ML
    • Recent
    • Categories
    • Tags
    • Popular
    • Users
    • Groups
    • Register
    • Login

    Anyway I can Learn AD?

    Scheduled Pinned Locked Moved IT Discussion
    active directory domainwindows administration
    82 Posts 10 Posters 10.6k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • WrCombsW
      WrCombs
      last edited by

      A lot of jobs in the neighborhood here are requesting AD knowledge.

      Does anyone know of a way I can start learning AD?

      What is Active Directory?
      how is it used? (I think I understand this on a basic level)
      What would you suggest for getting started ?

      What are best practices?

      DashrenderD scottalanmillerS ObsolesceO 7 Replies Last reply Reply Quote 0
      • DashrenderD
        Dashrender @WrCombs
        last edited by

        @WrCombs said in Anyway I can Learn AD?:

        A lot of jobs in the neighborhood here are requesting AD knowledge.

        Does anyone know of a way I can start learning AD?

        What is Active Directory?
        how is it used? (I think I understand this on a basic level)
        What would you suggest for getting started ?

        What are best practices?

        I studied for the MCSE 2000 exam. That gave me my baseline.

        Really, the best bet is likely to get a book on Windows Active Directory and read it.

        What is AD? - to me, in a nutshell, a centralized authentication mechanism
        How is it used? it's installed on Windows Server (though there are Linux based distros of AD that are fully compatible, with at least older versions of AD (i.e. might not have the newest MS features) Workstation PCs are joined to it for authentication purposes, both at the machine level and the user level.
        What are best practices - this is to open to answer.

        scottalanmillerS 1 Reply Last reply Reply Quote 1
        • scottalanmillerS
          scottalanmiller @WrCombs
          last edited by

          @WrCombs said in Anyway I can Learn AD?:

          A lot of jobs in the neighborhood here are requesting AD knowledge.
          Does anyone know of a way I can start learning AD?

          NTG has an AD learning environment. (e.g. AD running in the lab.) No reason not to play with it. AD needs some hands on, but really once you get hands on, it's pretty obvious what to do. AD is complex in how it really works, but isn't complex it what it does. Once you get a good explanation (maybe that'll be today's video) and know the tool basics, you are good to go.

          1 Reply Last reply Reply Quote 0
          • scottalanmillerS
            scottalanmiller @Dashrender
            last edited by

            @Dashrender said in Anyway I can Learn AD?:

            I studied for the MCSE 2000 exam. That gave me my baseline.

            I did the MCSE NT4.... pre-AD 😞

            Actually I think that that made it easier to learn, because I had a "sub baseline" of what came before and then when AD released two years later (1998... 2000) it was easy to see what it added, what was different, and why it was important.

            It was also interesting that in 1999 Linux & Samba had bypassed Windows at their own directory server and if you had really large Windows installations pre-AD, Windows NT would choke on it and Samba was the leader. Moving to AD was partially a way to attempt to keep Linux from being ahead on Microsoft's own tech by shaking it up and making them do it all over again.

            DashrenderD 1 Reply Last reply Reply Quote 1
            • scottalanmillerS
              scottalanmiller @WrCombs
              last edited by

              @WrCombs said in Anyway I can Learn AD?:

              What is Active Directory?

              It is literally a directory service. It is called Active because it's a good marketing name, and because individual systems are constantly updating their own information in the directory 🙂

              AD is a central "white pages" like service where computers and applications on the network can literally "look up" information about computers or users. Like they can look up a users full name, their extension number, or their email address. Very basic in concept, but obviously super useful.

              G I JonesG 1 Reply Last reply Reply Quote 0
              • scottalanmillerS
                scottalanmiller @WrCombs
                last edited by

                @WrCombs said in Anyway I can Learn AD?:

                how is it used? (I think I understand this on a basic level)

                It's basic fundamental use case is to store a list of computers on your authorized network, and a list of users for those machines. And the one really cool feature is that it can tell a computer on the network if the password it was given for a user is valid.

                I worded that carefully. The password is not send to AD, AD doesn't hand out password, etc. AD maintains a list of password hashes and will give a pass/fail response to a node asking if a user is who they say that they are.

                That's basically it. AD also maintains a list of groups to which computers and/or users can belong.

