Active Directory Administration Cookbook - Second Edition: Proven solutions to everyday identity and authentication challenges for both on-premises an

Berkouwer, Sander

  • 出版商: Packt Publishing
  • 出版日期: 2022-07-15
  • 定價: $1,900
  • 售價: 9.0$1,710
  • 語言: 英文
  • 頁數: 696
  • 裝訂: Quality Paper - also called trade paper
  • ISBN: 1803242507
  • ISBN-13: 9781803242507
  • 立即出貨 (庫存=1)


Simplified actionable recipes for managing Active Directory and Azure AD, as well as Azure AD Connect, for administration on-premise and in the cloud with Windows Server 2022

Key Features

• Expert solutions for name resolution, federation, certificates, and security with Active Directory
• Explore Microsoft Azure AD and Azure AD Connect for effective administration on the cloud
• Automate security tasks using Active Directory tools and PowerShell

Book Description

Updated to the Windows Server 2022, this second edition covers effective recipes for Active Directory administration that will help you leverage AD's capabilities for automating network, security, and access management tasks in the Windows infrastructure.

Starting with a detailed focus on forests, domains, trusts, schemas, and partitions, this book will help you manage domain controllers, organizational units, and default containers. You'll then explore Active Directory sites management as well as identify and solve replication problems. As you progress, you'll work through recipes that show you how to manage your AD domains as well as user and group objects and computer accounts, expiring group memberships, and Group Managed Service Accounts (gMSAs) with PowerShell. Once you've covered DNS and certificates, you'll work with Group Policy and then focus on federation and security before advancing to Azure Active Directory and how to integrate on-premise Active Directory with Azure AD. Finally, you'll discover how Microsoft Azure AD Connect synchronization works and how to harden Azure AD.

By the end of this AD book, you'll be able to make the most of Active Directory and Azure AD Connect.

What you will learn

• Manage the Recycle Bin, gMSAs, and fine-grained password policies
• Work with Active Directory from both the graphical user interface (GUI) and command line
• Use Windows PowerShell to automate tasks
• Create and remove forests, domains, domain controllers, and trusts
• Create groups, modify group scope and type, and manage memberships
• Delegate, view, and modify permissions
• Set up, manage, and optionally decommission certificate authorities
• Optimize Active Directory and Azure AD for security

Who this book is for

This book is for administrators of existing Active Directory Domain Service environments as well as for Azure AD tenants looking for guidance to optimize their day-to-day tasks. Basic networking and Windows Server Operating System knowledge will be useful for getting the most out of this book.


簡化的可行操作指南,用於管理Active Directory和Azure AD,以及Azure AD Connect,以在本地和雲端使用Windows Server 2022進行管理。


- 專家解決方案,用於使用Active Directory進行名稱解析、聯盟、憑證和安全性。
- 探索Microsoft Azure AD和Azure AD Connect,以實現在雲端的有效管理。
- 使用Active Directory工具和PowerShell自動化安全任務。


本第二版已更新至Windows Server 2022,涵蓋了Active Directory管理的有效指南,將幫助您利用AD的功能,在Windows基礎架構中自動化網絡、安全和訪問管理任務。

從詳細介紹森林、域、信任、模式和分區開始,本書將幫助您管理域控制器、組織單元和默認容器。然後,您將探索Active Directory站點管理,並識別和解決複製問題。隨著進展,您將通過示例學習如何使用PowerShell管理AD域,以及使用PowerShell管理用戶和組對象、計算機帳戶、過期的組成員資格和組管理服務帳戶(gMSAs)。在瞭解DNS和憑證後,您將使用群組策略,然後關注聯盟和安全性,最後進一步探索Azure Active Directory以及如何將本地Active Directory與Azure AD集成。最後,您將瞭解Microsoft Azure AD Connect同步的工作原理以及如何加固Azure AD。

通過閱讀本書,您將能夠充分利用Active Directory和Azure AD Connect的功能。


- 管理回收站、gMSAs和細粒度密碼策略。
- 從圖形用戶界面(GUI)和命令行操作Active Directory。
- 使用Windows PowerShell自動化任務。
- 創建和刪除森林、域、域控制器和信任。
- 創建群組,修改群組範圍和類型,以及管理成員資格。
- 委派、查看和修改權限。
- 設置、管理和選擇性停用憑證授權機構。
- 優化Active Directory和Azure AD的安全性。

本書適合現有Active Directory域服務環境的管理員,以及尋求優化日常任務指南的Azure AD租戶。具備基本的網絡和Windows Server操作系統知識將有助於更好地理解本書內容。


1. Optimizing Forests, Domains, and Trusts
2. Managing Domain Controllers
3. Managing Active Directory Roles and Features
4. Managing Containers and Organizational Units
5. Managing Active Directory Sites and Troubleshooting Replication
6. Managing Active Directory Users
7. Managing Active Directory Groups
8.. Managing Active Directory Computers
9. Managing DNS
10. Getting the Most Out of Group Policy
11. Securing Active Directory
12. Managing Certificates
13. Managing Federation
14. Handling Authentication in a Hybrid World (AD FS, PHS, PTA and DSSO)
15. Handling Synchronization in a Hybrid World (Azure AD Connect)
16. Hardening Azure AD


1. 最佳化森林、網域和信任
2. 管理網域控制器
3. 管理 Active Directory 角色和功能
4. 管理容器和組織單位
5. 管理 Active Directory 網站和疑難排解複寫
6. 管理 Active Directory 使用者
7. 管理 Active Directory 群組
8. 管理 Active Directory 電腦
9. 管理 DNS
10. 充分利用群組原則
11. 保護 Active Directory
12. 管理憑證
13. 管理聯盟
14. 在混合環境中處理身分驗證 (AD FS、PHS、PTA 和 DSSO)
15. 在混合環境中處理同步 (Azure AD Connect)
16. 強化 Azure AD