AD GPO and SW Deploy Lab - Zacham17/my-tech-journal GitHub Wiki

Summary

In this lab, I created an OU in active directory using PowerShell, set up a new GPO and deployed the PuTTy application using GPO.

Creating an OU via powershell

  • To create an OU using powershell, use the cmdlet, New-ADOrganizationalUnit. The format to use is New-ADOrganizationalUnit -Name "OU NAME" -Path "DC=domain,DC=local"

Deleting an OU via powershell (and any issues)

  • To remove an OU via powershell you first must remove the accidental removal protection using the command get-ADOrganizationalUnit -Identity "OU= OU Name,DC=domain,DC=local" | set-ADOrganizationalUnit -ProtectedFromAccidentalDeletion $false
  • Then use the command Remove-ADOrganiationalUnit -Identity "OU=OU NAME,DC=domain,DC=local" to delete the OU

Moving Items to a new OU (via powershell or gui)

  • To move items to a new OU using the AD GUI, you can move them as you would using file explorer on windows. You can either drag and drop or right click on the object and select the OU that you wish to move the object to.
  • To move a user to a new OU in PowerShell, use the command Get-ADUser -Identity USER | Move-ADObject -TargetPatch "OU=Destination OU,DC=domain,DC=local"
  • To move a computer to a new OU in Powershell, use the command, Get-ADComputer -Identity COMPUTERNAME | Move-ADObject -TargetPatch "OU=Destination OU,DC=domain,DC=local"

Making a GPO to Install Software(PuTTy example)

  • First, create a file share to contain the software, with correct permisisons
  • Download the PuTTy .msi installer file and put it into the file share folder that you created
  • Download Group Policy Management on the Management VM
  • In Group Policy Management, create a GPO in the new OU you created earlier to deploy software
  • Edit the GPO and navigate to Computer Configuratio > Policies > Software Settings > Software Installation, and set the putty .msi installer as a software installation file
  • On the Workstation in the software deployment OU, run gpupdate /force to apply the changes. This will likely provoke a restart
  • After the system restarts, PuTTy will be installed

Searching the Event Log using Powershell

  • To search the event log using PowerShell, use the cmdlet, Get-EventLog
  • You can use the -LogName and -InstanceID flags to perform a more focused search
  • To find the PuTTy installation event log, I ran the command, Get-EventLog -LogName System -InstanceID 302