A comprehensive Active Directory lab environment demonstrating enterprise-level skills in directory services, Group Policy management, PowerShell automation, and cross-platform integration.
This project showcases the design, implementation, and automation of a complete Active Directory infrastructure with cross-platform monitoring and management capabilities.
- ✅ Enterprise AD Structure - Multi-tier OU hierarchy with department-based organization
- ✅ Group Policy Management - Layered GPO strategy with security baselines
- ✅ PowerShell Automation - Automated documentation, reporting, and management
- ✅ Cross-Platform Integration - Python-PowerShell integration via WinRM
- ✅ Real-Time Monitoring - Web-based dashboard with live system metrics
- ✅ Automated Documentation - Self-documenting environment with scheduled reports
- Organizational Units: 20+
- User Accounts: 6 test users across departments
- Security Groups: 6 role-based and department groups
- Group Policy Objects: 3 production GPOs
- Automation Scripts: 800+ lines of PowerShell, 500+ lines of Python
| Component | OS | IP Address | Role |
|---|---|---|---|
| DC01-HQ | Windows Server 2022 | 10.1.0.10 | Domain Controller, DNS, DHCP |
| Linux-Auto | Ubuntu 22.04 LTS | 10.1.0.20 | Automation Server, Monitoring |
- Lab Network: 10.1.0.0/24 - Domain services and replication
- Internet Access: NAT bridge via virbr0 for updates
- DNS: Internal DNS with external forwarders (8.8.8.8, 8.8.4.4)
\
lab.local
├── IT-Administration
│ ├── IT-Users
│ ├── IT-Computers
│ └── IT-Groups
├── Departments
│ ├── Sales (Users & Computers)
│ ├── HR (Users & Computers)
│ └── Engineering (Users & Computers)
├── Servers
│ ├── Application-Servers
│ ├── File-Servers
│ └── Management-Servers
├── Workstations
│ ├── Desktop-Computers
│ └── Laptop-Computers
└── Service-Accounts
\\
Enterprise-grade OU hierarchy with department-based organization
Layered GPO strategy with security baselines and department policies
Flask web dashboard showing live system health metrics
Automated documentation generation reducing manual effort by 90%
- Windows Server 2022 (Active Directory Domain Services)
- Ubuntu 22.04 LTS
- KVM/QEMU Virtualization
- DNS and DHCP Services
- PowerShell 5.1 (800+ lines)
- Python 3.12 (500+ lines)
- WinRM for remote management
- Bash scripting
- Flask web framework
- Plotly for data visualization
- RESTful API design
- HTML/CSS/JavaScript
- Visual Studio Code
- Git version control
- virt-manager
- OpenMandriva (host OS)
\
AD-Lab-Project/
├── documentation/
│ ├── PORTFOLIO.md # Detailed project portfolio
│ ├── AD-DIAGRAMS.md # Visual architecture diagrams
│ └── QUICK-REFERENCE.md # Quick reference guide
├── scripts/
│ ├── powershell/
│ │ ├── Generate-ADDocumentation.ps1
│ │ └── Get-SystemHealth.ps1
│ └── python/
│ ├── powershell_client.py
│ ├── health_monitor.py
│ └── dashboard.py
├── reports/
│ └── sample-reports/ # Example generated reports
├── images/
│ └── screenshots/ # Environment screenshots
└── README.md
\\
Automated documentation generator that creates:
- Domain and forest information
- Complete OU structure inventory
- User and group reports
- GPO inventory with detailed HTML reports
- Executive summary in multiple formats
Cross-platform monitoring system featuring:
- Remote PowerShell execution via WinRM
- Real-time system health collection
- Web dashboard with live charts
- Historical data tracking
- REST API for programmatic access
- Domain controller deployment and configuration
- OU design following enterprise best practices
- Group Policy creation, linking, and troubleshooting
- User and group lifecycle management
- DNS/DHCP service configuration
- Domain security and authentication
- Advanced PowerShell scripting
- Python development for systems management
- Cross-platform integration (Linux ↔ Windows)
- API development and integration
- Scheduled task automation
- Error handling and logging
- Windows Server administration
- Linux server management
- Virtualization (KVM/QEMU)
- Network design and implementation
- Service monitoring and alerting
- Technical documentation
Challenge: Enabling secure PowerShell remoting from Linux to Windows domain controller
Solution: Configured WinRM with domain authentication, implemented UPN-based credentials, and established secure communication channels
Challenge: VMs required both internet access and isolated lab network
Solution: Designed dual-NIC configuration with virbr0 for internet and dedicated 10.1.0.0/24 network for domain services
Challenge: Manual documentation becomes outdated quickly in dynamic environments
Solution: Created PowerShell automation that generates comprehensive documentation on-demand in multiple formats
- Multi-site AD replication with DC02-Branch
- Certificate Services (AD CS) implementation
- Advanced GPO features (WMI filtering, loopback processing)
- Disaster recovery procedures and testing
- Azure AD Connect for hybrid identity
- SIEM integration for security monitoring
- Automated backup and restoration
- Additional client VMs for testing
- Full Portfolio - Complete project documentation
- Architecture Diagrams - Visual network and OU diagrams
- Quick Reference - Command reference guide
This project is created for educational and portfolio purposes.
Job Morales
- LinkedIn: https://www.linkedin.com/in/job-morales/
- Email: jobd.morales@gmail.com
- Microsoft Learn for Active Directory documentation
- PowerShell community for scripting best practices
- Flask and Python communities for web development resources
Note: This is a lab environment created for learning and demonstration purposes. Passwords and security configurations shown are for educational use only and should not be used in production environments.
Last Updated: 2025-11-05