                That's really it. The moment that you feel AD does something more than "look up" some basic info, some understanding is wrong. It's extremely simple (and powerful) in what it does. Most people associate AD with all kinds of things that aren't AD, but that commonly use AD. AD itself is a very, very simple directory service. It's magic is that it is fast and secure, not that it does anything special.

                1 Reply Last reply Reply Quote 1
                • scottalanmillerS
                  scottalanmiller @WrCombs
                  last edited by

                  @WrCombs said in Anyway I can Learn AD?:

                  What are best practices?

                  Some rules of thumb...

                  1. AD is never a foregone conclusion.
                  2. Never consider AD until you have at least 12 computers or users on your network (officially MS used to say 10, but that's absurdly low, 12 is more reasonable.)
                  3. Don't run any applications from your AD DC.
                  4. Never refer to an AD Domain Controller (DC) as a PDC or BDC, there is no such thing in the AD world and anyone using the term is very confused and is thinking of NT SAM from the 1990s which is unrelated.
                  ObsolesceO WrCombsW 2 Replies Last reply Reply Quote 0
                  • scottalanmillerS
                    scottalanmiller @WrCombs
                    last edited by

                    @WrCombs said in Anyway I can Learn AD?:

                    What would you suggest for getting started ?

                    If you REALLY want to be an AD expert, get an MS book and slog through it. Getting in the fundamentals isn't a bad idea. Understanding the underlying LDAP and Kerberos components and such can make actually fixing a broken system make a lot more sense. And reading a good IT book is never a bad thing. And some history, like that UNIX was doing LDAP for a long time before Microsoft made their own LDAP system helps to explain the context and why so many things interoperate so easily.

                    Be sure to learn some syntax, you'll start seeing it all over the place. AD is just another LDAP implementation.

                    Get some hands on. AD is really easy in practice 99% of the time.

                    1 Reply Last reply Reply Quote 1
                    • DashrenderD
                      Dashrender @scottalanmiller
                      last edited by

                      @scottalanmiller said in Anyway I can Learn AD?:

                      @Dashrender said in Anyway I can Learn AD?:

                      I studied for the MCSE 2000 exam. That gave me my baseline.

                      I did the MCSE NT4.... pre-AD 😞

                      Actually I think that that made it easier to learn, because I had a "sub baseline" of what came before and then when AD released two years later (1998... 2000) it was easy to see what it added, what was different, and why it was important.

                      It was also interesting that in 1999 Linux & Samba had bypassed Windows at their own directory server and if you had really large Windows installations pre-AD, Windows NT would choke on it and Samba was the leader. Moving to AD was partially a way to attempt to keep Linux from being ahead on Microsoft's own tech by shaking it up and making them do it all over again.

                      Yeah, that's where I started too. I got my first MSCE on NT 4.0, then upgraded to 2000 when it came out, then again to 2008. I haven't bothered since.

                      1 Reply Last reply Reply Quote 0
                      • scottalanmillerS
                        scottalanmiller
                        last edited by

                        Remember, AD is a service like a web server. Microsoft AD is what most people use and is the original (kind of.) The only major competitor to Microsoft AD is Samba. Samba, since version 4, is also a full AD implementation and is every bit as much AD as MS AD is. One is not "more" AD than the other. One is just the first commercial implementation and the other is the second.

                        1 Reply Last reply Reply Quote 1
                        • DashrenderD
                          Dashrender
                          last edited by

                          You can download the Server ISO from MS. You can then install it in a 180 day trial version on a VM anyplace you have the resources - they can build your own AD and do whatever you want to it.

                          This is what I did way back when - setup AD and Novell at home to have things to learn on.

                          1 Reply Last reply Reply Quote 1
                          • IRJI
                            IRJ
                            last edited by

                            AD is something you have to know if you want to step up to more of a system administration role, but its something that is fading out. AD will still be around for another 10 years, but adoption will only decrease going forward.

                            I would do some AD training on Udemy or Youtube to get some basic knowledge as you do need it. However, I dont think its the most marketable skill to push you to the next level and make you stick out from the crowd. Nearly all IT people with any experience have some level AD experience.

                            Office 365 / Intune is a better choice for system administrators going forward IMO. Its a skill that less people have in comparasion to AD so it will make you a bit more valuable if you can show competency in both. It will eventually replace AD / Exchange in environments.

                            Once you master these areas, you can look towards more complex concepts like AWS and Azure.

