Designing an Active Directory Forest

Windows Active Directory Domain Services (AD DS) is a leading identity management solution for organizations of all sizes. An AD DS deployment can be as simple as a single domain controller or as complex as a multi-domain forest spread across the globe. Managing sites, domains, and forests in an AD DS environment is critical to a healthy and reliable Active Directory infrastructure. This lesson is intended to provide the information needed to successfully manage Windows AD sites, domains, forests, trust relationships, and replication.

In this lesson, we start by reviewing AD DS forest and domain trusts. Then we examine forest design considerations to create a scalable environment that can meet future demands. Next, we investigate Active Directory sites, site links, and how they relate to the organization's network configuration.  Finally, we evaluate AD DS replication and how site links can optimize replication in an AD DS environment.

Learning Objectives

• Windows AD domains, forests, and trust relationships
• Windows AD forests and domain design considerations
• Creating a two-way forest trust
• Active Directory sites and site topology
• Creating an Active Directory site
• Windows AD sites and replication
• Creating Active Directory site links

Intended Audience 

• System administrators with responsibilities for managing hybrid identities
• Subject matter experts in configuring and managing Active Directory workload on-premises and in Azure
• Anyone preparing for the Azure AZ-800: Administering Windows Server Hybrid Core Infrastructure exam

Prerequisites 

• A basic understanding of deploying and managing Microsoft Windows servers
• Windows Server installation media and an environment to run Windows Server (trial available at https://www.microsoft.com/en-us/evalcenter/evaluate-windows-server-2022)