+ Reply to Thread
Page 2 of 3 First 12 3 Last
Results 26 to 50 of 54
  1. Stuck in a padded room... ITVince's Avatar
    Join Date
    Jun 2010
    Posts
    142

    Certifications
    B.Sc, MCTS, Security+, A+
    #26
    Has DSADMIN.EXE therefore been replaced by AD Recycle Bin?
    Reply With Quote Quote  

  2. SS -->
  3. Member ltgenspecific's Avatar
    Join Date
    Nov 2010
    Location
    Seattle, WA
    Posts
    91

    Certifications
    CEH, CHFI, CCNA, CCENT, Oce 6-7 series, Canon iPF 5-6-7(+k)
    #27
    70-640 is a WIP for me and I just wanted to say thanks for putting this thread together. Great stuff!
    Reply With Quote Quote  

  4. Junior Member Registered Member
    Join Date
    Jan 2011
    Posts
    5
    #28
    The R2 version is already out in the O'Reilly website:
    MCTS Self-Paced Training Kit (Exam 70-640): Configuring Windows Server® 2008 Active Directory®, Second Edition - O'Reilly Media

    I can't find the pdf anywhere, so I guess it is out just a few days ago.

    Does someone want to help me buy the ebook version??
    Reply With Quote Quote  

  5. Senior Member Stuppored's Avatar
    Join Date
    Feb 2009
    Posts
    150
    #29
    Errata for MCTS Self-Paced Training Kit (Exam 70-640): Configuring Windows Server® 2008 Active Directory®

    - MCTS Self-Paced Training Kit (Exam 70-640): Configuring Windows Server® 2008 Active Directory® Confirmed Errata | O'Reilly Media
    Reply With Quote Quote  

  6. Junior Member
    Join Date
    Sep 2011
    Location
    Scranton, PA
    Posts
    5
    #30
    Hello all,

    Just decided to start down the path toward my MCITP-SA certification, and I plan on starting with the 70-640 material. I do see that most of the training material available for this exam is for Sever 2008, and not specifically designated for the R2 release. I do know the MCTS Self-Paced training kit has been updated to R2, but this is about the only one I've seen on the market that has specifically been updated to reflect R2.

    I guess my question on this type of situation is.... is there that significant of a difference between Server 2008 vs. the R2 release that would render most of the other available training resources pointless to study from?
    Reply With Quote Quote  

  7. Senior Member Nobylspoon's Avatar
    Join Date
    Sep 2008
    Location
    Ashburn, VA
    Posts
    609

    Certifications
    WGU BS:IT, MCITP:EA, MCSA:2008, Security+, Project+, JavaScript Specialist, Web Foundations
    #31
    Quote Originally Posted by PA_Kid View Post
    Hello all,

    Just decided to start down the path toward my MCITP-SA certification, and I plan on starting with the 70-640 material. I do see that most of the training material available for this exam is for Sever 2008, and not specifically designated for the R2 release. I do know the MCTS Self-Paced training kit has been updated to R2, but this is about the only one I've seen on the market that has specifically been updated to reflect R2.

    I guess my question on this type of situation is.... is there that significant of a difference between Server 2008 vs. the R2 release that would render most of the other available training resources pointless to study from?
    From what I have been reading, the exams are focusing pretty heavily on the R2 material. The old resources will still help but you will have to supplement with a lot of Technet material to cover the new things.

    There is a second edition of all the Self-Paced training kit books. It will have a big "2" in the upper right corner of the cover.

