Manage Active Directory in an Enterprise Environment Part 1

Practice Labs Module
Time
57 minutes
Difficulty
Intermediate

The "Manage Active Directory in an Enterprise Environment Part 1" module provides you with the instruction and server hardware to develop your hands on skills in the defined topics. This module includes the following exercises: Prepare System Requirements for Trust Relationship, Configure Forest Trust Relationship, Create External Trust...

Join over 3 million cybersecurity professionals advancing their career
Sign up with
or

Already have an account? Sign In »

Overview

Introduction

The Manage Active Directory in an Enterprise Environment Part 1 module provides you with the instruction and server hardware to develop your hands on skills in the defined topics. This module includes the following exercises:

  • Prepare System Requirements for Trust Relationship
  • Configure Forest Trust Relationship
  • Create External Trust
  • Manage Sites and Subnets

Lab Time: It will take approximately 1 hour to complete the exercises in this lab.

Exam Objectives

The following exam objectives are covered in this lab:

  • Configure multi-domain and multi-forest AD infrastructure
  • Implement forest and external trust relationships
  • Move domain controllers between sites
  • Configure sites and subnets
  • Create and configure site links

Exercise 1 - Prepare System Requirements for Trust Relationship

A trust relationship is a logical link between two Windows Active Directory forest root domains that enable administrators of both domains to share network resources like files/folders, printers and applications. When two organizations merge such as company A was acquired by company B, a trust relationship link can be established between the two organizations to centralize administrator of two root domains.

In this exercise, we will prepare the prerequisites to successfully create a forest trust between two domains called PRACTICELABS.COM and PRACTICEIT.CO.UK.

Exercise 2 - Configure Forest Trust Relationship

A forest trust relationship is a type of trust that involves two forest root domains. This type of trust creates a logical link between two domains at the top-most level and the trust relationship applies to the child domains under the parent domain. The carrying over of trust from root/parent domain to the child domains is called transitivity. It simply means the child domains trust the forest root domain owned by another organization.

In this exercise, we will create the forest trust relationship between PRACTICELABS.COM and PRACTICEIT.CO.UK domains.

Exercise 3 - Create External Trust

An external trust relationship is another type of trust that can be created between two Windows Active Directory domains to allow domains to share network assets and centralize administration. What makes the external trust relationship is between two AD domains. The external trust relationship is created between two forest root domains; it does not apply to the child domains under the forest root domain. External trust relationship is non-transitive as it does not carry over from the forest root to the child domains.

The external trust relationship is most often used when migrating user and group accounts from an old Windows domain typically running an earlier Windows Server version and going to a new Windows domain that runs a newer Windows Server.

Exercise 4 - Manage Sites and Subnets

In managing a physical network, a site represents a set of servers, computers and other devices connected by a high speed network such as local area network (LAN). All devices connected to the physical site are located in the same office building or a campus network.

In Active Directory Domain Services (AD DS), a site is a representation of the physical site that administrators manage to control replication of AD data such as schema, configuration and domain between domain controllers within an AD DS forest. With Active Directory Sites and Services, we can manage the objects that represent the site and the domain controllers located in those sites.

Learning Partner
Comprehensive Learning

See the full benefits of our immersive learning experience with interactive courses and guided career paths.