├── .gitattributes
├── AD_Computer_CachedCreds
└── Find Computers without Cached Cred GPO.ps1
├── AD_GetACL_on_Objects
├── FilterADAcls.ps1
├── Get-ACL-on User account.ps1
├── GetACL_on_Groups.ps1
├── GetACL_on_OU.ps1
└── GetACL_on_SchemaAttribute.ps1
├── AD_LAPS_Install
├── AdmPwd.PS
│ ├── AdmPwd.PS.dll
│ ├── AdmPwd.PS.format.ps1xml
│ ├── AdmPwd.PS.psd1
│ ├── AdmPwd.Utils.dll
│ └── en-US
│ │ └── AdmPwd.PS.dll-Help.xml
├── AdmPwd.adml
├── AdmPwd.admx
├── GuideForSubGroupsLAPSAccess.txt
├── InstallLAPSSchema.ps1
└── LAPS.x64.msi
├── AD_ManageTiers
├── New-TierAdminUser.ps1
├── README.md
└── TieredAdmin_GroupMembership.ps1
├── AD_Privileged_Group_Membership
└── Audit Sidhistory for privileged objects.ps1
├── AD_User_AccountOpsCleanup
├── AD_OU_SetACL
│ ├── Computer Control Permissions.ps1
│ ├── Full Control Permissions.ps1
│ ├── GPO Control Permissions.ps1
│ ├── Group Control Permissions.ps1
│ ├── OU Control Permissions.ps1
│ ├── Printer Control Permissions.ps1
│ ├── Replication Control Permissions.ps1
│ ├── SetACL on OU.ps1
│ ├── Site and Subnet Control Permissions.ps1
│ └── User Control Permissions.ps1
├── FindAllOUsWithComputers.ps1
├── FindAllOUsWithGroups.ps1
├── FindAllOUsWithUsers.ps1
├── README.md
├── RoleCreation
│ ├── AD Permissions for Group Granular Access - Computers.ps1
│ ├── AD Permissions for Group Granular Access - Groups AAM.ps1
│ ├── AD Permissions for Group Granular Access - Groups.ps1
│ ├── AD Permissions for Group Granular Access - LAPS.ps1
│ ├── AD Permissions for Group Granular Access.ps1
│ ├── Create Admin Groups_v2.ps1
│ ├── Create Computer Perm Roles Alt To Acct Ops.ps1
│ ├── Create Groups Perm Roles Alt To Acct Ops.ps1
│ ├── Create Groups Perm Roles for AAM - tier2.ps1
│ ├── Create Groups Perm Roles for AAM.ps1
│ ├── Create LAPS Perm Roles Alt To Acct Ops - Servers.ps1
│ ├── Create LAPS Perm Roles Alt To Acct Ops.ps1
│ └── Create User Perm Roles Alt To Acct Ops.ps1
└── unused - create nested parent groups.ps1
├── AD_domain_CreateNewDomain
└── defaultNewDomainCreation.ps1
├── Create Tiers
├── AD_AssignAdminRoles
│ ├── Assign_Roles.ps1
│ └── Roles.ini
├── AD_GPO_Create_Delegated_OU_Controls
│ └── Create-Delegated-OU-Controls.ps1
├── AD_GPO_Migration
│ ├── Call-GPOExport.ps1
│ ├── Call-GPOImport.ps1
│ ├── Export-Import-WMI-Filters.ps1
│ ├── GPO
│ │ ├── WMIFilters.csv
│ │ ├── manifest.xml
│ │ ├── {0520525A-BEBD-4018-B8D3-68DA329AC813}
│ │ │ ├── Backup.xml
│ │ │ ├── DomainSysvol
│ │ │ │ └── GPO
│ │ │ │ │ └── User
│ │ │ │ │ ├── comment.cmtx
│ │ │ │ │ └── registry.pol
│ │ │ ├── bkupInfo.xml
│ │ │ └── gpreport.xml
│ │ ├── {0AE339BC-7AD9-4C1F-A068-BBA3E896A831}
│ │ │ ├── Backup.xml
│ │ │ ├── DomainSysvol
│ │ │ │ └── GPO
│ │ │ │ │ └── User
│ │ │ │ │ ├── comment.cmtx
│ │ │ │ │ └── registry.pol
│ │ │ ├── bkupInfo.xml
│ │ │ └── gpreport.xml
│ │ ├── {172E09E2-1CFC-49CC-9B75-537B22668653}
│ │ │ ├── Backup.xml
│ │ │ ├── DomainSysvol
│ │ │ │ └── GPO
│ │ │ │ │ └── Machine
│ │ │ │ │ ├── Preferences
│ │ │ │ │ └── Groups
│ │ │ │ │ │ └── Groups.xml
│ │ │ │ │ └── microsoft
│ │ │ │ │ └── windows nt
│ │ │ │ │ └── SecEdit
│ │ │ │ │ └── GptTmpl.inf
│ │ │ ├── bkupInfo.xml
│ │ │ └── gpreport.xml
│ │ ├── {2ED1B6DD-A782-47EB-AE8F-92F1043EEB44}
│ │ │ ├── Backup.xml
│ │ │ ├── DomainSysvol
│ │ │ │ └── GPO
│ │ │ │ │ └── Machine
│ │ │ │ │ ├── microsoft
│ │ │ │ │ └── windows nt
│ │ │ │ │ │ └── SecEdit
│ │ │ │ │ │ └── GptTmpl.inf
│ │ │ │ │ └── registry.pol
│ │ │ ├── bkupInfo.xml
│ │ │ └── gpreport.xml
│ │ ├── {338D5626-AEAC-4609-AEEA-AA66BAA4D20C}
│ │ │ ├── Backup.xml
│ │ │ ├── DomainSysvol
│ │ │ │ └── GPO
│ │ │ │ │ └── Machine
│ │ │ │ │ ├── comment.cmtx
│ │ │ │ │ └── registry.pol
│ │ │ ├── bkupInfo.xml
│ │ │ └── gpreport.xml
│ │ ├── {3B405902-B09D-422B-ACE0-3A6769037D0F}
│ │ │ ├── Backup.xml
│ │ │ ├── DomainSysvol
│ │ │ │ └── GPO
│ │ │ │ │ └── User
│ │ │ │ │ ├── comment.cmtx
│ │ │ │ │ └── registry.pol
│ │ │ ├── bkupInfo.xml
│ │ │ └── gpreport.xml
│ │ ├── {3D7759E5-795D-4E35-87B9-1DD66D9EF9DB}
│ │ │ ├── Backup.xml
│ │ │ ├── DomainSysvol
│ │ │ │ └── GPO
│ │ │ │ │ └── Machine
│ │ │ │ │ ├── comment.cmtx
│ │ │ │ │ └── registry.pol
│ │ │ ├── bkupInfo.xml
│ │ │ └── gpreport.xml
│ │ ├── {465EF457-5225-4888-BBC1-6CF7CC3EA638}
│ │ │ ├── Backup.xml
│ │ │ ├── DomainSysvol
│ │ │ │ └── GPO
│ │ │ │ │ └── Machine
│ │ │ │ │ ├── microsoft
│ │ │ │ │ └── windows nt
│ │ │ │ │ │ └── SecEdit
│ │ │ │ │ │ └── GptTmpl.inf
│ │ │ │ │ └── registry.pol
│ │ │ ├── bkupInfo.xml
│ │ │ └── gpreport.xml
│ │ ├── {4AAF5FC7-BF45-407D-A068-0B6A58E34AEF}
│ │ │ ├── Backup.xml
│ │ │ ├── DomainSysvol
│ │ │ │ └── GPO
│ │ │ │ │ ├── GPO.cmt
│ │ │ │ │ ├── Machine
│ │ │ │ │ ├── comment.cmtx
│ │ │ │ │ ├── microsoft
│ │ │ │ │ │ └── windows nt
│ │ │ │ │ │ │ ├── Audit
│ │ │ │ │ │ │ └── audit.csv
│ │ │ │ │ │ │ └── SecEdit
│ │ │ │ │ │ │ └── GptTmpl.inf
│ │ │ │ │ └── registry.pol
│ │ │ │ │ └── User
│ │ │ │ │ ├── comment.cmtx
│ │ │ │ │ └── registry.pol
│ │ │ ├── bkupInfo.xml
│ │ │ └── gpreport.xml
│ │ ├── {550228DF-28FD-4FFE-9F99-C0429A0318C1}
│ │ │ ├── Backup.xml
│ │ │ ├── DomainSysvol
│ │ │ │ └── GPO
│ │ │ │ │ ├── Machine
│ │ │ │ │ ├── comment.cmtx
│ │ │ │ │ ├── microsoft
│ │ │ │ │ │ └── windows nt
│ │ │ │ │ │ │ ├── Audit
│ │ │ │ │ │ │ └── audit.csv
│ │ │ │ │ │ │ └── SecEdit
│ │ │ │ │ │ │ └── GptTmpl.inf
│ │ │ │ │ └── registry.pol
│ │ │ │ │ └── User
│ │ │ │ │ ├── comment.cmtx
│ │ │ │ │ └── registry.pol
│ │ │ ├── bkupInfo.xml
│ │ │ └── gpreport.xml
│ │ ├── {5F43EF9E-A7B5-4B7E-85EC-0F844E33F62D}
│ │ │ ├── Backup.xml
│ │ │ ├── DomainSysvol
│ │ │ │ └── GPO
│ │ │ │ │ └── User
│ │ │ │ │ ├── comment.cmtx
│ │ │ │ │ └── registry.pol
│ │ │ ├── bkupInfo.xml
│ │ │ └── gpreport.xml
│ │ ├── {6367F816-CE60-4B76-BC7A-55BF22D2D2D9}
│ │ │ ├── Backup.xml
│ │ │ ├── DomainSysvol
│ │ │ │ └── GPO
│ │ │ │ │ └── Machine
│ │ │ │ │ └── microsoft
│ │ │ │ │ └── windows nt
│ │ │ │ │ └── SecEdit
│ │ │ │ │ └── GptTmpl.inf
│ │ │ ├── bkupInfo.xml
│ │ │ └── gpreport.xml
│ │ ├── {6801B829-A8B7-45B5-B838-09FC8BE68269}
│ │ │ ├── Backup.xml
│ │ │ ├── DomainSysvol
│ │ │ │ └── GPO
│ │ │ │ │ ├── GPO.cmt
│ │ │ │ │ └── Machine
│ │ │ │ │ ├── comment.cmtx
│ │ │ │ │ └── registry.pol
│ │ │ ├── bkupInfo.xml
│ │ │ └── gpreport.xml
│ │ ├── {6B13B15E-E6F8-4FA5-ABC0-F5AE886739A3}
│ │ │ ├── Backup.xml
│ │ │ ├── DomainSysvol
│ │ │ │ └── GPO
│ │ │ │ │ └── Machine
│ │ │ │ │ ├── comment.cmtx
│ │ │ │ │ ├── microsoft
│ │ │ │ │ └── windows nt
│ │ │ │ │ │ └── SecEdit
│ │ │ │ │ │ └── GptTmpl.inf
│ │ │ │ │ └── registry.pol
│ │ │ ├── bkupInfo.xml
│ │ │ └── gpreport.xml
│ │ ├── {6B9D5392-1492-4EBF-9209-443E34E3A9D4}
│ │ │ ├── Backup.xml
│ │ │ ├── DomainSysvol
│ │ │ │ └── GPO
│ │ │ │ │ └── Machine
│ │ │ │ │ ├── comment.cmtx
│ │ │ │ │ ├── microsoft
│ │ │ │ │ └── windows nt
│ │ │ │ │ │ ├── Audit
│ │ │ │ │ │ └── audit.csv
│ │ │ │ │ │ └── SecEdit
│ │ │ │ │ │ └── GptTmpl.inf
│ │ │ │ │ └── registry.pol
│ │ │ ├── bkupInfo.xml
│ │ │ └── gpreport.xml
│ │ ├── {6D91F3D1-BA44-42B9-BC14-DED038A8A4C4}
│ │ │ ├── Backup.xml
│ │ │ ├── DomainSysvol
│ │ │ │ └── GPO
│ │ │ │ │ └── Machine
│ │ │ │ │ ├── comment.cmtx
│ │ │ │ │ └── registry.pol
│ │ │ ├── bkupInfo.xml
│ │ │ └── gpreport.xml
│ │ ├── {6EAC8EB3-D729-4991-B718-FB1067593C69}
│ │ │ ├── Backup.xml
│ │ │ ├── DomainSysvol
│ │ │ │ └── GPO
│ │ │ │ │ └── Machine
│ │ │ │ │ ├── comment.cmtx
│ │ │ │ │ ├── microsoft
│ │ │ │ │ └── windows nt
│ │ │ │ │ │ └── SecEdit
│ │ │ │ │ │ └── GptTmpl.inf
│ │ │ │ │ └── registry.pol
│ │ │ ├── bkupInfo.xml
│ │ │ └── gpreport.xml
│ │ ├── {6F085DC9-991E-45DA-A387-D91C5AB960C2}
│ │ │ ├── Backup.xml
│ │ │ ├── DomainSysvol
│ │ │ │ └── GPO
│ │ │ │ │ └── User
│ │ │ │ │ ├── comment.cmtx
│ │ │ │ │ └── registry.pol
│ │ │ ├── bkupInfo.xml
│ │ │ └── gpreport.xml
│ │ ├── {701B0DB5-956B-4419-B1AE-36CE6F0BF500}
│ │ │ ├── Backup.xml
│ │ │ ├── DomainSysvol
│ │ │ │ └── GPO
│ │ │ │ │ └── Machine
│ │ │ │ │ ├── Microsoft
│ │ │ │ │ └── Windows NT
│ │ │ │ │ │ └── SecEdit
│ │ │ │ │ │ └── GptTmpl.inf
│ │ │ │ │ ├── Preferences
│ │ │ │ │ └── Groups
│ │ │ │ │ │ └── Groups.xml
│ │ │ │ │ ├── comment.cmtx
│ │ │ │ │ └── registry.pol
│ │ │ ├── bkupInfo.xml
│ │ │ └── gpreport.xml
│ │ ├── {72681BC4-973E-4AF0-9274-21C03CA35B97}
│ │ │ ├── Backup.xml
│ │ │ ├── DomainSysvol
│ │ │ │ └── GPO
│ │ │ │ │ └── Machine
│ │ │ │ │ ├── comment.cmtx
│ │ │ │ │ └── registry.pol
│ │ │ ├── bkupInfo.xml
│ │ │ └── gpreport.xml
│ │ ├── {7355197E-FAB4-4E34-B959-961263F19956}
│ │ │ ├── Backup.xml
│ │ │ ├── DomainSysvol
│ │ │ │ └── GPO
│ │ │ │ │ └── Machine
│ │ │ │ │ └── microsoft
│ │ │ │ │ └── windows nt
│ │ │ │ │ └── SecEdit
│ │ │ │ │ └── GptTmpl.inf
│ │ │ ├── bkupInfo.xml
│ │ │ └── gpreport.xml
│ │ ├── {7E53DA89-835E-4F36-A1A8-48B5733C9667}
│ │ │ ├── Backup.xml
│ │ │ ├── DomainSysvol
│ │ │ │ └── GPO
│ │ │ │ │ └── Machine
│ │ │ │ │ ├── microsoft
│ │ │ │ │ └── windows nt
│ │ │ │ │ │ └── SecEdit
│ │ │ │ │ │ └── GptTmpl.inf
│ │ │ │ │ └── registry.pol
│ │ │ ├── bkupInfo.xml
│ │ │ └── gpreport.xml
│ │ ├── {810E7692-1B07-40A4-BB42-31B363A22B7C}
│ │ │ ├── Backup.xml
│ │ │ ├── DomainSysvol
│ │ │ │ └── GPO
│ │ │ │ │ └── Machine
│ │ │ │ │ ├── microsoft
│ │ │ │ │ └── windows nt
│ │ │ │ │ │ └── SecEdit
│ │ │ │ │ │ └── GptTmpl.inf
│ │ │ │ │ └── registry.pol
│ │ │ ├── bkupInfo.xml
│ │ │ └── gpreport.xml
│ │ ├── {838EAD6A-88C7-4A43-A407-A0451EFE74EF}
│ │ │ ├── Backup.xml
│ │ │ ├── DomainSysvol
│ │ │ │ └── GPO
│ │ │ │ │ └── Machine
│ │ │ │ │ ├── comment.cmtx
│ │ │ │ │ ├── microsoft
│ │ │ │ │ └── windows nt
│ │ │ │ │ │ └── SecEdit
│ │ │ │ │ │ └── GptTmpl.inf
│ │ │ │ │ └── registry.pol
│ │ │ ├── bkupInfo.xml
│ │ │ └── gpreport.xml
│ │ ├── {86CF4E85-19BB-4F36-AED9-E9CBF7F2837D}
│ │ │ ├── Backup.xml
│ │ │ ├── DomainSysvol
│ │ │ │ └── GPO
│ │ │ │ │ └── Machine
│ │ │ │ │ └── microsoft
│ │ │ │ │ └── windows nt
│ │ │ │ │ └── SecEdit
│ │ │ │ │ └── GptTmpl.inf
│ │ │ ├── bkupInfo.xml
│ │ │ └── gpreport.xml
│ │ ├── {92E8A30B-7685-41B6-8B77-FDFAB0D6E293}
│ │ │ ├── Backup.xml
│ │ │ ├── DomainSysvol
│ │ │ │ └── GPO
│ │ │ │ │ ├── Machine
│ │ │ │ │ ├── comment.cmtx
│ │ │ │ │ ├── microsoft
│ │ │ │ │ │ └── windows nt
│ │ │ │ │ │ │ ├── Audit
│ │ │ │ │ │ │ └── audit.csv
│ │ │ │ │ │ │ └── SecEdit
│ │ │ │ │ │ │ └── GptTmpl.inf
│ │ │ │ │ └── registry.pol
│ │ │ │ │ └── User
│ │ │ │ │ ├── comment.cmtx
│ │ │ │ │ └── registry.pol
│ │ │ ├── bkupInfo.xml
│ │ │ └── gpreport.xml
│ │ ├── {96534EF1-66BA-4C2D-93A6-8F7A65481BE8}
│ │ │ ├── Backup.xml
│ │ │ ├── DomainSysvol
│ │ │ │ └── GPO
│ │ │ │ │ └── Machine
│ │ │ │ │ ├── comment.cmtx
│ │ │ │ │ └── registry.pol
│ │ │ ├── bkupInfo.xml
│ │ │ └── gpreport.xml
│ │ ├── {96FC80A7-9D0C-49A7-9556-86A363B95367}
│ │ │ ├── Backup.xml
│ │ │ ├── DomainSysvol
│ │ │ │ └── GPO
│ │ │ │ │ └── Machine
│ │ │ │ │ ├── microsoft
│ │ │ │ │ └── windows nt
│ │ │ │ │ │ └── SecEdit
│ │ │ │ │ │ └── GptTmpl.inf
│ │ │ │ │ └── registry.pol
│ │ │ ├── bkupInfo.xml
│ │ │ └── gpreport.xml
│ │ ├── {98724AAB-6985-4FCD-82FB-4DC177C1EF4E}
│ │ │ ├── Backup.xml
│ │ │ ├── DomainSysvol
│ │ │ │ └── GPO
│ │ │ │ │ └── Machine
│ │ │ │ │ ├── comment.cmtx
│ │ │ │ │ └── registry.pol
│ │ │ ├── bkupInfo.xml
│ │ │ └── gpreport.xml
│ │ ├── {993D7630-6A1D-486B-A497-4C2DDD2495AD}
│ │ │ ├── Backup.xml
│ │ │ ├── DomainSysvol
│ │ │ │ └── GPO
│ │ │ │ │ └── Machine
│ │ │ │ │ ├── Preferences
│ │ │ │ │ └── Groups
│ │ │ │ │ │ └── Groups.xml
│ │ │ │ │ ├── comment.cmtx
│ │ │ │ │ ├── microsoft
│ │ │ │ │ └── windows nt
│ │ │ │ │ │ └── SecEdit
│ │ │ │ │ │ └── GptTmpl.inf
│ │ │ │ │ └── registry.pol
│ │ │ ├── bkupInfo.xml
│ │ │ └── gpreport.xml
│ │ ├── {ABE64A8A-459B-4C8F-B0F9-B7907678AFF6}
│ │ │ ├── Backup.xml
│ │ │ ├── DomainSysvol
│ │ │ │ └── GPO
│ │ │ │ │ └── Machine
│ │ │ │ │ ├── Preferences
│ │ │ │ │ └── Groups
│ │ │ │ │ │ └── Groups.xml
│ │ │ │ │ ├── comment.cmtx
│ │ │ │ │ ├── microsoft
│ │ │ │ │ └── windows nt
│ │ │ │ │ │ └── SecEdit
│ │ │ │ │ │ └── GptTmpl.inf
│ │ │ │ │ └── registry.pol
│ │ │ ├── bkupInfo.xml
│ │ │ └── gpreport.xml
│ │ ├── {B13D21E2-5085-41AB-A573-D0C66C2A9C1B}
│ │ │ ├── Backup.xml
│ │ │ ├── DomainSysvol
│ │ │ │ └── GPO
│ │ │ │ │ └── Machine
│ │ │ │ │ ├── microsoft
│ │ │ │ │ └── windows nt
│ │ │ │ │ │ └── SecEdit
│ │ │ │ │ │ └── GptTmpl.inf
│ │ │ │ │ └── registry.pol
│ │ │ ├── bkupInfo.xml
│ │ │ └── gpreport.xml
│ │ ├── {CC3E5D1A-CFC3-4A5D-959C-FF8EDA772956}
│ │ │ ├── Backup.xml
│ │ │ ├── DomainSysvol
│ │ │ │ └── GPO
│ │ │ │ │ └── Machine
│ │ │ │ │ ├── Preferences
│ │ │ │ │ └── Groups
│ │ │ │ │ │ └── Groups.xml
│ │ │ │ │ ├── comment.cmtx
│ │ │ │ │ ├── microsoft
│ │ │ │ │ └── windows nt
│ │ │ │ │ │ └── SecEdit
│ │ │ │ │ │ └── GptTmpl.inf
│ │ │ │ │ └── registry.pol
│ │ │ ├── bkupInfo.xml
│ │ │ └── gpreport.xml
│ │ ├── {CC79974A-9041-46E0-BA53-973BA9618CC1}
│ │ │ ├── Backup.xml
│ │ │ ├── DomainSysvol
│ │ │ │ └── GPO
│ │ │ │ │ ├── GPO.cmt
│ │ │ │ │ └── Machine
│ │ │ │ │ ├── comment.cmtx
│ │ │ │ │ └── registry.pol
│ │ │ ├── bkupInfo.xml
│ │ │ └── gpreport.xml
│ │ ├── {D1BE62F1-2FC0-44FB-A20D-8DA3496430FC}
│ │ │ ├── Backup.xml
│ │ │ ├── DomainSysvol
│ │ │ │ └── GPO
│ │ │ │ │ ├── Machine
│ │ │ │ │ ├── comment.cmtx
│ │ │ │ │ ├── microsoft
│ │ │ │ │ │ └── windows nt
│ │ │ │ │ │ │ ├── Audit
│ │ │ │ │ │ │ └── audit.csv
│ │ │ │ │ │ │ └── SecEdit
│ │ │ │ │ │ │ └── GptTmpl.inf
│ │ │ │ │ └── registry.pol
│ │ │ │ │ └── User
│ │ │ │ │ ├── comment.cmtx
│ │ │ │ │ └── registry.pol
│ │ │ ├── bkupInfo.xml
│ │ │ └── gpreport.xml
│ │ ├── {D6892B80-B3ED-4DB1-97D3-5B888C2652F8}
│ │ │ ├── Backup.xml
│ │ │ ├── DomainSysvol
│ │ │ │ └── GPO
│ │ │ │ │ └── Machine
│ │ │ │ │ ├── comment.cmtx
│ │ │ │ │ └── registry.pol
│ │ │ ├── bkupInfo.xml
│ │ │ └── gpreport.xml
│ │ ├── {D8867ACA-CD76-4867-B284-CA84A4AD47F0}
│ │ │ ├── Backup.xml
│ │ │ ├── DomainSysvol
│ │ │ │ └── GPO
│ │ │ │ │ └── Machine
│ │ │ │ │ ├── comment.cmtx
│ │ │ │ │ ├── microsoft
│ │ │ │ │ └── windows nt
│ │ │ │ │ │ ├── Audit
│ │ │ │ │ │ └── audit.csv
│ │ │ │ │ │ └── SecEdit
│ │ │ │ │ │ └── GptTmpl.inf
│ │ │ │ │ └── registry.pol
│ │ │ ├── bkupInfo.xml
│ │ │ └── gpreport.xml
│ │ ├── {E639E641-A789-49D7-98B1-6AA80A74E755}
│ │ │ ├── Backup.xml
│ │ │ ├── DomainSysvol
│ │ │ │ └── GPO
│ │ │ │ │ └── Machine
│ │ │ │ │ ├── comment.cmtx
│ │ │ │ │ ├── microsoft
│ │ │ │ │ └── windows nt
│ │ │ │ │ │ └── SecEdit
│ │ │ │ │ │ └── GptTmpl.inf
│ │ │ │ │ └── registry.pol
│ │ │ ├── bkupInfo.xml
│ │ │ └── gpreport.xml
│ │ ├── {EA8FA033-A484-4718-A1AE-B9E0B9E98FC4}
│ │ │ ├── Backup.xml
│ │ │ ├── DomainSysvol
│ │ │ │ └── GPO
│ │ │ │ │ └── Machine
│ │ │ │ │ ├── comment.cmtx
│ │ │ │ │ └── registry.pol
│ │ │ ├── bkupInfo.xml
│ │ │ └── gpreport.xml
│ │ ├── {F32271A8-7177-4DB6-BF22-10E8CF683C78}
│ │ │ ├── Backup.xml
│ │ │ ├── DomainSysvol
│ │ │ │ └── GPO
│ │ │ │ │ └── Machine
│ │ │ │ │ └── microsoft
│ │ │ │ │ └── windows nt
│ │ │ │ │ └── SecEdit
│ │ │ │ │ └── GptTmpl.inf
│ │ │ ├── bkupInfo.xml
│ │ │ └── gpreport.xml
│ │ ├── {F3F672E5-9DBC-4B69-8C50-DB5D9B6B18F7}
│ │ │ ├── Backup.xml
│ │ │ ├── DomainSysvol
│ │ │ │ └── GPO
│ │ │ │ │ ├── GPO.cmt
│ │ │ │ │ ├── Machine
│ │ │ │ │ ├── comment.cmtx
│ │ │ │ │ ├── microsoft
│ │ │ │ │ │ └── windows nt
│ │ │ │ │ │ │ ├── Audit
│ │ │ │ │ │ │ └── audit.csv
│ │ │ │ │ │ │ └── SecEdit
│ │ │ │ │ │ │ └── GptTmpl.inf
│ │ │ │ │ └── registry.pol
│ │ │ │ │ └── User
│ │ │ │ │ ├── comment.cmtx
│ │ │ │ │ └── registry.pol
│ │ │ ├── bkupInfo.xml
│ │ │ └── gpreport.xml
│ │ ├── {F7323EF2-0682-493E-A3B6-38157BFFE8EA}
│ │ │ ├── Backup.xml
│ │ │ ├── bkupInfo.xml
│ │ │ └── gpreport.xml
│ │ └── {FA0F282C-57C2-409B-9E0E-7A70C6E92B97}
│ │ │ ├── Backup.xml
│ │ │ ├── DomainSysvol
│ │ │ └── GPO
│ │ │ │ ├── Machine
│ │ │ │ ├── comment.cmtx
│ │ │ │ ├── microsoft
│ │ │ │ │ └── windows nt
│ │ │ │ │ │ ├── Audit
│ │ │ │ │ │ └── audit.csv
│ │ │ │ │ │ └── SecEdit
│ │ │ │ │ │ └── GptTmpl.inf
│ │ │ │ └── registry.pol
│ │ │ │ └── User
│ │ │ │ ├── comment.cmtx
│ │ │ │ └── registry.pol
│ │ │ ├── bkupInfo.xml
│ │ │ └── gpreport.xml
│ ├── GPOErrors.txt
│ ├── GPOMigration
│ │ ├── GPOMigration.psd1
│ │ ├── GPOMigration.psm1
│ │ └── GPOMigration.psm1-Help.xml
│ ├── ImportGPOs.ps1
│ ├── MigTable_sample.csv
│ ├── Modify-GPOs-With-DomainInfo.ps1
│ ├── Status after first import.docx
│ └── adatum_to_anything.csv
├── AD_Group_CreateAdminGroups
│ ├── AD Permissions for Group Granular Access.ps1
│ ├── AD_Create_Admin_Roles.ps1
│ └── Create Admin Groups_v2.ps1
├── AD_Group_CreateAdminRoles
│ ├── Create_All_Inclusive_Admin_Groups.ps1
│ └── Make-SuperGroups.ps1
├── AD_LAPS_Install
│ ├── AdmPwd.PS
│ │ ├── AdmPwd.PS.dll
│ │ ├── AdmPwd.PS.format.ps1xml
│ │ ├── AdmPwd.PS.psd1
│ │ ├── AdmPwd.Utils.dll
│ │ └── en-US
│ │ │ └── AdmPwd.PS.dll-Help.xml
│ ├── AdmPwd.adml
│ ├── AdmPwd.admx
│ ├── InstallLAPSSchema.ps1
│ ├── LAPS.x64.msi
│ └── LAPSInstallPaths.PNG
├── AD_OU_CreateStructure
│ ├── 3lettercodes.csv
│ └── CreateOUStructure_v5.ps1
├── AD_OU_SetACL
│ ├── Computer Control Permissions.ps1
│ ├── Full Control Permissions.ps1
│ ├── GPO Control Permissions.ps1
│ ├── Group Control Permissions.ps1
│ ├── OU Control Permissions.ps1
│ ├── Printer Control Permissions.ps1
│ ├── Replication Control Permissions.ps1
│ ├── SetACL on OU.ps1
│ ├── Site and Subnet Control Permissions.ps1
│ └── User Control Permissions.ps1
├── DeployADStructure.ps1
└── README.md
├── LICENSE
├── Presentations
├── Boston Security Camp - 2019 - AD_Sec_Tools - ESAE.pptx
└── Nercomp - 2019 - ESAE.pptx
└── README.md
/.gitattributes:
--------------------------------------------------------------------------------
1 | # Auto detect text files and perform LF normalization
2 | * text=auto
3 |
--------------------------------------------------------------------------------
/AD_GetACL_on_Objects/FilterADAcls.ps1:
--------------------------------------------------------------------------------
1 | Function Filter-ADAcls {
2 | [CmdletBinding()]
3 | Param
4 | ( [Parameter(Mandatory=$true)]
5 | [string]$ACLReport, # $ACLReport = 'C:\Reports\adOU_permissions_2019-02-28T10_59_10.csv'
6 | [Parameter(Mandatory=$true)]
7 | [string]$ACLMapping, # $ACLMapping = 'C:\Users\xxx\Documents\GitHub\ad-operations\AD_GetACL_on_Objects\ACLMapToAction.csv'
8 | [string]$outputfile #$outputfile = 'C:\reports\ACLTest.csv'
9 |
10 | )
11 |
12 |
13 |
14 | Begin{
15 |
16 |
17 |
18 | if(!$outputfile){
19 | $logpostfix = (Get-Date -Format s).Replace(":","_")
20 | $logsuffix = ".csv"
21 | $filename = 'ADACL_SHADOWADMINS_' + $logpostfix + $logsuffix
22 |
23 | $outputfile = 'c:\reports\'+$filename
24 | }
25 |
26 | $logdir = split-path -Path $outputfile -Parent
27 | if((Test-Path $logdir) -eq 0)
28 | {
29 | mkdir $logdir
30 | }
31 | $logfile = Join-Path $logdir ($logfilename)
32 | write-host "File will be saved at $logfile"
33 |
34 |
35 | if((Test-path $ACLReport) -eq 0)
36 | {write-host "$ACLReport not found. Existing Script"
37 | break
38 | }
39 |
40 |
41 | if((Test-path $ACLMapping) -eq 0)
42 | {write-host "$ACLMapping not found. Existing Script"
43 | break
44 | }
45 |
46 |
47 |
48 | $ACLReport = import-csv $ACLReport
49 | $ACLMapping = import-csv $ACLMapping
50 |
51 | #creation of file
52 | if ((test-path $outputfile) -eq 1) {write-warning "$outputfile exists. Any new info will be appended to the current file"}
53 | else {New-Item $outputfile -ItemType File
54 | Add-Content $outputfile "Object,Action,WhoCanPerformIt,SourceOfPermission, SourceObjectType, SourceInheritedObjectType"
55 | }
56 |
57 |
58 | }
59 |
60 | $ct = $aclmapping.count
61 | $i = 1
62 | Process{
63 |
64 | foreach ( $permissionset in $ACLMapping){
65 | Write-Progress -Activity "Filtering in progress" -Status "$I of $ct Complete" -PercentComplete ($i / $ct * 100)
66 |
67 | #object maps to objecttypename in aclreport
68 | $adrightsstring = "*"+$permissionset.ActiveDirectoryRights+"*"
69 | $permissionsetrights = $aclreport|where-object -Property objecttypename -eq $permissionset.'Object Type'|where-object -Property inheritedobjecttypename -eq $permissionset.inheritedObjectTypeName|where-object -Property ActiveDirectoryRights -like $adrightsstring|where-object -Property AccessControlType -eq "Allow"
70 |
71 | foreach ($p in $permissionsetrights){
72 | $object = new-object psobject
73 | $object |Add-member noteproperty Object $permissionset.Object
74 | $object |Add-member noteproperty Action $permissionset.'Allowed Action'
75 | $object |Add-member noteproperty WhoCanPerformIt $p.identityreference
76 | $object | Add-member noteproperty SourceOfPermission $p.organizationalUnit
77 | $object | add-member noteproperty SourceObjectType $P.objectTypeName
78 | $object |Add-member noteproperty SourceInheritedObjectType $p.inheritedObjectTypeName
79 |
80 | $o = $permissionset.Object
81 | $A = $permissionset.'Allowed Action'
82 | $who = $p.identityreference
83 | $src = $p.organizationalUnit
84 | #$report | Export-Csv -Path $logfile -append
85 | $object| export-csv -Path $outputfile -append
86 |
87 |
88 | }
89 |
90 | $I++
91 |
92 | }
93 |
94 |
95 | }
96 | }
--------------------------------------------------------------------------------
/AD_LAPS_Install/AdmPwd.PS/AdmPwd.PS.dll:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/davidprowe/AD_Sec_Tools/9435883090f1ccfd65057f80518ea1196f9a346d/AD_LAPS_Install/AdmPwd.PS/AdmPwd.PS.dll
--------------------------------------------------------------------------------
/AD_LAPS_Install/AdmPwd.PS/AdmPwd.PS.psd1:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/davidprowe/AD_Sec_Tools/9435883090f1ccfd65057f80518ea1196f9a346d/AD_LAPS_Install/AdmPwd.PS/AdmPwd.PS.psd1
--------------------------------------------------------------------------------
/AD_LAPS_Install/AdmPwd.PS/AdmPwd.Utils.dll:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/davidprowe/AD_Sec_Tools/9435883090f1ccfd65057f80518ea1196f9a346d/AD_LAPS_Install/AdmPwd.PS/AdmPwd.Utils.dll
--------------------------------------------------------------------------------
/AD_LAPS_Install/AdmPwd.adml:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |
6 |
7 |
8 | LAPS
9 | Enable local admin password management
10 |
11 | Enables management of password for local administrator account
12 |
13 | If you enable this setting, local administrator password is managed
14 |
15 | If you disable or not configure this setting, local administrator password is NOT managed
16 |
17 | Password Settings
18 |
19 | Configures password parameters
20 |
21 | Password complexity: which characters are used when generating a new password
22 | Default: Large letters + small letters + numbers + special characters
23 |
24 | Password length
25 | Minimum: 8 characters
26 | Maximum: 64 characters
27 | Default: 14 characters
28 |
29 | Password age in days
30 | Minimum: 1 day
31 | Maximum: 365 days
32 | Default: 30 days
33 |
34 | At least Microsoft Windows Vista or Windows Server 2003 family
35 | Large letters
36 | Large letters + small letters
37 | Large letters + small letters + numbers
38 | Large letters + small letters + numbers + specials
39 | Name of administrator account to manage
40 |
41 | Administrator account name: name of the local account you want to manage password for.
42 | DO NOT configure when you use built-in admin account. Built-in admin account is auto-detected by well-known SID, even when renamed
43 |
44 | DO configure when you use custom local admin account
45 |
46 | Do not allow password expiration time longer than required by policy
47 |
48 | When you enable this setting, planned password expiration longer than password age dictated by "Password Settings" policy is NOT allowed. When such expiration is detected, password is changed immediately and password expiration is set according to policy.
49 |
50 | When you disable or not configure this setting, password expiration time may be longer than required by "Password Settings" policy.
51 |
52 |
53 |
54 |
55 | Password Complexity
56 | Password Length
57 | Password Age (Days)
58 |
59 |
60 |
61 |
62 |
63 |
64 |
65 |
66 |
--------------------------------------------------------------------------------
/AD_LAPS_Install/GuideForSubGroupsLAPSAccess.txt:
--------------------------------------------------------------------------------
1 | Granting sub groups access to laps passwords on OUs
2 | The function is below:
3 |
4 | $adgroup = get-adgroup ‘YourGroup’
5 | $objOU = Get-ADOrganizationalUnit ‘DistinguishednameofSubOU’
6 | $inheritanceType = ‘Descendents’
7 |
8 |
9 | Function ReadComputerAdmPwd($objGroup, $objOU, $inheritanceType)
10 | {
11 | $error.Clear()
12 |
13 | $groupSID = New-Object System.Security.Principal.SecurityIdentifier $objGroup.SID
14 | $objAcl = get-acl $objOU
15 |
16 | # The schema must be extended for LAPS
17 | $objAcl.AddAccessRule((New-Object System.DirectoryServices.ActiveDirectoryAccessRule $groupSID,"ReadProperty","Allow",$guidmap["ms-Mcs-AdmPwd"],$inheritanceType,$guidmap["computer"]))
18 | $objAcl.AddAccessRule((New-Object System.DirectoryServices.ActiveDirectoryAccessRule $groupSID,"ExtendedRight","Allow",$inheritanceType,$guidmap["computer"]))
19 |
20 | try
21 | {
22 | Set-Acl -AclObject $objAcl -path $objOU
23 | }
24 | catch
25 | {
26 | Write-Host -ForegroundColor Red ("ERROR: Unable to grant the group " + $objGroup.Name + " permissions to read local administrator password on OU" + $objOU)
27 | }
28 | If(!$error)
29 | {
30 | Write-Host -ForegroundColor Green ("INFORMATION: Granted the group " + $objGroup.Name + " permissions to read local administrator password on OU " + $objOU)
31 | }
32 |
33 | }
34 |
35 | Example of using the function:
36 | ReadComputerAdmPWD -objgroup $adgroup -objOU $objOU -inheritancetype $inheritancetype
37 |
--------------------------------------------------------------------------------
/AD_LAPS_Install/InstallLAPSSchema.ps1:
--------------------------------------------------------------------------------
1 | #Must be run on the schema master. Must be run as a schema admin. Must be run in admin window
2 |
3 |
4 | function Get-ScriptDirectory {
5 | Split-Path -Parent $PSCommandPath
6 | }
7 | $scriptPath = Get-ScriptDirectory
8 |
9 | copy-item -path ($scriptpath + "\admpwd.ps") -destination "C:\Windows\System32\WindowsPowerShell\v1.0\Modules"
10 | get-childitem -path ($scriptpath + "\admpwd.ps") -recurse |Foreach-object {
11 | Copy-item -literalpath $_.fullname -destination "C:\Windows\System32\WindowsPowerShell\v1.0\Modules\admpwd.ps"
12 | }
13 | copy-item -path ($scriptpath + "\AdmPwd.admx") -destination "C:\Windows\PolicyDefinitions"
14 | copy-item -path ($scriptpath + "\AdmPwd.adml") -destination "C:\Windows\PolicyDefinitions\en-US"
15 |
16 | Import-Module ADMPwd.ps
17 | Update-AdmPwdADSchema
18 | Set-AdmPwdComputerSelfPermission -OrgUnit (Get-ADDomain).distinguishedname
--------------------------------------------------------------------------------
/AD_LAPS_Install/LAPS.x64.msi:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/davidprowe/AD_Sec_Tools/9435883090f1ccfd65057f80518ea1196f9a346d/AD_LAPS_Install/LAPS.x64.msi
--------------------------------------------------------------------------------
/AD_ManageTiers/README.md:
--------------------------------------------------------------------------------
1 | # Microsoft ESAE Stage #1 Support
2 | Stage 1 is defined as:
3 | Separate Admin accounts for Workstations
4 | Separate Admin accounts for Servers
5 | Separate Admin accounts for Domain Controllers
6 | Import New-TierAdminUser.ps1
7 |
8 | New-TierAdminUser -SourceAcct 'samaccountname' -Tier 0,1 or 2
9 |
10 | Getting Started
11 | This code is written in PowerShell and requires the AD commandlets to run. The current scripts in the repo: create a tiered structured in an active directory environment, create tiered groups with very granular permissions on the domain and create ACL permissions on the OUs based on the name of the group.
12 | Create accounts wit the new-tieradminuser.ps1 file
13 | Manage user groups using the scripts in TieredAdmin_GroupMembership.ps1
14 | Each function found in the group membership ps1 file has examples
15 |
16 |
17 | Prerequisites
18 | ADDS
19 | Active directory powershell modules
20 | Also import the Tiered model using the deploy script found in the createtiers Folder
21 |
22 | Functions in This Folder
23 | New-TierAdminUser
24 | Add-TierAdminToGroup
25 | Remove-TierAdminFromGroup
26 | Clone-TierAdminGroups
27 | Add-TierAdmintoSubGroup
28 |
29 | Authors
30 | David Rowe - Initial work - AD admin creation and Tiered group management
31 |
32 |
33 | License
34 | This project is licensed under the MIT License - see the LICENSE.md file for details
35 |
36 |
37 |
--------------------------------------------------------------------------------
/AD_User_AccountOpsCleanup/AD_OU_SetACL/GPO Control Permissions.ps1:
--------------------------------------------------------------------------------
1 | ######
2 | # GPO Tasks
3 | Function LinkGPO($objGroup, $objOU, $inheritanceType)
4 | {
5 |
6 | $groupSID = New-Object System.Security.Principal.SecurityIdentifier $objGroup.SID
7 | $objAcl = get-acl $objOU
8 | $objAcl.AddAccessRule((New-Object System.DirectoryServices.ActiveDirectoryAccessRule $groupSID,"WriteProperty,ReadProperty","Allow",$guidmap["gplink"],$inheritanceType))
9 | $objAcl.AddAccessRule((New-Object System.DirectoryServices.ActiveDirectoryAccessRule $groupSID,"WriteProperty,ReadProperty","Allow",$guidmap["gpoptions"],$inheritanceType))
10 |
11 | try
12 | {
13 | Set-Acl -AclObject $objAcl -path $objOU
14 | }
15 | catch
16 | {
17 | Write-Host -ForegroundColor Red ("ERROR: Unable to grant the group " + $objGroup.Name + " permissions to link group policies on the OU " + $objOU)
18 | }
19 | If(!$error)
20 | {
21 | Write-Host -ForegroundColor Green ("INFORMATION: Granted the group " + $objGroup.Name + " permissions to link group policies on the OU " + $objOU)
22 | }
23 |
24 |
25 | }
26 |
27 | Function GenerateRsopPlanning($objGroup, $objOU, $inheritanceType)
28 | {
29 |
30 | If($inheritanceType -eq "Descendents") { $inheritanceType="All"}
31 | ElseIf($inheritanceType -eq "Children") { $inheritanceType="None"}
32 |
33 | $error.Clear()
34 |
35 | $groupSID = New-Object System.Security.Principal.SecurityIdentifier $objGroup.SID
36 | $objAcl = get-acl $objOU
37 | $objacl.AddAccessRule((New-Object System.DirectoryServices.ActiveDirectoryAccessRule $groupSID,"ExtendedRight","Allow",$extendedrightsmap["Generate resultant set of policy (Planning)"],$inheritanceType,"00000000-0000-0000-0000-000000000000"))
38 |
39 | try
40 | {
41 | Set-Acl -AclObject $objAcl -path $objOU -ErrorAction Stop
42 | }
43 | catch
44 | {
45 | Write-Host -ForegroundColor Red ("ERROR: Unable to grant the group " + $objGroup.Name + " the permission Generate resultant set of policy (Planning) on the OU " + $objOU)
46 | }
47 | If(!$error)
48 | {
49 | Write-Host -ForegroundColor Green ("INFORMATION: Granted the group " + $objGroup.Name + " the permission Generate resultant set of policy (Planning) on the OU " + $objOU)
50 | }
51 |
52 |
53 | }
54 |
55 | Function GenerateRsopLogging($objGroup, $objOU, $inheritanceType)
56 | {
57 |
58 | If($inheritanceType -eq "Descendents") { $inheritanceType="All"}
59 | ElseIf($inheritanceType -eq "Children") { $inheritanceType="None"}
60 |
61 | $error.Clear()
62 |
63 | $groupSID = New-Object System.Security.Principal.SecurityIdentifier $objGroup.SID
64 | $objAcl = get-acl $objOU
65 | $objacl.AddAccessRule((New-Object System.DirectoryServices.ActiveDirectoryAccessRule $groupSID,"ExtendedRight","Allow",$extendedrightsmap["Generate resultant set of policy (Logging)"],$inheritanceType,"00000000-0000-0000-0000-000000000000"))
66 |
67 | try
68 | {
69 | Set-Acl -AclObject $objAcl -path $objOU -ErrorAction Stop
70 | }
71 | catch
72 | {
73 | Write-Host -ForegroundColor Red ("ERROR: Unable to grant the group " + $objGroup.Name + " the permission Generate resultant set of policy (Logging) on the OU " + $objOU)
74 | }
75 | If(!$error)
76 | {
77 | Write-Host -ForegroundColor Green ("INFORMATION: Granted the group " + $objGroup.Name + " the permission Generate resultant set of policy (Logging) on the OU " + $objOU)
78 | }
79 |
80 |
81 | }
--------------------------------------------------------------------------------
/AD_User_AccountOpsCleanup/FindAllOUsWithComputers.ps1:
--------------------------------------------------------------------------------
1 | $ous = Get-ADOrganizationalUnit -SearchScope OneLevel -f *
2 | $ToplevelComps = @()
3 | $onemoredown1 = @()
4 | $onemoredown2 = @()
5 | foreach ($ou in $ous){
6 | $onemoredown1 += Get-ADOrganizationalUnit -SearchBase $ou -SearchScope OneLevel -f *
7 |
8 |
9 | }
10 | foreach ($ou in $onemoredown1){
11 | $onemoredown2 += Get-ADOrganizationalUnit -SearchBase $ou -SearchScope OneLevel -f *
12 |
13 |
14 | }
15 |
16 | foreach ($ou in $onemoredown2){
17 | $ToplevelComps += Get-ADcomputer -ResultSetSize 10 -SearchBase $ou -f *|select distinguishedname
18 |
19 |
20 | }
21 |
22 | $array = @()
23 |
24 | foreach ($comp in $ToplevelComps){
25 |
26 | $arraytemp = ($comp.distinguishedname -split ",")
27 | $arraytemp = $arraytemp[1..($arraytemp.count-1)]
28 | $array += $arraytemp -join ","
29 |
30 | }
31 |
32 | $array = $array|select -Unique
33 | $array
34 |
35 |
--------------------------------------------------------------------------------
/AD_User_AccountOpsCleanup/FindAllOUsWithGroups.ps1:
--------------------------------------------------------------------------------
1 | $ous = Get-ADOrganizationalUnit -SearchScope OneLevel -f *
2 | $ToplevelUsers = @()
3 | $onemoredown = @()
4 | foreach ($ou in $ous){
5 | $onemoredown += Get-ADOrganizationalUnit -SearchBase $ou -SearchScope OneLevel -f *
6 |
7 |
8 | }
9 | foreach ($ou in $onemoredown){
10 | $ToplevelUsers += Get-adgroup -ResultSetSize 10 -SearchBase $ou -f *|select distinguishedname
11 |
12 |
13 | }
14 |
15 | $array = @()
16 |
17 | foreach ($user in $ToplevelUsers){
18 |
19 | $arraytemp = ($user.distinguishedname -split ",")
20 | $arraytemp = $arraytemp[1..($arraytemp.count-1)]
21 | $array += $arraytemp -join ","
22 |
23 | }
24 |
25 | $array = $array|select -Unique
26 | $array
--------------------------------------------------------------------------------
/AD_User_AccountOpsCleanup/FindAllOUsWithUsers.ps1:
--------------------------------------------------------------------------------
1 | $ous = Get-ADOrganizationalUnit -SearchScope OneLevel -f *
2 | $ToplevelUsers = @()
3 | $onemoredown = @()
4 | foreach ($ou in $ous){
5 | $onemoredown += Get-ADOrganizationalUnit -SearchBase $ou -SearchScope OneLevel -f *
6 |
7 |
8 | }
9 | foreach ($ou in $onemoredown){
10 | $ToplevelUsers += Get-ADUser -ResultSetSize 50 -SearchBase $ou -f *|select distinguishedname
11 |
12 |
13 | }
14 |
15 |
16 | $array = @()
17 |
18 | foreach ($user in $ToplevelUsers){
19 |
20 | $arraytemp = ($user.distinguishedname -split ",")
21 | $arraytemp = $arraytemp[1..($arraytemp.count-1)]
22 | $array += $arraytemp -join ","
23 |
24 | }
25 |
26 | $array = $array|select -Unique
27 | $array
--------------------------------------------------------------------------------
/AD_User_AccountOpsCleanup/README.md:
--------------------------------------------------------------------------------
1 | # Framework for the Cleanup Built-in group Account Operators Stage #1 Support
2 | Framework stored in AD_User_AccountOpsCleanup folder set
3 | For info on the permissions the account operators groups has on a domain, please read https://docs.microsoft.com/en-us/windows-server/identity/ad-ds/plan/security-best-practices/appendix-b--privileged-accounts-and-groups-in-active-directory
4 | This goal is to remove the vast amount of permissions granted on the domain by default to the account operators group.
5 |
6 | Prerequisites
7 | ADDS
8 | Active directory powershell modules
9 | Also import the Tiered model using the deploy script found in the Createtiers Folder
10 | I usually store the files in c:\scripts as noted in the $scriptpath variable in the "Create User Perm Roles Alt to Acct Ops.ps1" files
11 |
12 | Workflow
13 | Scripts must be run as outlined in step 1
14 | Then Scripts in step 2 must be modified to grant the permissions to the appropriate OUs
15 | The scripts in step two refer to $permissionset files that grant appropriate permissions.
16 | Use the files referenced in the $permissionset variable to understand the permissions granted with this script
17 |
18 | Getting Started - Step 1
19 | This code is written in PowerShell and requires the AD commandlets to run. The current scripts in the repo: create a tiered structured in an active directory environment, create tiered groups with very granular permissions on the domain and create ACL permissions on the OUs based on the name of the group.
20 | Three scripts help the user by finding users, groups, and computers in the domain.
21 | FindAllOUsWithComputers.ps1
22 | FindAllOUsWithGroups.ps1
23 | FindAllOUsWithUsers.ps1
24 | Store the output
25 | Manually run these scripts to get an output of OUs on the domain with computers Groups and Users
26 |
27 | Step 2
28 | Use the output of these three scrips to load the $OUArray variable with the needed OUs into the following files
29 | User: AD_User_AccountOpsCleanup\RoleCreation\Create User Perm Roles Alt To Acct Ops.ps1
30 | Computer: AD_User_AccountOpsCleanup\RoleCreation\Create Computer Perm Roles Alt To Acct Ops.ps1
31 | Computer LAPS: Create LAPS Perm Roles Alt To Acct Ops.ps1
32 | Computer LAPS - Servers: Create LAPS Perm Roles Alt To Acct Ops - Servers.ps1
33 | Groups: AD_User_AccountOpsCleanup\RoleCreation\Create Groups Perm Roles Alt To Acct Ops.ps1
34 |
35 | Functions in This Folder
36 | No specific functions yet. There are still a large number of manual steps
37 |
38 | Authors
39 | David Rowe - Initial work - AD admin creation and Tiered group management
40 |
41 |
42 | License
43 | This project is licensed under the MIT License - see the LICENSE.md file for details
44 |
45 |
46 |
--------------------------------------------------------------------------------
/AD_User_AccountOpsCleanup/unused - create nested parent groups.ps1:
--------------------------------------------------------------------------------
1 | #not used because admin users will be granted to the top groups "UNIV_T2_full_fullcontrol*"
2 | $T2AdminOULocation = "OU=T2-Permissions,OU=Tier 2,OU=Admin" + "," + $dn
3 | cd ad:
4 | $dc = (get-addomain).PDCEmulator
5 | $admintype = @('User','Group','Computer')
6 |
7 | foraech ($g in $admintype){
8 |
9 | $grpname = "LegacyOUs "+$g+ " UserAdmins"
10 |
11 | New-ADGroup -Description "Full Control administrators on legacy OUs for $g objects" -Name $grpname -Path $T2AdminOULocation -GroupCategory Security -GroupScope Global -Server $dc
12 | $adgroup = get-adgroup $t2groupname -Server $dc
13 | $adgroup |Set-ADGroup -replace @{info = "Check memberof tab for permissions granted to this group"}
14 |
15 |
16 | }
17 |
--------------------------------------------------------------------------------
/AD_domain_CreateNewDomain/defaultNewDomainCreation.ps1:
--------------------------------------------------------------------------------
1 | Enable-PSRemoting -Force
2 | set-ItemProperty -Path 'HKLM:\System\CurrentControlSet\Control\Terminal Server'-name "fDenyTS Connections" -Value 0
3 | Enable-NetFirewallRule -DisplayGroup "Remote Desktop"
4 | set-ItemProperty -Path 'HKLM:\System\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp' -name "UserAuthentication" -Value 1
5 | Rename-Computer -ComputerName (hostname) -newname "TEMP-DC"
6 | #netsh winhttp set proxy 1.3.5.2:8080 #removed
7 | Set-TimeZone -Name "Eastern Standard Time"
8 |
9 | Import-Module ServerManager
10 | Install-windowsfeature -name AD-Domain-Services –IncludeManagementTools
11 | Install-WindowsFeature –Name GPMC
12 | shutdown /f /r /t 1
13 |
14 |
15 |
16 | $domainname = "temp.University.edu"
17 | $NTDPath = "C:\Windows\ntds"
18 | $logPath = "C:\Windows\ntds"
19 | $sysvolPath = "C:\Windows\Sysvol"
20 | $domainmode = "win2012R2"
21 | $forestmode = "win2012R2"
22 |
23 |
24 |
25 | Install-ADDSForest -CreateDnsDelegation:$false -DatabasePath $NTDPath -DomainMode $domainmode -DomainName $domainname -ForestMode $forestmode -InstallDns:$true -LogPath $logPath -NoRebootOnCompletion:$false -SysvolPath $sysvolPath -Force:$true
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/Call-GPOExport.ps1:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/davidprowe/AD_Sec_Tools/9435883090f1ccfd65057f80518ea1196f9a346d/Create Tiers/AD_GPO_Migration/Call-GPOExport.ps1
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/Call-GPOImport.ps1:
--------------------------------------------------------------------------------
1 | <##############################################################################
2 | Setup
3 |
4 | Your working folder path should include your MigrationTableCSV files, a copy
5 | of this script, a copy of the GPOMigration.psm1 module file, and the GPO
6 | backup folder from the export.
7 |
8 | This example assumes that a backup will run under a source credential and server,
9 | and the import will run under a destination credential and server. Between these
10 | two operations you will need to copy your working folder from one environment to
11 | the other.
12 |
13 | NOTE: Before running you will need at least one MigrationTableCSV file using
14 | this format:
15 | Source,Destination,Type
16 | "OldDomain.FQDN","NewDomain.FQDN","Domain"
17 | "OldDomainNETBIOSName","NewDomainNETBIOSName","Domain"
18 | "\\foo\server","\\baz\server","UNC"
19 |
20 | Modify the following to your needs:
21 | working folder path
22 | GPO backup folder path
23 | destination domains and servers
24 | MigTableCSV files
25 | ##############################################################################>
26 | function Get-ScriptDirectory {
27 | Split-Path -Parent $PSCommandPath
28 | }
29 | $scriptPath = Get-ScriptDirectory
30 | $adplatformsourcedir = split-path -Path $scriptPath -Parent
31 | import-module ($scriptPath+'\GPOMigration\gpomigration.psm1') -force
32 |
33 | Import-Module GroupPolicy
34 | Import-Module ActiveDirectory
35 |
36 | # This path must be absolute, not relative
37 | $Path = $scriptPath # Current folder specified in Set-Location above
38 | $BackupPath = $scriptPath+ "\GPO"
39 |
40 | ###############################################################################
41 | # IMPORT
42 | ###############################################################################
43 | $domain = "ad:"
44 | cd $domain
45 |
46 | $DestDomain = (Get-ADDomain).dnsroot
47 | $DestServer = (Get-ADDomain).pdcemulator
48 | $MigTableCSVPath = $scriptPath + '\adatum_to_anything.csv'
49 | $csv = import-csv $MigTableCSVPath
50 | $csv.destination = (Get-ADDomain).dnsroot
51 | $csv|export-csv -NoTypeInformation -Path $MigTableCSVPath
52 |
53 | Start-GPOImport `
54 | -DestDomain $DestDomain `
55 | -DestServer $DestServer `
56 | -Path $Path `
57 | -BackupPath $BackupPath `
58 | -MigTableCSVPath $MigTableCSVPath `
59 | #-CopyACL
60 |
61 |
62 |
63 |
64 |
65 |
66 | <#
67 |
68 | ###############################################################################
69 | # DEV to QA
70 | ###############################################################################
71 | $DestDomain = 'qa.wingtiptoys.com'
72 | $DestServer = 'dc1.qa.wingtiptoys.com'
73 | $MigTableCSVPath = '.\MigTable_DEV_to_QA.csv'
74 |
75 | Start-GPOImport `
76 | -DestDomain $DestDomain `
77 | -DestServer $DestServer `
78 | -Path $Path `
79 | -BackupPath $BackupPath `
80 | -MigTableCSVPath $MigTableCSVPath `
81 | -CopyACL
82 |
83 | ###############################################################################
84 | # DEV to PROD
85 | ###############################################################################
86 | $DestDomain = 'prod.wingtiptoys.com'
87 | $DestServer = 'dc1.prod.wingtiptoys.com'
88 | $MigTableCSVPath = '.\MigTable_DEV_to_PROD.csv'
89 |
90 | Start-GPOImport `
91 | -DestDomain $DestDomain `
92 | -DestServer $DestServer `
93 | -Path $Path `
94 | -BackupPath $BackupPath `
95 | -MigTableCSVPath $MigTableCSVPath `
96 | -CopyACL
97 |
98 | ###############################################################################
99 | # END
100 | ###############################################################################
101 |
102 | #>
103 |
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/WMIFilters.csv:
--------------------------------------------------------------------------------
1 | "msWMI-Author","msWMI-Name","msWMI-Parm1","msWMI-Parm2"
2 | "Administrator@ctm.contoso.com","Build Value","Build Value Check","1;3;10;63;WQL;root\CIMv2;Select * from Microsoft_BDD_Info where(BuildValue !=""NewBuild"");"
3 | "Administrator@CONTOSO.COM","Windows 10 or Windows Server 2016","Windows 10 or WIndows Server 2016","1;3;10;61;WQL;root\CIMv2;select * from Win32_OperatingSystem WHERE Version like ""10.%"";"
4 | "Administrator@CONTOSO.COM","Windows Server 2012 R2 Operating System","Windows Server 2012 R2 Operating System","1;3;10;83;WQL;root\CIMv2;select * from Win32_OperatingSystem WHERE Version like ""6.3%"" AND ProductType=""3""
5 | ;"
6 | "Administrator@CONTOSO.COM","Windows Server 2016 Operating System","Windows Server 2016 Operating System","1;3;10;81;WQL;root\CIMv2;select * from Win32_OperatingSystem WHERE Version like ""10.%"" AND ProductType=""3"";"
7 |
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{0520525A-BEBD-4018-B8D3-68DA329AC813}/Backup.xml:
--------------------------------------------------------------------------------
1 |
2 | 01 00 04 9c 00 00 00 00 00 00 00 00 00 00 00 00 14 00 00 00 04 00 ec 00 08 00 00 00 05 02 28 00 00 01 00 00 01 00 00 00 8f fd ac ed b3 ff d1 11 b4 1d 00 a0 c9 68 f9 39 01 01 00 00 00 00 00 05 0b 00 00 00 00 00 24 00 ff 00 0f 00 01 05 00 00 00 00 00 05 15 00 00 00 3b dc 28 fa 46 38 ac 9a 30 0e 69 2b 00 02 00 00 00 02 24 00 ff 00 0f 00 01 05 00 00 00 00 00 05 15 00 00 00 3b dc 28 fa 46 38 ac 9a 30 0e 69 2b 00 02 00 00 00 02 24 00 ff 00 0f 00 01 05 00 00 00 00 00 05 15 00 00 00 3b dc 28 fa 46 38 ac 9a 30 0e 69 2b 07 02 00 00 00 02 14 00 94 00 02 00 01 01 00 00 00 00 00 05 09 00 00 00 00 02 14 00 94 00 02 00 01 01 00 00 00 00 00 05 0b 00 00 00 00 02 14 00 ff 00 0f 00 01 01 00 00 00 00 00 05 12 00 00 00 00 0a 14 00 ff 00 0f 00 01 01 00 00 00 00 00 03 00 00 00 00
3 |
4 |
5 |
6 |
7 |
8 |
9 |
10 |
11 |
12 |
13 |
14 |
15 |
16 |
17 |
18 |
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{0520525A-BEBD-4018-B8D3-68DA329AC813}/DomainSysvol/GPO/User/comment.cmtx:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |
6 |
7 |
8 |
9 |
10 |
11 |
12 |
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{0520525A-BEBD-4018-B8D3-68DA329AC813}/DomainSysvol/GPO/User/registry.pol:
--------------------------------------------------------------------------------
1 | PReg����[�S�o�f�t�w�a�r�e�\�P�o�l�i�c�i�e�s�\�M�i�c�r�o�s�o�f�t�\�W�i�n�d�o�w�s�\�C�o�n�t�r�o�l� �P�a�n�e�l�\�D�e�s�k�t�o�p���;�S�c�r�e�e�n�S�a�v�e�A�c�t�i�v�e���;�����;�����;�1���]�[�S�o�f�t�w�a�r�e�\�P�o�l�i�c�i�e�s�\�M�i�c�r�o�s�o�f�t�\�W�i�n�d�o�w�s�\�C�o�n�t�r�o�l� �P�a�n�e�l�\�D�e�s�k�t�o�p���;�S�c�r�e�e�n�S�a�v�e�r�I�s�S�e�c�u�r�e���;�����;�����;�1���]�
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{0520525A-BEBD-4018-B8D3-68DA329AC813}/bkupInfo.xml:
--------------------------------------------------------------------------------
1 |
2 |
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{0520525A-BEBD-4018-B8D3-68DA329AC813}/gpreport.xml:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/davidprowe/AD_Sec_Tools/9435883090f1ccfd65057f80518ea1196f9a346d/Create Tiers/AD_GPO_Migration/GPO/{0520525A-BEBD-4018-B8D3-68DA329AC813}/gpreport.xml
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{0AE339BC-7AD9-4C1F-A068-BBA3E896A831}/DomainSysvol/GPO/User/comment.cmtx:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |
6 |
7 |
8 |
9 |
10 |
11 |
12 |
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{0AE339BC-7AD9-4C1F-A068-BBA3E896A831}/DomainSysvol/GPO/User/registry.pol:
--------------------------------------------------------------------------------
1 | PReg����[�S�o�f�t�w�a�r�e�\�P�o�l�i�c�i�e�s�\�M�i�c�r�o�s�o�f�t�\�W�i�n�d�o�w�s�\�C�o�n�t�r�o�l� �P�a�n�e�l�\�D�e�s�k�t�o�p���;�S�c�r�e�e�n�S�a�v�e�A�c�t�i�v�e���;�����;�����;�1���]�[�S�o�f�t�w�a�r�e�\�P�o�l�i�c�i�e�s�\�M�i�c�r�o�s�o�f�t�\�W�i�n�d�o�w�s�\�C�o�n�t�r�o�l� �P�a�n�e�l�\�D�e�s�k�t�o�p���;�S�c�r�e�e�n�S�a�v�e�r�I�s�S�e�c�u�r�e���;�����;�����;�1���]�[�S�o�f�t�w�a�r�e�\�P�o�l�i�c�i�e�s�\�M�i�c�r�o�s�o�f�t�\�W�i�n�d�o�w�s�\�C�u�r�r�e�n�t�V�e�r�s�i�o�n�\�P�u�s�h�N�o�t�i�f�i�c�a�t�i�o�n�s���;�N�o�T�o�a�s�t�A�p�p�l�i�c�a�t�i�o�n�N�o�t�i�f�i�c�a�t�i�o�n�O�n�L�o�c�k�S�c�r�e�e�n���;�����;�����;�����]�
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{0AE339BC-7AD9-4C1F-A068-BBA3E896A831}/bkupInfo.xml:
--------------------------------------------------------------------------------
1 |
2 |
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{0AE339BC-7AD9-4C1F-A068-BBA3E896A831}/gpreport.xml:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/davidprowe/AD_Sec_Tools/9435883090f1ccfd65057f80518ea1196f9a346d/Create Tiers/AD_GPO_Migration/GPO/{0AE339BC-7AD9-4C1F-A068-BBA3E896A831}/gpreport.xml
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{172E09E2-1CFC-49CC-9B75-537B22668653}/DomainSysvol/GPO/Machine/Preferences/Groups/Groups.xml:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{172E09E2-1CFC-49CC-9B75-537B22668653}/DomainSysvol/GPO/Machine/microsoft/windows nt/SecEdit/GptTmpl.inf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/davidprowe/AD_Sec_Tools/9435883090f1ccfd65057f80518ea1196f9a346d/Create Tiers/AD_GPO_Migration/GPO/{172E09E2-1CFC-49CC-9B75-537B22668653}/DomainSysvol/GPO/Machine/microsoft/windows nt/SecEdit/GptTmpl.inf
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{172E09E2-1CFC-49CC-9B75-537B22668653}/bkupInfo.xml:
--------------------------------------------------------------------------------
1 |
2 |
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{172E09E2-1CFC-49CC-9B75-537B22668653}/gpreport.xml:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/davidprowe/AD_Sec_Tools/9435883090f1ccfd65057f80518ea1196f9a346d/Create Tiers/AD_GPO_Migration/GPO/{172E09E2-1CFC-49CC-9B75-537B22668653}/gpreport.xml
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{2ED1B6DD-A782-47EB-AE8F-92F1043EEB44}/DomainSysvol/GPO/Machine/microsoft/windows nt/SecEdit/GptTmpl.inf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/davidprowe/AD_Sec_Tools/9435883090f1ccfd65057f80518ea1196f9a346d/Create Tiers/AD_GPO_Migration/GPO/{2ED1B6DD-A782-47EB-AE8F-92F1043EEB44}/DomainSysvol/GPO/Machine/microsoft/windows nt/SecEdit/GptTmpl.inf
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{2ED1B6DD-A782-47EB-AE8F-92F1043EEB44}/DomainSysvol/GPO/Machine/registry.pol:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/davidprowe/AD_Sec_Tools/9435883090f1ccfd65057f80518ea1196f9a346d/Create Tiers/AD_GPO_Migration/GPO/{2ED1B6DD-A782-47EB-AE8F-92F1043EEB44}/DomainSysvol/GPO/Machine/registry.pol
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{2ED1B6DD-A782-47EB-AE8F-92F1043EEB44}/bkupInfo.xml:
--------------------------------------------------------------------------------
1 |
2 |
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{2ED1B6DD-A782-47EB-AE8F-92F1043EEB44}/gpreport.xml:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/davidprowe/AD_Sec_Tools/9435883090f1ccfd65057f80518ea1196f9a346d/Create Tiers/AD_GPO_Migration/GPO/{2ED1B6DD-A782-47EB-AE8F-92F1043EEB44}/gpreport.xml
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{338D5626-AEAC-4609-AEEA-AA66BAA4D20C}/Backup.xml:
--------------------------------------------------------------------------------
1 |
2 | 01 00 04 9c 00 00 00 00 00 00 00 00 00 00 00 00 14 00 00 00 04 00 ec 00 08 00 00 00 05 02 28 00 00 01 00 00 01 00 00 00 8f fd ac ed b3 ff d1 11 b4 1d 00 a0 c9 68 f9 39 01 01 00 00 00 00 00 05 0b 00 00 00 00 00 24 00 ff 00 0f 00 01 05 00 00 00 00 00 05 15 00 00 00 3b dc 28 fa 46 38 ac 9a 30 0e 69 2b 00 02 00 00 00 02 24 00 ff 00 0f 00 01 05 00 00 00 00 00 05 15 00 00 00 3b dc 28 fa 46 38 ac 9a 30 0e 69 2b 00 02 00 00 00 02 24 00 ff 00 0f 00 01 05 00 00 00 00 00 05 15 00 00 00 3b dc 28 fa 46 38 ac 9a 30 0e 69 2b 07 02 00 00 00 02 14 00 94 00 02 00 01 01 00 00 00 00 00 05 09 00 00 00 00 02 14 00 94 00 02 00 01 01 00 00 00 00 00 05 0b 00 00 00 00 02 14 00 ff 00 0f 00 01 01 00 00 00 00 00 05 12 00 00 00 00 0a 14 00 ff 00 0f 00 01 01 00 00 00 00 00 03 00 00 00 00
3 |
4 |
5 |
6 |
7 |
8 |
9 |
10 |
11 |
12 |
13 |
14 |
15 |
16 |
17 |
18 |
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{338D5626-AEAC-4609-AEEA-AA66BAA4D20C}/DomainSysvol/GPO/Machine/comment.cmtx:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |
6 |
7 |
8 |
9 |
10 |
11 |
12 |
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{338D5626-AEAC-4609-AEEA-AA66BAA4D20C}/bkupInfo.xml:
--------------------------------------------------------------------------------
1 |
2 |
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{338D5626-AEAC-4609-AEEA-AA66BAA4D20C}/gpreport.xml:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/davidprowe/AD_Sec_Tools/9435883090f1ccfd65057f80518ea1196f9a346d/Create Tiers/AD_GPO_Migration/GPO/{338D5626-AEAC-4609-AEEA-AA66BAA4D20C}/gpreport.xml
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{3B405902-B09D-422B-ACE0-3A6769037D0F}/DomainSysvol/GPO/User/comment.cmtx:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |
6 |
7 |
8 |
9 |
10 |
11 |
12 |
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{3B405902-B09D-422B-ACE0-3A6769037D0F}/DomainSysvol/GPO/User/registry.pol:
--------------------------------------------------------------------------------
1 | PReg����[�S�o�f�t�w�a�r�e�\�P�o�l�i�c�i�e�s�\�M�i�c�r�o�s�o�f�t�\�W�i�n�d�o�w�s�\�C�o�n�t�r�o�l� �P�a�n�e�l�\�D�e�s�k�t�o�p���;�S�c�r�e�e�n�S�a�v�e�A�c�t�i�v�e���;�����;�����;�1���]�[�S�o�f�t�w�a�r�e�\�P�o�l�i�c�i�e�s�\�M�i�c�r�o�s�o�f�t�\�W�i�n�d�o�w�s�\�C�o�n�t�r�o�l� �P�a�n�e�l�\�D�e�s�k�t�o�p���;�S�c�r�e�e�n�S�a�v�e�r�I�s�S�e�c�u�r�e���;�����;�����;�1���]�[�S�o�f�t�w�a�r�e�\�P�o�l�i�c�i�e�s�\�M�i�c�r�o�s�o�f�t�\�W�i�n�d�o�w�s�\�C�u�r�r�e�n�t�V�e�r�s�i�o�n�\�P�u�s�h�N�o�t�i�f�i�c�a�t�i�o�n�s���;�N�o�T�o�a�s�t�A�p�p�l�i�c�a�t�i�o�n�N�o�t�i�f�i�c�a�t�i�o�n�O�n�L�o�c�k�S�c�r�e�e�n���;�����;�����;�����]�
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{3B405902-B09D-422B-ACE0-3A6769037D0F}/bkupInfo.xml:
--------------------------------------------------------------------------------
1 |
2 |
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{3B405902-B09D-422B-ACE0-3A6769037D0F}/gpreport.xml:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/davidprowe/AD_Sec_Tools/9435883090f1ccfd65057f80518ea1196f9a346d/Create Tiers/AD_GPO_Migration/GPO/{3B405902-B09D-422B-ACE0-3A6769037D0F}/gpreport.xml
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{3D7759E5-795D-4E35-87B9-1DD66D9EF9DB}/DomainSysvol/GPO/Machine/comment.cmtx:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |
6 |
7 |
8 |
9 |
10 |
11 |
12 |
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{3D7759E5-795D-4E35-87B9-1DD66D9EF9DB}/DomainSysvol/GPO/Machine/registry.pol:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/davidprowe/AD_Sec_Tools/9435883090f1ccfd65057f80518ea1196f9a346d/Create Tiers/AD_GPO_Migration/GPO/{3D7759E5-795D-4E35-87B9-1DD66D9EF9DB}/DomainSysvol/GPO/Machine/registry.pol
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{3D7759E5-795D-4E35-87B9-1DD66D9EF9DB}/bkupInfo.xml:
--------------------------------------------------------------------------------
1 |
2 |
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{3D7759E5-795D-4E35-87B9-1DD66D9EF9DB}/gpreport.xml:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/davidprowe/AD_Sec_Tools/9435883090f1ccfd65057f80518ea1196f9a346d/Create Tiers/AD_GPO_Migration/GPO/{3D7759E5-795D-4E35-87B9-1DD66D9EF9DB}/gpreport.xml
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{465EF457-5225-4888-BBC1-6CF7CC3EA638}/DomainSysvol/GPO/Machine/microsoft/windows nt/SecEdit/GptTmpl.inf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/davidprowe/AD_Sec_Tools/9435883090f1ccfd65057f80518ea1196f9a346d/Create Tiers/AD_GPO_Migration/GPO/{465EF457-5225-4888-BBC1-6CF7CC3EA638}/DomainSysvol/GPO/Machine/microsoft/windows nt/SecEdit/GptTmpl.inf
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{465EF457-5225-4888-BBC1-6CF7CC3EA638}/DomainSysvol/GPO/Machine/registry.pol:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/davidprowe/AD_Sec_Tools/9435883090f1ccfd65057f80518ea1196f9a346d/Create Tiers/AD_GPO_Migration/GPO/{465EF457-5225-4888-BBC1-6CF7CC3EA638}/DomainSysvol/GPO/Machine/registry.pol
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{465EF457-5225-4888-BBC1-6CF7CC3EA638}/bkupInfo.xml:
--------------------------------------------------------------------------------
1 |
2 |
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{465EF457-5225-4888-BBC1-6CF7CC3EA638}/gpreport.xml:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/davidprowe/AD_Sec_Tools/9435883090f1ccfd65057f80518ea1196f9a346d/Create Tiers/AD_GPO_Migration/GPO/{465EF457-5225-4888-BBC1-6CF7CC3EA638}/gpreport.xml
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{4AAF5FC7-BF45-407D-A068-0B6A58E34AEF}/DomainSysvol/GPO/GPO.cmt:
--------------------------------------------------------------------------------
1 | S�C�M� �3�.�0� �W�i�n� �2�0�1�2�R�2� �C�o�m�p�u�t�e�r� �P�o�l�i�c�y�
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{4AAF5FC7-BF45-407D-A068-0B6A58E34AEF}/DomainSysvol/GPO/Machine/comment.cmtx:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |
6 |
7 |
8 |
9 |
10 |
11 |
12 |
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{4AAF5FC7-BF45-407D-A068-0B6A58E34AEF}/DomainSysvol/GPO/Machine/microsoft/windows nt/Audit/audit.csv:
--------------------------------------------------------------------------------
1 | Machine Name,Policy Target,Subcategory,Subcategory GUID,Inclusion Setting,Exclusion Setting,Setting Value
2 | ,System,Audit Credential Validation,{0cce923f-69ae-11d9-bed3-505054503030},Success and Failure,,3
3 | ,System,Audit Computer Account Management,{0cce9236-69ae-11d9-bed3-505054503030},Success,,1
4 | ,System,Audit Other Account Management Events,{0cce923a-69ae-11d9-bed3-505054503030},Success and Failure,,3
5 | ,System,Audit Security Group Management,{0cce9237-69ae-11d9-bed3-505054503030},Success and Failure,,3
6 | ,System,Audit User Account Management,{0cce9235-69ae-11d9-bed3-505054503030},Success and Failure,,3
7 | ,System,Audit Process Creation,{0cce922b-69ae-11d9-bed3-505054503030},Success,,1
8 | ,System,Audit Account Lockout,{0cce9217-69ae-11d9-bed3-505054503030},Success,,1
9 | ,System,Audit Logoff,{0cce9216-69ae-11d9-bed3-505054503030},Success,,1
10 | ,System,Audit Logon,{0cce9215-69ae-11d9-bed3-505054503030},Success and Failure,,3
11 | ,System,Audit Special Logon,{0cce921b-69ae-11d9-bed3-505054503030},Success,,1
12 | ,System,Audit Audit Policy Change,{0cce922f-69ae-11d9-bed3-505054503030},Success and Failure,,3
13 | ,System,Audit Authentication Policy Change,{0cce9230-69ae-11d9-bed3-505054503030},Success,,1
14 | ,System,Audit Sensitive Privilege Use,{0cce9228-69ae-11d9-bed3-505054503030},Success and Failure,,3
15 | ,System,Audit IPsec Driver,{0cce9213-69ae-11d9-bed3-505054503030},Success and Failure,,3
16 | ,System,Audit Other System Events,{0cce9214-69ae-11d9-bed3-505054503030},Success and Failure,,3
17 | ,System,Audit Security State Change,{0cce9210-69ae-11d9-bed3-505054503030},Success and Failure,,3
18 | ,System,Audit Security System Extension,{0cce9211-69ae-11d9-bed3-505054503030},Success and Failure,,3
19 | ,System,Audit System Integrity,{0cce9212-69ae-11d9-bed3-505054503030},Success and Failure,,3
20 |
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{4AAF5FC7-BF45-407D-A068-0B6A58E34AEF}/DomainSysvol/GPO/Machine/microsoft/windows nt/SecEdit/GptTmpl.inf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/davidprowe/AD_Sec_Tools/9435883090f1ccfd65057f80518ea1196f9a346d/Create Tiers/AD_GPO_Migration/GPO/{4AAF5FC7-BF45-407D-A068-0B6A58E34AEF}/DomainSysvol/GPO/Machine/microsoft/windows nt/SecEdit/GptTmpl.inf
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{4AAF5FC7-BF45-407D-A068-0B6A58E34AEF}/DomainSysvol/GPO/Machine/registry.pol:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/davidprowe/AD_Sec_Tools/9435883090f1ccfd65057f80518ea1196f9a346d/Create Tiers/AD_GPO_Migration/GPO/{4AAF5FC7-BF45-407D-A068-0B6A58E34AEF}/DomainSysvol/GPO/Machine/registry.pol
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{4AAF5FC7-BF45-407D-A068-0B6A58E34AEF}/DomainSysvol/GPO/User/comment.cmtx:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |
6 |
7 |
8 |
9 |
10 |
11 |
12 |
13 |
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{4AAF5FC7-BF45-407D-A068-0B6A58E34AEF}/DomainSysvol/GPO/User/registry.pol:
--------------------------------------------------------------------------------
1 | PReg����[�S�O�F�T�W�A�R�E�\�P�o�l�i�c�i�e�s�\�M�i�c�r�o�s�o�f�t�\�W�i�n�d�o�w�s�\�C�o�n�t�r�o�l� �P�a�n�e�l�\�D�e�s�k�t�o�p���;�S�c�r�e�e�n�S�a�v�e�A�c�t�i�v�e���;�����;�����;�1���]�[�S�O�F�T�W�A�R�E�\�P�o�l�i�c�i�e�s�\�M�i�c�r�o�s�o�f�t�\�W�i�n�d�o�w�s�\�C�o�n�t�r�o�l� �P�a�n�e�l�\�D�e�s�k�t�o�p���;�S�C�R�N�S�A�V�E�.�E�X�E���;�����;�����;�s�c�r�n�s�a�v�e�.�s�c�r���]�[�S�O�F�T�W�A�R�E�\�P�o�l�i�c�i�e�s�\�M�i�c�r�o�s�o�f�t�\�W�i�n�d�o�w�s�\�C�o�n�t�r�o�l� �P�a�n�e�l�\�D�e�s�k�t�o�p���;�S�c�r�e�e�n�S�a�v�e�r�I�s�S�e�c�u�r�e���;�����;�����;�1���]�[�S�O�F�T�W�A�R�E�\�P�o�l�i�c�i�e�s�\�M�i�c�r�o�s�o�f�t�\�W�i�n�d�o�w�s�\�C�u�r�r�e�n�t�V�e�r�s�i�o�n�\�P�u�s�h�N�o�t�i�f�i�c�a�t�i�o�n�s���;�N�o�T�o�a�s�t�A�p�p�l�i�c�a�t�i�o�n�N�o�t�i�f�i�c�a�t�i�o�n�O�n�L�o�c�k�S�c�r�e�e�n���;�����;�����;�����]�
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{4AAF5FC7-BF45-407D-A068-0B6A58E34AEF}/bkupInfo.xml:
--------------------------------------------------------------------------------
1 |
2 |
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{4AAF5FC7-BF45-407D-A068-0B6A58E34AEF}/gpreport.xml:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/davidprowe/AD_Sec_Tools/9435883090f1ccfd65057f80518ea1196f9a346d/Create Tiers/AD_GPO_Migration/GPO/{4AAF5FC7-BF45-407D-A068-0B6A58E34AEF}/gpreport.xml
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{550228DF-28FD-4FFE-9F99-C0429A0318C1}/DomainSysvol/GPO/Machine/comment.cmtx:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |
6 |
7 |
8 |
9 |
10 |
11 |
12 |
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{550228DF-28FD-4FFE-9F99-C0429A0318C1}/DomainSysvol/GPO/Machine/microsoft/windows nt/Audit/audit.csv:
