> > > MOC 20742

Identity with Windows Server 2016 (MOC 20742)


Course Content

This five-day, instructor-led course teaches you about identity and access technologies in Windows Server 2016.

This course teaches you everything you need to know to:

  • Deploy and configure Active Directory Domain Services (AD DS) in a distributed environment
  • Implement Group Policy, how to perform backup and restore
  • Monitor and troubleshoot Active Directory–related issues with Windows Server 2016

Additionally, this course teaches how to deploy other Active Directory server roles such as Active Directory Federation Services (AD FS) and Active Directory Certificate Services (AD CS).

This course prepares you for exam 70-742, which is the third and final exam for the MCSA: Windows Server 2016 certification.

Who should attend

  • IT Professionals who are looking to train in identity and access technologies with Windows Server 2012 or Windows Server 2016.
  • System or infrastructure administrators with general AD DS experience and knowledge who are looking to cross-train in core and advanced identity and access technologies in Windows Server 2012 or Windows Server 2016.


  • Some exposure to and experience with AD DS concepts and technologies in Windows Server 2012 or Windows Server 2016
  • Experience working with and configuring Windows Server 2012 or Windows Server 2016
  • Experience and an understanding of core networking technologies such as IP addressing, name resolution, and Dynamic Host Configuration Protocol (DHCP)
  • Experience working with and an understanding of Microsoft Hyper-V and basic server virtualization concepts
  • An awareness of basic security best practices
  • Hands-on working experience with Windows client operating systems such as Windows 7, Windows 8, Windows 8.1, or Windows 10
  • Basic experience with the Windows PowerShell command-line interface

Course Objectives

  • Install and configure domain controllers
  • Manage objects in AD DS by using graphical tools and Windows PowerShell
  • Implement AD DS in complex environments
  • Implement AD DS sites, and configure and manage replication
  • Implement and manage Group Policy Objects (GPOs)
  • Manage user settings by using GPOs
  • Secure AD DS and user accounts
  • Implement and manage a certificate authority (CA) hierarchy with AD CS
  • Deploy and manage certificates
  • Implement and administer AD FS
  • Implement and administer Active Directory Rights Management Services (AD RMS)
  • Implement synchronization between AD DS and Azure AD
  • Monitor, troubleshoot, and establish business continuity for AD DS services

Follow On Courses

Outline: Identity with Windows Server 2016 (MOC 20742)

Module 1: Installing and configuring DCs
  • Overview of AD DS
  • Overview of AD DS DCs
  • Deploying DCs
Module 2: Managing objects in AD DS
  • Managing user accounts
  • Managing groups in AD DS
  • Managing computer accounts
  • Using Windows PowerShell for AD DS administration
  • Implementing and managing organizational units
Module 3: Advanced AD DS infrastructure management
  • Overview of advanced AD DS deployments
  • Deploying a distributed AD DS environment
  • Configuring AD DS trusts
Module 4: Implementing and administering AD DS sites and replication
  • Overview of AD DS replication
  • Configuring AD DS sites
  • Configuring and monitoring AD DS replication
Module 5: Implementing Group Policy
  • Introducing Group Policy
  • Implementing and administering GPOs
  • Group Policy scope and Group Policy processing
  • Troubleshooting the application of GPOs
Module 6: Managing user settings with GPOs
  • Implementing administrative templates
  • Configuring Folder Redirection and scripts
  • Configuring Group Policy preferences
Module 7: Securing AD DS
  • Securing domain controllers
  • Implementing account security
  • Audit authentication
  • Configuring managed service accounts (MSAs)
Module 8: Deploying and managing AD CS
  • Deploying CAs
  • Administering CAs
  • Troubleshooting and maintaining CAs
Module 9: Deploying and managing certificates
  • Deploying and managing certificate templates
  • Managing certificate deployment, revocation, and recovery
  • Using certificates in a business environment
  • Implementing and managing smart cards
Module 10: Implementing and administering AD FS
  • Overview of AD FS
  • AD FS requirements and planning
  • Deploying and configuring AD FS
  • Overview of Web Application Proxy
Module 11: Implementing and administering AD RMS
  • Overview of AD RMS
  • Deploying and managing an AD RMS infrastructure
  • Configuring AD RMS content protection
Module 12: Implementing AD DS synchronization with Azure AD
  • Planning and preparing for directory synchronization
  • Implementing directory synchronization by using Azure AD Connect
  • Managing identities with directory synchronization
Module 13: Monitoring, managing, and recovering AD DS
  • Monitoring AD DS
  • Managing the AD DS database
  • Recovering AD DS objects


