Active Directory Project

Project Overview

In this project, I designed and implemented an Active Directory domain to simulate an elementary school district IT environment. The goal was to develop practical experience with managing users, devices, and organizational structure through Active Directory and Group Policy, while learning to apply best practices used in real-world IT environments.

Environment

ComponentTechnology
HypervisorProxmox VE
Domain ControllerWindows Server 2022
Client DevicesWindows 11 VMs
Domain Namedistrict.local

Phases

Phase 1: Active Directory Design

Created realistic OU structure:

  • Administration
  • IT
  • Staff (Teachers, Support)
  • Students (Grade levels K-5)
  • Groups
  • Service Accounts

Created representative user accounts in each OU.
Created and used Security Groups to control Group Policy targeting.

OU structure designed in Active Directory Users and Computers (ADUC) to reflect a school district hierarchy.

Phase 2: Group Policies Implemented

Students GPO — Restricted device usage:

  • Disabled Control Panel and PC Settings
  • Blocked Command Prompt and PowerShell

Teachers GPO — Provisioned shared resource:

  • Mapped T:\ Teachers Shared Drive via Group Policy Preferences
  • Used Item-Level Targeting for All_Teachers group

Admin Staff GPO — Override restrictions:

  • Allowed Control Panel access for Admin_Staff group
  • Demonstrated GPO layering and precedence control
Example of Group Policy Object configuration showing layered GPOs and Item-Level Targeting.

Testing & Validation

  • Joined Windows 11 clients to domain
  • Verified GPO application per user type
  • Tested network drive mapping
  • Confirmed appropriate access restrictions per role
  • Validated user permissions and access controls in line with intended policy outcomes.
Example of applied user restriction (Control Panel access blocked).
Verified mapped network drive via GPO for target user group.

Challenges & Solutions

OU Structure Design
Challenge: Initially designed OUs too flat
Solution: Refined structure to better reflect school district hierarchy

GPO Precedence Issues
Challenge: Conflicting policies affecting Admin Staff
Solution: Adjusted GPO links and enforced precedence correctly

Outcome

This project provided me with hands-on experience in configuring and managing a Windows domain environment. It reinforced my understanding of directory services, policy enforcement, and access control, helping me to build essential capabilities in supporting users and maintaining secure IT systems.

Previous Project: Virtualization
Next Project: Remote Support Setup

Scroll to Top