Please contact with me, if you are interested in that seminar by 99540206 or thru following link http://goo.gl/forms/3Cb3SwfY2b Agenda of seminar Date: 08.10.2014 Subject: Active Directory essentials, Virtualization, WDS/WSUS Venue: Suite 601, UJM office, Peace avenue-36, Chingeltei district, 3th khoroo, Ulaanbaatar, Mongolia Presenter and author: B.Munkhtuvshin Language: Mongolian Organizer: Geomon Engineering LLC First day Subject: Common questions, installation, configurations 9.00-9.45IntroductionWhy Active Directory/AD Pre-history For whom, how to convince management to implement AD, the main obvious benefits of AD implementation What is AD for system administration, Continue reading →{"id":190,"date":"2014-08-08T22:13:59","date_gmt":"2014-08-08T14:13:59","guid":{"rendered":"http:\/\/www.itforce.mn\/?p=190"},"modified":"2017-02-08T22:14:22","modified_gmt":"2017-02-08T14:14:22","slug":"it-training-for-4-days-there-are-2-3-vacancies-50-discount","status":"publish","type":"post","link":"https:\/\/www.itforce.mn\/index.php\/2014\/08\/08\/it-training-for-4-days-there-are-2-3-vacancies-50-discount\/","title":{"rendered":"IT training for 4 days. There are 2-3 vacancies, 50% discount."},"content":{"rendered":"

Please contact with me, if you are interested in that seminar by 99540206 or thru following link http:\/\/goo.gl\/forms\/3Cb3SwfY2b<\/p>\n

<\/h2>\n

Agenda of seminar<\/h2>\n

Date: 08.10.2014<\/p>\n

Subject: Active Directory essentials, Virtualization, WDS\/WSUS<\/strong><\/p>\n

Venue: Suite 601, UJM office, Peace avenue-36, Chingeltei district, 3th khoroo, Ulaanbaatar, Mongolia<\/p>\n

Presenter and author: B.Munkhtuvshin<\/p>\n

Language: Mongolian<\/p>\n

Organizer: Geomon Engineering LLC<\/p>\n

First day<\/h2>\n

Subject: Common questions, installation, configurations<\/p>\n

    \n
  1. 9.00-9.45<\/strong>IntroductionWhy Active Directory\/AD<\/li>\n
  2. Pre-history<\/li>\n
  3. For whom, how to convince management to implement AD, the main obvious benefits of AD implementation<\/li>\n
  4. What is AD for system administration, network admin, for IT manager, business owners<\/li>\n
  5. 9.45-10.15<\/strong>The main definitions and termsforest, tree, Domain, DC, GC,OU, security groups<\/li>\n
  6. GPO<\/li>\n
  7. Subnet and site, DNS for sites (glue records and delegation of zones for forest)<\/li>\n
  8. Fsmo roles (PDC emulator, RID, infrastructure, domain naming, schema masters) and GC<\/li>\n
  9. Functional levels<\/li>\n
  10. Kerberos protocol, NTLM protocols, SAM and NTDS, KDC service<\/li>\n
  11. Schema considerations (precautions, how activate snap-in, Schema changes for Exchange, Lync and so on)<\/li>\n
  12. 10.15-11.15<\/strong>Installation and Initial configurationsPre-requisites (compatible BIND, static IP, unique name of server, unique domain name)<\/li>\n
  13. What network changes(conflicts between DNS, DHCP setting for ISP and AD) are required in typical Mongolian company<\/li>\n
  14. Types of AD, functional levels, when and how to rise functional levels<\/li>\n
  15. Insides of AD (database files, used TCP\/IP ports and so on)<\/li>\n
  16. How to install AD in multisite, multi subnet and multi domain environment<\/li>\n
  17. 11.15-11.30<\/strong> Q&A<\/li>\n
  18. 11.30-11.45 break<\/strong><\/li>\n
  19. 11.45-13.00<\/strong>Standard basic operations sometimes ignored or wrongly used by Mongolian sysadmins, common mistakes:Deleting domain<\/li>\n
  20. Adding computer into domain, removing computer from domain. Duplicated netbios names for domains and computers, wrong length of names or wrong symbols. Naming computers in corporate environment \u2013 why it\u2019s important<\/li>\n
  21. Why pre-installed Windows versions on the notebooks cannot be added to AD<\/li>\n
  22. Why Desktop Windows is not good as a fileservers and printer servers<\/li>\n
  23. Sysprep \u2013 why, for what?<\/li>\n
  24. Grouping computer accounts, user accounts by OU for GPO<\/li>\n
  25. Usage of only one DC despite the vendor recommendations<\/li>\n
  26. DNS considerations, proper configurations recommended by the best configurations<\/li>\n
  27. How to promote server in AD, how to demote, how to re-add workstation\/member servers to AD<\/li>\n
  28. How to add user, group (local, global, universal) why it\u2019s necessary to re-login after changing the membership in group<\/li>\n
  29. Groups, which of them to use and when<\/li>\n
  30. Assigning rights to groups for sharing, how to correctly share, how to automatically map shares, how automatically empty content of temporarily share folders<\/li>\n
  31. Printers in AD, publishing in AD, default print rights and how to administrate printers in AD, print monitor software (who, when, what, how many pages printed)<\/li>\n
  32. Time Service and Kerberos (time zones, NTP server, virtualization aspects, net time command, how auto check time on multiple servers by script)<\/li>\n
  33. 13.00-14.00<\/strong> break<\/li>\n
  34. 14.00-15.00<\/strong>Demonstration of the provisioning stereotype AD domain in average Mongolian company. IT policy best practices for ADRestricting LocalAdmins, and what resistance it causes from user side, how to solve<\/li>\n
  35. How to solve problems to launch some programs without LocalAdmin rights<\/li>\n
  36. Fileserver and AD, advantages, pitfalls (for comparison – example of how to setup it without AD on workstations with max 10 connections) Automatically mounted users shared folders, quotas, backuping and redirection, re-assigning to new employee. Samba protocol\/CIFS, ports 135, 138,139, 445, Windows Browser Service (elections and network neighborhood lists)<\/li>\n
  37. How to give LocalAdmin rights for somebody not making him\/her DomainAdmin<\/li>\n
  38. 15.00-15.30<\/strong>Once again DNS server setting for ADZones, domains \u2013 the difference<\/li>\n
  39. DNS server at multi homed server, round robin for DNS, listening IPs of DNS server<\/li>\n
  40. Forwarders and root servers, conditional forwarders and stub zones, primary and secondary zones<\/li>\n
  41. Storing AD in filesystem or AD integrated?<\/li>\n
  42. New type of records \u2013 SRV, connection dynamic records with Netlogon service<\/li>\n
  43. Why dhcp client should be used even for servers and workstation with static IPs<\/li>\n
  44. How to add static records (A, CNAME, MX) in case of existence of public Internet domain with the exactly same as an AD domain name, troubleshooting<\/li>\n
  45. Reverse lookup zones \u2013 for what<\/li>\n
  46. Caching DNS \u2013 when and how to utilize, ipconfig \/flushdns<\/li>\n
  47. 15.30-16.00<\/strong>Theory of authorization and authenticationKerberos (Kerberos and DNS, predecessors like NTLMv1\/v2) ticket system<\/li>\n
  48. SQL and AD\/windows authorizations, vendor recommendations<\/li>\n
  49. Syskey for SAM, digests and how passwords are stored, LC and saminside<\/li>\n
  50. PKI\/CA and AD<\/li>\n
  51. Certificates for web SSL, SSH, Wi-Fi AccessPoints, VPN, e-mail and so on<\/li>\n
  52. Smart cards\/eTokens for winlogon<\/li>\n
  53. 16.00-17.00<\/strong>Management and administration in AD environmentBrief review of standard tools\/snap-ins for work with AD<\/li>\n
  54. Password policy \u2013 pitfalls which can ruin whole implementation of AD in the company, unlocking accounts, why you shouldn\u2019t to disable a strong password policy, resetting LocalAdmin passwords, removing local users+profiles, new in password policy for functional level win2008r2.<\/li>\n
  55. c. <\/strong>Remote work (RDP, regedit, shutdown, net time, firewall settings, $resources, remote execution shells like powershell, remotely computer\/server management, GPO, WMI and so on)<\/li>\n
  56. 17.00-17.30<\/strong> Q&A<\/li>\n<\/ol>\n

