Skip to content

Latest commit

 

History

History
27 lines (19 loc) · 857 Bytes

File metadata and controls

27 lines (19 loc) · 857 Bytes

GPO Hardening Lab

This lab demonstrates how to use Group Policy in Active Directory to enforce security settings across workstations.

Objectives

  • Create a security baseline GPO.
  • Apply password and account lockout policies.
  • Disable legacy / insecure protocols where possible.
  • Restrict local administrator usage.
  • Validate that GPOs apply to target OUs.

Example Hardening Ideas

  • Password policy: length, complexity, history.
  • Account lockout: threshold and duration.
  • Disable guest accounts.
  • Configure Windows Firewall defaults.
  • Disable LM / NTLM where compatible with the environment.

Script

  • Scripts/Apply-GPO.ps1 – Creates and links a GPO called Security-Baseline to an OU.

After running the script, edit the GPO in the Group Policy Management Console to configure detailed settings.

Author

Eyouel Melaku