Building an Active Directory Domain with Group Policies

This lab demonstrates basic Windows domain administration by setting up Windows Server 2016 on Oracle VirtualBox, and setting up Active Directory in a test environment along with Group Policies. Then further goes into using PowerShell to manage Active Directory and Group Policy on a Windows domain.

Active Directory

Active Directory (AD) is a directory service developed by Microsoft used to centrally manage and organize users, computers, and resources within a Windows-based network. Think of it as the control center of an IT environment — it handles identity verification, permissions, group policies, and secure access to resources like shared folders, printers, and applications.

• Authenticate users when they log in.


• Assign permissions and enforce security policies across many computers at once.


• Create and manage objects (like users, groups, and devices) in a structured and scalable way using a hierarchy called the domain.

At the heart of AD is a Domain Controller, which acts like a trusted gatekeeper, validating credentials and enforcing rules.

Whether it's a small office or a large enterprise, Active Directory is critical for keeping systems organized, secure, and functioning efficiently — especially in environments where centralization and control are key.

Group Policy

Group Policy is a powerful feature in Windows Server that allows administrators to centrally manage and enforce settings across users and computers in an Active Directory environment.

Through Group Policy, you can:

• Enforce password complexity rules
• Prevent access to Control Panel or Task Manager
• Automatically map network drives
• Configure desktop environments
• Deploy software and scripts at startup or login

Group Policies are created using the Group Policy Management Console (GPMC) and are linked to Active Directory objects like Organizational Units (OUs). When a user logs in or a computer boots up, these policies are applied to ensure consistent security and configuration settings across the organization.

In a Windows Server lab, Group Policy lets you practice real-world system administration by designing and testing policies that shape the behavior of users and machines in a domain environment.

Objects

Active Directory objects are the building blocks of the Active Directory environment. Each object represents a real-world element — such as a user, computer, group, printer, or organizational unit — and contains information about that element in the form of attributes.

These objects are stored in a hierarchical structure within the AD database, making it easier to organize, manage, and secure resources across a network.

These objects are stored in a hierarchical structure within the AD database, making it easier to organize, manage, and secure resources across a network.

• User - Represents a person with login credentials and permissions.
• Computer - Represents a workstation or server joined to the domain.
• Group - A collection of users or computers for simplified permission management.
• Organizational Unit (OU) - A container used to group and delegate control over objects.
• Shared Resources - Includes objects like printers or file shares that can be managed centrally.

Each object is uniquely identified by a Distinguished Name (DN) and can have specific Group Policies applied to it.

In essence, AD objects give administrators the power to manage identity, access, and organization in a consistent, scalable, and secure way — all from a centralized point of control.

• Installing Windows Server 2016 on Oracle VirtualBox
• Setting up DNS and DHCP
• Setting up Active Directory
• Adding a Computer to the Domain
• Setting up Group Policy
• Managing AD & GP with PowerShell
• Concluded Basics

View this project on GitHub