    Amazon.com: MCTS Self-Paced Training Kit (Exam 70-640): Configuring Windows Server 2008 Active Directory (Self-Paced Training Kits) (9780735651937): Dan Holme, Nelson Ruest, Danielle Ruest, Jason Kellington: Books
    Last edited by Nobylspoon; 09-27-2011 at 06:45 PM.
    Reply With Quote Quote  

  8. Junior Member Registered Member
    Join Date
    Oct 2011
    Posts
    1

    Certifications
    MCTS (70-680), MCP, Network+, A+, Linux+, SCLA,
    #32
    hi there, i;m new on here, I recently took the 70-680 and passed. I have quite a good understanding of AD since working in a 2003 environment for 2 yrs..I wanna do 70-640 but need help finding some accurate resources to make learning a good experience b4 i take the exam
    Reply With Quote Quote  

  9. Junior Member
    Join Date
    Apr 2012
    Posts
    8
    #33
    Tanks for providing information and useful resources. I am looking for some exam preparation resources which are free. Have you any online realiable and free of cost resources for 70 640 and other 70 series exams preparation?
    Reply With Quote Quote  

  10. Junior Member Registered Member
    Join Date
    Apr 2012
    Posts
    1
    #34
    hey it is nice
    Reply With Quote Quote  

  11. Junior Member
    Join Date
    Nov 2009
    Posts
    5
    #35
    Just getting started on this...book marked...!!! Thanks for taking the time to put this together!
    Reply With Quote Quote  

  12. Sith Lord SephStorm's Avatar
    Join Date
    Dec 2009
    Location
    Atlanta, GA
    Posts
    1,707

    Certifications
    GPEN, GCIH, SFCP, CPT, CEH, QND
    #36
    What are good books for beginner, intermediate, and advanced server 2008 R2 books? I have mostly helpdesk level experience using server 2008, mostly dealing with AD, creating users, computers, groups, ect. no domain level group policy, WSUS, ect.
    Reply With Quote Quote  

  13. Senior Member kriscamaro68's Avatar
    Join Date
    Apr 2008
    Location
    Utah
    Posts
    1,149

    Certifications
    MCSA: 2012R2, MCS: Server Virtualization, MCTS-Win7, Security+, Server+, Net+, A+
    #37
    Quote Originally Posted by SephStorm View Post
    What are good books for beginner, intermediate, and advanced server 2008 R2 books? I have mostly helpdesk level experience using server 2008, mostly dealing with AD, creating users, computers, groups, ect. no domain level group policy, WSUS, ect.


    Amazon.com: Group Policy: Fundamentals, Security, and the Managed Desktop (978047058185: Jeremy Moskowitz: Books

    Amazon.com: Windows Server 2008 R2 Unleashed (9780672330926): Rand Morimoto, Michael Noel, Omar Droubi, Ross Mistry, Chris Amaris: Books
    Last edited by kriscamaro68; 06-13-2012 at 05:41 PM.
    Reply With Quote Quote  

  14. Junior Member
    Join Date
    Sep 2009
    Posts
    1
    #38
    Hi anyone knows a good study guide out there. I have recently took my 70-640 and I failed it with a 593, I used ucertify. Has anyone used a study guide that help them passed it?
    Reply With Quote Quote  

  15. Senior Member
    Join Date
    Apr 2012
    Location
    Sahuarita AZ
    Posts
    472

    Certifications
    MCSE
    #39
    All of the resources in the thread have good stuff, setting up a lab and reviewing the technologies in technet are very helpful
    Reply With Quote Quote  

  16. Member
    Join Date
    Mar 2012
    Location
    Australia
    Posts
    96

    Certifications
    CCNA R&S, ITIL 2011 Foundation, MCITP:ESDT , MCTS, A+, Network+, CompTIA Security+, Cert IV IT
    #40
    Hi Claymore,

    I was just wonder if there are any sites/books that you would recommend using to do labbing etc. Not knowing about the technology is difficult in some areas just to dive straight into a lab (what would you suggest in learning this?)
    Reply With Quote Quote  

  17. Junior Member Registered Member
    Join Date
    Dec 2012
    Posts
    2
    #41

    Default 70-640

    Hi,
    Please can i get suggestions on the best way to prepare for the 70-640 exam.I have a book for it.What do I need to use to simulate the environment where I can practice?I'd appreciate your suggestions.Thanks
    Reply With Quote Quote  

  18. Senior Member
    Join Date
    Oct 2008
    Location
    Long Island, NY
    Posts
    693

    Certifications
    CCENT, Microsoft Cert Specialist: 74-409, MCITP:EA/MCSA:2008, MCSA:Win8.1/Win7, MCSE:Sec.2003, MCTS(x4); A+('07), Sec+ ('08)
    #42
    Try following some CBT Nugget videos, really good for watching some lab material, and you can kind of follow along with the video as he talks
    Reply With Quote Quote  

