Building Modern Active Directory

Break the vicious circle of s perpetuating the errors of the past and “just click next and accept the defaults” implementations preventing a secure and reliable future. This book looks at the typical patterns and antipatterns in Active Directory (AD) , deployment, and operations and provides an approach to building and operating AD that is based on engineering (analyzing and fulfilling requirements) rather than (formulating requirements). The book starts with an historical overview of AD and its future 25 years later. You then learn about the challenges that organizations running AD are facing today followed by understanding how to avoid them while learning modern requirements for more efficient and effective AD performance. After that, you go through business requirements influencing the AD topology along with ways to engineer information lookup to protect high-value objects. The book looks at two main protocols and the many dialects that AD offers to engineer an authentication service that fulfills modern requirements while leaving insecure legacy configurations behind. Managing AD from both the security and usability perspectives is discussed next in the book. Building, operating, and transitioning to a modern AD is demonstrated in detail. The book guides you with the next steps of your journey to achieve a secure and reliable AD. After reading this book, you will be able to bridge the gap between the two approaches by analyzing real-world business requirements, explaining the decision-making process in both and engineering, and ultimately providing concrete engineering guidelines for typical implementation scenarios. What Will You Learn Build a modern Active Directory (AD), leaving behind antipatterns that are not valid anymore Build a “secure by ” AD and accommodate legacy technology without compromising the overall security Understand advanced AD functionality such as controlling object visibility and partitioning Kerberos authentication by Authentication Policies Operate a modern AD, react to changing business requirements, and respond to ever-evolving security threats Who This Book Is For Active Directory (AD) architects and consultants who need to provide and engineering advice to customers; AD administrators tasked with modernizing and securing AD in their organizations; security architects wishing to learn the AD patterns to watch out for