1
00:00:00,940 --> 00:00:05,240
Deploy and Manage Domain Controllers On‑Premises.

2
00:00:05,240 --> 00:00:05,460
Now,

3
00:00:05,460 --> 00:00:09,960
I mentioned in the aforementioned introduction course that the Windows Server

4
00:00:09,960 --> 00:00:13,090
Hybrid Administrator Certification is not for beginners.

5
00:00:13,090 --> 00:00:16,510
I would ask that you consult the Pluralsight library for remedial

6
00:00:16,510 --> 00:00:19,890
training on Windows Server and Active Directory if that's your thing,

7
00:00:19,890 --> 00:00:23,530
but I do want to cover a couple of key vocab terms just to make sure

8
00:00:23,530 --> 00:00:25,440
we have a consistent vocabulary.

9
00:00:25,440 --> 00:00:28,890
Active Directory Domain Services, or AD DS for short,

10
00:00:28,890 --> 00:00:33,820
is a searchable, hierarchical directory for security principles. Users,

11
00:00:33,820 --> 00:00:37,440
groups, computer accounts were using Lightweight Directory Access

12
00:00:37,440 --> 00:00:42,900
Protocol, LDAP, which listens on TCP 389 by default, and this is the

13
00:00:42,900 --> 00:00:45,080
main Windows Server directory service.

14
00:00:45,080 --> 00:00:47,030
Now, by the end of this skill path,

15
00:00:47,030 --> 00:00:51,320
you'll understand how AD DS on‑prem differs from Azure AD.

16
00:00:51,320 --> 00:00:53,810
Don't make the mistake of thinking they're the same thing

17
00:00:53,810 --> 00:00:55,030
because they're absolutely not.

18
00:00:55,030 --> 00:00:57,890
They're both by Microsoft and they're both identity stores,

19
00:00:57,890 --> 00:01:03,590
but that's where their similarity really ends. Within AD DS we have the

20
00:01:03,590 --> 00:01:08,240
domain controller, which is a specialized Windows Server host that

21
00:01:08,240 --> 00:01:13,560
stores an Active Directory Domain Services database, and through AD

22
00:01:13,560 --> 00:01:17,350
replication makes that database available to other machines in your

23
00:01:17,350 --> 00:01:19,430
network in a controlled manner.

24
00:01:19,430 --> 00:01:23,980
The domain controller obviously is the identity linchpin of your Active

25
00:01:23,980 --> 00:01:27,780
Directory implementation. Without a domain controller available, you're

26
00:01:27,780 --> 00:01:31,740
not going to have any users or services being able to authenticate and

27
00:01:31,740 --> 00:01:33,650
you've got a denial‑of‑service happening.

28
00:01:33,650 --> 00:01:37,970
So you absolutely want redundancy in your domain controller network,

29
00:01:37,970 --> 00:01:46,000
you want to protect those machines, and that's really part of the job tasks of the hybrid cloud Windows Server Administrator.