--------------------------------------------------------------------------------
1 | Machine Name,Policy Target,Subcategory,Subcategory GUID,Inclusion Setting,Exclusion Setting,Setting Value
2 | ,System,Audit Credential Validation,{0cce923f-69ae-11d9-bed3-505054503030},Success and Failure,,3
3 | ,System,Audit Computer Account Management,{0cce9236-69ae-11d9-bed3-505054503030},Success,,1
4 | ,System,Audit Other Account Management Events,{0cce923a-69ae-11d9-bed3-505054503030},Success and Failure,,3
5 | ,System,Audit Security Group Management,{0cce9237-69ae-11d9-bed3-505054503030},Success and Failure,,3
6 | ,System,Audit User Account Management,{0cce9235-69ae-11d9-bed3-505054503030},Success and Failure,,3
7 | ,System,Audit PNP Activity,{0cce9248-69ae-11d9-bed3-505054503030},Success,,1
8 | ,System,Audit Process Creation,{0cce922b-69ae-11d9-bed3-505054503030},Success,,1
9 | ,System,Audit Directory Service Access,{0cce923b-69ae-11d9-bed3-505054503030},Success and Failure,,3
10 | ,System,Audit Directory Service Changes,{0cce923c-69ae-11d9-bed3-505054503030},Success and Failure,,3
11 | ,System,Audit Account Lockout,{0cce9217-69ae-11d9-bed3-505054503030},Success and Failure,,3
12 | ,System,Audit Group Membership,{0cce9249-69ae-11d9-bed3-505054503030},Success,,1
13 | ,System,Audit Logoff,{0cce9216-69ae-11d9-bed3-505054503030},Success,,1
14 | ,System,Audit Logon,{0cce9215-69ae-11d9-bed3-505054503030},Success and Failure,,3
15 | ,System,Audit Special Logon,{0cce921b-69ae-11d9-bed3-505054503030},Success,,1
16 | ,System,Audit Removable Storage,{0cce9245-69ae-11d9-bed3-505054503030},Success and Failure,,3
17 | ,System,Audit Audit Policy Change,{0cce922f-69ae-11d9-bed3-505054503030},Success and Failure,,3
18 | ,System,Audit Authentication Policy Change,{0cce9230-69ae-11d9-bed3-505054503030},Success,,1
19 | ,System,Audit Authorization Policy Change,{0cce9231-69ae-11d9-bed3-505054503030},Success,,1
20 | ,System,Audit Sensitive Privilege Use,{0cce9228-69ae-11d9-bed3-505054503030},Success and Failure,,3
21 | ,System,Audit IPsec Driver,{0cce9213-69ae-11d9-bed3-505054503030},Success and Failure,,3
22 | ,System,Audit Other System Events,{0cce9214-69ae-11d9-bed3-505054503030},Success and Failure,,3
23 | ,System,Audit Security State Change,{0cce9210-69ae-11d9-bed3-505054503030},Success,,1
24 | ,System,Audit Security System Extension,{0cce9211-69ae-11d9-bed3-505054503030},Success and Failure,,3
25 | ,System,Audit System Integrity,{0cce9212-69ae-11d9-bed3-505054503030},Success and Failure,,3
26 |
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{550228DF-28FD-4FFE-9F99-C0429A0318C1}/DomainSysvol/GPO/Machine/microsoft/windows nt/SecEdit/GptTmpl.inf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/davidprowe/AD_Sec_Tools/9435883090f1ccfd65057f80518ea1196f9a346d/Create Tiers/AD_GPO_Migration/GPO/{550228DF-28FD-4FFE-9F99-C0429A0318C1}/DomainSysvol/GPO/Machine/microsoft/windows nt/SecEdit/GptTmpl.inf
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{550228DF-28FD-4FFE-9F99-C0429A0318C1}/DomainSysvol/GPO/Machine/registry.pol:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/davidprowe/AD_Sec_Tools/9435883090f1ccfd65057f80518ea1196f9a346d/Create Tiers/AD_GPO_Migration/GPO/{550228DF-28FD-4FFE-9F99-C0429A0318C1}/DomainSysvol/GPO/Machine/registry.pol
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{550228DF-28FD-4FFE-9F99-C0429A0318C1}/DomainSysvol/GPO/User/comment.cmtx:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |
6 |
7 |
8 |
9 |
10 |
11 |
12 |
13 |
14 |
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{550228DF-28FD-4FFE-9F99-C0429A0318C1}/DomainSysvol/GPO/User/registry.pol:
--------------------------------------------------------------------------------
1 | PReg����
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{550228DF-28FD-4FFE-9F99-C0429A0318C1}/bkupInfo.xml:
--------------------------------------------------------------------------------
1 |
2 |
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{550228DF-28FD-4FFE-9F99-C0429A0318C1}/gpreport.xml:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/davidprowe/AD_Sec_Tools/9435883090f1ccfd65057f80518ea1196f9a346d/Create Tiers/AD_GPO_Migration/GPO/{550228DF-28FD-4FFE-9F99-C0429A0318C1}/gpreport.xml
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{5F43EF9E-A7B5-4B7E-85EC-0F844E33F62D}/DomainSysvol/GPO/User/comment.cmtx:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |
6 |
7 |
8 |
9 |
10 |
11 |
12 |
13 |
14 |
15 |
16 |
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{5F43EF9E-A7B5-4B7E-85EC-0F844E33F62D}/DomainSysvol/GPO/User/registry.pol:
--------------------------------------------------------------------------------
1 | PReg����[�S�o�f�t�w�a�r�e�\�P�o�l�i�c�i�e�s�\�M�i�c�r�o�s�o�f�t�\�I�n�t�e�r�n�e�t� �E�x�p�l�o�r�e�r�\�C�o�n�t�r�o�l� �P�a�n�e�l���;�F�o�r�m�S�u�g�g�e�s�t� �P�a�s�s�w�o�r�d�s���;�����;�����;�����]�[�S�o�f�t�w�a�r�e�\�P�o�l�i�c�i�e�s�\�M�i�c�r�o�s�o�f�t�\�I�n�t�e�r�n�e�t� �E�x�p�l�o�r�e�r�\�M�a�i�n���;�F�o�r�m�S�u�g�g�e�s�t� �P�W� �A�s�k���;�����;�����;�n�o���]�[�S�o�f�t�w�a�r�e�\�P�o�l�i�c�i�e�s�\�M�i�c�r�o�s�o�f�t�\�I�n�t�e�r�n�e�t� �E�x�p�l�o�r�e�r�\�M�a�i�n���;�F�o�r�m�S�u�g�g�e�s�t� �P�a�s�s�w�o�r�d�s���;�����;�����;�n�o���]�
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{5F43EF9E-A7B5-4B7E-85EC-0F844E33F62D}/bkupInfo.xml:
--------------------------------------------------------------------------------
1 |
2 |
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{5F43EF9E-A7B5-4B7E-85EC-0F844E33F62D}/gpreport.xml:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/davidprowe/AD_Sec_Tools/9435883090f1ccfd65057f80518ea1196f9a346d/Create Tiers/AD_GPO_Migration/GPO/{5F43EF9E-A7B5-4B7E-85EC-0F844E33F62D}/gpreport.xml
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{6367F816-CE60-4B76-BC7A-55BF22D2D2D9}/DomainSysvol/GPO/Machine/microsoft/windows nt/SecEdit/GptTmpl.inf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/davidprowe/AD_Sec_Tools/9435883090f1ccfd65057f80518ea1196f9a346d/Create Tiers/AD_GPO_Migration/GPO/{6367F816-CE60-4B76-BC7A-55BF22D2D2D9}/DomainSysvol/GPO/Machine/microsoft/windows nt/SecEdit/GptTmpl.inf
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{6367F816-CE60-4B76-BC7A-55BF22D2D2D9}/bkupInfo.xml:
--------------------------------------------------------------------------------
1 |
2 |
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{6367F816-CE60-4B76-BC7A-55BF22D2D2D9}/gpreport.xml:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/davidprowe/AD_Sec_Tools/9435883090f1ccfd65057f80518ea1196f9a346d/Create Tiers/AD_GPO_Migration/GPO/{6367F816-CE60-4B76-BC7A-55BF22D2D2D9}/gpreport.xml
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{6801B829-A8B7-45B5-B838-09FC8BE68269}/DomainSysvol/GPO/GPO.cmt:
--------------------------------------------------------------------------------
1 | M�i�c�r�o�s�o�f�t� �L�A�P�S� �P�o�l�i�c�y�
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{6801B829-A8B7-45B5-B838-09FC8BE68269}/DomainSysvol/GPO/Machine/comment.cmtx:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |
6 |
7 |
8 |
9 |
10 |
11 |
12 |
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{6801B829-A8B7-45B5-B838-09FC8BE68269}/DomainSysvol/GPO/Machine/registry.pol:
--------------------------------------------------------------------------------
1 | PReg����[�S�o�f�t�w�a�r�e�\�P�o�l�i�c�i�e�s�\�M�i�c�r�o�s�o�f�t� �S�e�r�v�i�c�e�s�\�A�d�m�P�w�d���;�A�d�m�P�w�d�E�n�a�b�l�e�d���;�����;�����;�����]�[�S�o�f�t�w�a�r�e�\�P�o�l�i�c�i�e�s�\�M�i�c�r�o�s�o�f�t� �S�e�r�v�i�c�e�s�\�A�d�m�P�w�d���;�P�w�d�E�x�p�i�r�a�t�i�o�n�P�r�o�t�e�c�t�i�o�n�E�n�a�b�l�e�d���;�����;�����;�����]�[�S�o�f�t�w�a�r�e�\�P�o�l�i�c�i�e�s�\�M�i�c�r�o�s�o�f�t� �S�e�r�v�i�c�e�s�\�A�d�m�P�w�d���;�P�a�s�s�w�o�r�d�C�o�m�p�l�e�x�i�t�y���;�����;�����;�����]�[�S�o�f�t�w�a�r�e�\�P�o�l�i�c�i�e�s�\�M�i�c�r�o�s�o�f�t� �S�e�r�v�i�c�e�s�\�A�d�m�P�w�d���;�P�a�s�s�w�o�r�d�L�e�n�g�t�h���;�����;�����;�����]�[�S�o�f�t�w�a�r�e�\�P�o�l�i�c�i�e�s�\�M�i�c�r�o�s�o�f�t� �S�e�r�v�i�c�e�s�\�A�d�m�P�w�d���;�P�a�s�s�w�o�r�d�A�g�e�D�a�y�s���;�����;�����;�����]�
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{6801B829-A8B7-45B5-B838-09FC8BE68269}/bkupInfo.xml:
--------------------------------------------------------------------------------
1 |
2 |
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{6801B829-A8B7-45B5-B838-09FC8BE68269}/gpreport.xml:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/davidprowe/AD_Sec_Tools/9435883090f1ccfd65057f80518ea1196f9a346d/Create Tiers/AD_GPO_Migration/GPO/{6801B829-A8B7-45B5-B838-09FC8BE68269}/gpreport.xml
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{6B13B15E-E6F8-4FA5-ABC0-F5AE886739A3}/DomainSysvol/GPO/Machine/comment.cmtx:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |
6 |
7 |
8 |
9 |
10 |
11 |
12 |
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{6B13B15E-E6F8-4FA5-ABC0-F5AE886739A3}/DomainSysvol/GPO/Machine/microsoft/windows nt/SecEdit/GptTmpl.inf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/davidprowe/AD_Sec_Tools/9435883090f1ccfd65057f80518ea1196f9a346d/Create Tiers/AD_GPO_Migration/GPO/{6B13B15E-E6F8-4FA5-ABC0-F5AE886739A3}/DomainSysvol/GPO/Machine/microsoft/windows nt/SecEdit/GptTmpl.inf
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{6B13B15E-E6F8-4FA5-ABC0-F5AE886739A3}/DomainSysvol/GPO/Machine/registry.pol:
--------------------------------------------------------------------------------
1 | PReg����[�S�O�F�T�W�A�R�E�\�P�o�l�i�c�i�e�s�\�M�i�c�r�o�s�o�f�t�\�F�V�E���;�U�s�e�E�n�h�a�n�c�e�d�P�i�n���;�����;�����;�����]�[�S�O�F�T�W�A�R�E�\�P�o�l�i�c�i�e�s�\�M�i�c�r�o�s�o�f�t�\�F�V�E���;�O�S�A�l�l�o�w�S�e�c�u�r�e�B�o�o�t�F�o�r�I�n�t�e�g�r�i�t�y���;�����;�����;�����]�[�S�O�F�T�W�A�R�E�\�P�o�l�i�c�i�e�s�\�M�i�c�r�o�s�o�f�t�\�F�V�E���;�M�i�n�i�m�u�m�P�I�N���;�����;�����;�����]�[�S�O�F�T�W�A�R�E�\�P�o�l�i�c�i�e�s�\�M�i�c�r�o�s�o�f�t�\�F�V�E���;�R�D�V�D�e�n�y�C�r�o�s�s�O�r�g���;�����;�����;�����]�[�S�O�F�T�W�A�R�E�\�P�o�l�i�c�i�e�s�\�M�i�c�r�o�s�o�f�t�\�F�V�E���;�E�n�c�r�y�p�t�i�o�n�M�e�t�h�o�d�W�i�t�h�X�t�s�O�s���;�����;�����;�����]�[�S�O�F�T�W�A�R�E�\�P�o�l�i�c�i�e�s�\�M�i�c�r�o�s�o�f�t�\�F�V�E���;�E�n�c�r�y�p�t�i�o�n�M�e�t�h�o�d�W�i�t�h�X�t�s�F�d�v���;�����;�����;�����]�[�S�O�F�T�W�A�R�E�\�P�o�l�i�c�i�e�s�\�M�i�c�r�o�s�o�f�t�\�F�V�E���;�E�n�c�r�y�p�t�i�o�n�M�e�t�h�o�d�W�i�t�h�X�t�s�R�d�v���;�����;�����;�����]�[�S�O�F�T�W�A�R�E�\�P�o�l�i�c�i�e�s�\�M�i�c�r�o�s�o�f�t�\�P�o�w�e�r�\�P�o�w�e�r�S�e�t�t�i�n�g�s�\�a�b�f�c�2�5�1�9�-�3�6�0�8�-�4�c�2�a�-�9�4�e�a�-�1�7�1�b�0�e�d�5�4�6�a�b���;�D�C�S�e�t�t�i�n�g�I�n�d�e�x���;�����;�����;�����]�[�S�O�F�T�W�A�R�E�\�P�o�l�i�c�i�e�s�\�M�i�c�r�o�s�o�f�t�\�P�o�w�e�r�\�P�o�w�e�r�S�e�t�t�i�n�g�s�\�a�b�f�c�2�5�1�9�-�3�6�0�8�-�4�c�2�a�-�9�4�e�a�-�1�7�1�b�0�e�d�5�4�6�a�b���;�A�C�S�e�t�t�i�n�g�I�n�d�e�x���;�����;�����;�����]�[�S�O�F�T�W�A�R�E�\�P�o�l�i�c�i�e�s�\�M�i�c�r�o�s�o�f�t�\�W�i�n�d�o�w�s�\�D�e�v�i�c�e�I�n�s�t�a�l�l�\�R�e�s�t�r�i�c�t�i�o�n�s���;�D�e�n�y�D�e�v�i�c�e�C�l�a�s�s�e�s���;�����;�����;�����]�[�S�O�F�T�W�A�R�E�\�P�o�l�i�c�i�e�s�\�M�i�c�r�o�s�o�f�t�\�W�i�n�d�o�w�s�\�D�e�v�i�c�e�I�n�s�t�a�l�l�\�R�e�s�t�r�i�c�t�i�o�n�s���;�D�e�n�y�D�e�v�i�c�e�C�l�a�s�s�e�s�R�e�t�r�o�a�c�t�i�v�e���;�����;�����;�����]�[�S�O�F�T�W�A�R�E�\�P�o�l�i�c�i�e�s�\�M�i�c�r�o�s�o�f�t�\�W�i�n�d�o�w�s�\�D�e�v�i�c�e�I�n�s�t�a�l�l�\�R�e�s�t�r�i�c�t�i�o�n�s���;�D�e�n�y�D�e�v�i�c�e�I�D�s���;�����;�����;�����]�[�S�O�F�T�W�A�R�E�\�P�o�l�i�c�i�e�s�\�M�i�c�r�o�s�o�f�t�\�W�i�n�d�o�w�s�\�D�e�v�i�c�e�I�n�s�t�a�l�l�\�R�e�s�t�r�i�c�t�i�o�n�s���;�D�e�n�y�D�e�v�i�c�e�I�D�s�R�e�t�r�o�a�c�t�i�v�e���;�����;�����;�����]�[�S�O�F�T�W�A�R�E�\�P�o�l�i�c�i�e�s�\�M�i�c�r�o�s�o�f�t�\�W�i�n�d�o�w�s�\�D�e�v�i�c�e�I�n�s�t�a�l�l�\�R�e�s�t�r�i�c�t�i�o�n�s�\�D�e�n�y�D�e�v�i�c�e�C�l�a�s�s�e�s���;�*�*�d�e�l�v�a�l�s�.���;�����;�����;� ���]�[�S�O�F�T�W�A�R�E�\�P�o�l�i�c�i�e�s�\�M�i�c�r�o�s�o�f�t�\�W�i�n�d�o�w�s�\�D�e�v�i�c�e�I�n�s�t�a�l�l�\�R�e�s�t�r�i�c�t�i�o�n�s�\�D�e�n�y�D�e�v�i�c�e�C�l�a�s�s�e�s���;�1���;�����;�N���;�{�d�4�8�1�7�9�b�e�-�e�c�2�0�-�1�1�d�1�-�b�6�b�8�-�0�0�c�0�4�f�a�3�7�2�a�7�}���]�[�S�O�F�T�W�A�R�E�\�P�o�l�i�c�i�e�s�\�M�i�c�r�o�s�o�f�t�\�W�i�n�d�o�w�s�\�D�e�v�i�c�e�I�n�s�t�a�l�l�\�R�e�s�t�r�i�c�t�i�o�n�s�\�D�e�n�y�D�e�v�i�c�e�I�D�s���;�*�*�d�e�l�v�a�l�s�.���;�����;�����;� ���]�[�S�O�F�T�W�A�R�E�\�P�o�l�i�c�i�e�s�\�M�i�c�r�o�s�o�f�t�\�W�i�n�d�o�w�s�\�D�e�v�i�c�e�I�n�s�t�a�l�l�\�R�e�s�t�r�i�c�t�i�o�n�s�\�D�e�n�y�D�e�v�i�c�e�I�D�s���;�1���;�����;�����;�P�C�I�\�C�C�_�0�C�0�A���]�[�S�y�s�t�e�m�\�C�u�r�r�e�n�t�C�o�n�t�r�o�l�S�e�t�\�P�o�l�i�c�i�e�s�\�M�i�c�r�o�s�o�f�t�\�F�V�E���;�R�D�V�D�e�n�y�W�r�i�t�e�A�c�c�e�s�s���;�����;�����;�����]�
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{6B13B15E-E6F8-4FA5-ABC0-F5AE886739A3}/bkupInfo.xml:
--------------------------------------------------------------------------------
1 |
2 |
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{6B13B15E-E6F8-4FA5-ABC0-F5AE886739A3}/gpreport.xml:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/davidprowe/AD_Sec_Tools/9435883090f1ccfd65057f80518ea1196f9a346d/Create Tiers/AD_GPO_Migration/GPO/{6B13B15E-E6F8-4FA5-ABC0-F5AE886739A3}/gpreport.xml
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{6B9D5392-1492-4EBF-9209-443E34E3A9D4}/DomainSysvol/GPO/Machine/comment.cmtx:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |
6 |
7 |
8 |
9 |
10 |
11 |
12 |
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{6B9D5392-1492-4EBF-9209-443E34E3A9D4}/DomainSysvol/GPO/Machine/microsoft/windows nt/Audit/audit.csv:
--------------------------------------------------------------------------------
1 | Machine Name,Policy Target,Subcategory,Subcategory GUID,Inclusion Setting,Exclusion Setting,Setting Value
2 | ,System,Audit Credential Validation,{0cce923f-69ae-11d9-bed3-505054503030},Success and Failure,,3
3 | ,System,Audit Other Account Management Events,{0cce923a-69ae-11d9-bed3-505054503030},Success and Failure,,3
4 | ,System,Audit Security Group Management,{0cce9237-69ae-11d9-bed3-505054503030},Success and Failure,,3
5 | ,System,Audit User Account Management,{0cce9235-69ae-11d9-bed3-505054503030},Success and Failure,,3
6 | ,System,Audit PNP Activity,{0cce9248-69ae-11d9-bed3-505054503030},Success,,1
7 | ,System,Audit Process Creation,{0cce922b-69ae-11d9-bed3-505054503030},Success,,1
8 | ,System,Audit Account Lockout,{0cce9217-69ae-11d9-bed3-505054503030},Success and Failure,,3
9 | ,System,Audit Group Membership,{0cce9249-69ae-11d9-bed3-505054503030},Success,,1
10 | ,System,Audit Logoff,{0cce9216-69ae-11d9-bed3-505054503030},Success,,1
11 | ,System,Audit Logon,{0cce9215-69ae-11d9-bed3-505054503030},Success and Failure,,3
12 | ,System,Audit Special Logon,{0cce921b-69ae-11d9-bed3-505054503030},Success,,1
13 | ,System,Audit Removable Storage,{0cce9245-69ae-11d9-bed3-505054503030},Success and Failure,,3
14 | ,System,Audit Audit Policy Change,{0cce922f-69ae-11d9-bed3-505054503030},Success and Failure,,3
15 | ,System,Audit Authentication Policy Change,{0cce9230-69ae-11d9-bed3-505054503030},Success,,1
16 | ,System,Audit Authorization Policy Change,{0cce9231-69ae-11d9-bed3-505054503030},Success,,1
17 | ,System,Audit Sensitive Privilege Use,{0cce9228-69ae-11d9-bed3-505054503030},Success and Failure,,3
18 | ,System,Audit IPsec Driver,{0cce9213-69ae-11d9-bed3-505054503030},Success and Failure,,3
19 | ,System,Audit Other System Events,{0cce9214-69ae-11d9-bed3-505054503030},Success and Failure,,3
20 | ,System,Audit Security State Change,{0cce9210-69ae-11d9-bed3-505054503030},Success,,1
21 | ,System,Audit Security System Extension,{0cce9211-69ae-11d9-bed3-505054503030},Success and Failure,,3
22 | ,System,Audit System Integrity,{0cce9212-69ae-11d9-bed3-505054503030},Success and Failure,,3
23 |
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{6B9D5392-1492-4EBF-9209-443E34E3A9D4}/DomainSysvol/GPO/Machine/microsoft/windows nt/SecEdit/GptTmpl.inf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/davidprowe/AD_Sec_Tools/9435883090f1ccfd65057f80518ea1196f9a346d/Create Tiers/AD_GPO_Migration/GPO/{6B9D5392-1492-4EBF-9209-443E34E3A9D4}/DomainSysvol/GPO/Machine/microsoft/windows nt/SecEdit/GptTmpl.inf
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{6B9D5392-1492-4EBF-9209-443E34E3A9D4}/DomainSysvol/GPO/Machine/registry.pol:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/davidprowe/AD_Sec_Tools/9435883090f1ccfd65057f80518ea1196f9a346d/Create Tiers/AD_GPO_Migration/GPO/{6B9D5392-1492-4EBF-9209-443E34E3A9D4}/DomainSysvol/GPO/Machine/registry.pol
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{6B9D5392-1492-4EBF-9209-443E34E3A9D4}/bkupInfo.xml:
--------------------------------------------------------------------------------
1 |
2 |
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{6B9D5392-1492-4EBF-9209-443E34E3A9D4}/gpreport.xml:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/davidprowe/AD_Sec_Tools/9435883090f1ccfd65057f80518ea1196f9a346d/Create Tiers/AD_GPO_Migration/GPO/{6B9D5392-1492-4EBF-9209-443E34E3A9D4}/gpreport.xml
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{6D91F3D1-BA44-42B9-BC14-DED038A8A4C4}/Backup.xml:
--------------------------------------------------------------------------------
1 |
2 | 01 00 04 9c 00 00 00 00 00 00 00 00 00 00 00 00 14 00 00 00 04 00 ec 00 08 00 00 00 05 02 28 00 00 01 00 00 01 00 00 00 8f fd ac ed b3 ff d1 11 b4 1d 00 a0 c9 68 f9 39 01 01 00 00 00 00 00 05 0b 00 00 00 00 00 24 00 ff 00 0f 00 01 05 00 00 00 00 00 05 15 00 00 00 3b dc 28 fa 46 38 ac 9a 30 0e 69 2b 00 02 00 00 00 02 24 00 ff 00 0f 00 01 05 00 00 00 00 00 05 15 00 00 00 3b dc 28 fa 46 38 ac 9a 30 0e 69 2b 00 02 00 00 00 02 24 00 ff 00 0f 00 01 05 00 00 00 00 00 05 15 00 00 00 3b dc 28 fa 46 38 ac 9a 30 0e 69 2b 07 02 00 00 00 02 14 00 94 00 02 00 01 01 00 00 00 00 00 05 09 00 00 00 00 02 14 00 94 00 02 00 01 01 00 00 00 00 00 05 0b 00 00 00 00 02 14 00 ff 00 0f 00 01 01 00 00 00 00 00 05 12 00 00 00 00 0a 14 00 ff 00 0f 00 01 01 00 00 00 00 00 03 00 00 00 00
3 |
4 |
5 |
6 |
7 |
8 |
9 |
10 |
11 |
12 |
13 |
14 |
15 |
16 |
17 |
18 |
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{6D91F3D1-BA44-42B9-BC14-DED038A8A4C4}/DomainSysvol/GPO/Machine/comment.cmtx:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |
6 |
7 |
8 |
9 |
10 |
11 |
12 |
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{6D91F3D1-BA44-42B9-BC14-DED038A8A4C4}/DomainSysvol/GPO/Machine/registry.pol:
--------------------------------------------------------------------------------
1 | PReg����[�S�o�f�t�w�a�r�e�\�P�o�l�i�c�i�e�s�\�M�i�c�r�o�s�o�f�t�\�W�i�n�d�o�w�s� �D�e�f�e�n�d�e�r���;�D�i�s�a�b�l�e�A�n�t�i�S�p�y�w�a�r�e���;�����;�����;�����]�[�S�o�f�t�w�a�r�e�\�P�o�l�i�c�i�e�s�\�M�i�c�r�o�s�o�f�t�\�W�i�n�d�o�w�s� �D�e�f�e�n�d�e�r�\�R�e�a�l�-�T�i�m�e� �P�r�o�t�e�c�t�i�o�n���;�D�i�s�a�b�l�e�B�e�h�a�v�i�o�r�M�o�n�i�t�o�r�i�n�g���;�����;�����;�����]�[�S�o�f�t�w�a�r�e�\�P�o�l�i�c�i�e�s�\�M�i�c�r�o�s�o�f�t�\�W�i�n�d�o�w�s� �D�e�f�e�n�d�e�r�\�S�c�a�n���;�D�i�s�a�b�l�e�R�e�m�o�v�a�b�l�e�D�r�i�v�e�S�c�a�n�n�i�n�g���;�����;�����;�����]�[�S�o�f�t�w�a�r�e�\�P�o�l�i�c�i�e�s�\�M�i�c�r�o�s�o�f�t�\�W�i�n�d�o�w�s� �D�e�f�e�n�d�e�r�\�S�c�a�n���;�D�i�s�a�b�l�e�E�m�a�i�l�S�c�a�n�n�i�n�g���;�����;�����;�����]�[�S�o�f�t�w�a�r�e�\�P�o�l�i�c�i�e�s�\�M�i�c�r�o�s�o�f�t�\�W�i�n�d�o�w�s� �D�e�f�e�n�d�e�r�\�S�p�y�n�e�t���;�L�o�c�a�l�S�e�t�t�i�n�g�O�v�e�r�r�i�d�e�S�p�y�n�e�t�R�e�p�o�r�t�i�n�g���;�����;�����;�����]�[�S�o�f�t�w�a�r�e�\�P�o�l�i�c�i�e�s�\�M�i�c�r�o�s�o�f�t�\�W�i�n�d�o�w�s� �D�e�f�e�n�d�e�r�\�S�p�y�n�e�t���;�S�u�b�m�i�t�S�a�m�p�l�e�s�C�o�n�s�e�n�t���;�����;�����;�����]�[�S�o�f�t�w�a�r�e�\�P�o�l�i�c�i�e�s�\�M�i�c�r�o�s�o�f�t�\�W�i�n�d�o�w�s� �D�e�f�e�n�d�e�r�\�S�p�y�n�e�t���;�S�p�y�n�e�t�R�e�p�o�r�t�i�n�g���;�����;�����;�����]�
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{6D91F3D1-BA44-42B9-BC14-DED038A8A4C4}/bkupInfo.xml:
--------------------------------------------------------------------------------
1 |
2 |
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{6D91F3D1-BA44-42B9-BC14-DED038A8A4C4}/gpreport.xml:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/davidprowe/AD_Sec_Tools/9435883090f1ccfd65057f80518ea1196f9a346d/Create Tiers/AD_GPO_Migration/GPO/{6D91F3D1-BA44-42B9-BC14-DED038A8A4C4}/gpreport.xml
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{6EAC8EB3-D729-4991-B718-FB1067593C69}/DomainSysvol/GPO/Machine/comment.cmtx:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |
6 |
7 |
8 |
9 |
10 |
11 |
12 |
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{6EAC8EB3-D729-4991-B718-FB1067593C69}/DomainSysvol/GPO/Machine/microsoft/windows nt/SecEdit/GptTmpl.inf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/davidprowe/AD_Sec_Tools/9435883090f1ccfd65057f80518ea1196f9a346d/Create Tiers/AD_GPO_Migration/GPO/{6EAC8EB3-D729-4991-B718-FB1067593C69}/DomainSysvol/GPO/Machine/microsoft/windows nt/SecEdit/GptTmpl.inf
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{6EAC8EB3-D729-4991-B718-FB1067593C69}/DomainSysvol/GPO/Machine/registry.pol:
--------------------------------------------------------------------------------
1 | PReg����
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{6EAC8EB3-D729-4991-B718-FB1067593C69}/bkupInfo.xml:
--------------------------------------------------------------------------------
1 |
2 |
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{6EAC8EB3-D729-4991-B718-FB1067593C69}/gpreport.xml:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/davidprowe/AD_Sec_Tools/9435883090f1ccfd65057f80518ea1196f9a346d/Create Tiers/AD_GPO_Migration/GPO/{6EAC8EB3-D729-4991-B718-FB1067593C69}/gpreport.xml
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{6F085DC9-991E-45DA-A387-D91C5AB960C2}/DomainSysvol/GPO/User/comment.cmtx:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |
6 |
7 |
8 |
9 |
10 |
11 |
12 |
13 |
