This is an example of a simple banner
MY ACCOUNT

IT Pro

>

MS Office

>

Management

>

Multimedia

>

Development

>

Collaborative tools

>

Soft skills

>

Digital Marketing

>

ALL TRAININGS

Training: Administer Windows Server Hybrid Core Infrastructure (AZ-800)

Ref. AZ-800T00

Download PDF

Duration:
4
 days
Exam:
Optionnel
Level:
Intermediate
Funding:
Eligible

Administer Windows Server Hybrid Core Infrastructure Training (AZ-800)

The shift toward hybrid environments represents a major challenge for businesses today. This AZ-800 training enables you to acquire essential skills for managing Windows Server infrastructure in both cloud and on-premise contexts.

Manage your hybrid infrastructures effectively

This intensive four-day course is designed for IT professionals seeking to master Windows Server administration in modern environments. You will learn to deploy and manage identity services, optimize resource management, and secure your infrastructures. Additionally, you will discover how to integrate cloud technologies with your on-premise systems.

The AZ-800 certification validates your expertise in server hybrid core administration. Organizations actively seek these skills for their digital transformation. This training combines theory and practice for rapid and effective skills development.

Participant Profiles

  • System and network administrators
  • IT infrastructure engineers
  • IT support technicians transitioning to administration
  • Microsoft solutions consultants
  • IT operations managers

Objectives

  • Deploy and manage Active Directory Domain Services in hybrid environments
  • Configure and administer Windows Server with PowerShell and Windows Admin Center
  • Implement identity solutions with Microsoft Entra and Azure AD DS
  • Virtualize workloads with Hyper-V and manage Windows containers
  • Administer Azure IaaS virtual machines and automate their deployment
  • Configure DNS, DHCP network services and remote access
  • Manage storage with Storage Spaces and Azure File Sync
  • Secure infrastructure with Just Enough Administration and shielded virtual machines

Prerequisites

  • Hands-on experience with Windows Server operating systems
  • Understanding of basic networking concepts (TCP/IP, DNS, DHCP)
  • Fundamental knowledge of virtualization and cloud computing

Course Content

Module 1: Introduction to AD DS

  • Define AD DS
  • Define users, groups, and computers
  • Define AD DS forests and domains
  • Define organizational units
  • Manage objects and their properties in AD DS

Module 2: Manage AD DS domain controllers and FSMO roles

  • Deploy AD DS domain controllers
  • Manage AD DS domain controllers
  • Manage the AD DS global catalog role
  • Manage AD DS operations masters
  • Manage an AD DS schema

Module 3: Implement Group Policy objects

  • Define Group Policy objects
  • Implement Group Policy object scope and inheritance
  • Define domain-based Group Policy objects
  • Create and configure a domain-based Group Policy object
  • Define Group Policy object storage
  • Define administrative templates

Module 4: Manage advanced AD DS features

  • Create trust relationships
  • Implement ESAE forests
  • Monitor and troubleshoot AD DS
  • Create custom AD DS partitions

Module 5: Implement hybrid identity with Windows Server

  • Select a Microsoft Entra integration model
  • Plan a Microsoft Entra integration
  • Prepare the on-premises Active Directory environment for directory synchronization
  • Install and configure directory synchronization with Microsoft Entra Connect
  • Implement seamless single sign-on
  • Enable Microsoft Entra sign-in for Windows virtual machines in Azure
  • Describe Microsoft Entra Domain Services
  • Implement and configure Microsoft Entra Domain Services
  • Manage Windows Server in a Microsoft Entra Domain Services environment
  • Create and configure a Microsoft Entra Domain Services instance
  • Join a Windows Server virtual machine to a managed domain

Module 6: Deploy and manage Active Directory Azure IaaS domain controllers in Azure

  • Select an option to implement directory and identity services using Active Directory Domain Services in Azure
  • Deploy and configure Active Directory Domain Services domain controllers in Azure virtual machines
  • Install a replica Active Directory domain controller in an Azure virtual machine
  • Install a new Active Directory forest on an Azure virtual network

Module 7: Perform secure Windows Server administration

  • Define least privilege administration
  • Implement delegated privileges
  • Use privileged access workstations
  • Use jump servers

