Active-Directory

Figure: SCCM Dashboard displaying 7-zip deploying to my test collection In my previous post, I built a Group Policy framework that secured my Active Directory environment - locking down computer labs, enforcing password policies, redirecting user data to network storage. That covered the security side of managing endpoints. But Group Policy alone doesn’t answer a fundamental enterprise question: how do you actually get software onto machines? How do you make sure 500 workstations are running the latest security patches? How do you know which computers are compliant and which ones aren’t? ...

In my previous post, I built an Active Directory environment with 500+ users across 26 organizational units - modeled after a university with different schools and departments. Building that structure was step one. But an organized AD environment without Group Policy doesn’t actually do much outside of authenticating users. That’s what this post is about: taking that AD structure and using it to implement real security policies. I configured 10 different Group Policies covering everything from domain-wide password requirements to locking down public computer labs. ...

Designing and operating a realistic Active Directory homelab to practice automation, recovery, and enterprise-scale decision-making.