Description
The first new Windows Server Certification in 5 years is finally here. The MCA Windows Server Hybrid Administrator Microsoft Official Boot Camp is 6 days covering 2 courses, 2 exams and 1 certification. This instructor led live, hands on course is designed for candidates who administer core / advanced Windows Server workloads and services using on-premises, hybrid, and cloud technologies.
While attending this 6 day camp – students will take two exams (AZ-800 & AZ-801) to achieve certification. This hands on, instructor led live camp teaches the knowledge to administer an Azure environment along with the knowledge needed for the certification exams which are administered while attending.
The Microsoft Certified Windows Server Hybrid Administrator boot camp is taught using Microsoft Official Courseware –
AZ-800T00: Administering Windows Server Hybrid Core
AZ-801T00: Configuring Windows Server Hybrid Advanced Services
Skills Gained:
Use administrative techniques and tools in Windows Server.
Identify tools used to implement hybrid solutions, including Windows Admin Center and PowerShell.
Implement identity services in Windows Server.
Implement identity in hybrid scenarios, including Azure AD DS on Azure IaaS and managed AD DS.
Integrate Azure AD DS with Azure AD.
Manage network infrastructure services.
Deploy Azure VMs running Windows Server, and configure networking and storage.
Administer and manage Windows Server IaaS Virtual Machine remotely.
Manage and maintain Azure VMs running Windows Server.
Configure file servers and storage.
Implement File Services in hybrid scenarios, using Azure Files and Azure File Sync.
Harden the security configuration of the Windows Server operating system environment.
Enhance hybrid security using Azure Security Center, Azure Sentinel, and Windows Update Management.
Apply security features to protect critical resources.
Implement high availability and disaster recovery solutions.
Implement recovery services in hybrid scenarios.
Plan and implement hybrid and cloud-only migration, backup, and recovery scenarios.
Perform upgrades and migration related to AD DS, and storage.
Manage and monitor hybrid scenarios using WAC, Azure Arc, Azure Automation and Azure Monitor.
Implement service monitoring and performance monitoring, and apply troubleshooting.
Topics Covered in this Official Boot Camp:
Identity services in Windows Server
Lessons
Introduction to AD DS
Manage AD DS domain controllers and FSMO roles
Implement Group Policy Objects
Manage advanced features of AD DS
Lab : Implementing identity services and Group Policy
Deploying a new domain controller on Server Core
Configuring Group Policy
After completing this module, students will be able to:
Describe AD DS in a Windows Server environment.
Deploy domain controllers in AD DS.
Describe Azure AD and benefits of integrating Azure AD with AD DS.
Explain Group Policy basics and configure GPOs in a domain environment.
Implementing identity in hybrid scenarios
This module discusses how to configure an Azure environment so that Windows IaaS workloads requiring Active Directory are supported. The module also covers integration of on-premises Active Directory Domain Services (AD DS) environment into Azure. Finally, the module explains how to extend an existing Active Directory environment into Azure by placing IaaS VMs configured as domain controllers onto a specially configured Azure virtual network (VNet) subnet.
Lessons
Implement hybrid identity with Windows Server
Deploy and manage Azure IaaS Active Directory domain controllers in Azure
Lab : Implementing integration between AD DS and Azure AD
Preparing Azure AD for AD DS integration
Preparing on-premises AD DS for Azure AD integration
Downloading, installing, and configuring Azure AD Connect
Verifying integration between AD DS and Azure AD
Implementing Azure AD integration features in AD DS
After completing this module, students will be able to:
Integrate on-premises Active Directory Domain Services (AD DS) environment into Azure.
Install and configure directory synchronization using Azure AD Connect.
Implement and configure Azure AD DS.
Implement Seamless Single Sign-on (SSO).
Implement and configure Azure AD DS.
Install a new AD DS forest on an Azure VNet.
Windows Server administration
This module describes how to implement the principle of least privilege through Privileged Access Workstation (PAW) and Just Enough Administration (JEA). The module also highlights several common Windows Server administration tools, such as Windows Admin Center, Server Manager, and PowerShell. This module also describes the post-installation confguration process and tools available to use for this process, such as sconfig and Desired State Configuration (DSC).
Lessons
Perform Windows Server secure administration
Describe Windows Server administration tools
Perform post-installation configuration of Windows Server
Just Enough Administration in Windows Server
Lab : Managing Windows Server
Implementing and using remote server administration
After completing this module, students will be able to:
Explain least privilege administrative models.
Decide when to use privileged access workstations.
