Barney's Blog

Blog archive

Q&A With James Carrion: Mastering Active Directory

Next up to bat in my series of Q&A blog posts is cert master James Carrion of Mountain View Systems. Here's some of his thoughts on why increasing your Active Directory knowledge is key for IT

Q: What are your thoughts on the value of certifications in today's IT job market?
A: Any technical certification serves two purposes. First, it's a resume stacker -- the certified in one pile, the not certified in another. Second, it indicates to prospective employers the exposure level of a job candidate to a particular technology. It's easy to pad your resume with technologies you allege to have experience with, but having the certification shows that you spent time learning the product in order to pass the certification exam. It doesn't attest to your level of proficiency, as that can only be ascertained during a technology interview, but it does provide a useful measure to find the most qualified candidates.

Q: Active Directory is a critical IT tool. What do you think about it not being able to manage Windows Runtime (WinRT) devices?
A: With the explosion in tablets and touch interfaces, users are demanding that IT support their favorite tablet in the workplace, and it's only natural that there be a directory service that manages these devices. To counter the iPad and Android devices in the workplace, Microsoft introduced its Surface tablet, which could become the work tablet of choice if easily managed through standard Active Directory tools. Surface Pro will run Windows 8 Pro and can be managed, but the basic Surface running WinRT can't.

The Windows 7 consumer editions lower than Ultimate also have this lack of workplace integration, and by not including it in WinRT, Microsoft is sending the message that a basic Surface tablet is not seen to be fit as a workplace device. The Microsoft workaround of a cloud-based self-service portal will be intimidating for the smaller IT shops who don't have the programming resources to implement it.

Q: What's your advice for someone committed to truly mastering Active Directory?
A: Read every Active Directory technical document you can get your hands on. Play extensively in your own Active Directory sandboxed test environment if you're not fortunate to already have enterprise admin credentials in your organization or don't manage a multidomain or multiforest Active Directory environment. Many Active Directory admins have a narrow view of Active Directory due to their limited delegated permissions. You can't appreciate the complexity and richness of Active Directory as an organizational unit admin or even as a domain admin. It's easy to create a multidomain and multiforest environment on one or two robust x64 computers using Hyper-V, where you can play and gain that level of experience.

If you already have considerable experience with Active Directory as an enterprise admin and want to reach the next level of mastery, consider pursuing the Microsoft Certified Master [MCM] certification. The knowledge experience alone is worth the price of admission, though the program is expensive and may be out of your reach if you're paying out of pocket. If you find yourself in an MCM rotation at the Microsoft campus, you'll be taught by Microsoft experts and find yourself in a room of peers that will impress you with their collective knowledge and experience.

Q: What career doors does Active Directory expertise open up?
A: The future is the cloud and for Microsoft cloud solutions, Active Directory is still there playing the role of directory service. So investing in learning Active Directory will pay off in traditional IT jobs or in future cloud-based jobs. It's an essential skill set you must learn if you want to maintain an edge in the IT job market.

Q: What other areas of technology does Active Directory knowledge make easier to learn?
A: Active Directory is broad-based and is more than just the directory service. There's a reason that Microsoft renamed some of the services on [Windows Server] 2008 and prefixed them with "Active Directory." By understanding Active Directory Certificate Services you'll understand how Public Key Infrastructure [PKI] works in any application of PKI. By understanding Active Directory Federation Services you'll have an edge on implementing Web-based collaboration in a business-to-business scenario. If you already understand how Active Directory domain controllers manage and replicate the Active Directory data store, then you can easily understand how Active Directory Lightweight Directory Services works.

Want to learn more? James will be speaking at our Techmentor 2012 conference, being held at Microsoft HQ in August.

Posted by Doug Barney on 07/18/2012 at 4:59 PM


comments powered by Disqus

Subscribe on YouTube