Just a quick note before I start. I do not work for Microsoft, nor have I ever worked for Microsoft. The information in this post is my thoughts and not those of Metcorp Consulting, LLC, Microsoft, or any other company. Unless said company read my mind and placed some thoughts there… I should buy a Dell…
The content in this post belongs to Sean Metcalf and may not be used for any purpose without express written consent by him.
Also, NOTHING in these posts will get you to pass and become a Microsoft Certified Master (MCM). Only your knowledge & experience and internal motivation to be the best will do that. Sure, you can glean some ideas that will help you prepare, but the MCM Program doesn’t teach to the test. You are tested on potentially anything and EVERYTHING that is Active Directory related (check the pre-reading list for topic coverage). The tests are extremely difficult. You are expected to be at the top of your game to pass.
Also, I use both “Active Directory” and “Directory Services” interchangeably. The official certification is Microsoft Certified Master Directory Services (Windows Server 2008 R2).
The Journey Begins:
Years ago I heard about the Microsoft Ranger program which started with an internal Microsoft group of Exchange experts (Yes, I think I will name drop here: I worked closely with Ross Smith for a while many years ago). This program grew into what is now the Microsoft Certified Master (MCM) & Microsoft Certified Architect (MCA) programs. I did consider the MCM a few years ago when it was 3 weeks long, but I couldn’t get over a few psychological barriers: Have I worked on large enough environments? Did I know enough? Am I good enough? Three weeks is a really long time…
In early 2011, my close friend, D, challenged me with an email stating simply:
I see your future… And the future looks bright… So what’s stopping you?
Yeah.. so anyway. What can I do to help you begin preparing for the MCM? Or what can I do to help ENCOURAGE you to prepare for your MCITP Enterprise Administrator? whichever…
In the email was a link to the MCM Program. I looked it over and remember saying to myself (because occasionally I say stuff to me & vice versa), “yes in good time”. At that point, I still hadn’t become an MCITP, which meant I was a tad behind.
<SmallAmountOfBoasting> I mean when I picked up MCSE in 1997, I took and passed all of the required 6 tests in 6 weeks. I was a bit lazier on the Windows 2000 MCSE and spent a few months on that taking all the necessary tests to pick up the new MCSE title without the upgrade tests. The Windows 2003 MCSE seemed to take up the better part of a year due to my certification lack of focus and stubborn resistance to taking upgrade exams. Maybe that’s part of the challenge for me – doing the whole thing from scratch, forcing myself to understand the nuances from OS to OS… I digress. </SmallAmountOfBoasting>
So, in March of 2011, I committed to myself & my good friend D. that I would pass all the necessary tests to become a MCITP:EA by the end of May. Oh, one other thing I forgot to mention, I had 1 year old triplets in the house at that time, so doing anything like going off in a corner to read & study was a challenge. Apparently, that’s what I needed. A good challenge. I passed the requisite 5 tests in 4 weeks (I took 2 on the first Saturday) and had achieved my goal of MCITP ahead of time as well as busting my previous personal Microsoft test-taking record.
About a month after the MCM email from my buddy D, I replied back with the link to the MCM program.
So, I think it is about time for me to step up to the big league.
At that point, I embarked on a journey towards an industry advanced certification (Microsoft Certified Master, aka MCM) that about 600 people in the world have attained. I took this journey seriously and approached it like it was a black belt in martial arts. Or becoming a Jedi Master. I’ll go with the latter.
With the MCITP:EA behind me, I looked forward to TechEd in May 2011 joined by my faithful sidekick— er, I mean best buddy, ol’ pal D. While perusing the schedule of wall to wall sessions I couldn’t possibly attend unless I somehow figured out how to clone myself (and that didn’t work out so well for Micheal Keaton), although I do like pizza and the number 7…
Where was I…. Oh yeah. I discovered a small side-session off in the corner set up as a group discussion about the MCM program. They had me at MCM…
I ventured into the small session room along with about 20-30 other people interested in getting more information about the, at that time, effectively secret society known as the Microsoft Certified Masters.
This session was hosted by none other than David Burjam-Burr, Program Manager of the Exchange Masters program, I sat up front notebook ready. I learned some fascinating tidbits which also sounded a little frightening.
Here they are (all Exchange MCM related):
- MCM became official in 10/2008 (which is when it was placed under Microsoft Learning)
- ~4 rotations per year with about 20-30 people per rotation.
- 3 weeks, Monday – Friday
- Daily Agenda: 8am – 6pm + studying + homework
- 3rd week: Friday & Saturday is final testing.
- Qualification Lab = 6-8 hours long + lunch
- Know the RFCs (SMTP, IMAP, POP, etc)
- Exchange practice lab environment: On Premise + Cloud, 6 sites (networks), Multiple Orgs, multiple TMG firewalls
- Years at Senior Level
- 750,000 seat deployment (Sean’s note: WOW.)
