# Course plan

Instructor-facing document. Provides a session outline based on the lab,
alternating theory, demo, and student practice.

## Audience and prerequisites

- Sysadmin-track students, reskilling learners
- Networking fundamentals required (TCP/IP, DNS, DHCP)
- One workstation per learner, 16 GB RAM minimum, VT-x enabled

## Duration

- Intensive: 2 days (14h)
- Spread: six 3h half-days

## Structure

### Session 1 — Intro and setup (3h)

Goals:

- Understand what a directory is, what AD solves
- Start the lab, install Windows Server

Plan:

1. (45 min) Theory: AD history, vocabulary (forest, domain, DC, OU, GPO)
2. (15 min) Lab presentation (diagram, 3 VMs)
3. (1h30) Hands-on: lab install, start DC01, first login

Student material: `docs/etudiant/en/00-prerequisites.md` and `01-lab-startup.md`.

### Session 2 — Promotion and population (3h)

1. (45 min) Theory: FSMO roles, integrated DNS, functional levels
2. (2h) Hands-on: DC promotion, OUs, users, groups
3. (15 min) AGDLP debrief

Material: `02-dc-promotion.md`, `03-ou-users-groups.md`.

### Session 3 — GPOs (3h)

1. (1h) Theory: GPOs, inheritance, filtering, LSDOU order
2. (1h45) Hands-on: create three GPOs, verify on a client
3. (15 min) Best practices: don't overload Default Domain Policy

Material: `04-gpo.md`.

### Session 4 — Shared resources (3h)

1. (45 min) Theory: SMB, NTFS, share vs NTFS permissions
2. (2h) Hands-on: create shares, ACLs, cross-user tests
3. (15 min) AGDLP in practice

Material: `05-shares-ntfs.md`.

### Session 5 — Joining Windows clients (3h)

1. (45 min) Theory: Kerberos, secure channel, DNS constraints
2. (2h) Hands-on: join PC01, log in as AD user, test shares
3. (15 min) RDP group via GPO

Material: `06-join-windows-client.md`.

### Session 6 — Cross-OS integration (3h)

1. (30 min) Theory: realmd, sssd, Kerberos beyond Windows
2. (2h) Hands-on: join linux01, authentication tests
3. (30 min) Outlook: enterprise use cases (Linux servers joined to AD,
   AD-backed ssh/sudo)

Material: `07-join-linux-client.md`.

## Assessment

Three possible formats:

1. Multiple-choice: vocabulary and concepts (30 min, 20 questions)
2. Graded lab: give an OU/group structure to set up, shares with specific
   ACLs, grade via login tests
3. Mini-project: add a scenario (new department, new GPO) to the existing lab

## Solutions

Full PowerShell scripts live in `docs/formateur/corriges/`. **Do not
distribute** to learners.