Module 8: Describe Windows Server administration tools

  • Explore Windows Admin Center
  • Use Server Manager
  • List Remote Server Administration Tools
  • Use Windows PowerShell
  • Use Windows PowerShell to remotely administer a server

Module 9: Configure Windows Server after installation

  • List available post-installation configuration tools
  • Configure Server Core using Sconfig
  • Use DSC to configure Windows Server
  • Perform post-installation configuration using Windows Admin Center
  • Configure a server with answer files

Module 10: Administer and manage Windows Server IaaS virtual machines remotely

  • Select the appropriate remote administration tool
  • Manage Windows virtual machines with Azure Bastion
  • Create an Azure Bastion host
  • Configure just-in-time administration

Module 11: Manage hybrid workloads with Azure Arc

  • Describe Azure Arc
  • Onboard Windows Server instances
  • Connect hybrid machines to Azure from the Azure portal
  • Use Azure Arc to manage Windows Server instances
  • Restrict access with RBAC

Module 12: Just Enough Administration in Windows Server

  • Explain the Just Enough Administration (JEA) concept
  • Define role capabilities for a JEA endpoint
  • Create a session configuration file to register a JEA endpoint
  • Describe how JEA endpoints work to limit access to a PowerShell session
  • Create and connect to a JEA endpoint

Module 13: Configure and manage Hyper-V

  • Define Hyper-V
  • Define Hyper-V Manager
  • Configure Hyper-V hosts using best practices
  • Configure Hyper-V networking
  • Assess advanced Hyper-V networking features
  • Define nested virtualization

Module 14: Configure and manage Hyper-V virtual machines

  • List virtual machine configuration versions
  • List virtual machine generation versions
  • List available VHD types and formats
  • Create and configure virtual machines
  • Determine storage options for virtual machines
  • Define shared VHDs and VHD sets
  • Implement guest clusters using shared VHDX

Module 15: Secure Hyper-V workloads

  • Define a guarded fabric
  • Define the Host Guardian Service
  • Explore TPM-trusted attestation
  • Define KPS
  • Determine key features of shielded virtual machines
  • Compare encryption-supported virtual machines and shielded virtual machines in a guarded fabric
  • Implement a shielded virtual machine

Module 16: Plan and deploy Windows Server IaaS virtual machines

  • Describe Azure compute
  • Describe virtual machine storage
  • Deploy Azure virtual machines
  • Create a Windows virtual machine using the portal
  • Create a Windows virtual machine using Azure CLI
  • Deploy Azure virtual machines using templates
  • Describe additional management optimization options

Module 17: Customize Windows Server IaaS virtual machine images

  • Create a generalized image
  • Create a virtual machine from a managed image
  • Create a managed image of a generalized virtual machine in Azure
  • Create a virtual machine from a managed image
  • Implement Azure Image Builder
  • Create a Windows virtual machine using an Azure Image Builder template
  • Create a Windows virtual machine with Azure Image Builder using PowerShell

Module 18: Automate Windows Server IaaS virtual machine configuration

  • Describe Azure Automation
  • Implement Azure Automation with DSC
  • Remediate noncompliant servers
  • Describe custom script extensions
  • Configure a virtual machine using DSC

Module 19: Run containers on Windows Server

  • Define containers
  • List the differences between containers and virtual machines
  • Define Windows Server and Hyper-V containers and isolation modes
  • Explore Docker
  • Prepare a Windows Server 2019 host for container deployment
  • Security, storage, and networking with Windows containers

Module 20: Orchestrate containers on Windows Server using Kubernetes

  • Define orchestration
  • Define Kubernetes
  • Deploy Kubernetes resources
  • Create a Kubernetes cluster on Windows
  • Define Azure Arc
  • Connect an Azure Arc-enabled Kubernetes cluster with Azure Arc

Module 21: Implement DNS for Windows Server IaaS virtual machines

  • Understand Azure DNS
  • Implement Azure DNS
  • Create an Azure DNS zone and record from the Azure portal
  • Implement DNS with Azure IaaS virtual machines
  • Implement split-horizon DNS in Azure
  • Troubleshoot DNS

Module 22: Deploy and manage DHCP

  • Use DHCP to simplify IP configuration
  • Install and configure the DHCP role
  • Configure DHCP options
  • Configure DHCP scopes
  • Select DHCP high availability options
  • Implement DHCP failover

