1. Windows Active Directory Environment
Charles Warren

2. Microsoft Computer Networks
What are the two types of computer networks in a Windows environment?

3. Workgroups In a workgroup:
All Computers are peers; no computer has control over another computer.
Each computer has its own set of user accounts.
A workgroup is not protected by a password.
All computers must be on the same local network.
There is no form of central policy management
When should you use a workgroup?

4. Domains In a domain: One or more computers are domain servers.
Policies are implemented by a central system allowing for the organization and categorization of users and computers.
Domain authenticated users must provide a password each time they access the domain.
The domain can be spread across many LANS
When should you use a domain?

5. Windows Active Directory
Active Directory is a directory service that Microsoft developed for the Windows domain networks.
Active Directory Domain Service: stores all of the information about members of the domain, both users and computers. This service provides authentication and logging for all domain interactions.
Active Directory Certificate Services: Creates, validates, and revokes public key certificates for internal uses of an organization.
Active Directory Federation Services: Provides the infrastructure for SSO based authentication.

6. Logical Namespace Hierarchy
The Active Directory framework holds objects that can be viewed as different levels of a greater system.
The Domain: a logical group of network objects (computers, users, devices) that share the same Active Directory database.
The Tree: a collection of one or more domains in a contiguous namespace.
The Forest: a collection of trees that share a common global catalog, directory schema, logical structure, and directory configuration.

7. Active Directory Objects
Active Directory structures are arrangements of resources and security principles. These objects can be further categorized into Organizational Units (OUs).
Security Principles are broken into three categories: User Accounts, Computer Accounts, and Group Objects.
Almost anything else in the Windows Environment is a Domain Resource: Printers and Shared Folders.

8. Implementing Active Directory Domain Services
Install the AD DS module on your Windows server:
Prerequisites:
Statically assign an IP to your machine.
Name the device something significant before making it the Domain Controller.
Install DNS and DHCP modules on the server.
Make sure that your admin password meets the password complexity requirements:

9. Windows Domain Configuration
What is the Windows Server feature that allows for configurations to be modified and distributed to grouped domain objects?

10. Group Policy
Group Policy provides centralized management and configuration of operating systems, applications, and users' settings in an Active Directory environment.
The policies are broken into two categories: computer configuration and user configuration.
The created Group Policy Objects are then enforced, inherited, and filtered at the administrator’s discretion.

11. Implementing Group Policy
Designing the policy:
What is it going to do?
Where is it going to be implemented?
Who is it going to affect?
Creating the policy:
Find online articles showing what computer or user configurations need to be made.
Make sure that an OU is in place for the policy to be linked.
Create a security group of the intended policy recipients for easy management.

12. Live Demo Checklist Configure AD DS. Create AD Objects.
Design a Group Policy.
Implement the Policy.