All about the design, implementation, and management of identities on the Windows platform!

Join this exciting Geek Week that covers everything regarding identities in Windows, from AD DS, MIM, AD CS, and AD FS to Windows Identity Foundation and how identities should work in your own applications.
Discussions are mixed with practical labs and demos based on the expert instructors’ impressive experience. A lot of time is reserved for discussions regarding your thoughts, challenges, and everyday work with the identity components of the Windows platform. Hasain and DXter also will be available outside regular lab hours for those who want to do a little extra outside the standard course.
Five hotel nights are included and students get full access, even after training hours, to two of the world’s foremost experts in the identity field.

Course outline

During the week, we go through:
  • How you correctly set up requirements, design, and install
  • How user roles really work under the hood, either standalone or 
  • How to handle upgrades and migrations
  • How to do advanced troubleshooting of all aspects of your identity management solution
  • Automating everything you can imagine with PowerShell
  • New features in Windows Server 2016 (vNext) and how to use them in an existing environment
For more details about the products and areas we are covering, go to "Detailed description".

Target audience

IT professionals and developers who have a focus on identity management and security.



Prerequisite requirements

PKI, Active Directory, networking, and encryption

Target goals

You will have a solid, real-world understanding of how to design, implement, maintain, and manage identities on the Windows platform.

Lab material

Practical hands-on labs and demos mixed with instructor presentations and open discussions

Detailed description

We build an AD with a design based on real best practices, with an extra focus on security and delegation. After we have built up the core AD essentials, we go through MIM and how it can take over and provide our AD with users and groups from a data source. Then, after MIM has done its job, we have identities with data quality good enough to vouch for using digital certificates produced by the AD CS.
This gives us strong identity validation, which we can use for effective, reliable authentication against AD. To enable single sign-on against cloud services and internal applications, regardless of demands on domain membership or Windows version (or Windows at all, for that matter), we fully implement AD FS. Of course, we also can handle authentication against AD FS using the certificates that we produced earlier, and we can expand our tickets from AD FS with information from the MIM database (if required or wanted).

Finally, we will explore Azure AD for both external and internal cloud services alternatives including the following:
  • AD DS as a source of identity and the holder of the authorization-qualifying information
  • MIM as the trusted source of identity information and the engine that provisions and deprovisions internal and external directories
  • AD CS as a source of strong certificate-based identities that work both inside and outside the network
  • AD FS as a transport function of authentication and authorization information to be consumed internally, externally, and by third parties
We will cover:
  • AD DS (Active Directory Domain Services)
  • MIM (Microsoft Identity Manager)
  • AD CS (Active Directory Certificate Services)
  • AD FS (Active Directory Federation Services)
  • Dynamic Privilege Access Management in Windows Server 2016 (coming next year)
  • Azure Active Directory (including coexistence with Active Directory)
  • WIF (Windows Identity Foundation) - how identifies function in applications 
For each hands-on lab, we go through:
  • How to properly set the requirements, design, configuration, and installation
  • Common errors and mistakes with each component
  • How user roles really work, under the hood, individually and together
  • How to handle upgrades and migrations
  • How to handle advanced troubleshooting of all aspects of your identity management solution
  • How to automate these tasks using PowerShell
  • New features of the respective components in Windows Server 2016 (vNext)


Join the LabCenter Network

Share your enthusiasm for new advanced technology and the IT industry by participating in the conversation on social media:

Event management and questions:
Mobile: +46 709 18 30 90
Phone: +46 8 10 20 00


Included in the Geek Week


  • Five days of intensive hands-on labs with unlimited access to instructors
  • Five hotel nights or discount in lieu of the hotel
  • Extra - an opportunity to add your choice of hardware to the booking

Register here!