  19. Senior Member horusthesun's Avatar
    Join Date
    Apr 2013
    Location
    Buffalo,NY
    Posts
    284

    Certifications
    MTA 98-365 MTA 98-366 & MTA 98-367 C)SS & C)VA & MCSA Windows 8 & MCTS Configuring Active Directoy 70-640. Comptia Sec+, VCA-DCV, C)PEH,C)ISSO
    #43
    thank you for this!
    Reply With Quote Quote  

  20. Pancakes and Lasagna kurosaki00's Avatar
    Join Date
    Nov 2008
    Location
    Indianapolis
    Posts
    943

    Certifications
    CCENT, A+, Network+
    #44
    Anyone know if the 72 (student version) are still available?
    Reply With Quote Quote  

  21. Junior Member Registered Member
    Join Date
    Jul 2013
    Posts
    2
    #45
    Hi All,

    I'll be taking this exam today and thought I'd share my 'Cheat Sheet' with you. It's basically a collection of notes etc I've made as I've studied on things I think are important to remember. Maybe we can add to it as a community

    Command Line Tools
    Tool Description
    Dsadd Creates an object in the directory
    Dsget Return specified attributes of an object
    Dsmod Modifies specified attributes of an object
    Modify the UPN for multiple users
    Dsrm Removes and object and all sub trees
    Dsquery Performs active directory query
    CSVDE Uses .CSV files for importing large number of accounts
    LDIFDE Uses ldif files for importing large number of accounts
    Create a PSO
    Dsmgmt Configure roles/admin on RODC
    Dnscmd Configure dns partitions
    Configure GlobalNames Zones
    Dnslint Test DNS records for AD Replication
    NTDSUTIL Seize FSMO
    Create AD Partition
    Dcdiag Diagnose DC issues/replication
    Diskpart Basic disc conversion (i.e basic to dynamic)
    Dsdbutil Create installation media that corresponds only to the AD LDS instance for backup

    MMC’s and Other Tools
    Tool Management Options
    ADSIEdit View, create, modify and delete AD LDS objects. Includes accounts, OU’s, groups.
    Ldp.exe General admin on any LDAP service (including AD DC and AD LDS)
    Create a new application directory in existing instance
    Active Director Schema snap-in (schmmgmt.mmc) View and manage objects in the schema
    Active Directory Sites and Services snap-in Connect to AD LDS instance.
    Admin directory data replication.
    Configure GlobalCatalog Servers
    Universal Group Membership Caching
    Modify Intersite replication schedule
    Configure sites and subnets
    PKIView Monitoring and troubleshooting multiple CA’s
    Certificates Templates Configure Cert Templates:-
    Create/Duplicate
    Modify Properties (Validity/key archival)
    Configure Policies (enrolment/issuing)
    Allowing autoenrollment
    Create Template that allows Key Archiving
    Certificate Authority Enable use of Template
    Enrollment Agents tab (Restrict Enrollment Agents)
    Key Archival
    Manage security/roles
    Backup certificate database
    Restore certificate database
    Revoke Certificate
    Configure CRL publication interval
    Manage CRL Distribution Point/s (CDP)
    Manage AIA
    Certutil Recover Archived Keys
    Certificates (Console) Backup Certificates (Machine/User)
    Restore Certificates (Machine/User)
    Online Responder Management snap-in Configure Online Responder
    Configure OR Array and Revocation Config
    ADFS snap-in Configure ADFS or ADFS server farm
    Manage trust policies
    Configure federation trusts
    Creating claims/account stores
    Enabling applications
    Active Directory Users and Computers RODC Password Replication Policy
    Raise/View Domain Functional Level
    Active Directory Domains and Trusts Add UPN Suffix
    Create and manage trusts
    Raise/View Forest Functional Level
    Security Configuration and Analysis Allows comparing local settings against an imported ini
    DNS Manager DNS Stuff
    Debug Logging
    DFS Management DFS Replication/Namespaces
    Security Templates Save custom security policies
    Performance Monitor Create server performance baseline
    Identify bottlenecks
    Alert to events

