MS AD certification and experience for a role in my project

Hank Hawasli
Hank Hawasli used Ask the Experts™
I would like some help with defining the required Microsoft Active Directory certification and experience for a role in one of my projects.

We require two roles, a manager and senior associate:
The manager is responsible for overseeing day-to-day activities of the senior associate, some architecture knowledge (specifically for microsoft) is also great. The Manager is also responsible for interacting with other stakeholders for required implementation and integration (for example, if a new agent needs to be installed on the domain controller or distributed to the environment, sending DC logs to a syslog...etc)

The senior associate will be the executor as per the manager's assignments.

Can someone please help me by suggesting what certification should I be requiring for both roles, years of experience and other skills (like PowerShell ...etc)
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Network Engineer
How large and diverse is the environment? How complicated? Organizational culture?

This is really hard to say. You might need people with kinda basic knowledge and skills, or maybe top tier professionals with 15+ years of experience.

Certifications don't mean much. Usually, the good people don't need or have certifications. Most people working on certifications don't have much experience.

Does the organization have technical staff now? Why is there both a manager and front line person needed? Usually in such a small group the manager should be able to contribute significantly to the technical output. I would hope that at least 75% technical work and less than 25% managing.
Hank HawasliDirector


Thank you very much this was actually very useful. I love the fact that certification is probably not the best approach. The organization does have staff but are under staffed and are undergoing some transformation. There are many different controls being implemented on many different systems, so they need more man-power basically to help with the implementation and design. We already have a design team but would need to help them with extra man-power for the implementation, documentation ....etc
So the organization is fairly large, but their main DCs are probably 10-20. The engineer that is the subject of this question will not be solely responsible for managing the MS infrastructure, the organization already has someone to do that. The actual task would be to help implement the controls that are part of the transformation. For example if we want to implement File Integrity Monitoring, we need someone to assess the feasibility of it being implemented on the DCs and how to use the DCs to push the FIPS agents across the organization (just an example)
Darrell PorterEnterprise Business Process Architect

Were it my project, I would want the manager to be someone with 10-15 years experience with Active Directory in an enterprise environment with a distinct understand of the impact of forest and domain functional levels, the impact of extending the AD schema, AD health and integrity troubleshooting and monitoring, etc.
For the architect, I would want someone who would ensure my AD environment is sound, healthy, properly architected and properly replicating prior to the introduction of changes to the environment; someone who is going to be honest and forthcoming but in a non-confrontational manner and who can communicate in both an executive and technical manner, depending upon audience, to help the organization understand the ramifications of these changes.
Both of these roles should be people who are also able to translate business needs into the architecture of AD and the underlying systems.  They would understand and account for resiliency and DR.  They would formulate, communicate, and assist in the engineering and implementation of testing said functionality to ensure the systems worked end-to-end even if key components were degraded or non-functional.
The architect would also be able to provide the front-line support staff with tier 1 and tier 2 troubleshooting and support processes and documentation along with escalation paths for each subsystem supported by these AD changes.
Hank HawasliDirector


thank you for your support, this was indeed very helpful

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial