Book Image

Administering Windows Server Hybrid Core Infrastructure AZ-800 Exam Guide

By : Steve Miles
Book Image

Administering Windows Server Hybrid Core Infrastructure AZ-800 Exam Guide

By: Steve Miles

Overview of this book

Written by an Azure MVP and Microsoft Certified Trainer with 20 years of experience in data center infrastructure, this AZ-800 study guide is an essential preparation tool for administrators who want to take the exam and acquire key skills that will help them thrive in their careers. This book will guide you through all the ways Windows Server can be used to manage hybrid solutions on-premises and in the cloud, starting with deploying and managing Active Directory Domain Services (AD DS) in on-premises and cloud environments. You’ll then dive into managing virtual machines and containers and progress to implementing and managing an on-premises and hybrid networking infrastructure. The later parts of the book focus on managing storage and file services, concluding with a detailed overview of all the knowledge needed to pass the AZ-800 exam with practical examples throughout the chapters. In the final chapter, you’ll be able to test your understanding of the topics covered with the help of practice exams to make sure that you’re completely prepared for the contents and structure of the exam. By the end of the book, you’ll have gained the knowledge, both practical and conceptual, that's required to administer Windows Server hybrid core infrastructure confidently.

Related Content you might be interested in

Current Title:

Small book image
Administering Windows Server Hybrid Core Infrastructure AZ-800 Exam Guide
Steve Miles
Dec, 2022 | 502 pages
Small book image
Microsoft Azure Fundamentals Certification and Beyond
Steve Miles
Jan, 2024 | 284 pages
Small book image
Microsoft Azure Fundamentals Certification and Beyond
Steve Miles
Jan, 2022 | 424 pages
Small book image
MCSA Windows Server 2016 Certification Guide: Exam 70-741
Sasha Kranjac | Vladimir Stefanovic
Apr, 2019 | 182 pages
Table of Contents (22 chapters)
Preface
Preface
Who is this book for
What this book covers
To get the most out of this book
Download the color images
Conventions used
Get in touch
Share Your Thoughts
Download a free PDF copy of this book
1
Part 1: Hybrid Identity
Part 1: Hybrid Identity
Free Chapter
2
Chapter 1: Implementing and Managing Active Directory Domain Services
Chapter 1: Implementing and Managing Active Directory Domain Services
What is Active Directory?
What is Active Directory Domain Services?
Active Directory Domain Services components
Creating Active Directory Domain Services
Managing Active Directory Domain Services
Hands-on exercise
Summary
Further reading
Skills check
3
Chapter 2: Implementing and Managing Azure Active Directory Domain Services
Chapter 2: Implementing and Managing Azure Active Directory Domain Services
What is Azure AD?
What is Azure AD DS?
Creating an Azure AD DS managed domain
Managing an Azure AD DS managed domain
Hands-on exercise
Summary
Further reading
Skills check
4
Chapter 3: Managing Users and Computers with Group Policy
Chapter 3: Managing Users and Computers with Group Policy
What is Group Policy?
What is a GPO?
GPO components
GPO administrative templates
GPO scope
The order of processing for GPOs
GPOs in Azure AD DS
GPO management and troubleshooting tools
Hands-on exercise
Summary
Further reading
Skills check
5
Chapter 4: Implementing and Managing Hybrid Identities
Chapter 4: Implementing and Managing Hybrid Identities
What is a hybrid identity?
Azure AD Connect
Hybrid identity authentication methods
Hands-on exercise
Summary
Further reading
Skills check
6
Part 2: Hybrid Networking
Part 2: Hybrid Networking
7
Chapter 5: Implementing and Managing On-Premises Network Infrastructure
Chapter 5: Implementing and Managing On-Premises Network Infrastructure
Implementing and managing Windows Server DNS
Implementing and managing DHCP
Implementing and managing IPAM
Implementing and managing remote access
Hands-on exercises
Summary
Further reading
Skills check
8
Chapter 6: Implementing and Managing Azure Network Infrastructure
Chapter 6: Implementing and Managing Azure Network Infrastructure