Select the most appropriate Windows Server administration tool for a given situation.
Apply different methods to perform post-installation configuration of Windows Server.
Constrain privileged administrative operations by using Just Enough Administration (JEA).
Facilitating hybrid management
This module covers tools that facilitate managing Windows IaaS VMs remotely. The module also covers how to use Azure Arc with on-premises server instances, how to deploy Azure policies with Azure Arc, and how to use role-based access control (RBAC) to restrict access to Log Analytics data.
Lessons
Administer and manage Windows Server IaaS virtual machines remotely
Manage hybrid workloads with Azure Arc
Lab : Using Windows Admin Center in hybrid scenarios
Provisioning Azure VMs running Windows Server
Implementing hybrid connectivity by using the Azure Network Adapter
Deploying Windows Admin Center gateway in Azure
Verifying functionality of the Windows Admin Center gateway in Azure
After completing this module, students will be able to:
Select appropriate tools and techniques to manage Windows IaaS VMs remotely.
Explain how to onboard on-premises Windows Server instances in Azure Arc.
Connect hybrid machines to Azure from the Azure portal.
Use Azure Arc to manage devices.
Restrict access using RBAC.
Hyper-V virtualization in Windows Server
This modules describes how to implement and configure Hyper-V VMs and containers. The module covers key features of Hyper-V in Windows Server, describes VM settings, and how to configure VMs in Hyper-V. The module also covers security technologies used with virtualization, such as shielded VMs, Host Guardian Service, admin-trusted and TPM-trusted attestation, and Key Protection Service (KPS). Finally, this module covers how to run containers and container workloads, and how to orchestrate container workloads on Windows Server using Kubernetes.
Lessons
Configure and manage Hyper-V
Configure and manage Hyper-V virtual machines
Secure Hyper-V workloads
Run containers on Windows Server
Orchestrate containers on Windows Server using Kubernetes
Lab : Implementing and configuring virtualization in Windows Server
Creating and configuring VMs
Installing and configuring containers
After completing this module, students will be able to:
Install and configure Hyper-V on Windows Server.
Configure and manage Hyper-V virtual machines.
Use Host Guardian Service to protect virtual machines.
Create and deploy shielded virtual machines.
Configure and manage container workloads.
Orchestrate container workloads using a Kubernetes cluster.
Deploying and configuring Azure VMs
This module describes Azure compute and storage in relation to Azure VMs, and how to deploy Azure VMs by using the Azure portal, Azure CLI, or templates. The module also explains how to create new VMs from generalized images and use Azure Image Builder templates to create and manage images in Azure. Finally, this module describes how to deploy Desired State Configuration (DSC) extensions, implement those extensions to remediate noncompliant servers, and use custom script extensions.
Lessons
Plan and deploy Windows Server IaaS virtual machines
Customize Windows Server IaaS virtual machine images
Automate the configuration of Windows Server IaaS virtual machines
Lab : Deploying and configuring Windows Server on Azure VMs
Authoring Azure Resource Manager (ARM) templates for Azure VM deployment
Modifying ARM templates to include VM extension-based configuration
Deploying Azure VMs running Windows Server by using ARM templates
Configuring administrative access to Azure VMs running Windows Server
Configuring Windows Server security in Azure VMs
After completing this module, students will be able to:
Create a VM from the Azure portal and from Azure Cloud Shell.
Deploy Azure VMs by using templates.
Automate the configuration of Windows Server IaaS VMs.
Detect and remediate noncompliant servers.
Create new VMs from generalized images.
Use Azure Image Builder templates to create and manage images in Azure.
Network infrastructure services in Windows Server
This module describes how to implement core network infrastructure services in Windows Server, such as DHCP and DNS. This module also covers how to implement IP address managment and how to use Remote Access Services.
Lessons
Deploy and manage DHCP
Implement Windows Server DNS
Implement IP address management
Implement remote access
Lab : Implementing and configuring network infrastructure services in Windows Server
Deploying and configuring DHCP
Deploying and configuring DNS
After completing this module, students will be able to:
Implement automatic IP configuration with DHCP in Windows Server.
Deploy and configure name resolution with Windows Server DNS.
Implement IPAM to manage an organization’s DHCP and DNS servers, and IP address space.
Select, use, and manage remote access components.
Implement Web Application Proxy (WAP) as a reverse proxy for internal web applications.