    Notes:
    • Server 2008 introduces V3 Certificate Templates
    • Windows 2000/XP/2003 can only use V1 and V2 certs for web enrolment
    • Network Device Enrollment Service
    • Web Enrollment and Online Responder require IIS
    • Certificate Enrollment Web Service is not real-time with changes made to templates. There is a 30 minute polling setting. To force this reset iis
    • Certificate Templates include a discretionary access control list – defines users and groups that can read and configure template as well as enrol/auto-enrol cert’s based on template
    • V1 Templates – read only
    • V2 supported by XP/2003 and later – allow auto enrolment
    • V3 supported on vista and later
    • Key Recovery Agent
      • Cert Template snap-in – Key Recovery Agent Template (Enable Read/Enrol for KRA User)
      • Certificate Authority snap-in – Enable Template
      • Enrol (Web)
    • Smart Cards require an enrolment agent and card-writer
      • Enrollment agent certificate required
    • From certificates console use Certificate Export Wizard to backup certificates
    • From certificates console use Certificate Import Wizard to restore certificates
    • Wbadmin system state will backup certificate database
    • To restore CA you must stop AD CS
    • Vista/2008 introduced Online Responder
    • AIA – Authority Information Access
      • Extension applied to CA
      • Points to URL for issuing CA’s certificate
      • Needed for Online Responder service
    • Federation Services
      • Company hosting application – ‘resource partner’
      • Company being trusted – ‘account partner’
      • Applications involved – ‘federated applications’
    • [IMG]file:///C:\DOCUME~1\ALEX~1.NIC\LOCALS~1\Temp\msohtmlclip1\ 02\clip_image002.jpg[/IMG]
    • A ‘resource partner’ can have multiple account partners
    • Federation services use tokens
    • Federation services requires 2008 Ent or Datacentre
    • A ‘claim’ is a statement made about a client (name/identity/key etc.)
    • An account store stores user accounts that ADFS must authenticate for using federated applications
    • Trust policies enable users to share documents protected in AD RMS
    • AD FS snap-in
      • Administer account stores in AD DS or AD LDS
      • Manage partners that will trust your company
        • Account partners and resource partners
      • Mange claims and certificates used by federation servers and web applications (AD FS)
    • AD FS Claims/Account Stores
      • Creating Claims
        • AD FS snap-in
        • Trust Policy
        • My Organization
      • Creating Account Stores
        • AD FS snap-in
        • Account Stores
        • New Account Store
      • Enabling Applications
        • AD FS snap-in
        • Applications
        • New Application
      • Federation Trusts
        • AD FS snap-in
        • Partner Organizations node
        • New Account Partner/New Resource Partner
    • Csvde –f will export AD objects to .csv
    • Csvde –I –f will import AD objects that don’t already exist (-k will process without error)
    • Remove Roles Wizard can’t be used to remove AD DS. You must use dcpromo
    • You can run AD LDS without a DC or DNS
    • DNS Stores it’s data in an Application Partition in AD
    • You can only install AD CS Enterprise on a DC
    • AD RMS client required on Windows 2000 and XP
      • Windows 2000 must have SP4
      • Windows Vista must have SP2
      • Vista has client by default
    • A RODC must have the following
      • Forest Functional Level at least 2003
      • PDC Emulator running on Server 2008
      • One 2008 DC Exists
      • If upgrading from 2003 run adprep /rodcprep
    • RODC partnered with a writeable (200 DC
    • RODC Password replication policy must be configured on writable DC
      • AD Users and Computers
      • RODC Properties
      • Password Replication Policy Tab
    • You can use the above to pre-populate password cache
    • Group Policy Applications
      • Assign
        • To User or Computer
        • Shows in Start Menu or File Association
      • Publish
        • To User
        • Shows in Control Panel or File Association
      • If Assigned :-
        • User - Installed on Login
        • Computer – Installed on Boot
    • Configure DNS after RODC install – DNSCMD /enlistdirectorypartition
    • Check AD Recycle Bin – Powershell (Get-ADOptionalFeature)
    • Audit Before/After account changes – Audit Directory Services Changes – Auditpol (Tool)
    • Add DC to replication scope – dnscmd /createdirectorypartition
    • /resourcesACL only applies to Win 7/2008 R2 and above
    • Forest trusts require 2003 forest functional level
    • DSAmain command fails
      • Port needs to be 40000 or higher
    • Use repadmin /syncall to replicate changes immediately
    • UPN Suffix available at 2000 Forest Level
    • DFSR only available in 2008 Domain functional level
    • Administering ADMX files from client only available to Win 7 and higher
    • If an Intermediate CA Cert expires, renew the certificate and import into Intermediate store on Intermediate CA.
    • If you see SID on folder permissions instead of names
      • Move Infrastructure Master role. This is because the Infrastructure master refers to the global catalog.
    • RODC can be deployed in a 2003 Forest Functional Level
    • RAID 5 is data striping with parity
    • To replicate AD LDS instance to another location – Create and Install a replica by running AD LDS Setup Wizard
    • To ensure device certificate requests use MD5 – Modify registry on NDES server
    • Global Names Zones only available after running DNSCMD
    • Global Catalog Servers are required to validate Universal Group Memberships
    • Global Catalog contains
      • Index of forest objects
      • Can be on any DC
      • Hosts multi-domain groups
      • Deals with UGMC
      • Needs at least one per domain
      • Removed via Active Directory Users and Computers
      • Required for UPN
    • When creating a new tree or child domain the server must be able to contact the Domain Naming Master
    • When creating new users or groups you must be able to contact the infrastructure master and have RID’s available.
    • For server 2000 DNS to receive conditional forwarder replication you must choose ‘All Domain Controllers in This Domain’ option
    • SMTP is used for Inter Domain replication. Requires a CA.
    • Site Link Costs – Lower is a fast link
    • The cost of a site link is the sum of all links contained within a bridge
    • KCC replicates site topology
    • Intersite replication default is 3 hours
    • Minimum intrasite replication schedule is every 15 minutes
    • Monitoring and Troubleshooting Replication Issues
      • Event Viewer
      • Active Directory Replication Monitor (replmon)
      • Active Directory Replication Administrator (repadmin)
    • Each AD LDS can have it’s only schema
    • AD LDS can be managed with the following tools
      • Active Directory Services Interface snap-in
      • LDP.exe
      • Active Directory Schema snap-in
      • Active Directory Sites and Services
    • RID Master (Relative Identifier)
      • Allocates pools in 500’s
      • Is the sequential numbers used by SID’s
    • PDC Emulator
      • Backwards compatibility for NT4 Domains
      • Time clock for domains
      • Final Authority on Passwords
      • Used by DFS for changes
      • Auto default for GPO Editing
    • Infrastructure Master
      • Keeps changes to object references consistent across forest
      • Tracks changes and moves across all domains
    • 2008 Domain Functional Level
      • Required for AES
      • Fine Grained Password policies
      • DFS replication for SYSVOL
    • Forest level 2003 + allows domain name re-names
    • External Trusts are used to connect to NT4
    • Short SID’s are local accounts
    • PSO are applied to Users and Groups and not OU’s
      • To apply to OU’s you’d have to use a shadow group
    • PSO over-ride the default domain policy
    • When using multiple PSO’s
      • Application order is determined by password settings precedence
        • This is a number of 1 or greater
          • Lowest number is used
          • Lowest GUID will be used
    • Server 2008 Auditing Change
      • Active Directory Service Access
        • Can now record what has changed
    • To enable Audit Changes – auditpol /set /subcategory…….
    • To compare security settings (ini) with command line
      • Secedit /validate
    • Group policy default refresh rate is 90 – 120 minutes – can be changed in GPO
    • Group Policy Loopback Processing
      • Replace
        • GPO List for the user is replaced by the GPO list for the computer
      • Merge
        • Computer Settings are applied after user settings
    • Group Policy loopback is used so that user settings can be applied to OU’s – ie apply printer only to certain computers.
    • Starter Group Policy Objects
      • A template used to create new group policies
    • Global Catalogs are also known as Partial Attribute Sets (PAS)
      • Are a replica of all objects in the forest
      • Read only
      • Changes in domain (AD) partition are copied to GC partiontion
      • GC is forest wide
    • ADMT (Active Directory Migration Tool) – is supported on 2008 R2 only
    • AD LDS – Ensure replication you must create a service user on each server
    • AD LDS – Each instance runs as a separate computer service
    • To use Filtered Attribute Set – Forest Functional Level must be 2008
      • FILTERED set on schema master not ‘filtered attribute set’
    • DNSSEC is available with 2008 R2 (on the DNS Server not DC)
    • To modify the UPN suffix for all users use DSMOD
    • If auditing is configured already on an OU then ‘modify the auditing entry’
    • UGMC is configured at – Active Directory Sites and Services > NTDS Site Settings
    • To ensure DC’s only replicate between adjacent sites disable site link bridging
    • AD RMS – To modify the password used by AD RMS User account use ‘ AD RMS Tool’