Introduction to Azure network services
Implementing VNets in Azure
Implementing network connectivity in Azure
Implementing network protection in Azure
Implementing name resolution in Azure
Hands-on exercises
Summary
Further reading
Skills check
9
Part 3: Hybrid Storage
Part 3: Hybrid Storage
10
Chapter 7: Implementing Windows Server Storage Services
Chapter 7: Implementing Windows Server Storage Services
Managing Windows Server file servers
Implementing Windows Server iSCSI
Implementing Storage Spaces and Storage Spaces Direct
Implementing Windows Server Data Deduplication
Implementing Windows Server Storage Replica
Hands-on exercise
Summary
Further reading
Skills check
11
Chapter 8: Implementing a Hybrid File Server Infrastructure
Chapter 8: Implementing a Hybrid File Server Infrastructure
Introduction to Azure Storage services
Implementing Azure Files
Introduction to Azure File Sync
Hands-on exercises
Summary
Further reading
Skills check
12
Part 4: Hybrid Compute
Part 4: Hybrid Compute
13
Chapter 9: Implementing and Managing Hyper-V on Windows Server
Chapter 9: Implementing and Managing Hyper-V on Windows Server
Introduction to virtualization and Hyper-V
Implementing and managing Hyper-V
Creating and managing Hyper-V virtual machines
Securing Hyper-V workloads with Guarded Fabric
Hands-on exercises
Summary
Further reading
Skills check
14
Chapter 10: Implementing and Managing Windows Server Containers
Chapter 10: Implementing and Managing Windows Server Containers
Introduction to containers
Introduction to Docker
Securing Windows Server containers
Networking for Windows Server containers
Creating Windows Server container images
Managing Windows Server container images
Hands-on exercises
Summary
Further reading
Skills check
15
Chapter 11: Managing Windows Server Azure Virtual Machines
Chapter 11: Managing Windows Server Azure Virtual Machines
Managing Azure VM data disks
Resizing Azure VMs
Configuring continuous delivery for an Azure VM
Configuring connections to VMs
Hands-on exercise
Summary
Further reading
Skills check
16
Chapter 12: Managing Windows Server in a Hybrid Environment
Chapter 12: Managing Windows Server in a Hybrid Environment
Deploying a WAC gateway server
Deploying WAC within the Azure portal
PowerShell remoting
Hands-on exercise
Summary
Further reading
Skills check
17
Chapter 13: Managing Windows Servers Using Azure Services
Chapter 13: Managing Windows Servers Using Azure Services
Managing access for Windows Server VMs in Azure
Implementing Azure Arc for hybrid Windows servers
Implementing Azure Automation for hybrid Windows servers
Implementing Microsoft Defender for Cloud for hybrid Windows servers
Hands-on exercises
Summary
Further reading
Skills check
18
Part 5: Exam Prep
Part 5: Exam Prep
19
Chapter 14: Exam Preparation Practice Tests
Chapter 14: Exam Preparation Practice Tests
Test questions
Test answers
Summary
20
Index
Index
Why subscribe?
21
Other Books You May Enjoy
Other Books You May Enjoy
Packt is searching for authors like you
Share Your Thoughts
Download a free PDF copy of this book

Managing Active Directory Domain Services

This section will introduce managing AD DS and the tools that are used. We will look at Active Directory Administrative Center, Remote Server Administration Tools, Windows Admin Center, and PowerShell, along with the AD module and other additional management tools.

Active Directory Administrative Center (ADAC) is a PowerShell-based GUI available in Windows Server (not in Windows Server Core).

The following tasks can be carried out with this tool:

  • Manage multiple domains through a single tool instance
  • Search the directory for objects
  • Create and manage directory objects, such as users, groups, computers, and OUs
  • Manage Dynamic Access Control
  • Create and manage fine-grained password policies
  • AD recycle bin operations

This tool replaces the functionality previously provided through the Microsoft Management Console (MMC) snap-in tool known as Active Directory Users and Computers.

Further information about ADAC can be found at https://docs.microsoft.com/en-us/windows-server/identity/ad-ds/get-started/adac/active-directory-administrative-center.