- Register about 6 months prior to desired rotation
At least that’s what I found when reading through my chicken-scratch. It may be different by now, or not.
Needless to say, not much regarding the AD (Directory Services) stuff which I as most interested in. I think there was 1 maybe 2 other people in the room interested in the AD MCM. Oh, here’s another note to make on feel more confident about the MCM path, (yes, sarcasm): there was one MCM in the room and he didn’t pass until the 3rd test (2 retakes)! Talk about a confidence booster!
After the session I scoured the Microsoft Q&A areas attempting to seek out an MCM to ask all the MCM DS questions I had preventing me from thinking about anything else. I found one & D. and I cornered him, though we were shortly humbled by his MCM-level knowledge.
Reminds me a little of a story about a couple of DJs that used to broadcast in the DC Area (Don & Mike) and a former Super Bowl winning Quarterback & Hall of Famer named Joe Theisman. They were out playing golf one day and Don & Mike were giving Joe a hard time about his golf game (as I understood it, Joe was/is the consummate competitor and was having an off day). Joe spun around at the 12th hole and got in their faces and said “Tell you what, when you have one of these you can talk sh$# until then shut the F#$$ up and play some golf”. This was said quite forcefully as he held up the oversized, diamond encrusted Super Bowl XVII ring in their faces. As I understand it, the rest of the game was rather quiet until D&M bought all the rounds at the 19th hole. Or nothing like that may have ever happened… but it makes a good story. In other words, when you have reached a level in your career, you have no need to say anything. The “Master” was gracious enough to entertain our questions and I learned the following tidbit:
Each test question takes about 2-3 hours to develop and are tested by special “test psychologists” (Psychomatricians https://en.wikipedia.org/wiki/Psychometrics). These test specialists ensure that someone who is expert at taking tests can’t pass without knowing the answer. Tough tests indeed.
I walked out of the Atlanta Convention Center that day with a new challenge. A new purpose. I told my lovely wife that I was going to go to the MCM Directory Services program less than a year later, April 2012 (it was later moved to February). The gracious person that she is, simply said “sure, we’ll talk about it later.” Later involved me reasoning why I could go in October, mere months away. My determination kept my excitement level up as well as my ambition to become a Master.
I spent May & June preparing an application package for the program (many apply, not all are accepted).
The pre-requisites for the application are:
- >5 years of experience (preferably in a AD design or Tier 3 support role) in complex AD environments
- Thorough understanding of AD design & architecture
- 300-level understanding of:
site component topology, forest operations and topology, the Active Directory distributed file system, file replication services, security, client interactions, and Group Policy.
For example, you should be able to:
Troubleshoot and repair broken replication for common issues (for example, secure channel, beyond TSL, and name resolution dependencies)
Understand USN Rollback, and how to correct any potential failure points
Effectively use BASL, site links, site costing, change notification, or other advanced features
Understand how FRS and DFSR function (and differ)
Understand common issues with FRS, and how to repair them, such as Journal Wrap, Morphed Folder, and Auth/Non-Auth Restore
- Basic understanding of AD Certificate Services, AD Federation Services , & AD lightweight Directory Services.
- Functional skills in basic protocol analysis, Hyper-V, scripting, PKI, and IP addressing and routing.
- Ability to speak, understand, and write fluent English.
- An MCSE certification on Microsoft Windows 2000 Server or Windows Server 2003, or a Microsoft Certified IT Professional (MCITP): Enterprise Administrator certification.
And sample applicant docs: https://dynamicevents.emeetingsonline.com/emeetings/websitev2.asp?mmnno=290&pagename=SITE123800
In late June I paid the $135 application fee, they verified my MCSE/MCITP credentials and I received a link and credentials for a Microsoft SharePoint site where I could submit my resume, a design doc I authored (sanitized for my customer’s protection), a current project summary doc, and two previous project summary docs all of which needs to show breadth & depth of AD knowledge & experience.
Sometime in the middle of July, I submitted my application docs after fully reworking my resume and writing several pages for each project summary documents (I figured they could always ask me for an abbreviated version – I don’t do anything half-way). I also selected a recent design document I wrote for a customer after performing intensive sanitization.
I was accepted after Microsoft reviewed my application & I received an email from Ryan Conrad, Program Manager for the MCM DS program and a MCM DS himself. We coordinated a date/time for a phone interview to go over my application package and to discuss the program.
The phone interview took place in early August. While Ryan didn’t ask any questions about my application package (I guess I overwhelmed him with information), he did talk about MCM Program expectations. I learned that AD RMS & AD RS had been removed from the program due to time constraints. I gathered from this phone conversation that this would be extremely tough and that I would have to be at the top of my game to pass. Great time to get this information as I was on vacation camping when I spoke to Ryan. A day or two after speaking with Ryan, I received an email stating that I had been accepted into the MCM Program and could schedule (and pay for) attending a session.