    • Forest Trust Types
      • Transitive
        • Trust domains that your parent domain trusts
      • Forest Trust – used to share resources between forests. Transitive by default.
        • Two-way
          • Both domains can be authenticated in each other domain
        • One-way incoming
          • Users in your domain (creation domain) can be authenticated in the other domain
        • One-ware outgoing
          • Users in other domain can be authenticated in your domain
      • External Trust
        • One-way, non-transitive –used primarily with 2000 Domain Functionality
      • Realm Trust
        • Non-AD trust
      • Shortcut trust
        • Trust across forests one-to-one between 2 domains/sub domains (Bypass transitive links)
    • Trust Authentication Scope
      • Domain-wide authentication—Available in the case of external trusts, this option permits unrestricted access by any users in the trusted domain to all available shared resources in the trusting domain, according to sharing and security permissions attached to the resources. It is the default option for external trusts.
      • Forest-wide authentication—Available in the case of forest trusts, this option permits unrestricted access by any users in the trusted forest to all available shared resources in any domain of the trusting forest, according to sharing and security permissions attached to the resources. It is the default option for forest trusts. Microsoft recommends the domain-wide and forest-wide options for trusts within the same organization only.
      • Selective authentication—This option does not create any default authentication. It enables you to specify the users and groups from a trusted forest who are permitted to authenticate to servers containing resources in the trusting forest. Microsoft recommends this option for trusts that involve separate organizations, such as contractor relationships.
        • It improves security by limiting the quantity of authentication
        • requests that can pass through the trust.
    Reply With Quote Quote  

