Maintain Active Directory Part 2

Practice Labs Module
Time
57 minutes
Difficulty
Intermediate

The "Maintain Active Directory Part 2" module provides you with the instruction and server hardware to develop your hands on skills in the defined topics. This module includes the following exercises: Prepare Prerequisites for Metadata Cleanup, Clean up Active Directory Metadata, Create Active Directory Snapshots, Enable Active Directory...

Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *
or
Sign up with Google
Sign up with Apple
Sign up with Microsoft
View all SSO options

Already have an account? Sign In »

Overview

Introduction

The Maintain Active Directory Part 2 module provides you with the instruction and server hardware to develop your hands on skills in the defined topics. This module includes the following exercises:

  • Prepare Prerequisites for Metadata Cleanup
  • Clean up Active Directory Metadata
  • Create Active Directory Snapshots
  • Enable Active Directory Recycle Bin

Lab Time: It will take approximately 1 hour to complete the exercises in this lab.

Exam Objectives

The following exam objectives are covered in this lab:

  • Clean up metadata
  • Configure Active Directory snapshots
  • Perform object level recovery
  • Configure and restore objects by using Active Directory Recycle Bin

Exercise 1 - Prepare Prerequisites for Metadata Cleanup

As the number of objects in the Active Directory Domain Service multiply, it may come to a point that some objects like domain controllers, servers that run applications may be decommissioned due to system upgrades like replacing old hardware.

Exercise 2 - Clean up Active Directory Metadata

In this exercise, you will perform a clean-up Active Directory metadata objects. A metadata clean-up is required to forcibly remove an object in a Windows domain following an unsuccessful removal of a domain controller using Add or remove roles and features. If a domain controller goes permanently offline and you have no plans of restoring the computer, metadata clean-up can be used to avoid Active Directory replication errors with a non-existent domain controller.

Exercise 3 - Create Active Directory Snapshots

In this exercise, you will create a snapshot of the current state of your Active Directory. This feature was first introduced in Windows Server 2008 and later versions. Snapshot takes a "picture" of the current state of Active Directory Domain Service and allows you to view AD database after making changes to it such as deleting a user object in the domain.

Exercise 4 - Enable Active Directory Recycle Bin

The Active Directory Recycle Bin is a feature in Active Directory Domain Services that provides the convenience of recovering deleted AD objects such as user, group which were unintentionally removed from the domain. In the earlier versions of Windows Server, enabling this feature requires using AD low level editor such as ldp.exe. In Windows Server 2016, turning on Active Directory Recycle Bin is easier as Active Directory Administrative Center provides a web link to enable this feature.

Learning Partner
Practice Labs

IT & Cybersecurity certification hands on practice labs and practice exams for certifications and skill development.

Comprehensive Learning

See the full benefits of our immersive learning experience with interactive courses and guided career paths.

Courses