14 |
15 |
16 |
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{6F085DC9-991E-45DA-A387-D91C5AB960C2}/DomainSysvol/GPO/User/registry.pol:
--------------------------------------------------------------------------------
1 | PReg����[�S�o�f�t�w�a�r�e�\�P�o�l�i�c�i�e�s�\�M�i�c�r�o�s�o�f�t�\�I�n�t�e�r�n�e�t� �E�x�p�l�o�r�e�r�\�C�o�n�t�r�o�l� �P�a�n�e�l���;�F�o�r�m�S�u�g�g�e�s�t� �P�a�s�s�w�o�r�d�s���;�����;�����;�����]�[�S�o�f�t�w�a�r�e�\�P�o�l�i�c�i�e�s�\�M�i�c�r�o�s�o�f�t�\�I�n�t�e�r�n�e�t� �E�x�p�l�o�r�e�r�\�M�a�i�n���;�F�o�r�m�S�u�g�g�e�s�t� �P�W� �A�s�k���;�����;�����;�n�o���]�[�S�o�f�t�w�a�r�e�\�P�o�l�i�c�i�e�s�\�M�i�c�r�o�s�o�f�t�\�I�n�t�e�r�n�e�t� �E�x�p�l�o�r�e�r�\�M�a�i�n���;�F�o�r�m�S�u�g�g�e�s�t� �P�a�s�s�w�o�r�d�s���;�����;�����;�n�o���]�
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{6F085DC9-991E-45DA-A387-D91C5AB960C2}/bkupInfo.xml:
--------------------------------------------------------------------------------
1 |
2 |
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{6F085DC9-991E-45DA-A387-D91C5AB960C2}/gpreport.xml:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/davidprowe/AD_Sec_Tools/9435883090f1ccfd65057f80518ea1196f9a346d/Create Tiers/AD_GPO_Migration/GPO/{6F085DC9-991E-45DA-A387-D91C5AB960C2}/gpreport.xml
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{701B0DB5-956B-4419-B1AE-36CE6F0BF500}/DomainSysvol/GPO/Machine/Microsoft/Windows NT/SecEdit/GptTmpl.inf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/davidprowe/AD_Sec_Tools/9435883090f1ccfd65057f80518ea1196f9a346d/Create Tiers/AD_GPO_Migration/GPO/{701B0DB5-956B-4419-B1AE-36CE6F0BF500}/DomainSysvol/GPO/Machine/Microsoft/Windows NT/SecEdit/GptTmpl.inf
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{701B0DB5-956B-4419-B1AE-36CE6F0BF500}/DomainSysvol/GPO/Machine/Preferences/Groups/Groups.xml:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{701B0DB5-956B-4419-B1AE-36CE6F0BF500}/DomainSysvol/GPO/Machine/comment.cmtx:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |
6 |
7 |
8 |
9 |
10 |
11 |
12 |
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{701B0DB5-956B-4419-B1AE-36CE6F0BF500}/DomainSysvol/GPO/Machine/registry.pol:
--------------------------------------------------------------------------------
1 | PReg����[�S�o�f�t�w�a�r�e�\�P�o�l�i�c�i�e�s�\�M�i�c�r�o�s�o�f�t�\�W�i�n�d�o�w�s�\�N�e�t�w�o�r�k�P�r�o�v�i�d�e�r�\�H�a�r�d�e�n�e�d�P�a�t�h�s���;�\�\�*�\�S�Y�S�V�O�L���;�����;�d���;�R�e�q�u�i�r�e�M�u�t�u�a�l�A�u�t�h�e�n�t�i�c�a�t�i�o�n�=�1�,� �R�e�q�u�i�r�e�I�n�t�e�g�r�i�t�y�=�1���]�[�S�o�f�t�w�a�r�e�\�P�o�l�i�c�i�e�s�\�M�i�c�r�o�s�o�f�t�\�W�i�n�d�o�w�s�\�N�e�t�w�o�r�k�P�r�o�v�i�d�e�r�\�H�a�r�d�e�n�e�d�P�a�t�h�s���;�\�\�*�\�N�E�T�L�O�G�O�N���;�����;�d���;�R�e�q�u�i�r�e�M�u�t�u�a�l�A�u�t�h�e�n�t�i�c�a�t�i�o�n�=�1�,� �R�e�q�u�i�r�e�I�n�t�e�g�r�i�t�y�=�1���]�[�S�o�f�t�w�a�r�e�\�P�o�l�i�c�i�e�s�\�M�i�c�r�o�s�o�f�t�\�W�i�n�d�o�w�s�\�R�e�m�o�v�a�b�l�e�S�t�o�r�a�g�e�D�e�v�i�c�e�s�\�{�5�3�f�5�6�3�0�d�-�b�6�b�f�-�1�1�d�0�-�9�4�f�2�-�0�0�a�0�c�9�1�e�f�b�8�b�}���;�D�e�n�y�_�E�x�e�c�u�t�e���;�����;�����;�����]�[�S�o�f�t�w�a�r�e�\�P�o�l�i�c�i�e�s�\�M�i�c�r�o�s�o�f�t�\�W�i�n�d�o�w�s�\�R�e�m�o�v�a�b�l�e�S�t�o�r�a�g�e�D�e�v�i�c�e�s�\�{�5�3�f�5�6�3�0�d�-�b�6�b�f�-�1�1�d�0�-�9�4�f�2�-�0�0�a�0�c�9�1�e�f�b�8�b�}���;�D�e�n�y�_�R�e�a�d���;�����;�����;�����]�[�S�o�f�t�w�a�r�e�\�P�o�l�i�c�i�e�s�\�M�i�c�r�o�s�o�f�t�\�W�i�n�d�o�w�s�\�R�e�m�o�v�a�b�l�e�S�t�o�r�a�g�e�D�e�v�i�c�e�s�\�{�5�3�f�5�6�3�0�d�-�b�6�b�f�-�1�1�d�0�-�9�4�f�2�-�0�0�a�0�c�9�1�e�f�b�8�b�}���;�D�e�n�y�_�W�r�i�t�e���;�����;�����;�����]�[�S�o�f�t�w�a�r�e�\�P�o�l�i�c�i�e�s�\�M�i�c�r�o�s�o�f�t�\�W�i�n�d�o�w�s�\�R�e�m�o�v�a�b�l�e�S�t�o�r�a�g�e�D�e�v�i�c�e�s�\�{�6�A�C�2�7�8�7�8�-�A�6�F�A�-�4�1�5�5�-�B�A�8�5�-�F�9�8�F�4�9�1�D�4�F�3�3�}���;�D�e�n�y�_�R�e�a�d���;�����;�����;�����]�[�S�o�f�t�w�a�r�e�\�P�o�l�i�c�i�e�s�\�M�i�c�r�o�s�o�f�t�\�W�i�n�d�o�w�s�\�R�e�m�o�v�a�b�l�e�S�t�o�r�a�g�e�D�e�v�i�c�e�s�\�{�6�A�C�2�7�8�7�8�-�A�6�F�A�-�4�1�5�5�-�B�A�8�5�-�F�9�8�F�4�9�1�D�4�F�3�3�}���;�D�e�n�y�_�W�r�i�t�e���;�����;�����;�����]�[�S�o�f�t�w�a�r�e�\�P�o�l�i�c�i�e�s�\�M�i�c�r�o�s�o�f�t�\�W�i�n�d�o�w�s�\�R�e�m�o�v�a�b�l�e�S�t�o�r�a�g�e�D�e�v�i�c�e�s�\�{�F�3�3�F�D�C�0�4�-�D�1�A�C�-�4�E�8�E�-�9�A�3�0�-�1�9�B�B�D�4�B�1�0�8�A�E�}���;�D�e�n�y�_�R�e�a�d���;�����;�����;�����]�[�S�o�f�t�w�a�r�e�\�P�o�l�i�c�i�e�s�\�M�i�c�r�o�s�o�f�t�\�W�i�n�d�o�w�s�\�R�e�m�o�v�a�b�l�e�S�t�o�r�a�g�e�D�e�v�i�c�e�s�\�{�F�3�3�F�D�C�0�4�-�D�1�A�C�-�4�E�8�E�-�9�A�3�0�-�1�9�B�B�D�4�B�1�0�8�A�E�}���;�D�e�n�y�_�W�r�i�t�e���;�����;�����;�����]�[�S�o�f�t�w�a�r�e�\�P�o�l�i�c�i�e�s�\�M�i�c�r�o�s�o�f�t�\�W�i�n�d�o�w�s�\�W�i�n�d�o�w�s�U�p�d�a�t�e�\�A�U���;�A�u�t�o�I�n�s�t�a�l�l�M�i�n�o�r�U�p�d�a�t�e�s���;�����;�����;�����]�[�S�o�f�t�w�a�r�e�\�P�o�l�i�c�i�e�s�\�M�i�c�r�o�s�o�f�t�\�W�i�n�d�o�w�s�\�W�i�n�d�o�w�s�U�p�d�a�t�e�\�A�U���;�D�e�t�e�c�t�i�o�n�F�r�e�q�u�e�n�c�y�E�n�a�b�l�e�d���;�����;�����;�����]�[�S�o�f�t�w�a�r�e�\�P�o�l�i�c�i�e�s�\�M�i�c�r�o�s�o�f�t�\�W�i�n�d�o�w�s�\�W�i�n�d�o�w�s�U�p�d�a�t�e�\�A�U���;�D�e�t�e�c�t�i�o�n�F�r�e�q�u�e�n�c�y���;�����;�����;�����]�[�S�o�f�t�w�a�r�e�\�P�o�l�i�c�i�e�s�\�M�i�c�r�o�s�o�f�t�\�W�i�n�d�o�w�s�\�W�i�n�d�o�w�s�U�p�d�a�t�e�\�A�U���;�R�e�b�o�o�t�W�a�r�n�i�n�g�T�i�m�e�o�u�t�E�n�a�b�l�e�d���;�����;�����;�����]�[�S�o�f�t�w�a�r�e�\�P�o�l�i�c�i�e�s�\�M�i�c�r�o�s�o�f�t�\�W�i�n�d�o�w�s�\�W�i�n�d�o�w�s�U�p�d�a�t�e�\�A�U���;�R�e�b�o�o�t�W�a�r�n�i�n�g�T�i�m�e�o�u�t���;�����;�����;�����]�[�S�o�f�t�w�a�r�e�\�P�o�l�i�c�i�e�s�\�M�i�c�r�o�s�o�f�t�\�W�i�n�d�o�w�s�\�W�i�n�d�o�w�s�U�p�d�a�t�e�\�A�U���;�A�U�P�o�w�e�r�M�a�n�a�g�e�m�e�n�t���;�����;�����;�����]�[�S�o�f�t�w�a�r�e�\�P�o�l�i�c�i�e�s�\�M�i�c�r�o�s�o�f�t�\�W�i�n�d�o�w�s�\�W�i�n�d�o�w�s�U�p�d�a�t�e�\�A�U���;�R�e�b�o�o�t�R�e�l�a�u�n�c�h�T�i�m�e�o�u�t�E�n�a�b�l�e�d���;�����;�����;�����]�[�S�o�f�t�w�a�r�e�\�P�o�l�i�c�i�e�s�\�M�i�c�r�o�s�o�f�t�\�W�i�n�d�o�w�s�\�W�i�n�d�o�w�s�U�p�d�a�t�e�\�A�U���;�R�e�b�o�o�t�R�e�l�a�u�n�c�h�T�i�m�e�o�u�t���;�����;�����;�
2 | ���]�
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{701B0DB5-956B-4419-B1AE-36CE6F0BF500}/bkupInfo.xml:
--------------------------------------------------------------------------------
1 |
2 |
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{701B0DB5-956B-4419-B1AE-36CE6F0BF500}/gpreport.xml:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/davidprowe/AD_Sec_Tools/9435883090f1ccfd65057f80518ea1196f9a346d/Create Tiers/AD_GPO_Migration/GPO/{701B0DB5-956B-4419-B1AE-36CE6F0BF500}/gpreport.xml
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{72681BC4-973E-4AF0-9274-21C03CA35B97}/DomainSysvol/GPO/Machine/comment.cmtx:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |
6 |
7 |
8 |
9 |
10 |
11 |
12 |
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{72681BC4-973E-4AF0-9274-21C03CA35B97}/DomainSysvol/GPO/Machine/registry.pol:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/davidprowe/AD_Sec_Tools/9435883090f1ccfd65057f80518ea1196f9a346d/Create Tiers/AD_GPO_Migration/GPO/{72681BC4-973E-4AF0-9274-21C03CA35B97}/DomainSysvol/GPO/Machine/registry.pol
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{72681BC4-973E-4AF0-9274-21C03CA35B97}/bkupInfo.xml:
--------------------------------------------------------------------------------
1 |
2 |
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{72681BC4-973E-4AF0-9274-21C03CA35B97}/gpreport.xml:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/davidprowe/AD_Sec_Tools/9435883090f1ccfd65057f80518ea1196f9a346d/Create Tiers/AD_GPO_Migration/GPO/{72681BC4-973E-4AF0-9274-21C03CA35B97}/gpreport.xml
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{7355197E-FAB4-4E34-B959-961263F19956}/DomainSysvol/GPO/Machine/microsoft/windows nt/SecEdit/GptTmpl.inf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/davidprowe/AD_Sec_Tools/9435883090f1ccfd65057f80518ea1196f9a346d/Create Tiers/AD_GPO_Migration/GPO/{7355197E-FAB4-4E34-B959-961263F19956}/DomainSysvol/GPO/Machine/microsoft/windows nt/SecEdit/GptTmpl.inf
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{7355197E-FAB4-4E34-B959-961263F19956}/bkupInfo.xml:
--------------------------------------------------------------------------------
1 |
2 |
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{7355197E-FAB4-4E34-B959-961263F19956}/gpreport.xml:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/davidprowe/AD_Sec_Tools/9435883090f1ccfd65057f80518ea1196f9a346d/Create Tiers/AD_GPO_Migration/GPO/{7355197E-FAB4-4E34-B959-961263F19956}/gpreport.xml
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{7E53DA89-835E-4F36-A1A8-48B5733C9667}/DomainSysvol/GPO/Machine/microsoft/windows nt/SecEdit/GptTmpl.inf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/davidprowe/AD_Sec_Tools/9435883090f1ccfd65057f80518ea1196f9a346d/Create Tiers/AD_GPO_Migration/GPO/{7E53DA89-835E-4F36-A1A8-48B5733C9667}/DomainSysvol/GPO/Machine/microsoft/windows nt/SecEdit/GptTmpl.inf
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{7E53DA89-835E-4F36-A1A8-48B5733C9667}/DomainSysvol/GPO/Machine/registry.pol:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/davidprowe/AD_Sec_Tools/9435883090f1ccfd65057f80518ea1196f9a346d/Create Tiers/AD_GPO_Migration/GPO/{7E53DA89-835E-4F36-A1A8-48B5733C9667}/DomainSysvol/GPO/Machine/registry.pol
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{7E53DA89-835E-4F36-A1A8-48B5733C9667}/bkupInfo.xml:
--------------------------------------------------------------------------------
1 |
2 |
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{7E53DA89-835E-4F36-A1A8-48B5733C9667}/gpreport.xml:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/davidprowe/AD_Sec_Tools/9435883090f1ccfd65057f80518ea1196f9a346d/Create Tiers/AD_GPO_Migration/GPO/{7E53DA89-835E-4F36-A1A8-48B5733C9667}/gpreport.xml
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{810E7692-1B07-40A4-BB42-31B363A22B7C}/DomainSysvol/GPO/Machine/microsoft/windows nt/SecEdit/GptTmpl.inf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/davidprowe/AD_Sec_Tools/9435883090f1ccfd65057f80518ea1196f9a346d/Create Tiers/AD_GPO_Migration/GPO/{810E7692-1B07-40A4-BB42-31B363A22B7C}/DomainSysvol/GPO/Machine/microsoft/windows nt/SecEdit/GptTmpl.inf
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{810E7692-1B07-40A4-BB42-31B363A22B7C}/DomainSysvol/GPO/Machine/registry.pol:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/davidprowe/AD_Sec_Tools/9435883090f1ccfd65057f80518ea1196f9a346d/Create Tiers/AD_GPO_Migration/GPO/{810E7692-1B07-40A4-BB42-31B363A22B7C}/DomainSysvol/GPO/Machine/registry.pol
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{810E7692-1B07-40A4-BB42-31B363A22B7C}/bkupInfo.xml:
--------------------------------------------------------------------------------
1 |
2 |
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{810E7692-1B07-40A4-BB42-31B363A22B7C}/gpreport.xml:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/davidprowe/AD_Sec_Tools/9435883090f1ccfd65057f80518ea1196f9a346d/Create Tiers/AD_GPO_Migration/GPO/{810E7692-1B07-40A4-BB42-31B363A22B7C}/gpreport.xml
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{838EAD6A-88C7-4A43-A407-A0451EFE74EF}/DomainSysvol/GPO/Machine/comment.cmtx:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |
6 |
7 |
8 |
9 |
10 |
11 |
12 |
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{838EAD6A-88C7-4A43-A407-A0451EFE74EF}/DomainSysvol/GPO/Machine/microsoft/windows nt/SecEdit/GptTmpl.inf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/davidprowe/AD_Sec_Tools/9435883090f1ccfd65057f80518ea1196f9a346d/Create Tiers/AD_GPO_Migration/GPO/{838EAD6A-88C7-4A43-A407-A0451EFE74EF}/DomainSysvol/GPO/Machine/microsoft/windows nt/SecEdit/GptTmpl.inf
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{838EAD6A-88C7-4A43-A407-A0451EFE74EF}/DomainSysvol/GPO/Machine/registry.pol:
--------------------------------------------------------------------------------
1 | PReg����
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{838EAD6A-88C7-4A43-A407-A0451EFE74EF}/bkupInfo.xml:
--------------------------------------------------------------------------------
1 |
2 |
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{838EAD6A-88C7-4A43-A407-A0451EFE74EF}/gpreport.xml:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/davidprowe/AD_Sec_Tools/9435883090f1ccfd65057f80518ea1196f9a346d/Create Tiers/AD_GPO_Migration/GPO/{838EAD6A-88C7-4A43-A407-A0451EFE74EF}/gpreport.xml
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{86CF4E85-19BB-4F36-AED9-E9CBF7F2837D}/DomainSysvol/GPO/Machine/microsoft/windows nt/SecEdit/GptTmpl.inf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/davidprowe/AD_Sec_Tools/9435883090f1ccfd65057f80518ea1196f9a346d/Create Tiers/AD_GPO_Migration/GPO/{86CF4E85-19BB-4F36-AED9-E9CBF7F2837D}/DomainSysvol/GPO/Machine/microsoft/windows nt/SecEdit/GptTmpl.inf
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{86CF4E85-19BB-4F36-AED9-E9CBF7F2837D}/bkupInfo.xml:
--------------------------------------------------------------------------------
1 |
2 |
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{86CF4E85-19BB-4F36-AED9-E9CBF7F2837D}/gpreport.xml:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/davidprowe/AD_Sec_Tools/9435883090f1ccfd65057f80518ea1196f9a346d/Create Tiers/AD_GPO_Migration/GPO/{86CF4E85-19BB-4F36-AED9-E9CBF7F2837D}/gpreport.xml
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{92E8A30B-7685-41B6-8B77-FDFAB0D6E293}/DomainSysvol/GPO/Machine/comment.cmtx:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |
6 |
7 |
8 |
9 |
10 |
11 |
12 |
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{92E8A30B-7685-41B6-8B77-FDFAB0D6E293}/DomainSysvol/GPO/Machine/microsoft/windows nt/Audit/audit.csv:
--------------------------------------------------------------------------------
1 | Machine Name,Policy Target,Subcategory,Subcategory GUID,Inclusion Setting,Exclusion Setting,Setting Value
2 | ,System,Audit Credential Validation,{0cce923f-69ae-11d9-bed3-505054503030},Success and Failure,,3
3 | ,System,Audit Other Account Management Events,{0cce923a-69ae-11d9-bed3-505054503030},Success and Failure,,3
4 | ,System,Audit Security Group Management,{0cce9237-69ae-11d9-bed3-505054503030},Success and Failure,,3
5 | ,System,Audit User Account Management,{0cce9235-69ae-11d9-bed3-505054503030},Success and Failure,,3
6 | ,System,Audit PNP Activity,{0cce9248-69ae-11d9-bed3-505054503030},Success,,1
7 | ,System,Audit Process Creation,{0cce922b-69ae-11d9-bed3-505054503030},Success,,1
8 | ,System,Audit Account Lockout,{0cce9217-69ae-11d9-bed3-505054503030},Success and Failure,,3
9 | ,System,Audit Group Membership,{0cce9249-69ae-11d9-bed3-505054503030},Success,,1
10 | ,System,Audit Logoff,{0cce9216-69ae-11d9-bed3-505054503030},Success,,1
11 | ,System,Audit Logon,{0cce9215-69ae-11d9-bed3-505054503030},Success and Failure,,3
12 | ,System,Audit Special Logon,{0cce921b-69ae-11d9-bed3-505054503030},Success,,1
13 | ,System,Audit Removable Storage,{0cce9245-69ae-11d9-bed3-505054503030},Success and Failure,,3
14 | ,System,Audit Audit Policy Change,{0cce922f-69ae-11d9-bed3-505054503030},Success and Failure,,3
15 | ,System,Audit Authentication Policy Change,{0cce9230-69ae-11d9-bed3-505054503030},Success,,1
16 | ,System,Audit Authorization Policy Change,{0cce9231-69ae-11d9-bed3-505054503030},Success,,1
17 | ,System,Audit Sensitive Privilege Use,{0cce9228-69ae-11d9-bed3-505054503030},Success and Failure,,3
18 | ,System,Audit IPsec Driver,{0cce9213-69ae-11d9-bed3-505054503030},Success and Failure,,3
19 | ,System,Audit Other System Events,{0cce9214-69ae-11d9-bed3-505054503030},Success and Failure,,3
20 | ,System,Audit Security State Change,{0cce9210-69ae-11d9-bed3-505054503030},Success,,1
21 | ,System,Audit Security System Extension,{0cce9211-69ae-11d9-bed3-505054503030},Success and Failure,,3
22 | ,System,Audit System Integrity,{0cce9212-69ae-11d9-bed3-505054503030},Success and Failure,,3
23 |
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{92E8A30B-7685-41B6-8B77-FDFAB0D6E293}/DomainSysvol/GPO/Machine/microsoft/windows nt/SecEdit/GptTmpl.inf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/davidprowe/AD_Sec_Tools/9435883090f1ccfd65057f80518ea1196f9a346d/Create Tiers/AD_GPO_Migration/GPO/{92E8A30B-7685-41B6-8B77-FDFAB0D6E293}/DomainSysvol/GPO/Machine/microsoft/windows nt/SecEdit/GptTmpl.inf
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{92E8A30B-7685-41B6-8B77-FDFAB0D6E293}/DomainSysvol/GPO/Machine/registry.pol:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/davidprowe/AD_Sec_Tools/9435883090f1ccfd65057f80518ea1196f9a346d/Create Tiers/AD_GPO_Migration/GPO/{92E8A30B-7685-41B6-8B77-FDFAB0D6E293}/DomainSysvol/GPO/Machine/registry.pol
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{92E8A30B-7685-41B6-8B77-FDFAB0D6E293}/DomainSysvol/GPO/User/comment.cmtx:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |
6 |
7 |
8 |
9 |
10 |
11 |
12 |
13 |
14 |
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{92E8A30B-7685-41B6-8B77-FDFAB0D6E293}/DomainSysvol/GPO/User/registry.pol:
--------------------------------------------------------------------------------
1 | PReg����
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{92E8A30B-7685-41B6-8B77-FDFAB0D6E293}/bkupInfo.xml:
--------------------------------------------------------------------------------
1 |
2 |
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{92E8A30B-7685-41B6-8B77-FDFAB0D6E293}/gpreport.xml:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/davidprowe/AD_Sec_Tools/9435883090f1ccfd65057f80518ea1196f9a346d/Create Tiers/AD_GPO_Migration/GPO/{92E8A30B-7685-41B6-8B77-FDFAB0D6E293}/gpreport.xml
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{96534EF1-66BA-4C2D-93A6-8F7A65481BE8}/Backup.xml:
--------------------------------------------------------------------------------
1 |
2 | 01 00 04 9c 00 00 00 00 00 00 00 00 00 00 00 00 14 00 00 00 04 00 ec 00 08 00 00 00 05 02 28 00 00 01 00 00 01 00 00 00 8f fd ac ed b3 ff d1 11 b4 1d 00 a0 c9 68 f9 39 01 01 00 00 00 00 00 05 0b 00 00 00 00 00 24 00 ff 00 0f 00 01 05 00 00 00 00 00 05 15 00 00 00 3b dc 28 fa 46 38 ac 9a 30 0e 69 2b 00 02 00 00 00 02 24 00 ff 00 0f 00 01 05 00 00 00 00 00 05 15 00 00 00 3b dc 28 fa 46 38 ac 9a 30 0e 69 2b 00 02 00 00 00 02 24 00 ff 00 0f 00 01 05 00 00 00 00 00 05 15 00 00 00 3b dc 28 fa 46 38 ac 9a 30 0e 69 2b 07 02 00 00 00 02 14 00 94 00 02 00 01 01 00 00 00 00 00 05 09 00 00 00 00 02 14 00 94 00 02 00 01 01 00 00 00 00 00 05 0b 00 00 00 00 02 14 00 ff 00 0f 00 01 01 00 00 00 00 00 05 12 00 00 00 00 0a 14 00 ff 00 0f 00 01 01 00 00 00 00 00 03 00 00 00 00
3 |
4 |
5 |
6 |
7 |
8 |
9 |
10 |
11 |
12 |
13 |
14 |
15 |
16 |
17 |
18 |
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{96534EF1-66BA-4C2D-93A6-8F7A65481BE8}/DomainSysvol/GPO/Machine/comment.cmtx:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |
6 |
7 |
8 |
9 |
10 |
11 |
12 |
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{96534EF1-66BA-4C2D-93A6-8F7A65481BE8}/DomainSysvol/GPO/Machine/registry.pol:
--------------------------------------------------------------------------------
1 | PReg����[�S�o�f�t�w�a�r�e�\�P�o�l�i�c�i�e�s�\�M�i�c�r�o�s�o�f�t�\�W�i�n�d�o�w�s� �D�e�f�e�n�d�e�r���;�D�i�s�a�b�l�e�A�n�t�i�S�p�y�w�a�r�e���;�����;�����;�����]�[�S�o�f�t�w�a�r�e�\�P�o�l�i�c�i�e�s�\�M�i�c�r�o�s�o�f�t�\�W�i�n�d�o�w�s� �D�e�f�e�n�d�e�r�\�R�e�a�l�-�T�i�m�e� �P�r�o�t�e�c�t�i�o�n���;�D�i�s�a�b�l�e�B�e�h�a�v�i�o�r�M�o�n�i�t�o�r�i�n�g���;�����;�����;�����]�[�S�o�f�t�w�a�r�e�\�P�o�l�i�c�i�e�s�\�M�i�c�r�o�s�o�f�t�\�W�i�n�d�o�w�s� �D�e�f�e�n�d�e�r�\�S�c�a�n���;�D�i�s�a�b�l�e�R�e�m�o�v�a�b�l�e�D�r�i�v�e�S�c�a�n�n�i�n�g���;�����;�����;�����]�[�S�o�f�t�w�a�r�e�\�P�o�l�i�c�i�e�s�\�M�i�c�r�o�s�o�f�t�\�W�i�n�d�o�w�s� �D�e�f�e�n�d�e�r�\�S�c�a�n���;�D�i�s�a�b�l�e�E�m�a�i�l�S�c�a�n�n�i�n�g���;�����;�����;�����]�[�S�o�f�t�w�a�r�e�\�P�o�l�i�c�i�e�s�\�M�i�c�r�o�s�o�f�t�\�W�i�n�d�o�w�s� �D�e�f�e�n�d�e�r�\�S�p�y�n�e�t���;�L�o�c�a�l�S�e�t�t�i�n�g�O�v�e�r�r�i�d�e�S�p�y�n�e�t�R�e�p�o�r�t�i�n�g���;�����;�����;�����]�[�S�o�f�t�w�a�r�e�\�P�o�l�i�c�i�e�s�\�M�i�c�r�o�s�o�f�t�\�W�i�n�d�o�w�s� �D�e�f�e�n�d�e�r�\�S�p�y�n�e�t���;�S�u�b�m�i�t�S�a�m�p�l�e�s�C�o�n�s�e�n�t���;�����;�����;�����]�[�S�o�f�t�w�a�r�e�\�P�o�l�i�c�i�e�s�\�M�i�c�r�o�s�o�f�t�\�W�i�n�d�o�w�s� �D�e�f�e�n�d�e�r�\�S�p�y�n�e�t���;�S�p�y�n�e�t�R�e�p�o�r�t�i�n�g���;�����;�����;�����]�
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{96534EF1-66BA-4C2D-93A6-8F7A65481BE8}/bkupInfo.xml:
--------------------------------------------------------------------------------
1 |
2 |
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{96534EF1-66BA-4C2D-93A6-8F7A65481BE8}/gpreport.xml:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/davidprowe/AD_Sec_Tools/9435883090f1ccfd65057f80518ea1196f9a346d/Create Tiers/AD_GPO_Migration/GPO/{96534EF1-66BA-4C2D-93A6-8F7A65481BE8}/gpreport.xml
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{96FC80A7-9D0C-49A7-9556-86A363B95367}/DomainSysvol/GPO/Machine/microsoft/windows nt/SecEdit/GptTmpl.inf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/davidprowe/AD_Sec_Tools/9435883090f1ccfd65057f80518ea1196f9a346d/Create Tiers/AD_GPO_Migration/GPO/{96FC80A7-9D0C-49A7-9556-86A363B95367}/DomainSysvol/GPO/Machine/microsoft/windows nt/SecEdit/GptTmpl.inf
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{96FC80A7-9D0C-49A7-9556-86A363B95367}/DomainSysvol/GPO/Machine/registry.pol:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/davidprowe/AD_Sec_Tools/9435883090f1ccfd65057f80518ea1196f9a346d/Create Tiers/AD_GPO_Migration/GPO/{96FC80A7-9D0C-49A7-9556-86A363B95367}/DomainSysvol/GPO/Machine/registry.pol
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{96FC80A7-9D0C-49A7-9556-86A363B95367}/bkupInfo.xml:
--------------------------------------------------------------------------------