Implementing hybrid networking infrastructure
This module describes how to connect an on-premises environment to Azure and how to configure DNS for Windows Server IaaS virtual machines. The module covers how to choose the appropriate DNS solution for your organization’s needs, and run a DNS server in a Windows Server Azure IaaS VM. Finally, this module covers how to manage manage Microsoft Azure virtual networks (VNets) and IP address configuration for Windows Server infrastructure as a service (IaaS) virtual machines.
Lessons
Implement hybrid network infrastructure
Implement DNS for Windows Server IaaS VMs
Implement Windows Server IaaS VM IP addressing and routing
Lab : Implementing Windows Server IaaS VM networking
Implementing virtual network routing in Azure
Implementing DNS name resolution in Azure
After completing this module, students will be able to:
Implement an Azure virtual private network (VPN).
Configure DNS for Windows Server IaaS VMs.
Run a DNS server in a Windows Server Azure IaaS VM.
Create a route-based VPN gateway using the Azure portal.
Implement Azure ExpressRoute.
Implement an Azure wide area network (WAN).
Manage Microsoft Azure virtual networks (VNets).
Manage IP address configuration for Windows Server IaaS virtual machines (VMs).
File servers and storage management in Windows Server
This module covers the core functionality and use cases of file server and storage management technologies in Windows Server. The module discusses how to configure and manage the Windows File Server role, and how to use Storage Spaces and Storage Spaces Direct. This module also covers replication of volumes between servers or clusters using Storage Replica.
Lessons
Manage Windows Server file servers
Implement Storage Spaces and Storage Spaces Direct
Implement Windows Server Data Deduplication
Implement Windows Server iSCSI
Implement Windows Server Storage Replica
Lab : Implementing storage solutions in Windows Server
Implementing Data Deduplication
Configuring iSCSI storage
Configuring redundant Storage Spaces
Implementing Storage Spaces Direct
After completing this module, students will be able to:
Configure and manage the Windows Server File Server role.
Protect data from drive failures using Storage Spaces.
Increase scalability and performance of storage management using Storage Spaces Direct.
Optimize disk utilization using Data DeDuplication.
Configure high availability for iSCSI.
Enable replication of volumes between clusters using Storage Replica.
Use Storage Replica to provide resiliency for data hosted on Windows Servers volumes.
Implementing a hybrid file server infrastructure
This module introduces Azure file services and how to configure connectivity to Azure Files. The module also covers how to deploy and implement Azure File Sync to cache Azure file shares on an on-premises Windows Server file server. This module also describes how to manage cloud tiering and how to migrate from DFSR to Azure File Sync.
Lessons
Overview of Azure file services
Implementing Azure File Sync
Lab : Implementing Azure File Sync
Implementing DFS Replication in your on-premises environment
Creating and configuring a sync group
Replacing DFS Replication with File Sync–based replication
Verifying replication and enabling cloud tiering
Troubleshooting replication issues
After completing this module, students will be able to:
Configure Azure file services.
Configure connectivity to Azure file services.
Implement Azure File Sync.
Deploy Azure File Sync
Manage cloud tiering.
Migrate from DFSR to Azure File Sync.
Windows Server security
This module discusses how to protect an Active Directory environment by securing user accounts to least privilege and placing them in the Protected Users group. The module covers how to limit authentication scope and remediate potentially insecure accounts. The module also describes how to harden the security configuration of a Windows Server operating system environment. In addition, the module discusses the use of Windows Server Update Services to deploy operating system updates to computers on the network. Finally, the module covers how to secure Windows Server DNS to help protect the network name resolution infrastructure.
Lessons
Secure Windows Sever user accounts
Hardening Windows Server
Windows Server Update Management
Secure Windows Server DNS
Lab : Configuring security in Windows Server
Configuring Windows Defender Credential Guard
Locating problematic accounts
Implementing LAPS
After completing this module, students will be able to:
Diagnose and remediate potential security vulnerabilities in Windows Server resources.
Harden the security configuration of the Windows Server operating system environment.
Deploy operating system updates to computers on a network by using Windows Server Update Services.
Secure Windows Server DNS to help protect the network name resolution infrastructure.
Implement DNS policies.
Implementing security solutions in hybrid scenarios
This module describes how to secure on-premises Windows Server resources and Azure IaaS workloads. The module covers how to improve the network security for Windows Server infrastructure as a service (IaaS) virtual machines (VMs) and how to diagnose network security issues with those VMs. In addition, the module introduces Azure Security Center and explains how to onboard Windows Server computers to Security Center. The module also describes how to enable Azure Update Management, deploy updates, review an update assessment, and manage updates for Azure VMs. The modules explains how Adaptive application controls and BitLocker disk encryption are used to protect Windows Server IaaS VMs. Finally, the module explains how to monitor Windows Server Azure IaaS VMs for changes in files and the registry, as well as monitoring modifications made to application software.
