Objective: Access the lab environment and confirm basic navigation and tooling.
What I did: Logged in successfully, explored the platform, opened Server Manager, and launched PowerShell.
Outcome/Result: Established baseline familiarity with the lab environment and Windows Server administration tools.
Security takeaway: Secure administration starts with controlled access to tools like Server Manager and PowerShell, since they can perform privileged actions.
Objective: Perform core server configuration tasks and begin centralized management setup.
What I did: Checked for Windows Updates, set the correct time zone, switched to a static IP, enabled Remote Desktop, and began the Windows Admin Center install/configuration workflow.
Outcome/Result: Improved server reliability by aligning updates, time accuracy, and stable network addressing; enabled remote administration and began centralized management.
Security takeaway: Remote access (RDP) must be treated as a high-risk service. It should be restricted and monitored, not enabled broadly.
Objective: Deploy DNS and DHCP to support name resolution and automated IP configuration.
What I did: Set a static IP requirement for DNS, installed DNS, created forward and reverse lookup zones, created host and pointer records, installed DHCP, configured DHCP, created a scope, and activated DHCP.
Outcome/Result: Built a working foundation for reliable network communication using DNS resolution and DHCP leasing.
Security takeaway: DNS/DHCP are critical dependencies. Poor control of zones/scopes can impact the entire environment.
Objective: Build domain services and integrate servers into the domain environment.
What I did: Installed AD DS, promoted domain services, created a reverse lookup zone, validated server IP information, tested connectivity to the domain controller, and joined a Windows Server to the domain.
Outcome/Result: Established centralized identity management and domain-based control of Windows resources.
Security takeaway: AD becomes a “high-value target.” Privileged access and authentication controls must be tightly managed in real enterprise environments.
Objective: Explore AD site/subnet design and automate identity tasks using PowerShell.
What I did: Worked through site naming and attempted to add sites/subnets, documented environment limitations, and performed user creation actions using PowerShell including password assignment steps.
Outcome/Result: Connected network segmentation concepts (sites/subnets) to AD design and practiced automation for account management.
Security takeaway: Automation improves consistency, but admin scripting must follow least privilege and change control to prevent accidental misconfigurations.
Objective: Use Group Policy to deploy software and manage client local groups.
What I did: Created an OU, created and shared a network folder, added a software package in the Group Policy Management Editor, ran gpupdate, created a new GPO, configured group preferences, and added users to the local Administrators role.
Outcome/Result: Demonstrated how Group Policy enforces consistent configuration and software deployment at scale.
Security takeaway: Local admin rights are a major risk. Group Policy must be used carefully to avoid over-privileging users across endpoints.
Objective: Use Group Policy to manage Windows Defender Firewall settings and logging.
What I did: Created firewall GPOs, enabled/disabled firewall settings, linked policies, configured firewall behavior, set logging settings, and customized firewall rules through GPO.
Outcome/Result: Showed centralized enforcement of firewall posture across domain systems.
Security takeaway: Firewall policy is strongest when it is consistent, logged, and scoped. Logging is critical for troubleshooting and detection.
Objective: Install and configure RDS roles and review remote app configuration.
What I did: Started RDS installation via Add Roles and Features Wizard, monitored installation progress, reviewed gateway option workflow, and reviewed remote apps in the environment.
Outcome/Result: Built foundational understanding of RDS deployment flow and the role components involved.
Security takeaway: RDS increases remote access capability, but it also increases exposure. Secure deployment requires controlled access, segmentation, and monitoring.
We use cookies to ensure that we give you the best experience on our website. If you continue to use this site we will assume that you are happy with it.Accept