    Second day<\/h2>\n

    Subject: Maintenance and troubleshooting of AD<\/p>\n

      \n
    1. 09.00-10.00<\/strong>Insides of Group PolicyGPC and GPT, locations and storage of them, how it works<\/li>\n
    2. GP extension templates for Microsoft Office, WSUS and so on<\/li>\n
    3. How to target GP to OU, domain, site and so on<\/li>\n
    4. Merging GPO (LSDOU), loopbackes, WMI filters<\/li>\n
    5. Troubleshooting of Group Policy (gpedit.msc, gpresult, Rsop, gpotool, gpupdate \/force), FRS<\/li>\n
    6. 10.00-13.00<\/strong>Group Policy best practices:WMI and security filters<\/li>\n
    7. Disabling shutdown tracker, autorun, Windows Browser service on non-DCs and so on<\/li>\n
    8. Enabling RDP, DHCP client, DNS client, eventlog,remote registry, print spooler, windows update,time service on everywhere in domains and so on<\/li>\n
    9. Enabling remote Device management<\/li>\n
    10. GPO for Terminal Service lockdown<\/li>\n
    11. WSUS and GPO<\/li>\n
    12. PKI\/CA and GPO<\/li>\n
    13. IPsec, VPN and GPO<\/li>\n
    14. PKI and GPO (certificates)<\/li>\n
    15. Software distribution (assigning and publishing, patching, removing msi)<\/li>\n
    16. Software restriction (restrict running gtalk, yahoo messenger and so on)<\/li>\n
    17. Domain wide setup of services<\/li>\n
    18. Logon messages configuration<\/li>\n
    19. Configure EvenLog thru GPO<\/li>\n
    20. Scripting and GPO<\/li>\n
    21. 13.00-14.00<\/strong> break<\/li>\n
    22. 14.00-15.00<\/strong>Sites, multi domain implementations, trusts, replications (bridgeheads, various topologies)USN milestones<\/li>\n
    23. SPN (setspn and ADCU delegation, for what)<\/li>\n
    24. What is site, for what, what\u2019s the difference from subnets,topologies<\/li>\n
    25. RPC, smtp replications, KCC, Read-onlyDC (password caching)<\/li>\n
    26. Troubleshooting AD\/frs replication (Repadmin, replmon, ADSites and Services, eventlog, time, DNS, dcdiag and on) Everything is wsused.<\/li>\n
    27. 15.00-15.30<\/strong> Seizing\/moving fsmo role (for example after crush of DC)<\/li>\n
    28. 15.30-16.45 Q&A<\/strong><\/li>\n
    29. 16.45-17.00 break<\/strong><\/li>\n
    30. 17.00-18.00<\/strong> Backup and restore of DCs, restoring objects in AD by ntdsutil, authoritative and non-authoritative restores, other tools like adsiedit, ldp, netdom and so on. New features of AD in the last Windows versions<\/li>\n<\/ol>\n

      Third day<\/h2>\n

      Subject: Microsoft Hyper-V virtualization<\/p>\n

        \n
      1. 9.00-9.10 Coffee break, registration<\/li>\n
      2. 9.10-10.00 Theory, short introduction presentation<\/li>\n
      3. 10.00-13.00 Installation on single host server with external storage system.Planning and designing Microsoft virtualization, prerequisites<\/li>\n
      4. Performance optimizations, synthetic drivers, integration tools<\/li>\n
      5. Creation of new VMs from a scratch or from template\u2019s library<\/li>\n
      6. Methodology of system administration in virtualized environment. New paradigm for system management \u2013 differences from conventional way<\/li>\n
      7. New aspects of backup for virtualization. MSSC DPM<\/li>\n
      8. Conversion of legacy physical server to virtual server \u2013 consideration of the servers with SCVMM<\/li>\n
      9. 13.00-14.00 break<\/li>\n
      10. 14.00 – 17.00 Clustered installation of Hyper-V on two node cluster with external storageServer specification recommendations (choice of UPS and UPS software, antivirus for virtualization, storage issues and so on<\/li>\n
      11. Storage configuration<\/li>\n
      12. Classic Microsoft HA cluster, new features for virtualization<\/li>\n
      13. Installation and initial configuration<\/li>\n
      14. Live Migration demo<\/li>\n
      15. 17.00-17.15 Q&A session<\/li>\n
      16. 17.15-18.00 Comparison with VMware ESX<\/li>\n<\/ol>\n

