Managing a Microsoft Windows 2000 Network Environment (Prerelease) Course 2126—Five days—Instructor-led Introduction Audience At Course Completion Prerequisites Microsoft Certified Professional Exams Student Materials Course Outline Introduction The goal of this five-day, instructor-led course is to provide the knowledge required by System Administrators, Network Administrators, and IT professionals who implement, manage and troubleshoot existing network and server environments based on the Microsoft Windows® 2000 platform. These skills are generally required in medium to large size organizations that maintain 200 to 26,000 user desktops and servers, spanning 2 to 100 physical locations via Large Area Networks (LANs) and the Internet or Intranets. Additionally, this course provides the skills and knowledge Microsoft Certified Systems Administrator (MCSA) certification candidates will require to prepare for Microsoft Certified Professional (MCP) Exam 70-218: Managing a Microsoft Windows 2000 Network Environment. Audience This course is intended for System Administrators, Network Administrators and IT Professionals that focus on performing desktop and server installation and configuration tasks, as well as network and operating system management tasks in a Microsoft Windows environment. The Technical Support specialist is a secondary audience for this course, and performs troubleshooting tasks, hardware and software installations, configurations, and upgrades, and performs some network and system operations tasks. At Course Completion After completing the course, students will be able to: Delegate administrative control of an organizational unit. Publish and maintain printers and shared folders. Implement and manage web-based services in an intranet. Implement and manage the Dynamic Host Configuration Protocol (DHCP) service. Implement name resolution for client computers by using Domain Name System (DNS) and Windows Internet Name Service (WINS). Install and configure the DNS service. Implement the Remote Access Service (RAS). Manage remote access by using remote access policies. Identify Active Directory™ directory service replication latency issues and resolve conflicts resulting from replication. Implement Group Policy to centrally manage users and computers. Manage users' desktops and software by using Group Policy. Implement security settings and account policies by using Group Policy. Troubleshoot client computer startup and user logon problems. Prerequisites Before attending this course, students must have: Completed Course 2151, Microsoft Windows 2000 Network and Operating System Essentials Completed Course 2152, Implementing Microsoft Windows 2000 Professional and Server Microsoft Certified Professional Exams This course helps you prepare for the following Microsoft Certified Professional Exam: 70-218, Managing a Microsoft Windows 2000 Network Environment. Student Materials The student kit includes a comprehensive workbook and other necessary materials for this class. The following software is provided in the student kit: Microsoft Windows 2000 Professional (Evaluation copy) Microsoft Windows 2000 Advanced Server 120 (Evaluation copy) Course Outline Module 1: Introduction to Managing a Windows 2000 Network The following topics are covered in this module: Overview of Active Directory Active Directory Logical Structure Active Directory Physical Structure Managing a Windows 2000 Network This module provides students with an introduction to implementing and administering a Microsoft Windows 2000 network. The module provides a foundation for the course by introducing the concepts of Active Directory directory service and its logical and physical structures. This module also provides an overview of how Active Directory enables the centralized management and decentralized administration of a Windows 2000 network. After completing this module, you will be able to: Describe the function of Active Directory. Describe the logical structure of Active Directory. Describe the physical structure of Active Directory. Describe the methods for administering a Windows 2000 network. Module 2: Managing Shared Network Resources The following topics are covered in this module: Introduction to Publishing Resources Setting Up and Managing Published Printers Implementing Printer Locations Maintaining Printer Resources Setting Up and Administering Published Shared Folders Monitoring Access to Shared Folders Troubleshooting User Access to Network File Resources Best Practices This module provides students with the knowledge and skills to publish resources, including shared folders and printers, in Active Directory. Publishing resources makes it easier for users to locate resources on a network, and provides secure and selective publication of network resources to users. After completing this module, you will be able to: Describe the purpose of publishing resources in Active Directory Set up and administer published printers in Active Directory. Set up printer locations for published printers. Set up and administer published shared folders in Active Directory. Differentiate between the object that is published in Active Directory and the actual shared resource. Monitor access to shared folder. Troubleshoot common problems with publishing resources in Active Directory. Apply best practices for publishing resources in Active Directory. Module 3: Managing Web Services The following topics are covered in this module: Overview of Internet Information Services Configuring Web Server Properties Creating Web Sites and Virtual Directories Managing Web site Content Configuring User Authentication Configuring User Access to Web Pages Configuring Web Browsers Maintaining a Web Server This module provides students with knowledge of the purpose and benefits of using Internet Information Services (IIS) 5.0. After completing this module, you will be able to: Describe the service provided by IIS. Configure Web server properties. Create Web sites and virtual directories. Manage Web Site content. Configure authentication to a Web site. Configure access to Web pages. Configure browsers for Internet and intranet access. Maintain and update an IIS server. Module 4: Implementing and Managing DHCP The following topics are covered in this module: Overview of DHCP Installing the DHCP Service Authorizing the DHCP Service Creating and Configuring a Scope Configuring DHCP in a Routed Network Support DHCP This module provides students with the knowledge and skills necessary to configure automatic Internet Protocol (IP) addressing in a Windows 2000 network by using DHCP. After completing this module, you will be able to: Define DHCP and describe how to use it on a network. Install the DHCP service. Authorize the DHCP service. Create and configure a scope. Configure DHCP in a routed network. Support DHCP on a network. Module 5: Implementing Name Resolution The following topics are covered in this module: Introduction to Name Resolution NetBIOS Name Resolution Host Name Resolution Configuring Name Resolution for Client Computers Troubleshooting Name Resolution This module provides students with the knowledge and skills required to configure, use and troubleshoot name resolution. Students will learn the meaning of the concept of name resolution and the difference between network basic input/output system (NetBIOS) and Transmission Control Protocol (TCP) host names. They will learn how to configure a computer to use NetBIOS and DNS name resolution services, and how to use Windows utilities to troubleshoot name resolution problems. After completing this module, you will be able to: Describe the key concepts of name resolution. Describe the differences between NetBIOS and host names. Explain the different mechanisms used to perform name resolution. Configure a computer to use name resolution services. Troubleshoot name resolution problems. Module 6: Managing DNS The following topics are covered in this module: Multimedia: Basics of the Domain Name System (DNS) Overview of the DNS Query Process Creating Zones Configuring Zones Configuring DNS Updates DNS Name Resolution in Active Directory Maintaining and Troubleshooting DNS Servers This module provides students with the knowledge and skills necessary to install, configure, and troubleshoot DNS in a Windows 2000 network. After completing this module, you will be able to: Describe the DNS query process. Create zones. Configure zones. Configure DNS updates. Describe the process of DNS name resolution in Active Directory. Maintain and troubleshoot DNS servers. Module 7: Configuring Remote Access The following topics are covered in this module: Overview of Remote Access in Windows 2000 Configuring the Remote Access Server Configuring the Remote Access Client Configuring Authentication Protocols Configuring Encryption Protocols Configuring Routing and Remote Access for DHCP Integration This module provides students with the knowledge and skills necessary to configure a remote access server and clients in a Windows 2000 network. After completing this module, you will be able to: Describe the remote access process and protocols. Configure inbound connections on a remote access server. Configure authentication protocols for remote access sessions. Configure encryption protocols for remote access sessions. Configure the Routing and Remote Access service for DHCP integration. Configure outbound connections on a remote access client. Module 8: Supporting Remote Access Policy The following topics are covered in this module: Examining Remote Access Policies Examining Remote Access Policy Evaluation Creating a Remote Access Policy Troubleshooting Remote Access This module provides students with the knowledge and skills necessary to support remote access to a Windows 2000 network through the use of remote access policies and profiles, and to troubleshoot common remote access problems. After completing this module, you will be able to: Explain remote access policy and profile concepts. Describe the process of remote access policy evaluation. Create a remote access policy and configure a remote access profile. Maintain and troubleshoot remote access. Module 9: Resolving Active Directory Replication Conflicts The following topics are covered in this module: Introduction to Active Directory Replication Replication Components and Processes Using Sites to Optimize Active Directory Replication Identifying Replication Problems by Using Event Viewer This module provides students with the knowledge and skills to identify Active Directory replication components and the replication process. The module also describes how to optimize Active Directory replication, and identify and resolve potential replication conflicts. After completing this module, you will be able to: Identify the importance of replication in a Windows 2000-based network. Describe the components of replication and the replication process. Describe how sites enable you to optimize Active Directory replication. Identify replication problems by using Event Viewer. Module 10: Delegating Administrative Control The following topics are covered in this module: Introduction