Active Directory, Hyper-V, PowerShell automation, IIS, patching strategy, and Azure Arc integration for Windows Server in hybrid environments.
Implementing a three-tier PAW model for AD — Tier 0 forest isolation, ESAE, and Azure AD PIM for hybrid AD admin.
Planning, configuring, and testing Hyper-V VM replication to Azure using ASR with detailed runbook examples.
Writing, compiling, and deploying DSC configurations for IIS, AD, and security baselines across server fleets.
Service principal onboarding, Arc-enabled server requirements, policy assignments, and MMA vs AMA agent.
Replacing WSUS with Azure Update Manager — assessment schedules, maintenance windows, and compliance reporting.
Disabling legacy TLS, applying CIS benchmarks to IIS, and fronting with Azure Application Gateway WAF.