Skip to content
/ GPO-Hardening-Lab Public

Group Policy security hardening lab with custom baseline GPOs, password policies, lockout settings, firewall configuration, and AD compliance checks.

0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

eyouel-cloud/GPO-Hardening-Lab

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

2 Commits
Scripts
Scripts
 
 
README.md
README.md
 
 

Repository files navigation

GPO Hardening Lab

This lab demonstrates how to use Group Policy in Active Directory to enforce security settings across workstations.

Objectives

  • Create a security baseline GPO.
  • Apply password and account lockout policies.
  • Disable legacy / insecure protocols where possible.
  • Restrict local administrator usage.
  • Validate that GPOs apply to target OUs.

Example Hardening Ideas

  • Password policy: length, complexity, history.
  • Account lockout: threshold and duration.
  • Disable guest accounts.
  • Configure Windows Firewall defaults.
  • Disable LM / NTLM where compatible with the environment.

Script

  • Scripts/Apply-GPO.ps1 – Creates and links a GPO called Security-Baseline to an OU.

After running the script, edit the GPO in the Group Policy Management Console to configure detailed settings.

Author

Eyouel Melaku

About

Group Policy security hardening lab with custom baseline GPOs, password policies, lockout settings, firewall configuration, and AD compliance checks.

Topics

active-directory compliance security-hardening group-policy cis-benchmark enterprise-security windows-hardening

Resources

Readme
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages