Skip to content
/ Active-Directory-and-GPO-Management-Lab-ADATUM.COM Public

A simulated enterprise lab showcasing Active Directory and Group Policy implementation using Windows Server 2022, including user management, OUs, delegation, GPOs, and firewall configuration.

0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

ankitlehra/Active-Directory-and-GPO-Management-Lab-ADATUM.COM

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

10 Commits
images
images
 
 
README.md
README.md
 
 

Repository files navigation

Enterprise Active Directory and GPO Management Lab – ADATUM.COM

This lab demonstrates a full Active Directory and Group Policy Management implementation in a simulated enterprise setup using Windows Server 2022. The goal was to configure user accounts, organizational units, delegation, permissions, GPOs, and firewall rules in a domain environment.

Tools Used

  • Active Directory Users and Computers (ADUC)
  • Active Directory Administrative Center (ADAC)
  • Group Policy Management Console (GPMC)
  • Windows Admin Center
  • Windows Defender Firewall with Advanced Security
  • Event Viewer

Key Tasks & Activities

1. Active Directory Management

  • Created a domain structure for adatum.com.
  • Built OUs like IT, Marketing, Managers, Service Accounts, Research, etc.
  • Created and managed user accounts (e.g., Colin Hunt, Beth Burke).
  • Applied logon hour restrictions and account policies.
  • Enabled protection against accidental deletion.

2. Group and Role Management

  • Created Security Groups like ITADMINS.
  • Assigned users to groups.
  • Delegated specific control to ITADMINS (reset passwords, manage group memberships).

3. Group Policy Management

  • Created and linked GPO EndpointBaseline-6803 to domain and Domain Controllers.
  • Configured ADMX templates including:
    • LAPS (Local Administrator Password Solution)
    • MSS security settings
    • Start Menu, Control Panel, and Windows Components

4. Firewall Hardening

  • Configured inbound and outbound firewall rules:
    • Allowed: Notepad, RDP, system apps.
    • Blocked: Internet Explorer, Edge, SMTP, Xbox services.
  • Verified logs in Event Viewer (RuleName: Block Internet Explorer).

📸 Screenshots

OU and Account Setup

Service Account OU Organizational Unit created for Service Accounts.

VIP User Properties User properties of a VIP user – Colin Hunt.

Logon Hours Logon hours configured for weekdays, 9 AM to 6 PM.

Object Protection User object protected from accidental deletion.

User Groups and Admin Center

IT OU Users IT OU with 4 users

ADAC Overview Active Directory Administrative Center Overview

Server Manager Web Server Manager Active Directory view

Group Management & Delegation

ITADMINS Group Members ITADMINS group with 4 members

Delegation Wizard Delegation of Control Wizard complete screen

OU Permissions & Security

Advanced Permissions Advanced Permissions - Research OU – advanced security settings

GPO Configuration

GPO Scope – EndpointBaseline Shows the EndpointBaseline-6803 GPO and its linked scope.

Firewall Configuration

Firewall Rules – Inbound & Outbound Firewall Rules – Inbound & Outbound (notepad allowed, IE blocked).

Firewall Log – Event Viewer Firewall Log – Event Viewer(Shows a log entry for the “Block Internet Explorer” firewall rule.)

GPO ADMX Templates

ADMX Settings ADMX Settings(GPO editor with ADMX templates from central store (Control Panel, LAPS, etc.))

About

A simulated enterprise lab showcasing Active Directory and Group Policy implementation using Windows Server 2022, including user management, OUs, delegation, GPOs, and firewall configuration.

Resources

Readme
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published