So if you landed here you were likely looking for an active directory certification that you can get to take your career to the next level. I have some bad news for you and that is that there isn’t really any notable and specific active directory certification specific to active directory only that you can go get. The good news though is that there are certifications you can get that cover active directory that you can get that absolutely will take your career to the next level.
Active Directory comes under Microsoft domain. Microsoft offers a number of technical and non-technical certifications. Before jumping into Active Directory certification details, we need to understand Active Directory and its role/services in detail.
What is Active Directory?
Active Directory is a Microsoft service developed for Windows based networks. The service was first launched in Windows server 2008. The initial role of Active Directory was to provide a centralized management system for the objects. An object can be a user, group, application, or a device. However, as the technology evolved, new roles and services were added to the existing portfolio of Active Directory services. Following are five major roles/services of Active Directory.
- Active Directory Domain Services (AD-DS)
- Active Directory Certificate Services (AD-CS)
- Active Directory Federation Services (AD-FS)
- Active Directory Rights Management Services (AD-RMS)
- Active Directory Lightweight Directory Services (AD-LDS)
Active Directory Domain Services (AD-DS)
Active Directory Domain Service (AD-DS) provides management of network resources in a secure and scalable way. It not only stores & manages information about network resources but also provides support for the linked (directory-enabled) applications like Microsoft Exchange Server. The information stored and managed is related to users, network devices, servers, and clients etc. For example, the user information may include user’s account details, user role in the network, access to the resources, and the policy defining user role and privileges.
Active Directory Certificate Services (AD-CS)
AD-CS issues and manages digital certificates similar to Public Key Infrastructure (PKI). PKI is a set of procedures, policies, and roles required for creating, using, storing, managing, sharing, and revoking digital certificates. Digital certificates are used to achieve security, authentication, and non-repudiation goals.
Active Directory Federation Services (AD-FS)
The FS is responsible for cross-organizational access of systems and applications. The service facilitates the cross-organizational sharing of resources. The users of existing FS network can access the resources of other networks. Similarly, the users can share their resources with cross-domain users with the help of AD-FS. The communication is facilitated with the help of account federation servers and resources federation servers.
Active Directory Rights Management Services (AD-RMS)
AD-RMS protects network assets based on the authorization parameters. User defines permissions for the documents, worksheets, or emails he creates. The RMS protects those documents/worksheets/emails based on the type of permission set by the user. For instance, a user can set “read only” permission of the document he creates. The other users can access and read the document but cannot edit, modify, or delete that document. Similarly, the user can restrict documents copying and sharing with the help of RMS. The usage and access restrictions can be applied regardless of the location of the data/assets.
Active Directory Lightweight Directory Services (AD-LDS)
AD-LDS is a file-based tree structure directory service for directory-enabled applications. It provides storage and accessibility of data similar to the AD-DS data (users, applications, devices). AD-LDS uses the same APIs as Active Directory to manage and access application data.
Active Directory Certification
Due to the diversity of roles played by Active Directory services, there is no specific Active Directory certification offered by Microsoft (or other certification authorities). However, Microsoft offers relevant certifications that can help individuals mastering the skills required to run and manage Active directory job tasks. These include the following certifications.
Microsoft Technology Associate (MTA)
MTA is the basic certification that validates the individuals’ knowledge and concepts about technology.
How to Become MTA Certified: MTA is a beginner’s level certification that does not require any prior certification or qualification to take the exam. There a number of exams offered under MTA domain. The candidate can select any of the available exams to become MTA certified. Since, we are discussing MTA in the context of Active Directory Certification; the following two exams validate user’s knowledge and concepts about Active Directory domain.
|Exam Code||Exam Details|
|Exam 98-365||Windows Server Administration Fundamentals|
|Exam 98-368/Course 40368||Mobility and Devices Fundamentals|
MTA certification holders can go for Microsoft Certified Solutions Associate (MCSA) and Microsoft Certified Solutions Developer (MCSD) certification as part of the Continuing Education Policy to broaden their skills and expertise in the field.
Microsoft Certified Solutions Associate (MCSA)
MCSA is the next level certification after MTA that determines the individuals’ capabilities to run and manage Windows based networks. MCSA holders can serve as system administrators and network specialists.
How to Become MCSA (Windows Server 2012) Certified: MCSA requires basic IT skills and knowledge to take MCSA exam. MTA credential validates the individuals’ knowledge required to become eligible for MCSA exam. There are three mandatory exams to pass to become MCSA certified. The details about these exams are listed below.
|Exam Code||Exam Details|
|Exam 70-410/Course 20410||Installing and Configuring Windows Server 2012|
|Exam 70-411/Course 20411||Administering Windows Server 2012|
|Exam 70-412/Course 20412||Configuring Advanced Windows Server 2012|
Exam 70-410 validates the person’s skills to deploy and configure Windows Server 2012 core services including Active Directory. Candidates interested in Active Directory Certification must consider MCSA certification since it validates user’s expertise to implement and configure Active Directory services at organizational level.
How to Become MCSA (Windows Server 2016) Certified: The core concept of MCSA for Windows Server 2016 is similar to Windows Server 2012. However, more features are included in MCSA Windows Server 2016 exam.
|Exam Code||Exam Details|
|Exam 70-740/Course 20740||Installation, Storage, and Compute with Windows Server 2016|
|Exam 70-741/Course 20741||Networking with Windows Server 2016|
|Exam 70-742/Course 20742||Identity with Windows Server 2016|
Exam 70-742 validates user’s expertise in installing and configuring Active Directory Domain Services (AD-DS). The certification also covers other Active Directory domains, such as Active Directory Certificate Services (AD-CS) and Active Directory Federation Services (AD-FS). MCSA (Windows Server 2016) credential can fulfill the Active Directory Certification requirement.
MCSE: Core Infrastructure
MCSE Core Infrastructure credential validates the individuals’ knowledge and skills required to run big data centers and manage systems, networks, storage, and virtualization related job tasks. MCSE Core Infrastructure holders are considered eligible for the following key positions in the organizations.
Information Security Analyst
Computer Support Specialist
How to Become MCSE (Core Infrastructure) Certified: In order to achieve MCSE Core Infrastructure certification, the candidate must avail MCSA certification in Windows Server 2012 or Windows Server 2016. MCSA certification holders can take one of the following exams to earn the MCSE certification. It is recommended to take exam that is most relevant to Active Directory roles and services, such as Exam 70-744, 70-413, and 70-414.
|Exam 70-473||Designing and Implementing Cloud Data Platform Solutions|
|Exam 70-475||Designing and Implementing Big Data Analytics Solutions|
|Exam 70-744||Securing Windows Server 2016|
|Exam 70-745||Implementing a Software-Defined Datacenter|
|Exam 70-413||Designing and Implementing a Server Infrastructure|
|Exam 70-414||Implementing an Advanced Server Infrastructure|
|Exam 70-537||Configuring and Operating a Hybrid Cloud with Microsoft Azure Stack|
As part of Continuing Education Policy, Microsoft encourages MCSE professionals to explore MCSE related certifications, such as MCSE: Data Management and Analytics and MCSE Productivity Solutions Expert, to broaden their skills.
There are a number of IT/cyber-security certifications where different domains are made an obligatory part of the exam to be taken in order to become certified in that specific (IT/cyber-security) field. The same approach can be applied in the case of Active Directory certification by converting Active Directory roles/services into Active Directory domains and making them an integral part of the exam designed for Active Directory certification.