Lessons
Implement Windows Server IaaS VM network security.
Audit the security of Windows Server IaaS Virtual Machines
Manage Azure updates
Create and implement application allowlists with adaptive application control
Configure BitLocker disk encryption for Windows IaaS Virtual Machines
Implement change tracking and file integrity monitoring for Windows Server IaaS VMs
Lab : Using Azure Security Center in hybrid scenarios
Provisioning Azure VMs running Windows Server
Configuring Azure Security Center
Onboarding on-premises Windows Server into Azure Security Center
Verifying the hybrid capabilities of Azure Security Center
Configuring Windows Server 2019 security in Azure VMs
After completing this module, students will be able to:
Diagnose network security issues in Windows Server IaaS virtual machines.
Onboard Windows Server computers to Azure Security Center.
Deploy and manage updates for Azure VMs by enabling Azure Automation Update Management.
Implement Adaptive application controls to protect Windows Server IaaS VMs.
Configure Azure Disk Encryption for Windows IaaS virtual machines (VMs).
Back up and recover encrypted data.
Monitor Windows Server Azure IaaS VMs for changes in files and the registry.
Implementing high availability
This module describes technologies and options to create a highly available Windows Server environment. The module introduces Clustered Shared Volumes for shared storage access across multiple cluster nodes. The module also highlights failover clustering, stretch clusters, and cluster sets for implementing high availability of Windows Server workloads. The module then discusses high availability provisions for Hyper-V and Windows Server VMs, such as network load balancing, live migration, and storage migration. The module also covers high availability options for shares hosted on Windows Server file servers. Finally, the module describes how to implement scaling for virtual machine scale sets and load-balanced VMs, and how to implement Azure Site Recovery.
Lessons
Introduction to Cluster Shared Volumes.
Implement Windows Server failover clustering.
Implement high availability of Windows Server VMs.
Implement Windows Server File Server high availability.
Implement scale and high availability with Windows Server VMs.
Lab : Implementing failover clustering
Configuring iSCSI storage
Configuring a failover cluster
Deploying and configuring a highly available file server
Validating the deployment of the highly available file server
After completing this module, students will be able to:
Implement highly available storage volumes by using Clustered Share Volumes.
Implement highly available Windows Server workloads using failover clustering.
Describe Hyper-V VMs load balancing.
Implement Hyper-V VMs live migration and Hyper-V VMs storage migration.
Describe Windows Server File Server high availablity options.
Implement scaling for virtual machine scale sets and load-balanced VMs.
Implement Azure Site Recovery.
Disaster recovery in Windows Server
This module introduces Hyper-V Replica as a business continuity and disaster recovery solution for a virtual environment. The module discusses Hyper-V Replica scenarios and use cases, and prerequisites to use it. The module also discusses how to implement Azure Site Recovery in on-premises scenarios to recover from disasters.
Lessons
Implement Hyper-V Replica
Protect your on-premises infrastructure from disasters with Azure Site Recovery
Lab : Implementing Hyper-V Replica and Windows Server Backup
Implementing Hyper-V Replica
Implementing backup and restore with Windows Server Backup
After completing this module, students will be able to:
Describe Hyper-V Replica, pre-requisites for its use, and its high-level architecture and components
Describe Hyper-V Replica use cases and security considerations.
Configure Hyper-V Replica settings, health monitoring, and failover options.
Describe extended replication.
Replicate, failover, and failback virtual machines and physical servers with Azure Site Recovery.
Implementing recovery services in hybrid scenarios
This module covers tools and technologies for implementing disaster recovery in hybrid scenarios, whereas the previous module focus on BCDR solutions for on-premises scenarios. The module begins with Azure Backup as a service to protect files and folders before highlighting how to implementRecovery Vaults and Azure Backup Policies. The module describes how to recover Windows IaaS virtual machines, perform backup and restore of on-premises workloads, and manage Azure VM backups. The modules also covers how to provide disaster recovery for Azure infrastructure by managing and orchestrating replication, failover, and failback of Azure virtual machines with Azure Site Recovery.
