ecome an expert at managing enterprise identity infrastructure with Active Directory Domain Services 2022.

Key Features

• Design and update your identity infrastructure by utilizing the latest Active Directory features and core capabilities
• Overcome migration challenges as you update to Active Directory Domain Services 2022
• Establish a strong identity foundation in the cloud by consolidating secure access

Book Description

Mastering Active Directory, Third Edition is a comprehensive guide for Information Technology professionals looking to improve their knowledge about MS Windows Active Directory Domain Service. The book will help you to use identity elements effectively and manage your organization's infrastructure in a secure and efficient way. This third edition has been fully updated to reflect the importance of cloud-based strong authentication and other tactics to protect identity infrastructure from emerging security threats.

Mastering Active Directory, Third Edition provides extensive coverage of AD Domain Services and helps you explore their capabilities as you update to Windows Server 2022. This book will also teach you how to extend on-premises identity presence to cloud via Azure AD hybrid setup. By the end of this Microsoft Active Directory book, you'll feel confident in your ability to design, plan, deploy, protect, and troubleshoot your enterprise identity infrastructure.

What you will learn

• Install, protect, and manage Active Directory Domain Services (Windows Server 2022)
• Design your hybrid identity by evaluating business and technology requirements
• Automate administrative tasks in Active Directory using Windows PowerShell 7.x
• Protect sensitive data in a hybrid environment using Azure Information Protection
• Learn about Flexible Single Master Operation (FSMO) roles and their placement
• Manage directory objects effectively using administrative tools and PowerShell
• Centrally maintain the state of user and computer configuration by using Group Policies
• Harden your Active Directory using security best practices

Who this book is for

If you are an Active Directory administrator, system administrator, or IT professional who has basic knowledge of Active Directory and is looking to become an expert in this topic, this book is for you.

You need to have some experience of working with Active Directory to make the most of this book.

Table of Contents

1. Active Directory Fundamentals
2. Active Directory Domain Services 2022
3. Designing an Active Directory Infrastructure
4. Active Directory Domain Name System
5. Placing Operations Master Roles
6. Migrating to Active Directory 2022
7. Managing Active Directory Objects
8. Managing Users, Groups, and Devices
9. Designing the OU Structure
10. Managing Group Policies
11. Active Directory Services - Part 1
12. Active Directory Services - Part 2
13. Active Directory Certificate Services
14. Active Directory Federation Services
15. Active Directory Rights Management Services
16. Active Directory Security Best Practices
17. Advanced AD Management with PowerShell
18. Hybrid Identity
19. Active Directory Audit and Monitoring
20. Bonus Chapter: Active Directory Troubleshooting
21. Bonus Chapter: Appendix A, References

What’s new in this edition of Mastering Active Directory?

The first edition was focused on Active Directory Domain Services (AD DS) 2016. Since then, two new versions were released, with the latest being AD DS 2022. Today’s digital identity requirements are complex. Most businesses use at least one cloud service. In response to the Coronavirus, businesses have accelerated their digital transformation journey; and during this time, cybercrime has also increased. This has left us with serious questions, which I've addressed in this new edition:

• What can Active Directory do to help us on our cloud journey?
• How can we improve the security of digital identities when they appear on unsecured networks?
• How can we protect an AD environment from modern security threats?
• In case of a breach, how can we use Zero Trust to stop lateral movement and prevent attackers from accessing privileged accounts?

What were your goals when writing this book?

I had two main goals for this book. The first was to educate readers about emerging security threats related to identity, and how to protect their AD environment using various tools and techniques. The role of AD DS has changed over the years. As engineers, we face new challenges in identity and access management (IAM), and identity protection. Just knowing how AD roles and services work is not enough. You need to learn how AD can fit into new security approaches such as Zero Trust to address growing security demands. This book helps readers do just that.

The second goal was to equip readers with relevant skills so they can help businesses to achieve their IAM requirements. With digital transformation accelerated by the pandemic, modern IAM has become more complex. Most of the new content in this edition is aligned to cover these two main areas. Based on initial feedback from readers relating to the two previous editions, I believe I was able to do justice to these primary objectives.

How does your book differ from other books on Active Directory?

When I was learning about Active Directory, one of the main problems I faced was understanding how all the roles, services, and their features fit into real-world use cases. That’s the reason I started my own blog, rebeladmin.com, to try and help the community not only learn Active Directory theory but also gain an understanding of how to use it practically. I have the same goal for this book. In Mastering Active Directory, Third Edition, I not only cover the theory of the Active Directory roles and services, but also explain how we can use this knowledge to address modern challenges. Throughout the book, I’ve shared many step-by-step guides to implementing and configuring different roles, services and features to address real-world scenarios. Even though this book is not focused on Azure Active Directory, I have also dedicated a section to talk about hybrid identity and how we can leverage cloud services to address today’s identity and access management needs.

I’ve also shared the lessons I’ve learnt and extensive knowledge I’ve gained from working on a variety of Active Directory projects over the last 15 years.

About the Author

Dishan Francis is an IT professional with over 15 years of experience. He was a six-time Microsoft MVP in enterprise mobility before he joined Microsoft UK as a security consultant. He has maintained the RebelAdmin technology blog over the years, with lots of useful articles that focus on on-premises Active Directory services and Azure Active Directory. He has also written for other Microsoft-managed blogs such as canitpro and ITopsTalk. When it comes to managing innovative identity infrastructure solutions to improve system stability, efficiency, and security, his level of knowledge and experience places him among the very best in the field.