to Delegating Administrative Control Controlling Access to Active Directory Objects Delegating Administrative Control of Active Directory Objects Managing Computer Accounts Customizing MMC Consoles Setting Up Taskpads This module provides students with the knowledge and skills to manage the permissions and access levels on directory objects and properties in Active Directory. The module also describes how to delegate specific authority over portions of Active Directory to groups of users, without making the information in Active Directory vulnerable to unauthorized access. After completing this module, you will be able to: Describe key concepts for delegating administrative control. Control access to Active Directory objects. Delegate administrative control of Active Directory objects. Manage computer accounts. Create and deploy customized consoles. Use and configure taskpads. Module 11: Implementing Group Policy The following topics are covered in this module: Group Policy Structure Working with Group Policy Objects How Group Policy Settings Are Applied in Active Directory Modifying Group Policy Inheritance Using Resultant Set of Policy Troubleshooting Group Policy This module provides students with an introduction to Group Policy in the Windows 2000 operating system, and the general knowledge and skills to implement Group Policy settings. Students will learn about the structure of Group Policy, and how to create and link Group Policy objects (GPOs). This module also explains how Group Policy settings are applied to Active Directory, and how to delegate control of GPOs. After completing this module, you will be able to: Identify the structure of Group Policy in a Windows 2000-based network. Identify the options provided by Windows for creating, linking, and managing GPOs. Describe how Group Policy is applied in Active Directory. Modify Group Policy inheritance. Delegate administrative control of GPOs. Module 12: Using Group Policy to Manage the Desktop Environment The following topics are covered in this module: Introduction to Managing User Environments Using Administrative Templates in Group Policy Assigning Scripts by Using Group Policy Using Group Policy to Redirect Folders Troubleshooting User Environment Management Introduction to Managing Software Deployment Deploying Software Managing Software Identifying Solutions to Software Deployment Problems This module provides students with the knowledge and skills to use Group Policy to manage user environments, and install, modify, repair and remove software more efficiently. Students will learn to manage user environments by configuring the Administrative Template settings, using Group Policy to run scripts at designated times, and redirecting folders to a central location. They will also learn how software installation policies take advantage of the Microsoft Windows Installer to deliver software to computers. After completing this module, you will be able to: Describe key tasks in configuring and managing user environments. Use Administrative Templates in Group Policy to assign registry-based policies to control and configure user and computer environments. Control user environments by using Group Policy to assign scripts, such as startup, shutdown, logon, and logoff. Use Group Policy to redirect user folders to a central network location. Troubleshoot the management of user environments by using Group Policy. Explain how Software Installation and Maintenance uses Group Policy and Windows Installer to manage software. Deploy software by using Group Policy. Manage software by configuring deployment options, managing file extension associations, and assigning software categories. Identify solutions to common problems that are associated with software deployment. Module 13: Managing Network Security The following topics are covered in this module: Using Group Policy to Secure the User Environment Using Group Policy to Configure Account Policies Analyzing Security Log Files to Detect Security Breaches Securing the Logon Process Examining Service Packs, Hotfixes, and Antivirus Software This module provides students with an appreciation of the challenges that are involved in maintaining a secure and reliable system. After completing this module, you will be able to: Use Group Policy to apply security policies to secure the user environment. Use Group Policy to configure password and logon account policies. Analyze security log files to detect security breaches. Secure the logon process by using smart cards. Apply service packs, hotfixes, and antivirus software. Module 14: Troubleshooting Client Computer Startup and User Logon Problems The following topics are covered in this module: The Windows 95- and Windows 98-Based Boot Process The Windows NT-Based Boot Process Using Advanced Boot Options to Troubleshoot Startup Problems Using the Recovery Console to Start the Computer Troubleshooting the Windows NT-Based Boot Process Troubleshooting the User Logon Process This module provides students with the skills and knowledge necessary to troubleshoot client startup and user logon problems. After completing this module, you will be able to: Describe the Microsoft Windows 95- and Windows 98-Based boot process and the required files. Describe the Microsoft Windows NT®-Based boot process and the required files. Use Safe Mode, LastKnownGood, and Advanced boot options to troubleshoot startup problems. Install and use the Recovery Console to start the computer. Describe common Windows NT-Based boot process errors. Describe and troubleshoot the user logon process.