The goal is to use PowerShell to create a GPO and a WMI filter for the PDC. The PDC is the authoritative time source in a Domain and it’s vital that only the PDC syncs with the upstream time source. Every other domain controller should, in turn, sync from the PDC, maintaining a proper hierarchy and preventing clock chaos

Rocky Linux version 10 is today's Linux OS of choice and part of the Zero Trust implementation for the home lab. The steps in this blog detail the implementation of IPSec between a Windows Domain and Linux using Strongswan.

Smart cards store cryptographic certificates that enable two-factor authentication (2FA). Unlike passwords, these credentials cannot be easily stolen or reused, making it significantly harder for attackers to gain access and will be implemented as part of Zero Trust

Zero Trust - This blog will provide an in-depth explanation of the AD delegation model that has been delivered by PowerShell for a Zero Trust Network

Zero Trust assumes the network is hostile, even internal traffic can't be trusted without verification. Every connection must be authenticated, authorized, and encrypted. IPSec (Internet Protocol Security) is a key enabler. In this article, I'll implement IPSec in a Domain with certificates using the Microsoft Platform Crypto Provider is the Key Storage Provider (KSP) that allows certificates and their private keys to be stored in the TPM.

Leverage PowerShell to automate the entire setup of a Windows domain in AWS from creating the VPC to configuring the EC2 encrypted volume.

leverage PowerShell to automate the entire setup of a Windows domain in AWS from creating the VPC to configuring the EC2 encrypted volume.

Welcome Back Hey there! I'm glad to have you back for the third Ansible article. This time, we're diving into using Ansible to manage...

We're diving into Ansible Vault and how to keep those Microsoft Windows passwords safe by encrypting them whilst they are at rest.

Welcome to this introduction to managing Windows from Ansible, unlike Microsoft's management solutions, it's free and agentless!

In this post, we'll delve into the automated deployment of a Domain using PowerShell in tandem with a JSON configuration file.

Welcome back to the continuation of our series on deploying Domain Controllers using PowerShell and JSON. If you've been following along with Part 1, you should now have a newly configured Domain Controller with a delegated Organizational Unit (OU) structure in place.

This post walks through how to use PowerShell to set up targeted delegation for DNS, creating the right AD groups with clear scopes and following Microsoft’s recommended naming conventions.

How to Delegate Active Directory OU's with PowerShell Today is a quick explanation regarding OU delegation using PowerShell with usable examples and how-to located the GUID that identifies the object type being delegated.

Tried merging GPOs with PowerShell? It’s not as straightforward as it sounds, PowerShell is really just providing logic around LGPO.exe. Still, the method below does the job of merging disparate GPOs for domain deployment.

If you’ve ever tried managing Group Policies with PowerShell, you’ll know Microsoft’s support is… less than ideal (read: nonexistent). Sure, there are paid third-party tools to fill the gap, but you can also just follow this article and get it done for free.

Ever wondered what all those Windows Guids translated to in User Rights Assigments? Follow the link and run the script with Admin...

Prevent lateral movement of hackers around the domain searching for escalation points to elevate to Domain Admins. Preventing escalation via cached or actively logged on privileged accounts can be accomplished with segregated tiers between Workstations, Servers and Domain Controllers.