  22. Senior Member Chev Chellios's Avatar
    Join Date
    Jan 2013
    Location
    UK
    Posts
    336

    Certifications
    MCP, MCDST, CCNSP, ITIL Foundation, working towards CCENT/CCNA
    #46
    Nice summary there crystal geek, there is alot to go through for this exam it is a beast! Good luck with it dude and let us know how you get on
    Reply With Quote Quote  

  23. Junior Member Registered Member
    Join Date
    Jul 2013
    Posts
    2
    #47
    Winner whoop - 792
    Reply With Quote Quote  

  24. Junior Member Registered Member
    Join Date
    Jul 2013
    Posts
    1
    #48
    Thanks CrystalGeek. Grats on passing. I will be writing mine at the end of next month. I'd love to know what other material you used to study and how long you studied for. I am thinking of ordering the MS Press books through our MS account manager at my office. Did you use the MS Press material or something else? TIA.... and thanks so much for the cheat sheet!
    Reply With Quote Quote  

  25. Reply With Quote Quote  

  26. Member
    Join Date
    Jan 2013
    Posts
    42

    Certifications
    A+, Security+
    #50
    Really finding it hard to figure out which books to order....if you could only have two books to prepare which books would you get?
    Reply With Quote Quote  

+ Reply to Thread
Page 2 of 3 First 12 3 Last

Social Networking & Bookmarks