Chapter 1. Working with Domain User Accounts
Configuring Account Lockout Policy
Creating Password Settings Objects
Granting Capabilities, Privileges, and Rights
Assigning User Rights for a Domain or OU
Assigning User Rights on a Specific Computer
Chapter 2. Managing User and Service Accounts
Creating and Configuring Domain User Accounts
Working with Managed Service Accounts
Managed Service Account Fundamentals
Creating Group Managed Service Accounts
Step 1: Create a Hosting Group
Step 5: Configure Service to use gMSA
Deleting Managed Service Accounts
Resetting the Account Password
Moving Managed Service Accounts
Disabling and Enabling User Accounts
Enabling Active Directory Recycle Bin
Recovering Accounts from the Recycle Bin
Chapter 3. Managing Groups and Computers
Searching for Groups in the Directory
Creating Computer Accounts in Active Directory
Performing an Offline Domain Join
Troubleshooting Computer Accounts
Chapter 4. Active Directory Architecture: The Fundamentals
Active Directory Physical Architecture
A View within the Local Security Authority
Decoding the Directory Service Architecture
Navigating Protocols and Client Interfaces
Understanding the Directory Service Component
Understanding the Extensible Storage Engine
Active Directory Logical Architecture
Navigating Domains, Trees, and Forests
Introducing Namespaces and Partitions
Chapter 5. Creating and Updating Active Directory Designs
Planning for Search and Global Catalogs
Designating Global Catalog Servers
Designating Replication Attributes
Understanding Domain Functional Levels
Understanding Forest Functional Levels
Chapter 6. Understanding Authentication and Trusts
Authentication Essentials for Groups
Security Tokens and Membership Caching
Navigating Authentication Options
Accessing Resources After Authentication
Verifying and Troubleshooting Trusts
Understanding Delegated Authentication
Implementing Delegated Authentication
Chapter 7. Planning Your Infrastructure
Creating an Implementation or Update Plan
Selecting the Forest Namespace
Building a Single Forest vs. Multiple Forests
Understanding Forest Administration
Using a Single Domain vs. Multiple Domains
Establishing the Forest Root Domain
Chapter 8. Implementing Domain Services
Preinstallation Considerations for Active Directory
Configuring Active Directory for Fast Recovery
Connecting Clients to Active Directory
Installing Active Directory Domain Services
Navigating Installation Options
Adding the Active Directory Role
Adding Domain Controllers to a Domain
Creating New Domains in New Forests
Adding a Domain or Domain Tree to a Forest
Performing an Installation from Media
Cloning Virtualized Domain Controllers
Using Clones of Virtualized Domain Controllers
Creating a Clone Virtualized Domain Controller
Finalizing the Clone Deployment
Troubleshooting the Clone Deployment
Working with Organizational Units
Using a Division or Business Unit Model
Creating and Managing Organizational Units
Adding Accounts and Resources to an OU
Delegating Administration of Domains and OUs
Understanding Delegation of Administration
Chapter 10. Deploying Read-Only Domain Controllers
Read-Only Domain Controllers: The Essentials
Preparing for an RODC Installation
Managing Password Replication Policy
Understanding Password Replication Policy
Controlling Password Replication
Managing Credentials on an RODC
Verifying Account Access Status
Delegating Administrative Permissions
Chapter 11. Working with Operations Master
Operations Master Roles: The Essentials
Establishing Operations Masters
Identifying Operations Masters
Positioning Operations Masters
Transferring the Schema Master Role
Working with Domain Naming Masters
Locating the Domain Naming Master
Transferring the Domain Naming Master Role
Working with Relative ID Masters
Transferring the RID Master Role
How the PDC Emulator Manages Time Services
Transferring the PDC Emulator Role
Working with Infrastructure Masters
Locating the Infrastructure Master
Transferring the Infrastructure Master
Forcing Operations Master Role Transfers
Preparing to Seize a FSMO Role
Chapter 12. Planning Active Directory Sites
Active Directory Sites: The Fundamentals
Replication Within and Between Sites
Understanding Active Directory Replication
Tracking Replication Changes Over Time
Tracking System Volume Changes Over Time
Replication Architecture: An Overview
Intersite Replication Essentials
Replication Rings and Directory Partitions
Developing or Revising Your Site Design
Mapping Network Infrastructure
Mapping Network Structure to Site Structure
Designing the Individual Sites
Designing the Intersite Replication Topology
Considering the Impact of Site-Link Bridging
Planning the Placement of Servers within Sites
Chapter 13. Active Directory Site Administration
Managing Domain Controllers within Sites
Managing Site Links and Intersite Replication
Navigating Replication Transport Options
Configuring Replication Schedules for Site Links
Configuring Site Bridgehead Servers
Configuring Advanced Site-Link Options
Monitoring and Troubleshooting Replication
Using the Replication Administrator
Using PowerShell to Monitor and Troubleshoot Replication
Using Performance Monitor to Track Replication
Modifying Intersite Replication for Testing
Chapter 14. Implementing Group Policy Infrastructure
Local vs Directory-based Group Policy
Configuring Directory-based Policy
Accessing Forests, Domains, and Sites for Management
Creating and Linking a New GPO
Managing Group Policy Through Delegation
Reviewing Management Privileges
Delegating Management Privileges
Delegating Privileges for Links and RSoP
Chapter 15. Optimizing Group Policy
Managing Group Policy Inheritance
Understanding Policy Application
Changing Link Order and Precedence
Filtering Group Policy Application
Configuring Loopback Processing
Applying Group Policy Through Security Templates
Working with Security Templates
Maintaining and Troubleshooting Group Policy
Understanding Group Policy Refresh
Modifying Group Policy Refresh
Viewing Applicable GPOs and the Last Refresh
Refreshing Group Policy Manually