        Fourth day<\/h2>\n

        Subject: WDS<\/p>\n

          \n
        1. WDS. Introduction.For what and when , how to use.<\/li>\n
        2. Advantages of WDS.<\/li>\n
        3. Predecessors like RIS and alternatives like Ghost Server, Acronis Server and so on. What\u2019s the difference and pitfalls.<\/li>\n
        4. Basement of the WDS implementation.System requirements.<\/li>\n
        5. Pre-requisites in network (DHCP server, router, DNS, tftp and so on),<\/li>\n
        6. AD integration<\/li>\n
        7. New features of WDS in windows 2008r2.Multicast,<\/li>\n
        8. driver injections,<\/li>\n
        9. deduplication and so on<\/li>\n
        10. X32, x64 images, pxe boot mechanism<\/li>\n
        11. Which OS can be deployed by WDS and why. WIM format, WINPE, SLP, OPK and so on.<\/li>\n
        12. Sysprep in Windows XP, windows2003r2, Setup Manager (where, how to use) Lab1.<\/li>\n
        13. Capture disk<\/li>\n
        14. Deployment of the windows XP thru WDS. Lab2.<\/li>\n
        15. ERD disk (locksmith, services and so on) Microsoft Optimization Pack. Lab3<\/li>\n
        16. How to integrate pxelinux and WDS to be able to run mhdd, memtest, Norton ghost, Acronis Director, knopix network boot thru network. Lab4<\/li>\n
        17. Discovery disk, for what, how to create, how to move to usb boot flashdisk, Win7 to usb Microsoft tool, esx installation from the network) Lab5<\/li>\n
        18. WAIK for Vista, win7, windows 2008r2 (pass\/ stages) Generating answer files for different scenarios. Lab6<\/li>\n
        19. Pending, delegation in AD , PreStaging computer names in AD, Lab 7<\/li>\n
        20. KMS server \u2013 auto activation of Win7\/Vista\/Win2008r2\/Office2010, automatically adding computer accounts into AD<\/li>\n
        21. Office 2010\/2007 unattended installation. Lab 8<\/li>\n
        22. Driver injections into boot images, into install images. Lab 9<\/li>\n
        23. Recommendations and best practices what and how to do. How to completely get rid off re-installation of workstations (AD group policy, WSUS, corporate antiviruses, LocalAdmin rights, Terminal Server, VMware View and so on)<\/li>\n<\/ol>\n","protected":false},"excerpt":{"rendered":null,"protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[9],"tags":[],"class_list":["post-190","post","type-post","status-publish","format-standard","hentry","category-it-training-announcements"],"_links":{"self":[{"href":"https:\/\/www.itforce.mn\/index.php\/wp-json\/wp\/v2\/posts\/190","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.itforce.mn\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.itforce.mn\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.itforce.mn\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.itforce.mn\/index.php\/wp-json\/wp\/v2\/comments?post=190"}],"version-history":[{"count":1,"href":"https:\/\/www.itforce.mn\/index.php\/wp-json\/wp\/v2\/posts\/190\/revisions"}],"predecessor-version":[{"id":191,"href":"https:\/\/www.itforce.mn\/index.php\/wp-json\/wp\/v2\/posts\/190\/revisions\/191"}],"wp:attachment":[{"href":"https:\/\/www.itforce.mn\/index.php\/wp-json\/wp\/v2\/media?parent=190"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.itforce.mn\/index.php\/wp-json\/wp\/v2\/categories?post=190"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.itforce.mn\/index.php\/wp-json\/wp\/v2\/tags?post=190"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}