Book Image

Mastering Active Directory. - Second Edition

By : Dishan Francis
Book Image

Mastering Active Directory. - Second Edition

By: Dishan Francis

Overview of this book

Active Directory (AD) is a centralized and standardized system that automates networked management of user data, security, and distributed resources and enables inter-operation with other directories. This book will first help you brush up on the AD architecture and fundamentals, before guiding you through core components, such as sites, trust relationships, objects, and attributes. You will then explore AD schemas, LDAP, RMS, and security best practices to understand objects and components and how they can be used effectively. Next, the book will provide extensive coverage of AD Domain Services and Federation Services for Windows Server 2016, and help you explore their new features. Furthermore, you will learn to manage your identity infrastructure for a hybrid cloud setup. All this will help you design, plan, deploy, manage operations, and troubleshoot your enterprise identity infrastructure in a secure and effective manner. You’ll later discover Azure AD Module, and learn to automate administrative tasks using PowerShell cmdlets. All along, this updated second edition will cover content based on the latest version of Active Directory, PowerShell 5.1 and LDAP. By the end of this book, you’ll be well versed with best practices and troubleshooting techniques for improving security and performance in identity infrastructures.
Table of Contents (25 chapters)
Free Chapter
1
Section 1: Active Directory Planning, Design, and Installation
8
Section 2: Active Directory Administration
13
Section 3: Active Directory Service Management
18
Section 4: Best Practices and Troubleshooting

Microsoft ATA

Once there is an identity infrastructure breach, sometimes it can take a long time to detect, for the following reasons:

  • We fight against human adversaries, and they keep changing their tactics for attacks so they cannot be detected by traditional perimeter defense solutions.
  • Existing security solutions require time and knowledge to set up, fine-tune, and maintain.
  • Going through a large number of logs and reports to identify risks and issues is not practical, as engineers could miss important events.
  • Most of the existing security solutions are for preventing attackers at the perimeter level. They do not have a way to detect the attackers once they have successfully logged into the infrastructure.

Microsoft built AD and has maintained it for more than 20 years now. Many engineers are working daily on the product to make further improvements. Every day, they are...