At around this time, D. told me he would buy me a Jedi Robe with something to the effect of “Microsoft Jedi Master” on it. The incentives were stacking up!
NOTE: Due to family issues, I had to push back the MCM Program I could attend to February 2012.
The Hard Work
I found the MCM Pre-reading reference list: http://www.dynamicevents.com/MCM/MCM_Windows2008-Directory_Pre-reading_v5.pdf
I printed it out and used it as a reference to ensure I read all the topics I needed to know before attending the MCM Program.
Since August I read, studied, and built & rebuilt a computer lab environment to text my skills & knowledge. I primarily read through the MCM AD Pre-reading reference list.
Interestingly enough I bought an Android tablet (Asus eePad Transformer) over the Summer to read through all the documents on the list. I used a standard computer to visit each of the websites on the list and downloaded the document (if available for download) or perform a mass copy of the entire webpage and pasted into a new Word document on my computer. After some minor formatting fixes, I saved the file with the appropriate name. I did the same with many of the most interesting and relevant articles on the AskDS Blog by clicking on a tag (Kerberos, for example) and skimming through the available content, reading the shorter articles and saving the longer ones in Word docs. I created a new folder in my DropBox called “MCM” and within this folder I created 2 sub-folders “All MCM Docs” & “Pending Reading List”. Into each of these folders I copied all the MCM pre-reading material I gathered, mostly Word docs with a couple of PDFs, and copied all of it into both of the folders. As I finished reading each document on the tablet, I deleted the file out of the “Pending Reading List” folder in DropBox providing me obvious status of where I was in my reading. I could, of course, always go back to a document to re-read something later on by opening the doc from the “All MCM Docs”.
Starting in November through the end of December, I averaged about 2 hours a day studying in addition to working FT, spending time with family, and running a business.
Each weekday involved getting to work early enough (by 7am) so I could leave work by 3pm, get home, help my wife with the girls and get them to bed on time (around 6pm). After they were in their cribs, I grabbed the tablet and went down to my “man cave” where I entered the Active Directory Zone. I read for about 2 hours and then went back upstairs to spend some QT with my wife.
The weekends afforded me additional time during the day for reading, and I took advantage. While the girls napped (or were supposed to be napping), I read. At night I read. When my wife went to events at friends’ houses and took a break from taking care of triplets, I read. I read for hours on end focuisng on comprehension – If I didn’t fully understand a concept, I re-read it and even white-boarded it until I got it.
My studying included reading through all the docs first. Then after I got through the primary ones, I read more quickly through the peripheral ones. I was able to get through the pre-reading list by the end of December.
At this point, I paid for the MCM DS rotation in Feburary 2012 (2/6 – 2/19), all $14,000 of it. I booked a non-stop flight to Seattle, WA the day before the program started (which ended up being Super Bowl Sunday). I discovered the Homestead Suites Hotel (Bellevue, WA) was very close to the Microsoft building that would be my home for 2 weeks while in Redmond, so I booked a room there from Super Bowl Sunday to Persident’s Day. The rate was reasonable enough – $75/night + any additional fees.
Starting in January, I focused 100% on lab work. This meant standing up new lab forests at different Domain Functional & Forest Functional levels, messing around with the new features of each, creating and breaking trusts and secure channel relationships, running some DCs on Server Core, some on the full install of Win2k8 R2, and several RODCs scattered here and there.
The real fun was when I fired up WireShark and captured traffic as it went across my lab. I captured user logons, opening Outlook, computer first boot-up, DCPromo up a new DC, RODC replicate single object, replication between 2 DCs, mass user creations, mass user deletions, etc.
1 Month to Crunch-Time:
As the weeks counted down towards February 6th, I focused more on core knowledge areas and dove into more technical detail with each passing day. This involved going back to what I saw as the core AD documents:
- Kerberos 5
- Windows 2000 Kerberos Authentication
- AD Data Store
- AD Replication Model
- How DNS Support for AD works
- Windows 2000 DNS
I read through each one focusing on the details and when I went into customer sites, explained every little detail to whoever would listen.
I did whiteboard sessions on:
- Kerberos authentication in a single domain forest
- Kerberos authentication in a multi-domain forest
- Kerberos authentication between two forests
- AD replication between sites
- How data is stored in the Active Directory database
- What happens when a computer boots up for the first time
- and much much more
I found that talking about the technology, especially the details helped firm up in my head how things really worked at every level.
The week before I was scheduled to fly to Seattle, WA, I slowed down. I focused on spending time with family, wrapped up projects at work, and only read about an hour each day.
February 5th: Departure Day
On Super Bowl Sunday, I kissed my girls goodbye for 2 weeks while I attended the elite Microsoft Certified Master (MCM) Directory Services Program at Microsoft headquarters in Redmond, WA.