1 |
2 |
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{96FC80A7-9D0C-49A7-9556-86A363B95367}/gpreport.xml:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/davidprowe/AD_Sec_Tools/9435883090f1ccfd65057f80518ea1196f9a346d/Create Tiers/AD_GPO_Migration/GPO/{96FC80A7-9D0C-49A7-9556-86A363B95367}/gpreport.xml
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{98724AAB-6985-4FCD-82FB-4DC177C1EF4E}/DomainSysvol/GPO/Machine/comment.cmtx:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |
6 |
7 |
8 |
9 |
10 |
11 |
12 |
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{98724AAB-6985-4FCD-82FB-4DC177C1EF4E}/DomainSysvol/GPO/Machine/registry.pol:
--------------------------------------------------------------------------------
1 | PReg����[�S�O�F�T�W�A�R�E�\�P�o�l�i�c�i�e�s�\�M�i�c�r�o�s�o�f�t�\�W�i�n�d�o�w�s�\�D�e�v�i�c�e�G�u�a�r�d���;�E�n�a�b�l�e�V�i�r�t�u�a�l�i�z�a�t�i�o�n�B�a�s�e�d�S�e�c�u�r�i�t�y���;�����;�����;�����]�[�S�O�F�T�W�A�R�E�\�P�o�l�i�c�i�e�s�\�M�i�c�r�o�s�o�f�t�\�W�i�n�d�o�w�s�\�D�e�v�i�c�e�G�u�a�r�d���;�R�e�q�u�i�r�e�P�l�a�t�f�o�r�m�S�e�c�u�r�i�t�y�F�e�a�t�u�r�e�s���;�����;�����;�����]�[�S�O�F�T�W�A�R�E�\�P�o�l�i�c�i�e�s�\�M�i�c�r�o�s�o�f�t�\�W�i�n�d�o�w�s�\�D�e�v�i�c�e�G�u�a�r�d���;�H�y�p�e�r�v�i�s�o�r�E�n�f�o�r�c�e�d�C�o�d�e�I�n�t�e�g�r�i�t�y���;�����;�����;�����]�[�S�O�F�T�W�A�R�E�\�P�o�l�i�c�i�e�s�\�M�i�c�r�o�s�o�f�t�\�W�i�n�d�o�w�s�\�D�e�v�i�c�e�G�u�a�r�d���;�L�s�a�C�f�g�F�l�a�g�s���;�����;�����;�����]�
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{98724AAB-6985-4FCD-82FB-4DC177C1EF4E}/bkupInfo.xml:
--------------------------------------------------------------------------------
1 |
2 |
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{98724AAB-6985-4FCD-82FB-4DC177C1EF4E}/gpreport.xml:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/davidprowe/AD_Sec_Tools/9435883090f1ccfd65057f80518ea1196f9a346d/Create Tiers/AD_GPO_Migration/GPO/{98724AAB-6985-4FCD-82FB-4DC177C1EF4E}/gpreport.xml
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{993D7630-6A1D-486B-A497-4C2DDD2495AD}/DomainSysvol/GPO/Machine/Preferences/Groups/Groups.xml:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{993D7630-6A1D-486B-A497-4C2DDD2495AD}/DomainSysvol/GPO/Machine/comment.cmtx:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |
6 |
7 |
8 |
9 |
10 |
11 |
12 |
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{993D7630-6A1D-486B-A497-4C2DDD2495AD}/DomainSysvol/GPO/Machine/microsoft/windows nt/SecEdit/GptTmpl.inf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/davidprowe/AD_Sec_Tools/9435883090f1ccfd65057f80518ea1196f9a346d/Create Tiers/AD_GPO_Migration/GPO/{993D7630-6A1D-486B-A497-4C2DDD2495AD}/DomainSysvol/GPO/Machine/microsoft/windows nt/SecEdit/GptTmpl.inf
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{993D7630-6A1D-486B-A497-4C2DDD2495AD}/DomainSysvol/GPO/Machine/registry.pol:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/davidprowe/AD_Sec_Tools/9435883090f1ccfd65057f80518ea1196f9a346d/Create Tiers/AD_GPO_Migration/GPO/{993D7630-6A1D-486B-A497-4C2DDD2495AD}/DomainSysvol/GPO/Machine/registry.pol
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{993D7630-6A1D-486B-A497-4C2DDD2495AD}/bkupInfo.xml:
--------------------------------------------------------------------------------
1 |
2 |
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{993D7630-6A1D-486B-A497-4C2DDD2495AD}/gpreport.xml:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/davidprowe/AD_Sec_Tools/9435883090f1ccfd65057f80518ea1196f9a346d/Create Tiers/AD_GPO_Migration/GPO/{993D7630-6A1D-486B-A497-4C2DDD2495AD}/gpreport.xml
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{ABE64A8A-459B-4C8F-B0F9-B7907678AFF6}/DomainSysvol/GPO/Machine/Preferences/Groups/Groups.xml:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{ABE64A8A-459B-4C8F-B0F9-B7907678AFF6}/DomainSysvol/GPO/Machine/comment.cmtx:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |
6 |
7 |
8 |
9 |
10 |
11 |
12 |
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{ABE64A8A-459B-4C8F-B0F9-B7907678AFF6}/DomainSysvol/GPO/Machine/microsoft/windows nt/SecEdit/GptTmpl.inf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/davidprowe/AD_Sec_Tools/9435883090f1ccfd65057f80518ea1196f9a346d/Create Tiers/AD_GPO_Migration/GPO/{ABE64A8A-459B-4C8F-B0F9-B7907678AFF6}/DomainSysvol/GPO/Machine/microsoft/windows nt/SecEdit/GptTmpl.inf
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{ABE64A8A-459B-4C8F-B0F9-B7907678AFF6}/DomainSysvol/GPO/Machine/registry.pol:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/davidprowe/AD_Sec_Tools/9435883090f1ccfd65057f80518ea1196f9a346d/Create Tiers/AD_GPO_Migration/GPO/{ABE64A8A-459B-4C8F-B0F9-B7907678AFF6}/DomainSysvol/GPO/Machine/registry.pol
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{ABE64A8A-459B-4C8F-B0F9-B7907678AFF6}/bkupInfo.xml:
--------------------------------------------------------------------------------
1 |
2 |
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{ABE64A8A-459B-4C8F-B0F9-B7907678AFF6}/gpreport.xml:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/davidprowe/AD_Sec_Tools/9435883090f1ccfd65057f80518ea1196f9a346d/Create Tiers/AD_GPO_Migration/GPO/{ABE64A8A-459B-4C8F-B0F9-B7907678AFF6}/gpreport.xml
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{B13D21E2-5085-41AB-A573-D0C66C2A9C1B}/DomainSysvol/GPO/Machine/microsoft/windows nt/SecEdit/GptTmpl.inf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/davidprowe/AD_Sec_Tools/9435883090f1ccfd65057f80518ea1196f9a346d/Create Tiers/AD_GPO_Migration/GPO/{B13D21E2-5085-41AB-A573-D0C66C2A9C1B}/DomainSysvol/GPO/Machine/microsoft/windows nt/SecEdit/GptTmpl.inf
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{B13D21E2-5085-41AB-A573-D0C66C2A9C1B}/DomainSysvol/GPO/Machine/registry.pol:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/davidprowe/AD_Sec_Tools/9435883090f1ccfd65057f80518ea1196f9a346d/Create Tiers/AD_GPO_Migration/GPO/{B13D21E2-5085-41AB-A573-D0C66C2A9C1B}/DomainSysvol/GPO/Machine/registry.pol
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{B13D21E2-5085-41AB-A573-D0C66C2A9C1B}/bkupInfo.xml:
--------------------------------------------------------------------------------
1 |
2 |
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{B13D21E2-5085-41AB-A573-D0C66C2A9C1B}/gpreport.xml:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/davidprowe/AD_Sec_Tools/9435883090f1ccfd65057f80518ea1196f9a346d/Create Tiers/AD_GPO_Migration/GPO/{B13D21E2-5085-41AB-A573-D0C66C2A9C1B}/gpreport.xml
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{CC3E5D1A-CFC3-4A5D-959C-FF8EDA772956}/DomainSysvol/GPO/Machine/Preferences/Groups/Groups.xml:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{CC3E5D1A-CFC3-4A5D-959C-FF8EDA772956}/DomainSysvol/GPO/Machine/comment.cmtx:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |
6 |
7 |
8 |
9 |
10 |
11 |
12 |
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{CC3E5D1A-CFC3-4A5D-959C-FF8EDA772956}/DomainSysvol/GPO/Machine/microsoft/windows nt/SecEdit/GptTmpl.inf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/davidprowe/AD_Sec_Tools/9435883090f1ccfd65057f80518ea1196f9a346d/Create Tiers/AD_GPO_Migration/GPO/{CC3E5D1A-CFC3-4A5D-959C-FF8EDA772956}/DomainSysvol/GPO/Machine/microsoft/windows nt/SecEdit/GptTmpl.inf
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{CC3E5D1A-CFC3-4A5D-959C-FF8EDA772956}/DomainSysvol/GPO/Machine/registry.pol:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/davidprowe/AD_Sec_Tools/9435883090f1ccfd65057f80518ea1196f9a346d/Create Tiers/AD_GPO_Migration/GPO/{CC3E5D1A-CFC3-4A5D-959C-FF8EDA772956}/DomainSysvol/GPO/Machine/registry.pol
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{CC3E5D1A-CFC3-4A5D-959C-FF8EDA772956}/bkupInfo.xml:
--------------------------------------------------------------------------------
1 |
2 |
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{CC3E5D1A-CFC3-4A5D-959C-FF8EDA772956}/gpreport.xml:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/davidprowe/AD_Sec_Tools/9435883090f1ccfd65057f80518ea1196f9a346d/Create Tiers/AD_GPO_Migration/GPO/{CC3E5D1A-CFC3-4A5D-959C-FF8EDA772956}/gpreport.xml
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{CC79974A-9041-46E0-BA53-973BA9618CC1}/DomainSysvol/GPO/GPO.cmt:
--------------------------------------------------------------------------------
1 | M�i�c�r�o�s�o�f�t� �L�A�P�S� �P�o�l�i�c�y�
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{CC79974A-9041-46E0-BA53-973BA9618CC1}/DomainSysvol/GPO/Machine/comment.cmtx:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |
6 |
7 |
8 |
9 |
10 |
11 |
12 |
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{CC79974A-9041-46E0-BA53-973BA9618CC1}/DomainSysvol/GPO/Machine/registry.pol:
--------------------------------------------------------------------------------
1 | PReg����[�S�o�f�t�w�a�r�e�\�P�o�l�i�c�i�e�s�\�M�i�c�r�o�s�o�f�t� �S�e�r�v�i�c�e�s�\�A�d�m�P�w�d���;�A�d�m�P�w�d�E�n�a�b�l�e�d���;�����;�����;�����]�[�S�o�f�t�w�a�r�e�\�P�o�l�i�c�i�e�s�\�M�i�c�r�o�s�o�f�t� �S�e�r�v�i�c�e�s�\�A�d�m�P�w�d���;�P�w�d�E�x�p�i�r�a�t�i�o�n�P�r�o�t�e�c�t�i�o�n�E�n�a�b�l�e�d���;�����;�����;�����]�[�S�o�f�t�w�a�r�e�\�P�o�l�i�c�i�e�s�\�M�i�c�r�o�s�o�f�t� �S�e�r�v�i�c�e�s�\�A�d�m�P�w�d���;�P�a�s�s�w�o�r�d�C�o�m�p�l�e�x�i�t�y���;�����;�����;�����]�[�S�o�f�t�w�a�r�e�\�P�o�l�i�c�i�e�s�\�M�i�c�r�o�s�o�f�t� �S�e�r�v�i�c�e�s�\�A�d�m�P�w�d���;�P�a�s�s�w�o�r�d�L�e�n�g�t�h���;�����;�����;�����]�[�S�o�f�t�w�a�r�e�\�P�o�l�i�c�i�e�s�\�M�i�c�r�o�s�o�f�t� �S�e�r�v�i�c�e�s�\�A�d�m�P�w�d���;�P�a�s�s�w�o�r�d�A�g�e�D�a�y�s���;�����;�����;�����]�
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{CC79974A-9041-46E0-BA53-973BA9618CC1}/bkupInfo.xml:
--------------------------------------------------------------------------------
1 |
2 |
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{CC79974A-9041-46E0-BA53-973BA9618CC1}/gpreport.xml:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/davidprowe/AD_Sec_Tools/9435883090f1ccfd65057f80518ea1196f9a346d/Create Tiers/AD_GPO_Migration/GPO/{CC79974A-9041-46E0-BA53-973BA9618CC1}/gpreport.xml
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{D1BE62F1-2FC0-44FB-A20D-8DA3496430FC}/DomainSysvol/GPO/Machine/comment.cmtx:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |
6 |
7 |
8 |
9 |
10 |
11 |
12 |
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{D1BE62F1-2FC0-44FB-A20D-8DA3496430FC}/DomainSysvol/GPO/Machine/microsoft/windows nt/Audit/audit.csv:
--------------------------------------------------------------------------------
1 | Machine Name,Policy Target,Subcategory,Subcategory GUID,Inclusion Setting,Exclusion Setting,Setting Value
2 | ,System,Audit Credential Validation,{0cce923f-69ae-11d9-bed3-505054503030},Success and Failure,,3
3 | ,System,Audit Other Account Management Events,{0cce923a-69ae-11d9-bed3-505054503030},Success and Failure,,3
4 | ,System,Audit Security Group Management,{0cce9237-69ae-11d9-bed3-505054503030},Success and Failure,,3
5 | ,System,Audit User Account Management,{0cce9235-69ae-11d9-bed3-505054503030},Success and Failure,,3
6 | ,System,Audit PNP Activity,{0cce9248-69ae-11d9-bed3-505054503030},Success,,1
7 | ,System,Audit Process Creation,{0cce922b-69ae-11d9-bed3-505054503030},Success,,1
8 | ,System,Audit Account Lockout,{0cce9217-69ae-11d9-bed3-505054503030},Success and Failure,,3
9 | ,System,Audit Group Membership,{0cce9249-69ae-11d9-bed3-505054503030},Success,,1
10 | ,System,Audit Logoff,{0cce9216-69ae-11d9-bed3-505054503030},Success,,1
11 | ,System,Audit Logon,{0cce9215-69ae-11d9-bed3-505054503030},Success and Failure,,3
12 | ,System,Audit Special Logon,{0cce921b-69ae-11d9-bed3-505054503030},Success,,1
13 | ,System,Audit Removable Storage,{0cce9245-69ae-11d9-bed3-505054503030},Success and Failure,,3
14 | ,System,Audit Audit Policy Change,{0cce922f-69ae-11d9-bed3-505054503030},Success and Failure,,3
15 | ,System,Audit Authentication Policy Change,{0cce9230-69ae-11d9-bed3-505054503030},Success,,1
16 | ,System,Audit Authorization Policy Change,{0cce9231-69ae-11d9-bed3-505054503030},Success,,1
17 | ,System,Audit Sensitive Privilege Use,{0cce9228-69ae-11d9-bed3-505054503030},Success and Failure,,3
18 | ,System,Audit IPsec Driver,{0cce9213-69ae-11d9-bed3-505054503030},Success and Failure,,3
19 | ,System,Audit Other System Events,{0cce9214-69ae-11d9-bed3-505054503030},Success and Failure,,3
20 | ,System,Audit Security State Change,{0cce9210-69ae-11d9-bed3-505054503030},Success,,1
21 | ,System,Audit Security System Extension,{0cce9211-69ae-11d9-bed3-505054503030},Success and Failure,,3
22 | ,System,Audit System Integrity,{0cce9212-69ae-11d9-bed3-505054503030},Success and Failure,,3
23 |
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{D1BE62F1-2FC0-44FB-A20D-8DA3496430FC}/DomainSysvol/GPO/Machine/microsoft/windows nt/SecEdit/GptTmpl.inf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/davidprowe/AD_Sec_Tools/9435883090f1ccfd65057f80518ea1196f9a346d/Create Tiers/AD_GPO_Migration/GPO/{D1BE62F1-2FC0-44FB-A20D-8DA3496430FC}/DomainSysvol/GPO/Machine/microsoft/windows nt/SecEdit/GptTmpl.inf
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{D1BE62F1-2FC0-44FB-A20D-8DA3496430FC}/DomainSysvol/GPO/Machine/registry.pol:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/davidprowe/AD_Sec_Tools/9435883090f1ccfd65057f80518ea1196f9a346d/Create Tiers/AD_GPO_Migration/GPO/{D1BE62F1-2FC0-44FB-A20D-8DA3496430FC}/DomainSysvol/GPO/Machine/registry.pol
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{D1BE62F1-2FC0-44FB-A20D-8DA3496430FC}/DomainSysvol/GPO/User/comment.cmtx:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |
6 |
7 |
8 |
9 |
10 |
11 |
12 |
13 |
14 |
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{D1BE62F1-2FC0-44FB-A20D-8DA3496430FC}/DomainSysvol/GPO/User/registry.pol:
--------------------------------------------------------------------------------
1 | PReg����
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{D1BE62F1-2FC0-44FB-A20D-8DA3496430FC}/bkupInfo.xml:
--------------------------------------------------------------------------------
1 |
2 |
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{D1BE62F1-2FC0-44FB-A20D-8DA3496430FC}/gpreport.xml:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/davidprowe/AD_Sec_Tools/9435883090f1ccfd65057f80518ea1196f9a346d/Create Tiers/AD_GPO_Migration/GPO/{D1BE62F1-2FC0-44FB-A20D-8DA3496430FC}/gpreport.xml
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{D6892B80-B3ED-4DB1-97D3-5B888C2652F8}/DomainSysvol/GPO/Machine/comment.cmtx:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |
6 |
7 |
8 |
9 |
10 |
11 |
12 |
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{D6892B80-B3ED-4DB1-97D3-5B888C2652F8}/DomainSysvol/GPO/Machine/registry.pol:
--------------------------------------------------------------------------------
1 | PReg����[�S�O�F�T�W�A�R�E�\�P�o�l�i�c�i�e�s�\�M�i�c�r�o�s�o�f�t�\�W�i�n�d�o�w�s�\�D�e�v�i�c�e�G�u�a�r�d���;�E�n�a�b�l�e�V�i�r�t�u�a�l�i�z�a�t�i�o�n�B�a�s�e�d�S�e�c�u�r�i�t�y���;�����;�����;�����]�[�S�O�F�T�W�A�R�E�\�P�o�l�i�c�i�e�s�\�M�i�c�r�o�s�o�f�t�\�W�i�n�d�o�w�s�\�D�e�v�i�c�e�G�u�a�r�d���;�R�e�q�u�i�r�e�P�l�a�t�f�o�r�m�S�e�c�u�r�i�t�y�F�e�a�t�u�r�e�s���;�����;�����;�����]�[�S�O�F�T�W�A�R�E�\�P�o�l�i�c�i�e�s�\�M�i�c�r�o�s�o�f�t�\�W�i�n�d�o�w�s�\�D�e�v�i�c�e�G�u�a�r�d���;�H�y�p�e�r�v�i�s�o�r�E�n�f�o�r�c�e�d�C�o�d�e�I�n�t�e�g�r�i�t�y���;�����;�����;�����]�[�S�O�F�T�W�A�R�E�\�P�o�l�i�c�i�e�s�\�M�i�c�r�o�s�o�f�t�\�W�i�n�d�o�w�s�\�D�e�v�i�c�e�G�u�a�r�d���;�L�s�a�C�f�g�F�l�a�g�s���;�����;�����;�����]�
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{D6892B80-B3ED-4DB1-97D3-5B888C2652F8}/bkupInfo.xml:
--------------------------------------------------------------------------------
1 |
2 |
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{D6892B80-B3ED-4DB1-97D3-5B888C2652F8}/gpreport.xml:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/davidprowe/AD_Sec_Tools/9435883090f1ccfd65057f80518ea1196f9a346d/Create Tiers/AD_GPO_Migration/GPO/{D6892B80-B3ED-4DB1-97D3-5B888C2652F8}/gpreport.xml
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{D8867ACA-CD76-4867-B284-CA84A4AD47F0}/DomainSysvol/GPO/Machine/comment.cmtx:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |
6 |
7 |
8 |
9 |
10 |
11 |
12 |
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{D8867ACA-CD76-4867-B284-CA84A4AD47F0}/DomainSysvol/GPO/Machine/microsoft/windows nt/Audit/audit.csv:
--------------------------------------------------------------------------------
1 | Machine Name,Policy Target,Subcategory,Subcategory GUID,Inclusion Setting,Exclusion Setting,Setting Value
2 | ,System,Audit Credential Validation,{0cce923f-69ae-11d9-bed3-505054503030},Success and Failure,,3
3 | ,System,Audit Other Account Management Events,{0cce923a-69ae-11d9-bed3-505054503030},Success and Failure,,3
4 | ,System,Audit Security Group Management,{0cce9237-69ae-11d9-bed3-505054503030},Success and Failure,,3
5 | ,System,Audit User Account Management,{0cce9235-69ae-11d9-bed3-505054503030},Success and Failure,,3
6 | ,System,Audit PNP Activity,{0cce9248-69ae-11d9-bed3-505054503030},Success,,1
7 | ,System,Audit Process Creation,{0cce922b-69ae-11d9-bed3-505054503030},Success,,1
8 | ,System,Audit Account Lockout,{0cce9217-69ae-11d9-bed3-505054503030},Success and Failure,,3
9 | ,System,Audit Group Membership,{0cce9249-69ae-11d9-bed3-505054503030},Success,,1
10 | ,System,Audit Logoff,{0cce9216-69ae-11d9-bed3-505054503030},Success,,1
11 | ,System,Audit Logon,{0cce9215-69ae-11d9-bed3-505054503030},Success and Failure,,3
12 | ,System,Audit Special Logon,{0cce921b-69ae-11d9-bed3-505054503030},Success,,1
13 | ,System,Audit Removable Storage,{0cce9245-69ae-11d9-bed3-505054503030},Success and Failure,,3
14 | ,System,Audit Audit Policy Change,{0cce922f-69ae-11d9-bed3-505054503030},Success and Failure,,3
15 | ,System,Audit Authentication Policy Change,{0cce9230-69ae-11d9-bed3-505054503030},Success,,1
16 | ,System,Audit Authorization Policy Change,{0cce9231-69ae-11d9-bed3-505054503030},Success,,1
17 | ,System,Audit Sensitive Privilege Use,{0cce9228-69ae-11d9-bed3-505054503030},Success and Failure,,3
18 | ,System,Audit IPsec Driver,{0cce9213-69ae-11d9-bed3-505054503030},Success and Failure,,3
19 | ,System,Audit Other System Events,{0cce9214-69ae-11d9-bed3-505054503030},Success and Failure,,3
20 | ,System,Audit Security State Change,{0cce9210-69ae-11d9-bed3-505054503030},Success,,1
21 | ,System,Audit Security System Extension,{0cce9211-69ae-11d9-bed3-505054503030},Success and Failure,,3
22 | ,System,Audit System Integrity,{0cce9212-69ae-11d9-bed3-505054503030},Success and Failure,,3
23 |
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{D8867ACA-CD76-4867-B284-CA84A4AD47F0}/DomainSysvol/GPO/Machine/microsoft/windows nt/SecEdit/GptTmpl.inf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/davidprowe/AD_Sec_Tools/9435883090f1ccfd65057f80518ea1196f9a346d/Create Tiers/AD_GPO_Migration/GPO/{D8867ACA-CD76-4867-B284-CA84A4AD47F0}/DomainSysvol/GPO/Machine/microsoft/windows nt/SecEdit/GptTmpl.inf
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{D8867ACA-CD76-4867-B284-CA84A4AD47F0}/DomainSysvol/GPO/Machine/registry.pol:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/davidprowe/AD_Sec_Tools/9435883090f1ccfd65057f80518ea1196f9a346d/Create Tiers/AD_GPO_Migration/GPO/{D8867ACA-CD76-4867-B284-CA84A4AD47F0}/DomainSysvol/GPO/Machine/registry.pol
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{D8867ACA-CD76-4867-B284-CA84A4AD47F0}/bkupInfo.xml:
--------------------------------------------------------------------------------
1 |
2 |
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{D8867ACA-CD76-4867-B284-CA84A4AD47F0}/gpreport.xml:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/davidprowe/AD_Sec_Tools/9435883090f1ccfd65057f80518ea1196f9a346d/Create Tiers/AD_GPO_Migration/GPO/{D8867ACA-CD76-4867-B284-CA84A4AD47F0}/gpreport.xml
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{E639E641-A789-49D7-98B1-6AA80A74E755}/DomainSysvol/GPO/Machine/comment.cmtx:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |
6 |
7 |
8 |
9 |
10 |
11 |
12 |
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{E639E641-A789-49D7-98B1-6AA80A74E755}/DomainSysvol/GPO/Machine/microsoft/windows nt/SecEdit/GptTmpl.inf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/davidprowe/AD_Sec_Tools/9435883090f1ccfd65057f80518ea1196f9a346d/Create Tiers/AD_GPO_Migration/GPO/{E639E641-A789-49D7-98B1-6AA80A74E755}/DomainSysvol/GPO/Machine/microsoft/windows nt/SecEdit/GptTmpl.inf
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{E639E641-A789-49D7-98B1-6AA80A74E755}/DomainSysvol/GPO/Machine/registry.pol:
--------------------------------------------------------------------------------