Now, let’s look at the management tools that can be used for the Azure AD DS managed domain.

RSAT

RSAT allows you to manage servers remotely via a GUI; a set of AD DS tools is included. This was the primary tool console until the introduction of WAC, which we will look at in the next section.

The consoles for these tools are available on Windows 10/11 and Windows Server. With Windows 10/11, these tools are now included within the OS rather than a separate download, which was added through the Optional features setting.

Further information about RSAT can be found at https://docs.microsoft.com/en-us/troubleshoot/windows-server/system-management-components/remote-server-administration-tools.

WAC

This browser-based admin tool can be downloaded and installed locally on Windows 10/11 and Windows Server. It can also be accessed directly via the Azure portal, so no download or local install is required, much like CloudShell has to install PowerShell locally.

For a local install of WAC, you must ensure your network allows the required ports; the default is port 6516 for standalone mode in Windows 10. The gateway mode in Windows Server is TCP 443. Both can be changed.

Further information about WAC can be found at https://docs.microsoft.com/en-us/windows-server/manage/windows-admin-center/overview.

PowerShell with the AD module

This is an alternative to using a GUI to manage AD DS. You can use PowerShell commands via an AD module that provides a collection of cmdlets.

If you wish to use the module on a local install of PowerShell on a client/desktop OS such as Windows 10/11, then the module is part of RSAT, which you will need to download and install.

Further information about the AD module can be found at https://docs.microsoft.com/en-us/powershell/module/activedirectory/?view=windowsserver2022-ps.

MMC snap-in tools

MMC is a GUI console that contains a collection of tools called snap-ins. The following snap-in tools are available for managing AD DS, most of which are self-explanatory:

  • Active Directory Users and Computers allows you to carry out everyday tasks to manage objects such as users, groups, and computers; this is replaced by ADAC and provides additional capabilities
  • Active Directory Sites and Services allows you to create and manage sites, subnets, replication, and associated services
  • Active Directory Domains and Trusts allow you to create and manage domain and forest trusts
  • Active Directory Schema snap-in allows you to view and modify the schema

Further information about MMC can be found at https://docs.microsoft.com/en-us/troubleshoot/windows-server/system-management-components/what-is-microsoft-management-console.

This section looked at a variety of AD DS management tools. In the next section, we will look at some of AD DS’s monitoring and troubleshooting tools.

Monitoring and troubleshooting tools

In this section, we will look at some of AD DS’s monitoring and troubleshooting tools.

Performance monitoring tools

Windows Server contains the following built-in native tools for monitoring performance and analyzing service operations:

  • Performance monitor – Directory Replication Agent (DRA) counters
  • Resource Monitor
  • Task Manager
  • Event Viewer

These tools can help you analyze and identify any overutilization and depletion of these system resources. They will help you find the root cause and the source of any system performance issues caused by a bottleneck. A system can only suffer from one bottleneck at a time; this could lie in the CPU, memory, disk, or networking. You should address each in turn and then move on to the next.

Repadmin

This tool helps you view the service’s health and diagnose replication problems between DCs. It allows you to view the replication topology, manually create a replication topology, and force replication. It is available when the AD DS role is installed on a server and is also included as part of the AD DS tools in the RSAT tools.

Further information and syntax about Repadmin can be found at https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/cc770963(v=ws.11).

dcdiag

This tool will analyze the state of the health of AD DS DCs. It is available when the AD DS role is installed on a server and is also included as part of the AD DS tools in the RSAT tools.

Further information and syntax about dcdiag can be found at https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/cc731968(v=ws.11).

netdom

This tool allows you to manage AD DS trusts; it can also join a computer to a domain, manage computer accounts, query for domain information such as which DCs hold the FSMO roles, and more. It is available when the AD DS role is installed on a server and is also included as part of the AD DS tools in the RSAT tools.

Further information and syntax about netdom can be found at https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/cc772217(v=ws.11).

In this section, we looked at some of AD DS’s monitoring and troubleshooting tools. In the next section, we will complete a hands-on exercise to reinforce some of the concepts covered in this chapter.

Previous Section
End of Section 6
Next Section