AcadeNice/Lab_AD_Complet
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
Lab_AD_Complet/docs/formateur/en/course-plan.md
Corentin 8e1b06e090 Initial lab release: Docker-based Active Directory lab 
Complete Active Directory teaching environment based on dockurr/windows:
- Windows Server domain controller, Windows 11 client, Debian 12 client
- docker-compose orchestration, env-driven configuration
- Bilingual documentation (FR + EN) for students
- Dual approach (GUI + PowerShell) in every procedure
- Instructor course plan and reference scripts
- RDP launcher scripts for Linux, macOS and Windows

Made by AcadéNice - https://acadenice.fr/
2026-04-17 11:29:49 +02:00

2.4 KiB
Raw Blame History

Course plan

Instructor-facing document. Provides a session outline based on the lab, alternating theory, demo, and student practice.

Audience and prerequisites

  • Sysadmin-track students, reskilling learners
  • Networking fundamentals required (TCP/IP, DNS, DHCP)
  • One workstation per learner, 16 GB RAM minimum, VT-x enabled

Duration

  • Intensive: 2 days (14h)
  • Spread: six 3h half-days

Structure

Session 1 — Intro and setup (3h)

Goals:

  • Understand what a directory is, what AD solves
  • Start the lab, install Windows Server

Plan:

  1. (45 min) Theory: AD history, vocabulary (forest, domain, DC, OU, GPO)
  2. (15 min) Lab presentation (diagram, 3 VMs)
  3. (1h30) Hands-on: lab install, start DC01, first login

Student material: docs/etudiant/en/00-prerequisites.md and 01-lab-startup.md.

Session 2 — Promotion and population (3h)

  1. (45 min) Theory: FSMO roles, integrated DNS, functional levels
  2. (2h) Hands-on: DC promotion, OUs, users, groups
  3. (15 min) AGDLP debrief

Material: 02-dc-promotion.md, 03-ou-users-groups.md.

Session 3 — GPOs (3h)

  1. (1h) Theory: GPOs, inheritance, filtering, LSDOU order
  2. (1h45) Hands-on: create three GPOs, verify on a client
  3. (15 min) Best practices: don't overload Default Domain Policy

Material: 04-gpo.md.

Session 4 — Shared resources (3h)

  1. (45 min) Theory: SMB, NTFS, share vs NTFS permissions
  2. (2h) Hands-on: create shares, ACLs, cross-user tests
  3. (15 min) AGDLP in practice

Material: 05-shares-ntfs.md.

Session 5 — Joining Windows clients (3h)

  1. (45 min) Theory: Kerberos, secure channel, DNS constraints
  2. (2h) Hands-on: join PC01, log in as AD user, test shares
  3. (15 min) RDP group via GPO

Material: 06-join-windows-client.md.

Session 6 — Cross-OS integration (3h)

  1. (30 min) Theory: realmd, sssd, Kerberos beyond Windows
  2. (2h) Hands-on: join linux01, authentication tests
  3. (30 min) Outlook: enterprise use cases (Linux servers joined to AD, AD-backed ssh/sudo)

Material: 07-join-linux-client.md.

Assessment

Three possible formats:

  1. Multiple-choice: vocabulary and concepts (30 min, 20 questions)
  2. Graded lab: give an OU/group structure to set up, shares with specific ACLs, grade via login tests
  3. Mini-project: add a scenario (new department, new GPO) to the existing lab

Solutions

Full PowerShell scripts live in docs/formateur/corriges/. Do not distribute to learners.