1 | PReg����[�S�O�F�T�W�A�R�E�\�P�o�l�i�c�i�e�s�\�M�i�c�r�o�s�o�f�t�\�F�V�E���;�U�s�e�E�n�h�a�n�c�e�d�P�i�n���;�����;�����;�����]�[�S�O�F�T�W�A�R�E�\�P�o�l�i�c�i�e�s�\�M�i�c�r�o�s�o�f�t�\�F�V�E���;�O�S�A�l�l�o�w�S�e�c�u�r�e�B�o�o�t�F�o�r�I�n�t�e�g�r�i�t�y���;�����;�����;�����]�[�S�O�F�T�W�A�R�E�\�P�o�l�i�c�i�e�s�\�M�i�c�r�o�s�o�f�t�\�F�V�E���;�M�i�n�i�m�u�m�P�I�N���;�����;�����;�����]�[�S�O�F�T�W�A�R�E�\�P�o�l�i�c�i�e�s�\�M�i�c�r�o�s�o�f�t�\�F�V�E���;�R�D�V�D�e�n�y�C�r�o�s�s�O�r�g���;�����;�����;�����]�[�S�O�F�T�W�A�R�E�\�P�o�l�i�c�i�e�s�\�M�i�c�r�o�s�o�f�t�\�F�V�E���;�E�n�c�r�y�p�t�i�o�n�M�e�t�h�o�d�W�i�t�h�X�t�s�O�s���;�����;�����;�����]�[�S�O�F�T�W�A�R�E�\�P�o�l�i�c�i�e�s�\�M�i�c�r�o�s�o�f�t�\�F�V�E���;�E�n�c�r�y�p�t�i�o�n�M�e�t�h�o�d�W�i�t�h�X�t�s�F�d�v���;�����;�����;�����]�[�S�O�F�T�W�A�R�E�\�P�o�l�i�c�i�e�s�\�M�i�c�r�o�s�o�f�t�\�F�V�E���;�E�n�c�r�y�p�t�i�o�n�M�e�t�h�o�d�W�i�t�h�X�t�s�R�d�v���;�����;�����;�����]�[�S�O�F�T�W�A�R�E�\�P�o�l�i�c�i�e�s�\�M�i�c�r�o�s�o�f�t�\�P�o�w�e�r�\�P�o�w�e�r�S�e�t�t�i�n�g�s�\�a�b�f�c�2�5�1�9�-�3�6�0�8�-�4�c�2�a�-�9�4�e�a�-�1�7�1�b�0�e�d�5�4�6�a�b���;�D�C�S�e�t�t�i�n�g�I�n�d�e�x���;�����;�����;�����]�[�S�O�F�T�W�A�R�E�\�P�o�l�i�c�i�e�s�\�M�i�c�r�o�s�o�f�t�\�P�o�w�e�r�\�P�o�w�e�r�S�e�t�t�i�n�g�s�\�a�b�f�c�2�5�1�9�-�3�6�0�8�-�4�c�2�a�-�9�4�e�a�-�1�7�1�b�0�e�d�5�4�6�a�b���;�A�C�S�e�t�t�i�n�g�I�n�d�e�x���;�����;�����;�����]�[�S�O�F�T�W�A�R�E�\�P�o�l�i�c�i�e�s�\�M�i�c�r�o�s�o�f�t�\�W�i�n�d�o�w�s�\�D�e�v�i�c�e�I�n�s�t�a�l�l�\�R�e�s�t�r�i�c�t�i�o�n�s���;�D�e�n�y�D�e�v�i�c�e�C�l�a�s�s�e�s���;�����;�����;�����]�[�S�O�F�T�W�A�R�E�\�P�o�l�i�c�i�e�s�\�M�i�c�r�o�s�o�f�t�\�W�i�n�d�o�w�s�\�D�e�v�i�c�e�I�n�s�t�a�l�l�\�R�e�s�t�r�i�c�t�i�o�n�s���;�D�e�n�y�D�e�v�i�c�e�C�l�a�s�s�e�s�R�e�t�r�o�a�c�t�i�v�e���;�����;�����;�����]�[�S�O�F�T�W�A�R�E�\�P�o�l�i�c�i�e�s�\�M�i�c�r�o�s�o�f�t�\�W�i�n�d�o�w�s�\�D�e�v�i�c�e�I�n�s�t�a�l�l�\�R�e�s�t�r�i�c�t�i�o�n�s���;�D�e�n�y�D�e�v�i�c�e�I�D�s���;�����;�����;�����]�[�S�O�F�T�W�A�R�E�\�P�o�l�i�c�i�e�s�\�M�i�c�r�o�s�o�f�t�\�W�i�n�d�o�w�s�\�D�e�v�i�c�e�I�n�s�t�a�l�l�\�R�e�s�t�r�i�c�t�i�o�n�s���;�D�e�n�y�D�e�v�i�c�e�I�D�s�R�e�t�r�o�a�c�t�i�v�e���;�����;�����;�����]�[�S�O�F�T�W�A�R�E�\�P�o�l�i�c�i�e�s�\�M�i�c�r�o�s�o�f�t�\�W�i�n�d�o�w�s�\�D�e�v�i�c�e�I�n�s�t�a�l�l�\�R�e�s�t�r�i�c�t�i�o�n�s�\�D�e�n�y�D�e�v�i�c�e�C�l�a�s�s�e�s���;�*�*�d�e�l�v�a�l�s�.���;�����;�����;� ���]�[�S�O�F�T�W�A�R�E�\�P�o�l�i�c�i�e�s�\�M�i�c�r�o�s�o�f�t�\�W�i�n�d�o�w�s�\�D�e�v�i�c�e�I�n�s�t�a�l�l�\�R�e�s�t�r�i�c�t�i�o�n�s�\�D�e�n�y�D�e�v�i�c�e�C�l�a�s�s�e�s���;�1���;�����;�N���;�{�d�4�8�1�7�9�b�e�-�e�c�2�0�-�1�1�d�1�-�b�6�b�8�-�0�0�c�0�4�f�a�3�7�2�a�7�}���]�[�S�O�F�T�W�A�R�E�\�P�o�l�i�c�i�e�s�\�M�i�c�r�o�s�o�f�t�\�W�i�n�d�o�w�s�\�D�e�v�i�c�e�I�n�s�t�a�l�l�\�R�e�s�t�r�i�c�t�i�o�n�s�\�D�e�n�y�D�e�v�i�c�e�I�D�s���;�*�*�d�e�l�v�a�l�s�.���;�����;�����;� ���]�[�S�O�F�T�W�A�R�E�\�P�o�l�i�c�i�e�s�\�M�i�c�r�o�s�o�f�t�\�W�i�n�d�o�w�s�\�D�e�v�i�c�e�I�n�s�t�a�l�l�\�R�e�s�t�r�i�c�t�i�o�n�s�\�D�e�n�y�D�e�v�i�c�e�I�D�s���;�1���;�����;�����;�P�C�I�\�C�C�_�0�C�0�A���]�[�S�y�s�t�e�m�\�C�u�r�r�e�n�t�C�o�n�t�r�o�l�S�e�t�\�P�o�l�i�c�i�e�s�\�M�i�c�r�o�s�o�f�t�\�F�V�E���;�R�D�V�D�e�n�y�W�r�i�t�e�A�c�c�e�s�s���;�����;�����;�����]�
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{E639E641-A789-49D7-98B1-6AA80A74E755}/bkupInfo.xml:
--------------------------------------------------------------------------------
1 |
2 |
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{E639E641-A789-49D7-98B1-6AA80A74E755}/gpreport.xml:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/davidprowe/AD_Sec_Tools/9435883090f1ccfd65057f80518ea1196f9a346d/Create Tiers/AD_GPO_Migration/GPO/{E639E641-A789-49D7-98B1-6AA80A74E755}/gpreport.xml
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{EA8FA033-A484-4718-A1AE-B9E0B9E98FC4}/Backup.xml:
--------------------------------------------------------------------------------
1 |
2 | 01 00 04 9c 00 00 00 00 00 00 00 00 00 00 00 00 14 00 00 00 04 00 ec 00 08 00 00 00 05 02 28 00 00 01 00 00 01 00 00 00 8f fd ac ed b3 ff d1 11 b4 1d 00 a0 c9 68 f9 39 01 01 00 00 00 00 00 05 0b 00 00 00 00 00 24 00 ff 00 0f 00 01 05 00 00 00 00 00 05 15 00 00 00 3b dc 28 fa 46 38 ac 9a 30 0e 69 2b 00 02 00 00 00 02 24 00 ff 00 0f 00 01 05 00 00 00 00 00 05 15 00 00 00 3b dc 28 fa 46 38 ac 9a 30 0e 69 2b 00 02 00 00 00 02 24 00 ff 00 0f 00 01 05 00 00 00 00 00 05 15 00 00 00 3b dc 28 fa 46 38 ac 9a 30 0e 69 2b 07 02 00 00 00 02 14 00 94 00 02 00 01 01 00 00 00 00 00 05 09 00 00 00 00 02 14 00 94 00 02 00 01 01 00 00 00 00 00 05 0b 00 00 00 00 02 14 00 ff 00 0f 00 01 01 00 00 00 00 00 05 12 00 00 00 00 0a 14 00 ff 00 0f 00 01 01 00 00 00 00 00 03 00 00 00 00
3 |
4 |
5 |
6 |
7 |
8 |
9 |
10 |
11 |
12 |
13 |
14 |
15 |
16 |
17 |
18 |
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{EA8FA033-A484-4718-A1AE-B9E0B9E98FC4}/DomainSysvol/GPO/Machine/comment.cmtx:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |
6 |
7 |
8 |
9 |
10 |
11 |
12 |
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{EA8FA033-A484-4718-A1AE-B9E0B9E98FC4}/bkupInfo.xml:
--------------------------------------------------------------------------------
1 |
2 |
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{EA8FA033-A484-4718-A1AE-B9E0B9E98FC4}/gpreport.xml:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/davidprowe/AD_Sec_Tools/9435883090f1ccfd65057f80518ea1196f9a346d/Create Tiers/AD_GPO_Migration/GPO/{EA8FA033-A484-4718-A1AE-B9E0B9E98FC4}/gpreport.xml
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{F32271A8-7177-4DB6-BF22-10E8CF683C78}/DomainSysvol/GPO/Machine/microsoft/windows nt/SecEdit/GptTmpl.inf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/davidprowe/AD_Sec_Tools/9435883090f1ccfd65057f80518ea1196f9a346d/Create Tiers/AD_GPO_Migration/GPO/{F32271A8-7177-4DB6-BF22-10E8CF683C78}/DomainSysvol/GPO/Machine/microsoft/windows nt/SecEdit/GptTmpl.inf
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{F32271A8-7177-4DB6-BF22-10E8CF683C78}/bkupInfo.xml:
--------------------------------------------------------------------------------
1 |
2 |
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{F32271A8-7177-4DB6-BF22-10E8CF683C78}/gpreport.xml:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/davidprowe/AD_Sec_Tools/9435883090f1ccfd65057f80518ea1196f9a346d/Create Tiers/AD_GPO_Migration/GPO/{F32271A8-7177-4DB6-BF22-10E8CF683C78}/gpreport.xml
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{F3F672E5-9DBC-4B69-8C50-DB5D9B6B18F7}/DomainSysvol/GPO/GPO.cmt:
--------------------------------------------------------------------------------
1 | S�C�M� �3�.�0� �W�i�n� �2�0�1�2�R�2� �C�o�m�p�u�t�e�r� �P�o�l�i�c�y�
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{F3F672E5-9DBC-4B69-8C50-DB5D9B6B18F7}/DomainSysvol/GPO/Machine/comment.cmtx:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |
6 |
7 |
8 |
9 |
10 |
11 |
12 |
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{F3F672E5-9DBC-4B69-8C50-DB5D9B6B18F7}/DomainSysvol/GPO/Machine/microsoft/windows nt/Audit/audit.csv:
--------------------------------------------------------------------------------
1 | Machine Name,Policy Target,Subcategory,Subcategory GUID,Inclusion Setting,Exclusion Setting,Setting Value
2 | ,System,Audit Credential Validation,{0cce923f-69ae-11d9-bed3-505054503030},Success and Failure,,3
3 | ,System,Audit Computer Account Management,{0cce9236-69ae-11d9-bed3-505054503030},Success,,1
4 | ,System,Audit Other Account Management Events,{0cce923a-69ae-11d9-bed3-505054503030},Success and Failure,,3
5 | ,System,Audit Security Group Management,{0cce9237-69ae-11d9-bed3-505054503030},Success and Failure,,3
6 | ,System,Audit User Account Management,{0cce9235-69ae-11d9-bed3-505054503030},Success and Failure,,3
7 | ,System,Audit Process Creation,{0cce922b-69ae-11d9-bed3-505054503030},Success,,1
8 | ,System,Audit Account Lockout,{0cce9217-69ae-11d9-bed3-505054503030},Success,,1
9 | ,System,Audit Logoff,{0cce9216-69ae-11d9-bed3-505054503030},Success,,1
10 | ,System,Audit Logon,{0cce9215-69ae-11d9-bed3-505054503030},Success and Failure,,3
11 | ,System,Audit Special Logon,{0cce921b-69ae-11d9-bed3-505054503030},Success,,1
12 | ,System,Audit Audit Policy Change,{0cce922f-69ae-11d9-bed3-505054503030},Success and Failure,,3
13 | ,System,Audit Authentication Policy Change,{0cce9230-69ae-11d9-bed3-505054503030},Success,,1
14 | ,System,Audit Sensitive Privilege Use,{0cce9228-69ae-11d9-bed3-505054503030},Success and Failure,,3
15 | ,System,Audit IPsec Driver,{0cce9213-69ae-11d9-bed3-505054503030},Success and Failure,,3
16 | ,System,Audit Other System Events,{0cce9214-69ae-11d9-bed3-505054503030},Success and Failure,,3
17 | ,System,Audit Security State Change,{0cce9210-69ae-11d9-bed3-505054503030},Success and Failure,,3
18 | ,System,Audit Security System Extension,{0cce9211-69ae-11d9-bed3-505054503030},Success and Failure,,3
19 | ,System,Audit System Integrity,{0cce9212-69ae-11d9-bed3-505054503030},Success and Failure,,3
20 |
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{F3F672E5-9DBC-4B69-8C50-DB5D9B6B18F7}/DomainSysvol/GPO/Machine/microsoft/windows nt/SecEdit/GptTmpl.inf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/davidprowe/AD_Sec_Tools/9435883090f1ccfd65057f80518ea1196f9a346d/Create Tiers/AD_GPO_Migration/GPO/{F3F672E5-9DBC-4B69-8C50-DB5D9B6B18F7}/DomainSysvol/GPO/Machine/microsoft/windows nt/SecEdit/GptTmpl.inf
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{F3F672E5-9DBC-4B69-8C50-DB5D9B6B18F7}/DomainSysvol/GPO/Machine/registry.pol:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/davidprowe/AD_Sec_Tools/9435883090f1ccfd65057f80518ea1196f9a346d/Create Tiers/AD_GPO_Migration/GPO/{F3F672E5-9DBC-4B69-8C50-DB5D9B6B18F7}/DomainSysvol/GPO/Machine/registry.pol
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{F3F672E5-9DBC-4B69-8C50-DB5D9B6B18F7}/DomainSysvol/GPO/User/comment.cmtx:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |
6 |
7 |
8 |
9 |
10 |
11 |
12 |
13 |
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{F3F672E5-9DBC-4B69-8C50-DB5D9B6B18F7}/DomainSysvol/GPO/User/registry.pol:
--------------------------------------------------------------------------------
1 | PReg����[�S�O�F�T�W�A�R�E�\�P�o�l�i�c�i�e�s�\�M�i�c�r�o�s�o�f�t�\�W�i�n�d�o�w�s�\�C�o�n�t�r�o�l� �P�a�n�e�l�\�D�e�s�k�t�o�p���;�S�c�r�e�e�n�S�a�v�e�A�c�t�i�v�e���;�����;�����;�1���]�[�S�O�F�T�W�A�R�E�\�P�o�l�i�c�i�e�s�\�M�i�c�r�o�s�o�f�t�\�W�i�n�d�o�w�s�\�C�o�n�t�r�o�l� �P�a�n�e�l�\�D�e�s�k�t�o�p���;�S�C�R�N�S�A�V�E�.�E�X�E���;�����;�����;�s�c�r�n�s�a�v�e�.�s�c�r���]�[�S�O�F�T�W�A�R�E�\�P�o�l�i�c�i�e�s�\�M�i�c�r�o�s�o�f�t�\�W�i�n�d�o�w�s�\�C�o�n�t�r�o�l� �P�a�n�e�l�\�D�e�s�k�t�o�p���;�S�c�r�e�e�n�S�a�v�e�r�I�s�S�e�c�u�r�e���;�����;�����;�1���]�[�S�O�F�T�W�A�R�E�\�P�o�l�i�c�i�e�s�\�M�i�c�r�o�s�o�f�t�\�W�i�n�d�o�w�s�\�C�u�r�r�e�n�t�V�e�r�s�i�o�n�\�P�u�s�h�N�o�t�i�f�i�c�a�t�i�o�n�s���;�N�o�T�o�a�s�t�A�p�p�l�i�c�a�t�i�o�n�N�o�t�i�f�i�c�a�t�i�o�n�O�n�L�o�c�k�S�c�r�e�e�n���;�����;�����;�����]�
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{F3F672E5-9DBC-4B69-8C50-DB5D9B6B18F7}/bkupInfo.xml:
--------------------------------------------------------------------------------
1 |
2 |
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{F3F672E5-9DBC-4B69-8C50-DB5D9B6B18F7}/gpreport.xml:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/davidprowe/AD_Sec_Tools/9435883090f1ccfd65057f80518ea1196f9a346d/Create Tiers/AD_GPO_Migration/GPO/{F3F672E5-9DBC-4B69-8C50-DB5D9B6B18F7}/gpreport.xml
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{F7323EF2-0682-493E-A3B6-38157BFFE8EA}/Backup.xml:
--------------------------------------------------------------------------------
1 |
2 | 01 00 04 9c 00 00 00 00 00 00 00 00 00 00 00 00 14 00 00 00 04 00 ec 00 08 00 00 00 05 02 28 00 00 01 00 00 01 00 00 00 8f fd ac ed b3 ff d1 11 b4 1d 00 a0 c9 68 f9 39 01 01 00 00 00 00 00 05 0b 00 00 00 00 00 24 00 ff 00 0f 00 01 05 00 00 00 00 00 05 15 00 00 00 3b dc 28 fa 46 38 ac 9a 30 0e 69 2b 00 02 00 00 00 02 24 00 ff 00 0f 00 01 05 00 00 00 00 00 05 15 00 00 00 3b dc 28 fa 46 38 ac 9a 30 0e 69 2b 00 02 00 00 00 02 24 00 ff 00 0f 00 01 05 00 00 00 00 00 05 15 00 00 00 3b dc 28 fa 46 38 ac 9a 30 0e 69 2b 07 02 00 00 00 02 14 00 94 00 02 00 01 01 00 00 00 00 00 05 09 00 00 00 00 02 14 00 94 00 02 00 01 01 00 00 00 00 00 05 0b 00 00 00 00 02 14 00 ff 00 0f 00 01 01 00 00 00 00 00 05 12 00 00 00 00 0a 14 00 ff 00 0f 00 01 01 00 00 00 00 00 03 00 00 00 00
3 |
4 |
5 |
6 |
7 |
8 |
9 |
10 |
11 |
12 |
13 |
14 |
15 |
16 |
17 |
18 |
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{F7323EF2-0682-493E-A3B6-38157BFFE8EA}/bkupInfo.xml:
--------------------------------------------------------------------------------
1 |
2 |
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{F7323EF2-0682-493E-A3B6-38157BFFE8EA}/gpreport.xml:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/davidprowe/AD_Sec_Tools/9435883090f1ccfd65057f80518ea1196f9a346d/Create Tiers/AD_GPO_Migration/GPO/{F7323EF2-0682-493E-A3B6-38157BFFE8EA}/gpreport.xml
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{FA0F282C-57C2-409B-9E0E-7A70C6E92B97}/DomainSysvol/GPO/Machine/comment.cmtx:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |
6 |
7 |
8 |
9 |
10 |
11 |
12 |
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{FA0F282C-57C2-409B-9E0E-7A70C6E92B97}/DomainSysvol/GPO/Machine/microsoft/windows nt/Audit/audit.csv:
--------------------------------------------------------------------------------
1 | Machine Name,Policy Target,Subcategory,Subcategory GUID,Inclusion Setting,Exclusion Setting,Setting Value
2 | ,System,Audit Credential Validation,{0cce923f-69ae-11d9-bed3-505054503030},Success and Failure,,3
3 | ,System,Audit Computer Account Management,{0cce9236-69ae-11d9-bed3-505054503030},Success and Failure,,3
4 | ,System,Audit Other Account Management Events,{0cce923a-69ae-11d9-bed3-505054503030},Success and Failure,,3
5 | ,System,Audit Security Group Management,{0cce9237-69ae-11d9-bed3-505054503030},Success and Failure,,3
6 | ,System,Audit User Account Management,{0cce9235-69ae-11d9-bed3-505054503030},Success and Failure,,3
7 | ,System,Audit Process Creation,{0cce922b-69ae-11d9-bed3-505054503030},Success,,1
8 | ,System,Audit Directory Service Access,{0cce923b-69ae-11d9-bed3-505054503030},Success and Failure,,3
9 | ,System,Audit Directory Service Changes,{0cce923c-69ae-11d9-bed3-505054503030},Success and Failure,,3
10 | ,System,Audit Account Lockout,{0cce9217-69ae-11d9-bed3-505054503030},Success,,1
11 | ,System,Audit Logoff,{0cce9216-69ae-11d9-bed3-505054503030},Success,,1
12 | ,System,Audit Logon,{0cce9215-69ae-11d9-bed3-505054503030},Success and Failure,,3
13 | ,System,Audit Special Logon,{0cce921b-69ae-11d9-bed3-505054503030},Success,,1
14 | ,System,Audit Audit Policy Change,{0cce922f-69ae-11d9-bed3-505054503030},Success and Failure,,3
15 | ,System,Audit Authentication Policy Change,{0cce9230-69ae-11d9-bed3-505054503030},Success,,1
16 | ,System,Audit Sensitive Privilege Use,{0cce9228-69ae-11d9-bed3-505054503030},Success and Failure,,3
17 | ,System,Audit IPsec Driver,{0cce9213-69ae-11d9-bed3-505054503030},Success and Failure,,3
18 | ,System,Audit Other System Events,{0cce9214-69ae-11d9-bed3-505054503030},Success and Failure,,3
19 | ,System,Audit Security State Change,{0cce9210-69ae-11d9-bed3-505054503030},Success and Failure,,3
20 | ,System,Audit Security System Extension,{0cce9211-69ae-11d9-bed3-505054503030},Success and Failure,,3
21 | ,System,Audit System Integrity,{0cce9212-69ae-11d9-bed3-505054503030},Success and Failure,,3
22 |
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{FA0F282C-57C2-409B-9E0E-7A70C6E92B97}/DomainSysvol/GPO/Machine/microsoft/windows nt/SecEdit/GptTmpl.inf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/davidprowe/AD_Sec_Tools/9435883090f1ccfd65057f80518ea1196f9a346d/Create Tiers/AD_GPO_Migration/GPO/{FA0F282C-57C2-409B-9E0E-7A70C6E92B97}/DomainSysvol/GPO/Machine/microsoft/windows nt/SecEdit/GptTmpl.inf
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{FA0F282C-57C2-409B-9E0E-7A70C6E92B97}/DomainSysvol/GPO/Machine/registry.pol:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/davidprowe/AD_Sec_Tools/9435883090f1ccfd65057f80518ea1196f9a346d/Create Tiers/AD_GPO_Migration/GPO/{FA0F282C-57C2-409B-9E0E-7A70C6E92B97}/DomainSysvol/GPO/Machine/registry.pol
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{FA0F282C-57C2-409B-9E0E-7A70C6E92B97}/DomainSysvol/GPO/User/comment.cmtx:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |
6 |
7 |
8 |
9 |
10 |
11 |
12 |
13 |
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{FA0F282C-57C2-409B-9E0E-7A70C6E92B97}/DomainSysvol/GPO/User/registry.pol:
--------------------------------------------------------------------------------
1 | PReg����
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{FA0F282C-57C2-409B-9E0E-7A70C6E92B97}/bkupInfo.xml:
--------------------------------------------------------------------------------
1 |
2 |
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPO/{FA0F282C-57C2-409B-9E0E-7A70C6E92B97}/gpreport.xml:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/davidprowe/AD_Sec_Tools/9435883090f1ccfd65057f80518ea1196f9a346d/Create Tiers/AD_GPO_Migration/GPO/{FA0F282C-57C2-409B-9E0E-7A70C6E92B97}/gpreport.xml
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPOErrors.txt:
--------------------------------------------------------------------------------
1 | *- Tier 0 Host Guardian Service Administration Policy
2 | *- Tier 2 PAWs
3 | *- Tier 1 PAWs
4 | *- Tier 0 Servers
5 | *- Tier 0 PAWs
6 | *- Computer Quarantine
7 | *- Tier 2 Workstations
8 | *- Tier 1 Servers
9 |
10 |
11 | Administrators - need to be
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPOMigration/GPOMigration.psd1:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/davidprowe/AD_Sec_Tools/9435883090f1ccfd65057f80518ea1196f9a346d/Create Tiers/AD_GPO_Migration/GPOMigration/GPOMigration.psd1
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/GPOMigration/GPOMigration.psm1:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/davidprowe/AD_Sec_Tools/9435883090f1ccfd65057f80518ea1196f9a346d/Create Tiers/AD_GPO_Migration/GPOMigration/GPOMigration.psm1
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/MigTable_sample.csv:
--------------------------------------------------------------------------------
1 | Source,Destination,Type
2 | "wingtiptoys.local","cohovineyard.com","Domain"
3 | "wingtiptoys","cohovineyard","Domain"
4 | "\\wingtiptoys.local\","\\cohovineyard.com\","UNC"
5 | "\\wingtiptoys\","\\cohovineyard\","UNC"
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/Status after first import.docx:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/davidprowe/AD_Sec_Tools/9435883090f1ccfd65057f80518ea1196f9a346d/Create Tiers/AD_GPO_Migration/Status after first import.docx
--------------------------------------------------------------------------------
/Create Tiers/AD_GPO_Migration/adatum_to_anything.csv:
--------------------------------------------------------------------------------
1 | "Source","Destination","Type"
2 | "adatum.com","testdestination.com","Domain"
3 |
--------------------------------------------------------------------------------
/Create Tiers/AD_Group_CreateAdminGroups/AD_Create_Admin_Roles.ps1:
--------------------------------------------------------------------------------
1 | $addomain = (get-addomain).distinguishedname
2 | #where the script puts the role groups
3 | $LocationForT1Roles = "OU=ADM-Roles,OU=Tier 1,OU=Admin,"
4 | $locationforT2Roles = "OU=ADM-Roles,OU=Tier 2,OU=Admin,"
5 | # this makes the name of the group
6 | $tierGroupPrefix = @('Tier1','Tier2')
7 | $tierGroupObjects = @('Accounts','Groups','Devices')
8 | $tierGroupSuffix = "Admins"
9 | $helpdesksuffix = "Helpdesk"
10 |
11 | function Get-ScriptDirectory {
12 | Split-Path -Parent $PSCommandPath
13 | }
14 | $scriptPath = Get-ScriptDirectory
15 | $adplatformsourcedir = split-path -Path $scriptPath -Parent
16 | $permissionset = & $adplatformsourcedir + "\AD_Group_CreateAdminGroups\AD Permissions for Group Granular Access.ps1"
17 | #=====================================
18 | <#
19 | Old import method
20 | $affiliatesCSV = $adplatformsourcedir + '\AD_OU_CreateStructure\3lettercodeaff.csv'
21 | $DepartmentsCSV = $adplatformsourcedir + '\AD_OU_CreateStructure\3lettercodedepts.csv'
22 | $CentralAdministrationCSV = $adplatformsourcedir + '\AD_OU_CreateStructure\3lettercodecent.csv'
23 | $schoolsCSV = $adplatformsourcedir + '\AD_OU_CreateStructure\3lettercodeschools.csv'
24 | #>
25 | #3 letter affiliate codes here
26 | $3LetterCodeCSV = $scriptPath + '\3lettercodes.csv'
27 |
28 | $csvlist = @()
29 | $csvlist = import-csv $3LetterCodeCSV
30 | <#
31 | Olde import method
32 | $csvlist += Import-Csv $CentralAdministrationCSV
33 | $csvlist += import-csv $schoolsCSV
34 | $csvlist += Import-Csv $affiliatesCSV
35 | $csvlist += import-csv $DepartmentsCSV
36 | #>
37 |
38 | foreach ($code in $csv){
39 | #======================================================================
40 | #tier 1 group creations
41 | #set ou location with groupdestination
42 | $groupdestination = $LocationForT1Roles + $addomain
43 | foreach ($objecttype in $tierGroupObjects){
44 | $groupname = $code.name + "_" + $tierGroupPrefix[0] + "_" + $tierGroupObjects +"_" + $tierGroupSuffix
45 | New-ADGroup -Name $groupname -Path $groupdestination -GroupCategory Security -GroupScope Global
46 | }
47 | #Create Helpdesk group in tier
48 | $groupname = $code.name + "_" + $tierGroupPrefix[0] + "_" + $helpdesksuffix
49 | New-ADGroup -Name $groupname -Path $groupdestination -GroupCategory Security -GroupScope Global
50 | #=====================================================================
51 | #tier 2 group creations
52 | $groupdestination = $LocationForT2Roles + $addomain
53 | foreach ($objecttype in $tierGroupObjects){
54 | $groupname = $code.name + "_" + $tierGroupPrefix[1] + "_" + $tierGroupObjects +"_" + $tierGroupSuffix
55 | New-ADGroup -Name $groupname -Path $groupdestination -GroupCategory Security -GroupScope Global
56 | }
57 | #Create Helpdesk group in tier
58 | $groupname = $code.name + "_" + $tierGroupPrefix[1] + "_" + $helpdesksuffix
59 | New-ADGroup -Name $groupname -Path $groupdestination -GroupCategory Security -GroupScope Global
60 |
61 |
62 | }
--------------------------------------------------------------------------------
/Create Tiers/AD_Group_CreateAdminRoles/Make-SuperGroups.ps1:
--------------------------------------------------------------------------------
1 | $debug=$false
2 | $groups = $null
3 | $OUsearch =$null
4 | $dc = (Get-ADDomain).PDCEmulator
5 | $forest = (Get-ADDomain).Forest.Split('.')