Module 23: Implement Windows Server DNS

  • Explore DNS architecture
  • Work with DNS zones and records
  • Install and configure the DNS role
  • Implement DNS forwarding

Module 24: Implement IP Address Management

  • Define IP Address Management
  • Deploy IP Address Management
  • Administer IP Address Management
  • Configure IP Address Management options
  • Manage DNS zones with IP Address Management
  • Manage DHCP servers with IP Address Management
  • Use IP Address Management to manage IP addressing

Module 25: Implement remote access

  • Examine remote access options in Windows Server
  • Select and configure VPNs
  • Use NPS to create and enforce network access policies
  • Plan and implement NPS
  • Deploy a PKI for remote access
  • Use WAP as a reverse web proxy

Module 26: Implement hybrid network infrastructure

  • Describe Azure network topologies
  • Implement Azure VPN options
  • Create a route-based VPN gateway using the Azure portal
  • Implement Azure ExpressRoute
  • Configure Azure Virtual WAN
  • Implement DNS in hybrid environments

Module 27: Implement Windows Server IaaS virtual machine IP addressing and routing

  • Implement a virtual network
  • Implement IaaS virtual machine IP addressing
  • Assign and manage IP addresses
  • Configure a private IP address for a virtual machine using the Azure portal
  • Create a virtual machine with a static public IP address from the Azure portal
  • Implement IaaS virtual machine IP routing
  • Implement IPv6 for Windows Server IaaS virtual machines

Module 28: Manage Windows Server file servers

  • Define the Windows Server file system
  • List the benefits and uses of File Server Resource Manager
  • Define SMB and its security considerations
  • Configure the SMB protocol
  • Define Volume Shadow Copy Service

Module 29: Implement Storage Spaces and Storage Spaces Direct

  • Define the Storage Spaces architecture and its components
  • Describe the functionality, benefits, and use cases of Storage Spaces
  • Implement Storage Spaces
  • Describe the functionality, benefits, and use cases of Storage Spaces Direct
  • Implement Storage Spaces Direct

Module 30: Implement Windows Server Data Deduplication

  • Define the architecture, components, and functionality of Data Deduplication
  • Define the use cases and interoperability of Data Deduplication
  • Implement Data Deduplication
  • Manage and maintain Data Deduplication

Module 31: Implement Windows Server iSCSI

  • List the features, components, and use cases of iSCSI
  • List considerations for implementing iSCSI
  • Implement iSCSI
  • Configure high availability for iSCSI

Module 32: Implement Windows Server Storage Replica

  • List the features and components of Storage Replica
  • Examine prerequisites for implementing Storage Replica
  • Implement Storage Replica using Windows Admin Center
  • Implement Storage Replica using Windows PowerShell

Module 33: Implement a hybrid file server infrastructure

  • Describe Azure file services
  • Configure Azure Files
  • Configure Azure Files connectivity
  • Describe Azure File Sync
  • Implement Azure File Sync
  • Deploy Azure File Sync
  • Manage cloud tiering
  • Migrate from DFSR to Azure File Sync

Documentation

  • Access to Microsoft Learn, Microsoft’s online learning platform, offering interactive resources and educational content to deepen your knowledge and develop your technical skills.

Lab / Exercises

  • This course provides you with exclusive access to the official Microsoft lab, enabling you to practice your skills in a professional environment.

Exam

  • This course prepares to the exam AZ-800: Windows Server Hybrid Administrator Associate

Complementary Courses

Eligible Funding

ITTA is a partner of a continuing education fund dedicated to temporary workers. This fund can subsidize your training, provided that you are subject to the “Service Provision” collective labor agreement (CCT) and meet certain conditions, including having worked at least 88 hours in the past 12 months.

Additional Information

The challenges of digital transformation for IT infrastructures

Businesses face growing challenges in managing their information systems. The coexistence of on-premises equipment and cloud resources creates significant technical complexity. Administrators must juggle different technologies while maintaining security and performance. This reality requires constant evolution of technical skills to remain competitive in the market.