                            scottalanmillerS 1 Reply Last reply Reply Quote 1
                            • scottalanmillerS
                              scottalanmiller @IRJ
                              last edited by

                              @IRJ said in Anyway I can Learn AD?:

                              AD is something you have to know if you want to step up to more of a system administration role, but its something that is fading out. AD will still be around for another 10 years, but adoption will only decrease going forward.

                              Very true, I agree completely. Definitely a "need to know", but it's had a good 20 year run and isn't the "go to" solution that it once was.

                              IRJI 1 Reply Last reply Reply Quote 1
                              • IRJI
                                IRJ @scottalanmiller
                                last edited by

                                @scottalanmiller said in Anyway I can Learn AD?:

                                @IRJ said in Anyway I can Learn AD?:

                                AD is something you have to know if you want to step up to more of a system administration role, but its something that is fading out. AD will still be around for another 10 years, but adoption will only decrease going forward.

                                Very true, I agree completely. Definitely a "need to know", but it's had a good 20 year run and isn't the "go to" solution that it once was.

                                Definitely not a good path for someone early in their career to focus on. As mentioned its a need to know, but not something I would spend alot of time on if I was early in my career. 90% of the IT market already has this skill so it doesnt help your marketability at all.

                                1 Reply Last reply Reply Quote 1
                                • WrCombsW
                                  WrCombs
                                  last edited by

                                  Thanks,
                                  I'll pick up a book,
                                  Scott how about the AD Learning environment?

                                  DashrenderD 1 Reply Last reply Reply Quote 0
                                  • ObsolesceO
                                    Obsolesce @WrCombs
                                    last edited by Obsolesce

                                    @WrCombs said in Anyway I can Learn AD?:

                                    A lot of jobs in the neighborhood here are requesting AD knowledge.

                                    Does anyone know of a way I can start learning AD?

                                    What is Active Directory?
                                    how is it used? (I think I understand this on a basic level)
                                    What would you suggest for getting started ?

                                    What are best practices?

                                    Start with YouTube IMHO:

                                    Active Directory Tutorial for Beginners
                                    Youtube Video

                                    WrCombsW 1 Reply Last reply Reply Quote 0
                                    • DashrenderD
                                      Dashrender @WrCombs
                                      last edited by

                                      @WrCombs said in Anyway I can Learn AD?:

                                      Thanks,
                                      I'll pick up a book,
                                      Scott how about the AD Learning environment?

                                      I don't know that someone else's environment is worth it.

                                      get the ISO and install it yourself. That way you get to start from the ground up.

                                      WrCombsW 1 Reply Last reply Reply Quote 2
                                      • WrCombsW
                                        WrCombs @Dashrender
                                        last edited by

                                        @Dashrender said in Anyway I can Learn AD?:

                                        @WrCombs said in Anyway I can Learn AD?:

                                        Thanks,
                                        I'll pick up a book,
                                        Scott how about the AD Learning environment?

                                        I don't know that someone else's environment is worth it.

                                        get the ISO and install it yourself. That way you get to start from the ground up.

                                        fair enough - I'll try that

                                        1 Reply Last reply Reply Quote 0
                                        • WrCombsW
                                          WrCombs @Obsolesce
                                          last edited by

                                          @Obsolesce said in Anyway I can Learn AD?:

                                          @WrCombs said in Anyway I can Learn AD?:

                                          A lot of jobs in the neighborhood here are requesting AD knowledge.

                                          Does anyone know of a way I can start learning AD?

                                          What is Active Directory?
                                          how is it used? (I think I understand this on a basic level)
                                          What would you suggest for getting started ?

                                          What are best practices?

                                          Start with YouTube IMHO:

                                          Active Directory Tutorial for Beginners
                                          Youtube Video

                                          That looks promising

                                          1 Reply Last reply Reply Quote 0
                                          • coliverC
                                            coliver
                                            last edited by

                                            Honestly there really isn't much to AD that you will encounter on a day-to-day basis. A book may be overkill for it. The YouTube videos may be a good place to start but setting up an environment and using it will be the best way to learn.

                                            DashrenderD IRJI 2 Replies Last reply Reply Quote 4
                                            • 1
                                            • 2
                                            • 3
                                            • 4
                                            • 5
                                            • 5 / 5
                                            • First post
                                              Last post