Education: Preferred: MCP, MCSE, MCSA, CCNA, CCNP, CISSP, CISM. Azure and Office 365 certifications; Power BI foundation. give me a list of must know for this role
ChatGPT said:
Got it — you’re looking for a "must-know" checklist for a role where the preferred education/certifications are:
Microsoft Certifications: MCP, MCSE, MCSA
Networking Certifications: CCNA, CCNP
Security Certifications: CISSP, CISM
Cloud/Platform Skills: Azure, Office 365
Analytics: Power BI Foundation
Here’s a comprehensive "must-know" list tailored to such a role (likely IT infrastructure / security / systems / cloud admin / IT PM):
Windows Server Administration (2016/2019/2022):
Active Directory (users, groups, OU structure, GPOs)
DNS, DHCP, WSUS configuration
File and Print services, permissions, NTFS security
Microsoft Exchange / Office 365:
Mail flow, mailbox management, hybrid setups
Compliance & retention policies, shared mailboxes, M365 Groups
Microsoft Endpoint Manager (Intune):
Device enrollment, app deployment, conditional access
Security baselines, compliance policies
Azure Fundamentals:
Resource Groups, VMs, VNets, Subnets
Storage accounts, RBAC (Role-Based Access Control)
Azure AD & Identity Management (SSO, MFA, Conditional Access)
Security in Azure:
Key Vault, Defender for Cloud, Sentinel basics
Network Security Groups (NSGs), firewalls, encryption
Cost Optimization & Monitoring:
Azure Monitor, Log Analytics, budgeting
TCP/IP Fundamentals:
Subnetting, VLANs, routing protocols (OSPF, BGP basics)
NAT, PAT, IP addressing and DHCP
LAN/WAN Technologies:
Switching, trunking, STP, EtherChannel
WAN technologies (MPLS, VPN, SD-WAN basics)
Network Security:
Firewalls, ACLs, segmentation, Zero Trust approach
Information Security Principles:
CIA Triad (Confidentiality, Integrity, Availability)
Risk management, threat modeling, incident response
Security Frameworks & Governance:
ISO 27001, NIST CSF, GDPR/POPIA
Security policies, disaster recovery, business continuity
Identity & Access Management:
Privileged Access Management (PAM)
MFA, SSO, least privilege model
Power BI Fundamentals:
Connecting to data sources (SQL, Excel, APIs)
Data modeling, relationships, DAX basics
Building dashboards & reports
Monitoring & Reporting:
IT infrastructure health dashboards
Security compliance reporting
Scripting & Automation:
PowerShell for AD, Exchange, and Azure management
Automating reports and bulk tasks
Patch & Update Management:
WSUS/SCCM or Intune patching strategies
Backup & Recovery:
On-prem and cloud backup solutions, DR testing
ITIL / Service Management: Incident, Problem, Change management
Project Management: Basic PM skills if leading deployments
Communication: Ability to translate technical risks to business language
Documentation: SOPs, network diagrams, security documentation
Here’s a massive 100-item “How-To” list on Active Directory (AD) covering users, groups, OU structure, and GPOs — perfect for a quick reference, lab practice, or interview prep.
How to create a new user in AD Users and Computers (ADUC).
How to bulk-create users with PowerShell (Import-CSV).
How to reset a user password in ADUC.
How to unlock a locked-out user account.
How to enable or disable a user account.
How to rename a user account without breaking SID history.
How to move a user to another OU.
How to view user attributes (Attribute Editor tab).
How to configure profile paths and home folders.
How to add a user to multiple groups at once (GUI + PowerShell).
How to set user logon hours.
How to force logoff users outside allowed hours.
How to set user logon workstations (limit where they can log in).
How to configure password never expires.
How to set password expiration reminder via PowerShell.
How to delegate user management to a junior admin.
How to disable user accounts in bulk (PowerShell).
How to expire user accounts automatically (contractor scenarios).
How to find inactive users (90+ days) and disable them.
How to track last logon time of a user (PowerShell / GUI).
How to search for a user in a multi-domain forest.
How to set manager attribute for reporting structure.
How to enable remote desktop logon for a user.
How to configure user account expiration date.
How to force password change at next logon.
How to copy a user account (template accounts).
How to give a user local admin rights via AD groups.
How to check user replication across DCs.
How to disable interactive logon for service accounts.
How to audit user account changes with Security logs.
How to create a security group in ADUC.
How to create a distribution group for email.
How to convert security group to distribution group.
How to add members to a group (GUI + PowerShell).
How to remove members from a group.
How to list all members of a group.
How to check group membership recursively (nested groups).
How to use dynamic distribution groups in Exchange.
How to create role-based security groups (RBAC).
How to find which groups a user belongs to.
How to use AGDLP model (Account → Global → Domain Local → Permissions).
How to apply group-based permissions to a folder.
How to manage group scope (Global, Universal, Domain Local).
How to delegate group membership management to users.
How to create a group policy security filtering group.
How to check which GPOs apply to a group.
How to clean up empty groups.
How to automate group creation with PowerShell.
How to assign permissions to a printer via group.
How to use group nesting properly (best practices).
How to restrict group membership using Restricted Groups GPO.
How to track changes to group membership (Auditing).
How to sync AD groups with Azure AD groups.
How to use groups to manage software deployments via GPO/SCCM.
How to find orphaned SIDs in ACLs when groups are deleted.
How to create a new Organizational Unit (OU).
How to plan an OU structure for delegation and GPO targeting.
How to rename an OU.
How to protect an OU from accidental deletion.
How to move objects between OUs.
How to delegate OU permissions to helpdesk/admin teams.
How to use OU structure for GPO targeting.
How to separate servers, users, and service accounts into OUs.
How to create sub-OUs for finer control.
How to find which OU a user or computer belongs to.
How to search for empty OUs.
How to clean up unused OUs.
How to create a dedicated OU for testing GPOs.
How to create OU-level logon scripts.
How to apply inheritance blocking on an OU.
How to enforce GPO inheritance on an OU.
How to use OU structure to delegate password resets.
How to create OU-based security groups.
How to automate OU creation with PowerShell.
How to export OU structure to CSV for documentation.
How to create a new GPO.
How to link a GPO to an OU.
How to enforce a GPO (No override).
How to block inheritance of GPOs.
How to use security filtering on a GPO.
How to use WMI filtering for GPO targeting.
How to edit a GPO with Group Policy Management Console (GPMC).
How to force GPUpdate on a machine.
How to check which GPOs apply to a user/computer (gpresult).
How to troubleshoot GPO application (RSOP.msc).
How to deploy software via GPO.
How to configure logon scripts via GPO.
How to map network drives via GPO Preferences.
How to deploy printers via GPO.
How to configure folder redirection with GPO.
How to set password policies (fine-grained policies).
How to configure account lockout policy.
How to enable auditing policies with GPO.
How to disable USB drives via GPO.
How to configure BitLocker policies via GPO.
How to enable Remote Desktop via GPO.
How to disable Control Panel/Settings with GPO.
How to configure firewall rules with GPO.
How to back up a GPO.
How to restore or import a GPO from backup.