  • Deploying and administering AD DS
    • Deploying AD DS
    • Deploying domain controllers by performing domain controller cloning
    • Administering AD DS
  • Managing AD DS objects
    • Creating and managing groups in AD DS
    • Creating and configuring user accounts in AD DS
    • Managing computer objects in AD DS
  • Administering AD DS
    • Delegate administration for OUs
    • Creating and modifying AD DS objects with Windows PowerShell
  • Domain and trust management in AD DS
    • Implementing forest trusts
    • Implementing child domains in AD DS
  • Implementing AD DS sites and replication
    • Modifying the default site
    • Creating additional sites and subnets
    • Configuring AD DS replication
    • Monitoring and troubleshooting AD DS replication
  • Implementing a Group Policy infrastructure
    • Creating and configuring GPOs
    • Managing GPO scope
  • Troubleshooting Group Policy infrastructure
    • Verify GPO application
    • Troubleshooting GPOs
  • Managing user settings with GPOs
    • Using administrative templates to manage user settings
    • Implement settings by using Group Policy preferences
    • Configuring Folder Redirection
  • Securing AD DS
    • Implementing security policies for accounts, passwords, and administrative groups
    • Deploying and configuring an RODC
    • Creating and associating a group MSA
  • Deploying and configuring a two-tier CA hierarchy
    • Deploying an offline root CA
    • Deploying an enterprise subordinate CA
  • Deploying and using certificates
    • Configuring certificate templates
    • Enrolling and using certificates
    • Configuring and implementing key recovery
  • Implementing AD FS
    • Configuring AD FS prerequisites
    • Installing and configuring AD FS
    • Configuring an internal application for AD
    • Configuring AD FS for federated business partners
  • Implementing an AD RMS infrastructure
    • Installing and configuring AD RMS
    • Configuring AD RMS templates
    • Using AD RMS on clients
  • Configuring directory synchronization
    • Preparing for directory synchronization
    • Configuring directory synchronization
    • Managing Active Directory users and groups
  • Recovering objects in AD DS
    • Backing up and restoring AD DS
    • Recovering objects in AD DS
Classroom Training

Duration 5 days

  • United States: US$ 2,895
  • SA Voucher: 5
Online Training

Duration 5 days

  • United States: US$ 2,895
  • SA Voucher: 5
E-Learning MOC on Demand

Duration 90 days

  • United States: US$ 995
Buy E-Learning
Click City Name To Book Schedule
This is an Instructor-Led Classroom course
This green checkmark in the Upcoming Schedule below indicates that this session is Guaranteed to Run.
This is an Instructor-Led Online (ILO) course. These sessions are conducted via WebEx in a VoIP environment and require an Internet Connection and headset with microphone connected to your computer or laptop.
This is a FLEX course, which is delivered simultaneously in two modalities. Choose to attend the Instructor-Led Online (ILO) virtual session or Instructor-Led Classroom (ILT) session.
  *   This class is delivered by a partner.
United States
Aug 26-30, 2019 Online Training 09:00 US/Central * Enroll
Sep 30-Oct 4, 2019 This is a FLEX event Live Online Training 08:00 US/Pacific * Enroll
Online Training Time zone: US/Pacific Enroll

Fast Lane Flex™ Classroom If you can't find a suitable date, don't forget to check our world-wide FLEX™ training schedule.

Oct 7-11, 2019 Düsseldorf Enroll
Nov 4-8, 2019 Munich Enroll
Nov 11-15, 2019 Frankfurt Enroll
Nov 11-15, 2019 Düsseldorf Enroll
Nov 18-22, 2019 Stuttgart Enroll
Nov 18-22, 2019 Münster Enroll
Nov 25-29, 2019 Hamburg Enroll
Dec 2-6, 2019 Berlin Enroll
Dec 9-13, 2019 Frankfurt Enroll
Dec 9-13, 2019 Düsseldorf Enroll
Dec 16-20, 2019 Munich Enroll
Sep 16-20, 2019 Guaranteed to Run Vienna (iTLS) Enroll
Nov 18-22, 2019 Vienna (iTLS) Enroll
Sep 23-27, 2019 Paris * Enroll
Sep 30-Oct 4, 2019 Lyon * Enroll
Oct 21-25, 2019 Bordeaux * Enroll
Oct 21-25, 2019 Nantes * Enroll
Oct 21-25, 2019 Rennes * Enroll
Oct 21-25, 2019 Strasbourg * Enroll
Nov 4-8, 2019 Lille * Enroll
Nov 18-22, 2019 Paris * Enroll
Nov 18-22, 2019 Toulouse * Enroll
Nov 25-29, 2019 Aix-en-Provence * Enroll
Dec 16-20, 2019 Paris * Enroll
Dec 16-20, 2019 Lyon * Enroll
Sep 9-13, 2019 Milan Enroll
Oct 14-18, 2019 Rome Enroll
Nov 25-29, 2019 Milan Enroll
Dec 16-20, 2019 Zurich Enroll
United Kingdom
Sep 23-27, 2019 This is a FLEX event Manchester * Enroll
Online Training Time zone: Europe/London Enroll
Sep 30-Oct 4, 2019 Leeds * Enroll
Sep 30-Oct 4, 2019 This is a FLEX event London (Int Hse) * Enroll
Online Training Time zone: Europe/London Enroll
Oct 14-18, 2019 Manchester * Enroll
Oct 21-25, 2019 Bristol * Enroll
Oct 21-25, 2019 Glasgow * Enroll
Nov 11-15, 2019 This is a FLEX event London (Int Hse) * Enroll
Online Training Time zone: Europe/London Enroll
Nov 18-22, 2019 Birmingham * Enroll
Nov 18-22, 2019 This is a FLEX event Manchester * Enroll
Online Training Time zone: Europe/London Enroll
Dec 2-6, 2019 Exeter * Enroll
Latin America
Sep 23-27, 2019 Online Training Time zone: America/Buenos_Aires Enroll
Dec 16-20, 2019 Online Training Time zone: America/Lima Course language: Spanish Enroll
Asia Pacific
Sep 23-27, 2019 Singapore Enroll
Nov 18-22, 2019 Singapore Enroll
Middle East
Nov 24-28, 2019 Doha Course language: English Enroll
United Arab Emirates
Sep 15-19, 2019 Dubai Course language: English This course is being delivered by iTLS. Enroll
Sep 15-19, 2019 Cairo Course language: English Enroll
Dec 1-5, 2019 Cairo Course language: English Enroll