without LocalAdmin rights
  36. Fileserver and AD, advantages, pitfalls (for comparison – example of how to setup it without AD on workstations with max 10 connections) Automatically mounted users shared folders, quotas, backuping and redirection, re-assigning to new employee. Samba protocol/CIFS, ports 135, 138,139, 445, Windows Browser Service (elections and network neighborhood lists)
  37. How to give LocalAdmin rights for somebody not making him/her DomainAdmin
  38. 15.00-15.30Once again DNS server setting for ADZones, domains – the difference
  39. DNS server at multi homed server, round robin for DNS, listening IPs of DNS server
  40. Forwarders and root servers, conditional forwarders and stub zones, primary and secondary zones
  41. Storing AD in filesystem or AD integrated?
  42. New type of records – SRV, connection dynamic records with Netlogon service
  43. Why dhcp client should be used even for servers and workstation with static IPs
  44. How to add static records (A, CNAME, MX) in case of existence of public Internet domain with the exactly same as an AD domain name, troubleshooting
  45. Reverse lookup zones – for what
  46. Caching DNS – when and how to utilize, ipconfig /flushdns
  47. 15.30-16.00Theory of authorization and authenticationKerberos (Kerberos and DNS, predecessors like NTLMv1/v2) ticket system
  48. SQL and AD/windows authorizations, vendor recommendations
  49. Syskey for SAM, digests and how passwords are stored, LC and saminside
  50. PKI/CA and AD
  51. Certificates for web SSL, SSH, Wi-Fi AccessPoints, VPN, e-mail and so on
  52. Smart cards/eTokens for winlogon
  53. 16.00-17.00Management and administration in AD environmentBrief review of standard tools/snap-ins for work with AD
  54. Password policy – pitfalls which can ruin whole implementation of AD in the company, unlocking accounts, why you shouldn’t to disable a strong password policy, resetting LocalAdmin passwords, removing local users+profiles, new in password policy for functional level win2008r2.
  55. c. Remote work (RDP, regedit, shutdown, net time, firewall settings, $resources, remote execution shells like powershell, remotely computer/server management, GPO, WMI and so on)
  56. 17.00-17.30 Q&A

Second day

Subject: Maintenance and troubleshooting of AD

  1. 09.00-10.00Insides of Group PolicyGPC and GPT, locations and storage of them, how it works
  2. GP extension templates for Microsoft Office, WSUS and so on
  3. How to target GP to OU, domain, site and so on
  4. Merging GPO (LSDOU), loopbackes, WMI filters
  5. Troubleshooting of Group Policy (gpedit.msc, gpresult, Rsop, gpotool, gpupdate /force), FRS
  6. 10.00-13.00Group Policy best practices:WMI and security filters
  7. Disabling shutdown tracker, autorun, Windows Browser service on non-DCs and so on
  8. Enabling RDP, DHCP client, DNS client, eventlog,remote registry, print spooler, windows update,time service on everywhere in domains and so on
  9. Enabling remote Device management
  10. GPO for Terminal Service lockdown
  11. WSUS and GPO
  12. PKI/CA and GPO
  13. IPsec, VPN and GPO
  14. PKI and GPO (certificates)
  15. Software distribution (assigning and publishing, patching, removing msi)
  16. Software restriction (restrict running gtalk, yahoo messenger and so on)
  17. Domain wide setup of services
  18. Logon messages configuration
  19. Configure EvenLog thru GPO
  20. Scripting and GPO
  21. 13.00-14.00 break
  22. 14.00-15.00Sites, multi domain implementations, trusts, replications (bridgeheads, various topologies)USN milestones
  23. SPN (setspn and ADCU delegation, for what)
  24. What is site, for what, what’s the difference from subnets,topologies
  25. RPC, smtp replications, KCC, Read-onlyDC (password caching)
  26. Troubleshooting AD/frs replication (Repadmin, replmon, ADSites and Services, eventlog, time, DNS, dcdiag and on) Everything is wsused.
  27. 15.00-15.30 Seizing/moving fsmo role (for example after crush of DC)
  28. 15.30-16.45 Q&A
  29. 16.45-17.00 break
  30. 17.00-18.00 Backup and restore of DCs, restoring objects in AD by ntdsutil, authoritative and non-authoritative restores, other tools like adsiedit, ldp, netdom and so on. New features of AD in the last Windows versions

Third day

Subject: Microsoft Hyper-V virtualization

  1. 9.00-9.10 Coffee break, registration
  2. 9.10-10.00 Theory, short introduction presentation
  3. 10.00-13.00 Installation on single host server with external storage system.Planning and designing Microsoft virtualization, prerequisites
  4. Performance optimizations, synthetic drivers, integration tools
  5. Creation of new VMs from a scratch or from template’s library
  6. Methodology of system administration in virtualized environment. New paradigm for system management – differences from conventional way
  7. New aspects of backup for virtualization. MSSC DPM
  8. Conversion of legacy physical server to virtual server – consideration of the servers with SCVMM
  9. 13.00-14.00 break
  10. 14.00 – 17.00 Clustered installation of Hyper-V on two node cluster with external storageServer specification recommendations (choice of UPS and UPS software, antivirus for virtualization, storage issues and so on
  11. Storage configuration
  12. Classic Microsoft HA cluster, new features for virtualization
  13. Installation and initial configuration
  14. Live Migration demo
  15. 17.00-17.15 Q&A session
  16. 17.15-18.00 Comparison with VMware ESX

Fourth day

Subject: WDS

  1. WDS. Introduction.For what and when , how to use.
  2. Advantages of WDS.
  3. Predecessors like RIS and alternatives like Ghost Server, Acronis Server and so on. What’s the difference and pitfalls.
  4. Basement of the WDS implementation.System requirements.
  5. Pre-requisites in network (DHCP server, router, DNS, tftp and so on),
  6. AD integration
  7. New features of WDS in windows 2008r2.Multicast,
  8. driver injections,
  9. deduplication and so on
  10. X32, x64 images, pxe boot mechanism
  11. Which OS can be deployed by WDS and why. WIM format, WINPE, SLP, OPK and so on.
  12. Sysprep in Windows XP, windows2003r2, Setup Manager (where, how to use) Lab1.
  13. Capture disk
  14. Deployment of the windows XP thru WDS. Lab2.
  15. ERD disk (locksmith, services and so on) Microsoft Optimization Pack. Lab3
  16. How to integrate pxelinux and WDS to be able to run mhdd, memtest, Norton ghost, Acronis Director, knopix network boot thru network. Lab4
  17. Discovery disk, for what, how to create, how to move to usb boot flashdisk, Win7 to usb Microsoft tool, esx installation from the network) Lab5
  18. WAIK for Vista, win7, windows 2008r2 (pass/ stages) Generating answer files for different scenarios. Lab6
  19. Pending, delegation in AD , PreStaging computer names in AD, Lab 7
  20. KMS server – auto activation of Win7/Vista/Win2008r2/Office2010, automatically adding computer accounts into AD
  21. Office 2010/2007 unattended installation. Lab 8
  22. Driver injections into boot images, into install images. Lab 9
  23. Recommendations and best practices what and how to do. How to completely get rid off re-installation of workstations (AD group policy, WSUS, corporate antiviruses, LocalAdmin rights, Terminal Server, VMware View and so on)