The AZ-800 certification fits into this context of profound transformation in IT professions. It validates operational mastery of hybrid Windows Server environments. The skills acquired help reduce operating costs while improving resilience. This dual on-premise and cloud approach addresses the current needs of IT departments.

Understanding the Microsoft ecosystem for modern infrastructures

Microsoft now offers a complete ecosystem for managing identities across different environments. Synchronization between on-premises Active Directory and Microsoft Entra Connect facilitates user mobility. This integration allows employees to access resources from any location. Single sign-on strategies simultaneously improve user experience and security.

Azure Arc services represent a major innovation in distributed infrastructure management. This technology unifies server administration whether they are physical, virtual, or cloud-based. Administrators benefit from a centralized view to apply governance policies. Role-based access control ensures appropriate delegation of responsibilities.

Virtualization remains a fundamental pillar of modern datacenters. Hyper-V offers advanced features such as real-time replication and live migration. These capabilities ensure service continuity even during planned maintenance operations. Shielded virtual machines provide an additional security layer for sensitive data.

Optimizing performance and service availability

Storage management constitutes a critical challenge for application performance. Storage Spaces Direct enables the creation of high-performance hyperconverged infrastructures. This approach reduces hardware investments while offering great flexibility. Data deduplication optimizes available space usage and accelerates backups.

Azure File Sync transforms how businesses manage their file servers. This solution automatically synchronizes data between remote sites and the cloud. Users always access the most recent version of shared documents. Intelligent tiering frees up local space by moving less-used files to Azure.

Hybrid networks require careful planning to ensure performance. ExpressRoute offers private, very high-speed connections to Azure services. This dedicated connectivity eliminates latency issues encountered with standard Internet connections. Azure Virtual WAN simplifies network topology by centralizing connection management.

Automating for operational efficiency gains

Automation represents the future of system administration according to industry experts. PowerShell Desired State Configuration ensures servers always comply with defined standards. This declarative approach prevents configuration drift that often causes incidents. Azure Automation orchestrates complex workflows involving multiple systems and services.

Windows Server containers modernize business application deployment. Docker simplifies packaging applications with all their dependencies. Kubernetes orchestrates these containers to ensure high availability and scalability. This technology significantly accelerates development and production deployment cycles.

Strengthening overall security posture

Windows Server infrastructure security requires a multi-layered approach. Just Enough Administration precisely limits PowerShell commands accessible to users. This granularity drastically reduces risks related to compromised privileged accounts. Jump servers isolate administration operations from the production network.

Azure Bastion revolutionizes secure access to virtual machines in the cloud. This solution eliminates exposure of RDP and SSH ports on the Internet. Connections transit through the Azure portal with mandatory strong authentication. Just-in-time administration temporarily activates access only when necessary.

FAQ

What is the difference between Microsoft Entra Domain Services and traditional Active Directory?

Microsoft Entra Domain Services provides managed domain services in Azure. Unlike traditional Active Directory, Microsoft manages the domain controller infrastructure. This solution is perfectly suited for legacy applications requiring Kerberos or LDAP authentication. Administrators do not need to maintain the underlying servers.

How do you choose between Azure IaaS domain controllers and Entra Domain Services?

IaaS domain controllers offer complete control but require full management. You must manage updates, backups, and high availability. Entra Domain Services is better suited if you are looking for a managed solution with fewer operational responsibilities. The choice depends on your specific needs and available resources.

Can you migrate progressively to a hybrid infrastructure?

Progressive migration represents the recommended approach by digital transformation experts. Start by synchronizing identities with Microsoft Entra Connect. Then, migrate non-critical workloads to Azure. This strategy minimizes risks and allows teams to build skills gradually.

What are the hidden costs of a hybrid Windows Server infrastructure?

Beyond licenses and Azure subscriptions, consider network bandwidth costs. Data transfers between sites can represent significant amounts. Team training also constitutes an important but necessary investment. Also plan time for continuous optimization of cloud resources.

How do you ensure regulatory compliance in a hybrid environment?

Azure Policy allows automatic application of compliance rules across all resources. These policies ensure deployments comply with established security standards. Centralized audit logs facilitate controls and regulatory reporting. Microsoft also offers certifications for different international compliance frameworks.

