Over the summer, I rebuilt my Active Directory lab environment with multiple regional domains. Instead of manually configuring common issues, I decided to create a PowerShell script to do this for me.

My Invoke-ADLabBuildOut script does the following:

• Create Top Level OUs
• Create Branch Office OUs
• Rename Default Domain Admin Account
• Create AD Lab Users
• Create AD Lab Groups
• Create AD Lab Service Accounts
• Create AD Lab Admin Accounts
• Create AD Lab Group Managed Service Accounts
• Create AD Lab Windows Workstations
• Create AD Lab Windows Servers
• Create AD Lab Computers
• Create AD Lab Fine Grained Password Policies
• Set SPN on Default Domain Admin Account
• Randomize Admin Account Membership in Admin Groups
• Randomize Service Account Membership in Admin Groups
• Add Password To Random User AD Attribute
• Add Kerberos Delegation
• Add Computer Accounts to Admin Groups
• Set OUs With Blocked GPO Inheritance Invoke-ADLabBuildOut
  

PowerShell AD lab build out script leveraging the Active Directory PowerShell module:
https://github.com/PyroTek3/ADLab

(Visited 20 times, 20 visits today)

Sean Metcalf

I improve security for enterprises around the world working for TrustedSec & I am @PyroTek3 on Twitter.
Read the About page (top left) for information about me. :)
https://adsecurity.org/?page_id=8