Lessons
Implement hybrid backup and recovery with Windows Server IaaS
Protect your Azure infrastructure with Azure Site Recovery
Protect your virtual machines by using Azure Backup
Lab : Implementing Azure-based recovery services
Implementing the lab environment
Creating and configuring an Azure Site Recovery vault
Implementing Hyper-V VM protection by using Azure Site Recovery vault
Implementing Azure Backup
After completing this module, students will be able to:
Recover Windows Server IaaS virtual machines by using Azure Backup.
Use Azure Backup to help protect the data for on-premises servers and virtualized workloads.
Implement Recovery Vaults and Azure Backup policies.
Protect Azure VMs with Azure Site Recovery.
Run a disaster recovery drill to validate protection.
Failover and failback Azure virtual machines.
Upgrade and migrate in Windows Server
This module discusses approaches to migrating Windows Server workloads running in earlier versions of Windows Server to more current versions. The module covers the necessary strategies needed to move domain controllers to Windows Server 2022 and describes how the Active Directory Migration Tool can consolidate domains within a forest or migrate domains to a new AD DS forest. The module also discusses the use of Storage Migration Service to migrate files and files shares from existing file servers to new servers running Windows Server 2022. Finally, the module covers how to install and use the Windows Server Migration Tools cmdlets to migrate commonly used server roles from earlier versions of Windows Server.
Lessons
Active Directory Domain Services migration
Migrate file server workloads using Storage Migration Service
Migrate Windows Server roles
Lab : Migrating Windows Server workloads to IaaS VMs
Deploying AD DS domain controllers in Azure
Migrating file server shares by using Storage Migration Service
After completing this module, students will be able to:
Compare upgrading an AD DS forest and migrating to a new AD DS forest.
Describe the Active Directory Migration Tool (ADMT).
Identify the requirements and considerations for using Storage Migration Service.
Describe how to migrate a server with storage migration.
Use the Windows Server Migration Tools to migrate specific Windows Server roles.
Implementing migration in hybrid scenarios
This module discusses approaches to migrating workloads running in Windows Server to an infrastructure as a service (IaaS) virtual machine. The module introduces using Azure Migrate to assess and migrate on-premises Windows Server instances to Microsoft Azure. The module also covers how migrate a workload running in Windows Server to an infrastructure as a service (IaaS) virtual machine (VM) and to Windows Server 2022 by using Windows Server migration tools or the Storage Migration Service. Finally, this module describes how to use the Azure Migrate App Containerization tool to containerize and migrate ASP.NET applications to Azure App Service.
Lessons
Migrate on-premises Windows Server instances to Azure IaaS virtual machines
Upgrade and migrate Windows Server IaaS virtual machines
Containerize and migrate ASP.NET applications to Azure App Service
Lab : Migrating on-premises VMs servers to IaaS VMs
Implementing assessment and discovery of Hyper-V VMs using Azure Migrate
Implementing migration of Hyper-V workloads using Azure Migrate
After completing this module, students will be able to:
Plan a migration strategy and choose the appropriate migration tools.
Perform server assessment and discovery using Azure Migrate.
Migrate Windows Server workloads to Azure VM workloads using Azure Migrate.
Explain how to migrate workloads using Windows Server Migration tools.
Migrate file servers by using the Storage Migration Service.
Discover and containerize ASP.NET applcations running on Windows.
Migrate a containerized application to Azure App Service.
Server and performance monitoring in Windows Server
This module introduces a range of tools to monitor the operating system and applications on a Windows Server computer as well as describing how to configure a system to optimize efficiency and to troublshoot problems. The module covers how Event Viewer provides a convenient and accessible location for observing events that occur, and how to interpret the data in the event log. The module also covers how to audit and diagnose a Windows Server environment for regulatory compliance, user activity, and troubleshooting. Finally, the module explains how to troubleshoot AD DS service failures or degraded performance, including recovery of deleted objects and the AD DS database, and how to troubleshoot hybrid authentication issues.
Lessons
Monitor Windows Server performance
Manage and monitor Windows Server event logs
Implement Windows Server auditing and diagnostics
Troubleshoot Active Directory
Lab : Monitoring and troubleshooting Windows Server
Establishing a performance baseline
Identifying the source of a performance problem
Viewing and configuring centralized event logs
After completing this module, students will be able to:
Explain the fundamentals of server performance tuning.
Use built-in tools in Windows Server to monitor server performance.
Use Server Manager and Windows Admin Center to review event logs.
Implement custom views.
Configure an event subscription.
Audit Windows Server events.
Configure Windows Server to record diagnostic information.
Recover the AD DS database and objects in AD DS.
Troubleshoot AD DS replication.
Troubleshoot hybrid authentication issues.