Prix de l'inscription
CHF 3'000.-
Inclus dans ce cours
  • Training provided by a certified trainer
  • 180 days of access to Official Microsoft Labs
  • Official documentation in digital format
  • Official Microsoft achievement badge
Mois actuel

lun08Déc(Déc 8)09:00jeu11(Déc 11)17:00VirtuelVirtual Etiquettes de sessionAZ-800T00

lun08Déc(Déc 8)09:00jeu11(Déc 11)17:00Genève, Route des Jeunes 35, 1227 Genève Etiquettes de sessionAZ-800T00

mar03Fév(Fév 3)09:00ven06(Fév 6)17:00VirtuelVirtual Etiquettes de sessionAZ-800T00

mar03Fév(Fév 3)09:00ven06(Fév 6)17:00Lausanne, Av. Mon-Repos 24, 1005 Lausanne Etiquettes de sessionAZ-800T00

mar10Mar(Mar 10)09:00ven13(Mar 13)17:00VirtuelVirtual Etiquettes de sessionAZ-800T00

mar10Mar(Mar 10)09:00ven13(Mar 13)17:00Genève, Route des Jeunes 35, 1227 Genève Etiquettes de sessionAZ-800T00

mar14Avr(Avr 14)09:00ven17(Avr 17)17:00Lausanne, Av. Mon-Repos 24, 1005 Lausanne Etiquettes de sessionAZ-800T00

mar19Mai(Mai 19)09:00ven22(Mai 22)17:00VirtuelVirtual Etiquettes de sessionAZ-800T00

mar19Mai(Mai 19)09:00ven22(Mai 22)17:00Genève, Route des Jeunes 35, 1227 Genève Etiquettes de sessionAZ-800T00

mar23Juin(Juin 23)09:00ven26(Juin 26)17:00VirtuelVirtual Etiquettes de sessionAZ-800T00

mar23Juin(Juin 23)09:00ven26(Juin 26)17:00Lausanne, Av. Mon-Repos 24, 1005 Lausanne Etiquettes de sessionAZ-800T00

mar28juil(juil 28)09:00ven31(juil 31)17:00VirtuelVirtual Etiquettes de sessionAZ-800T00

mar28juil(juil 28)09:00ven31(juil 31)17:00Genève, Route des Jeunes 35, 1227 Genève Etiquettes de sessionAZ-800T00

mar01Sep09:00ven04(Sep 4)17:00VirtuelVirtual Etiquettes de sessionAZ-800T00

mar01Sep09:00ven04(Sep 4)17:00Lausanne, Av. Mon-Repos 24, 1005 Lausanne Etiquettes de sessionAZ-800T00

mar06Oct(Oct 6)09:00ven09(Oct 9)17:00VirtuelVirtual Etiquettes de sessionAZ-800T00

mar06Oct(Oct 6)09:00ven09(Oct 9)17:00Genève, Route des Jeunes 35, 1227 Genève Etiquettes de sessionAZ-800T00

mar10Nov(Nov 10)09:00ven13(Nov 13)17:00VirtuelVirtual Etiquettes de sessionAZ-800T00

mar10Nov(Nov 10)09:00ven13(Nov 13)17:00Lausanne, Av. Mon-Repos 24, 1005 Lausanne Etiquettes de sessionAZ-800T00

mar15Déc(Déc 15)09:00ven18(Déc 18)17:00VirtuelVirtual Etiquettes de sessionAZ-800T00

mar15Déc(Déc 15)09:00ven18(Déc 18)17:00Genève, Route des Jeunes 35, 1227 Genève Etiquettes de sessionAZ-800T00

Contact

Appellez-nous

ITTA
Route des jeunes 35
1227 Carouge, Suisse

Opening hours

Monday to Friday
8:30 AM to 6:00 PM
Tel. 058 307 73 00

Contact-us

ITTA
Route des jeunes 35
1227 Carouge, Suisse

Call Us Now

Make a request

Request Form

Contact

Call-us Now

ITTA
Route des jeunes 35
1227 Carouge, Suisse

Opening hours

Monday to Friday, from 8:30 am to 06:00 pm.

Contact us

  • ITTA
    Route des Jeunes 35
    1227 Carouge, Suisse

Your request

  • ITTA
    Route des jeunes 33 Bis, Entrée B,
    1227 Carouge, Suisse