6 |
7 | $OUSearch = "OU=Admin"
8 |
9 | for ($i = 0;$i -lt $forest.count; $i++)
10 | {
11 | $OUSearch+= ",DC=" + $forest[$i]
12 | }
13 | if ($debug){$OUSearch}
14 |
15 | $TLGs = ("Tier 1","Tier 2")
16 | foreach ($tlg in $TLGs){
17 | #Define Top Level Admin Group for Tier
18 | $tlgAdminGroup = $TLG + "Admins" -replace '\s+'
19 | #Extract leading and trailing char from top level group for use in OU search
20 | $OUNode = $tlg[0] + $tlg[$tlg.Length-1]
21 |
22 |
23 | #Get all groups in relevant OU for addition to master Admin group
24 | $groups = Get-ADGroup -Filter {Name -notlike "$tlg*"} -SearchBase "OU=$OUNode-Roles,OU=$Tlg,$ousearch" | Select-Object -ExpandProperty name
25 | if ($debug){
26 | "`n-------------`n$tlgAdminGroup`n$OUNode`nFound: " +$groups.count + " Delegated Admin Groups"
27 | }
28 |
29 | foreach ($group in $groups){
30 | if ($debug){
31 | $group
32 | Add-ADGroupMember -Identity $tlgAdminGroup -Members $group -server $dc -WhatIf
33 | }else{Add-ADGroupMember -Identity $tlgAdminGroup -Members $group -Server $dc}
34 |
35 | }
36 | }
--------------------------------------------------------------------------------
/Create Tiers/AD_LAPS_Install/AdmPwd.PS/AdmPwd.PS.dll:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/davidprowe/AD_Sec_Tools/9435883090f1ccfd65057f80518ea1196f9a346d/Create Tiers/AD_LAPS_Install/AdmPwd.PS/AdmPwd.PS.dll
--------------------------------------------------------------------------------
/Create Tiers/AD_LAPS_Install/AdmPwd.PS/AdmPwd.PS.psd1:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/davidprowe/AD_Sec_Tools/9435883090f1ccfd65057f80518ea1196f9a346d/Create Tiers/AD_LAPS_Install/AdmPwd.PS/AdmPwd.PS.psd1
--------------------------------------------------------------------------------
/Create Tiers/AD_LAPS_Install/AdmPwd.PS/AdmPwd.Utils.dll:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/davidprowe/AD_Sec_Tools/9435883090f1ccfd65057f80518ea1196f9a346d/Create Tiers/AD_LAPS_Install/AdmPwd.PS/AdmPwd.Utils.dll
--------------------------------------------------------------------------------
/Create Tiers/AD_LAPS_Install/AdmPwd.adml:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |
6 |
7 |
8 | LAPS
9 | Enable local admin password management
10 |
11 | Enables management of password for local administrator account
12 |
13 | If you enable this setting, local administrator password is managed
14 |
15 | If you disable or not configure this setting, local administrator password is NOT managed
16 |
17 | Password Settings
18 |
19 | Configures password parameters
20 |
21 | Password complexity: which characters are used when generating a new password
22 | Default: Large letters + small letters + numbers + special characters
23 |
24 | Password length
25 | Minimum: 8 characters
26 | Maximum: 64 characters
27 | Default: 14 characters
28 |
29 | Password age in days
30 | Minimum: 1 day
31 | Maximum: 365 days
32 | Default: 30 days
33 |
34 | At least Microsoft Windows Vista or Windows Server 2003 family
35 | Large letters
36 | Large letters + small letters
37 | Large letters + small letters + numbers
38 | Large letters + small letters + numbers + specials
39 | Name of administrator account to manage
40 |
41 | Administrator account name: name of the local account you want to manage password for.
42 | DO NOT configure when you use built-in admin account. Built-in admin account is auto-detected by well-known SID, even when renamed
43 |
44 | DO configure when you use custom local admin account
45 |
46 | Do not allow password expiration time longer than required by policy
47 |
48 | When you enable this setting, planned password expiration longer than password age dictated by "Password Settings" policy is NOT allowed. When such expiration is detected, password is changed immediately and password expiration is set according to policy.
49 |
50 | When you disable or not configure this setting, password expiration time may be longer than required by "Password Settings" policy.
51 |
52 |
53 |
54 |
55 | Password Complexity
56 | Password Length
57 | Password Age (Days)
58 |
59 |
60 |
61 |
62 |
63 |
64 |
65 |
66 |
--------------------------------------------------------------------------------
/Create Tiers/AD_LAPS_Install/InstallLAPSSchema.ps1:
--------------------------------------------------------------------------------
1 | function Get-ScriptDirectory {
2 | Split-Path -Parent $PSCommandPath
3 | }
4 | $scriptPath = Get-ScriptDirectory
5 |
6 | copy-item -path ($scriptpath + "\admpwd.ps") -destination "C:\Windows\System32\WindowsPowerShell\v1.0\Modules"
7 | get-childitem -path ($scriptpath + "\admpwd.ps") -recurse |Foreach-object {
8 | Copy-item -literalpath $_.fullname -destination "C:\Windows\System32\WindowsPowerShell\v1.0\Modules\admpwd.ps"
9 | }
10 | copy-item -path ($scriptpath + "\AdmPwd.admx") -destination "C:\Windows\PolicyDefinitions"
11 | copy-item -path ($scriptpath + "\AdmPwd.adml") -destination "C:\Windows\PolicyDefinitions\en-US"
12 |
13 | Import-Module ADMPwd.ps
14 | Update-AdmPwdADSchema
15 | Set-AdmPwdComputerSelfPermission -OrgUnit (Get-ADDomain).distinguishedname
--------------------------------------------------------------------------------
/Create Tiers/AD_LAPS_Install/LAPS.x64.msi:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/davidprowe/AD_Sec_Tools/9435883090f1ccfd65057f80518ea1196f9a346d/Create Tiers/AD_LAPS_Install/LAPS.x64.msi
--------------------------------------------------------------------------------
/Create Tiers/AD_LAPS_Install/LAPSInstallPaths.PNG:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/davidprowe/AD_Sec_Tools/9435883090f1ccfd65057f80518ea1196f9a346d/Create Tiers/AD_LAPS_Install/LAPSInstallPaths.PNG
--------------------------------------------------------------------------------
/Create Tiers/AD_OU_CreateStructure/3lettercodes.csv:
--------------------------------------------------------------------------------
1 | name,description
2 | BDE,Business Development
3 | HRE,Human Relations
4 | FIN,Finance
5 | ITS,Information Tech Services
6 | OGC,Office of the General Counsel
7 | CSR,Campus Services
8 | PAC,Public Affairs and Communications
9 | ESM,Endpoint System Management
10 | SEC,Information Security
11 | ITS,Information Technology Services
12 |
--------------------------------------------------------------------------------
/Create Tiers/AD_OU_SetACL/Full Control Permissions.ps1:
--------------------------------------------------------------------------------
1 | ######################################################################################################################
2 | # Full Control permissions
3 | Function FullControl($objGroup, $objOU,$inheritanceType)
4 | {
5 |
6 |
7 | $groupSID = New-Object System.Security.Principal.SecurityIdentifier $objGroup.SID
8 | $objAcl = get-acl $objOU
9 |
10 | $objAcl.AddAccessRule((New-Object System.DirectoryServices.ActiveDirectoryAccessRule $groupSID,"GenericAll","Allow","00000000-0000-0000-0000-000000000000",$inheritanceType,"00000000-0000-0000-0000-000000000000"))
11 | try
12 | {
13 | Set-Acl -AclObject $objAcl -path $objOU
14 | }
15 | catch
16 | {
17 | Write-Host -ForegroundColor Red ("ERROR: Unable to grant the group " + $objGroup.Name + " Full Control permissions")
18 |
19 |
20 | }
21 | If(!$error)
22 | {
23 | Write-Host -ForegroundColor Green ("INFORMATION: Granted the group " + $objGroup.Name + " Full Control permissions on the OU " + $objOU)
24 | }
25 |
26 |
27 |
28 | }
29 |
30 | Function FullControlUsers($objGroup, $objOU, $inheritanceType)
31 | {
32 |
33 |
34 | $groupSID = New-Object System.Security.Principal.SecurityIdentifier $objGroup.SID
35 | $objAcl = get-acl $objOU
36 |
37 | $objAcl.AddAccessRule((New-Object System.DirectoryServices.ActiveDirectoryAccessRule $groupSID,"GenericAll","Allow","00000000-0000-0000-0000-000000000000",$inheritanceType,$guidmap["user"]))
38 | try
39 | {
40 | Set-Acl -AclObject $objAcl -path $objOU
41 | }
42 | catch
43 | {
44 | Write-Host -ForegroundColor Red ("ERROR: Unable to grant the group " + $objGroup.Name + " Full Control permissions over User Objects on the OU " + $objOU)
45 |
46 |
47 | }
48 | If(!$error)
49 | {
50 | Write-Host -ForegroundColor Green ("INFORMATION: Granted the group " + $objGroup.Name + " Full Control permissions over User Objects on the OU " + $objOU)
51 | }
52 |
53 |
54 |
55 | }
56 |
57 | Function FullControlGroups($objGroup, $objOU, $inheritanceType)
58 | {
59 |
60 | $groupSID = New-Object System.Security.Principal.SecurityIdentifier $objGroup.SID
61 | $objAcl = get-acl $objOU
62 |
63 | $objAcl.AddAccessRule((New-Object System.DirectoryServices.ActiveDirectoryAccessRule $groupSID,"GenericAll","Allow","00000000-0000-0000-0000-000000000000",$inheritanceType,$guidmap["group"]))
64 | try
65 | {
66 | Set-Acl -AclObject $objAcl -path $objOU
67 | }
68 | catch
69 | {
70 | Write-Host -ForegroundColor Red ("ERROR: Unable to grant the group " + $objGroup.Name + " Full Control permissions over Group Objects on the OU " + $objOU)
71 |
72 |
73 | }
74 | If(!$error)
75 | {
76 | Write-Host -ForegroundColor Green ("INFORMATION: Granted the group " + $objGroup.Name + " Full Control permissions over Group Objects on the OU " + $objOU)
77 | }
78 |
79 |
80 |
81 | }
82 |
83 | Function FullControlComputers($objGroup, $objOU, $inheritanceType)
84 | {
85 |
86 | $groupSID = New-Object System.Security.Principal.SecurityIdentifier $objGroup.SID
87 | $objAcl = get-acl $objOU
88 |
89 | $objAcl.AddAccessRule((New-Object System.DirectoryServices.ActiveDirectoryAccessRule $groupSID,"GenericAll","Allow","00000000-0000-0000-0000-000000000000",$inheritanceType,$guidmap["computer"]))
90 | try
91 | {
92 | Set-Acl -AclObject $objAcl -path $objOU
93 | }
94 | catch
95 | {
96 | Write-Host -ForegroundColor Red ("ERROR: Unable to grant the group " + $objGroup.Name + " Full Control permissions over Computer Objects on the OU " + $objOU)
97 |
98 |
99 | }
100 | If(!$error)
101 | {
102 | Write-Host -ForegroundColor Green ("INFORMATION: Granted the group " + $objGroup.Name + " Full Control permissions over Computer Objects on the OU " + $objOU)
103 | }
104 |
105 | }
106 |
--------------------------------------------------------------------------------
/Create Tiers/AD_OU_SetACL/GPO Control Permissions.ps1:
--------------------------------------------------------------------------------
1 | ######
2 | # GPO Tasks
3 | Function LinkGPO($objGroup, $objOU, $inheritanceType)
4 | {
5 |
6 | $groupSID = New-Object System.Security.Principal.SecurityIdentifier $objGroup.SID
7 | $objAcl = get-acl $objOU
8 | $objAcl.AddAccessRule((New-Object System.DirectoryServices.ActiveDirectoryAccessRule $groupSID,"WriteProperty,ReadProperty","Allow",$guidmap["gplink"],$inheritanceType))
9 | $objAcl.AddAccessRule((New-Object System.DirectoryServices.ActiveDirectoryAccessRule $groupSID,"WriteProperty,ReadProperty","Allow",$guidmap["gpoptions"],$inheritanceType))
10 |
11 | try
12 | {
13 | Set-Acl -AclObject $objAcl -path $objOU
14 | }
15 | catch
16 | {
17 | Write-Host -ForegroundColor Red ("ERROR: Unable to grant the group " + $objGroup.Name + " permissions to link group policies on the OU " + $objOU)
18 | }
19 | If(!$error)
20 | {
21 | Write-Host -ForegroundColor Green ("INFORMATION: Granted the group " + $objGroup.Name + " permissions to link group policies on the OU " + $objOU)
22 | }
23 |
24 |
25 | }
26 |
27 | Function GenerateRsopPlanning($objGroup, $objOU, $inheritanceType)
28 | {
29 |
30 | If($inheritanceType -eq "Descendents") { $inheritanceType="All"}
31 | ElseIf($inheritanceType -eq "Children") { $inheritanceType="None"}
32 |
33 | $error.Clear()
34 |
35 | $groupSID = New-Object System.Security.Principal.SecurityIdentifier $objGroup.SID
36 | $objAcl = get-acl $objOU
37 | $objacl.AddAccessRule((New-Object System.DirectoryServices.ActiveDirectoryAccessRule $groupSID,"ExtendedRight","Allow",$extendedrightsmap["Generate resultant set of policy (Planning)"],$inheritanceType,"00000000-0000-0000-0000-000000000000"))
38 |
39 | try
40 | {
41 | Set-Acl -AclObject $objAcl -path $objOU -ErrorAction Stop
42 | }
43 | catch
44 | {
45 | Write-Host -ForegroundColor Red ("ERROR: Unable to grant the group " + $objGroup.Name + " the permission Generate resultant set of policy (Planning) on the OU " + $objOU)
46 | }
47 | If(!$error)
48 | {
49 | Write-Host -ForegroundColor Green ("INFORMATION: Granted the group " + $objGroup.Name + " the permission Generate resultant set of policy (Planning) on the OU " + $objOU)
50 | }
51 |
52 |
53 | }
54 |
55 | Function GenerateRsopLogging($objGroup, $objOU, $inheritanceType)
56 | {
57 |
58 | If($inheritanceType -eq "Descendents") { $inheritanceType="All"}
59 | ElseIf($inheritanceType -eq "Children") { $inheritanceType="None"}
60 |
61 | $error.Clear()
62 |
63 | $groupSID = New-Object System.Security.Principal.SecurityIdentifier $objGroup.SID
64 | $objAcl = get-acl $objOU
65 | $objacl.AddAccessRule((New-Object System.DirectoryServices.ActiveDirectoryAccessRule $groupSID,"ExtendedRight","Allow",$extendedrightsmap["Generate resultant set of policy (Logging)"],$inheritanceType,"00000000-0000-0000-0000-000000000000"))
66 |
67 | try
68 | {
69 | Set-Acl -AclObject $objAcl -path $objOU -ErrorAction Stop
70 | }
71 | catch
72 | {
73 | Write-Host -ForegroundColor Red ("ERROR: Unable to grant the group " + $objGroup.Name + " the permission Generate resultant set of policy (Logging) on the OU " + $objOU)
74 | }
75 | If(!$error)
76 | {
77 | Write-Host -ForegroundColor Green ("INFORMATION: Granted the group " + $objGroup.Name + " the permission Generate resultant set of policy (Logging) on the OU " + $objOU)
78 | }
79 |
80 |
81 | }
--------------------------------------------------------------------------------
/Create Tiers/DeployADStructure.ps1:
--------------------------------------------------------------------------------
1 | function Get-ScriptDirectory {
2 | Split-Path -Parent $PSCommandPath
3 | }
4 | $basescriptPath = Get-ScriptDirectory
5 | $totalscripts = 8
6 | $i = 1
7 | Write-Progress -Activity "Deploying Tiered Structure" -Status "Progress:" -PercentComplete ($i/$totalscripts*100)
8 |
9 |
10 | .($basescriptPath + '\AD_LAPS_Install\InstallLAPSSchema.ps1')
11 | Write-Progress -Activity "Deploying Tiered Structure" -Status "Progress:" -PercentComplete ($i/$totalscripts*100)
12 | $I++
13 | .($basescriptPath + '\AD_OU_CreateStructure\CreateOUStructure_v5.ps1')
14 | Write-Progress -Activity "Deploying Tiered Structure" -Status "Progress:" -PercentComplete ($i/$totalscripts*100)
15 | $I++
16 | .($basescriptPath + '\AD_Group_CreateAdminGroups\Create Admin Groups_v2.ps1')
17 | Write-Progress -Activity "Deploying Tiered Structure" -Status "Progress:" -PercentComplete ($i/$totalscripts*100)
18 | $I++
19 | .($basescriptPath + '\AD_Group_CreateAdminRoles\Create_All_Inclusive_Admin_Groups.ps1')
20 | Write-Progress -Activity "Deploying Tiered Structure" -Status "Progress:" -PercentComplete ($i/$totalscripts*100)
21 | $I++
22 | .($basescriptPath + '\AD_Group_CreateAdminRoles\Make-SuperGroups.ps1')
23 | Write-Progress -Activity "Deploying Tiered Structure" -Status "Progress:" -PercentComplete ($i/$totalscripts*100)
24 | $I++
25 | .($basescriptPath + '\AD_AssignAdminRoles\Assign_Roles.ps1')
26 | Write-Progress -Activity "Populating Administrator Roles for Departments" -Status "Progress:" -PercentComplete ($i/$totalscripts*100)
27 |
28 | $I++
29 | .($basescriptPath + '\AD_GPO_Migration\Export-Import-WMI-Filters.ps1')
30 | Write-Progress -Activity "Deploying Tiered Structure Creating WMI filters" -Status "Progress:" -PercentComplete ($i/$totalscripts*100)
31 | $I++
32 | .($basescriptPath + '\AD_GPO_Migration\Call-GPOImport.ps1')
33 |
--------------------------------------------------------------------------------
/Create Tiers/README.md:
--------------------------------------------------------------------------------
1 | # Create-Tiers in AD
2 | Project Title
3 | Active Directory Auto Deployment of Tiers in any environment
4 |
5 | Getting Started
6 | This code is written in PowerShell and requires the AD commandlets to run. The current scripts in the repo: create a tiered structured in an active directory environment, create tiered groups with very granular permissions on the domain and create ACL permissions on the OUs based on the name of the group.
7 |
8 | Prerequisites
9 | ADDS
10 | Active directory powershell modules
11 |
12 | Installing
13 | Update the CSV to contain the proper 3 letter codes for your environment \AD_OU_CreateStructure\3lettercodes.csv.
14 | Open this file with a text editor and edit the columns with the appropriate 3 letter codes for an organization
15 |
16 | Run DeployADStructure.ps1 to create a tiered OU structure, install LAPS, create admin groups and set permissions on the tiers, and import microsoft secure standard GPOs
17 | Administrative roles and groups are created in the ADMIN ou at the root of the domain. These groups have permissions on the appropriate tier and affiliate code.
18 |
19 | To learn more about Microsoft tiers, please start with: https://social.technet.microsoft.com/wiki/contents/articles/37509.active-directory-red-forest-design-aka-enhanced-security-administrative-environment-esae.aspx
20 |
21 | Authors
22 | David Rowe - Initial work - OU structure, LAPS, Roles & permissions, set acl, gpo migration. Tweet me @customes for questions
23 | Joel Nentwich - Create admin roles under AD_AssignAdminRoles
24 | See also the list of contributors who participated in this project.
25 |
26 | License
27 | This project is licensed under the MIT License - see the LICENSE.md file for details
28 |
29 | Acknowledgments
30 | Microsoft technet scripts and gpos used. Much appreciation.
31 |
--------------------------------------------------------------------------------
/LICENSE:
--------------------------------------------------------------------------------
1 | MIT License
2 |
3 | Copyright (c) 2019 David Rowe
4 |
5 | Permission is hereby granted, free of charge, to any person obtaining a copy
6 | of this software and associated documentation files (the "Software"), to deal
7 | in the Software without restriction, including without limitation the rights
8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
9 | copies of the Software, and to permit persons to whom the Software is
10 | furnished to do so, subject to the following conditions:
11 |
12 | The above copyright notice and this permission notice shall be included in all
13 | copies or substantial portions of the Software.
14 |
15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
21 | SOFTWARE.
--------------------------------------------------------------------------------
/Presentations/Boston Security Camp - 2019 - AD_Sec_Tools - ESAE.pptx:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/davidprowe/AD_Sec_Tools/9435883090f1ccfd65057f80518ea1196f9a346d/Presentations/Boston Security Camp - 2019 - AD_Sec_Tools - ESAE.pptx
--------------------------------------------------------------------------------
/Presentations/Nercomp - 2019 - ESAE.pptx:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/davidprowe/AD_Sec_Tools/9435883090f1ccfd65057f80518ea1196f9a346d/Presentations/Nercomp - 2019 - ESAE.pptx
--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
1 | # Create-Tiers in AD
2 | Project Title
3 | Active Directory Auto Deployment of Tiers in any environment
4 |
5 | Getting Started
6 | This code is written in PowerShell and requires the AD commandlets to run. The current scripts in the repo: create a tiered structured in an active directory environment, create tiered groups with very granular permissions on the domain and create ACL permissions on the OUs based on the name of the group.
7 |
8 | Prerequisites
9 | ADDS
10 | Active directory powershell modules
11 |
12 | Installing
13 | PLACEHOLDER FOR instructions.
14 | AD_Computer_CachedCreds - script description and instructions
15 | AD_GetACL_on_OBJECTS - scripts descriptions and reading instructions
16 | AD_LAPS_INSTALL - script - run as schema admin, and import GPO as found in pictures in the presentation folder.
17 | CREATE TIERS - subfolder contains additional instructions
18 |
19 | To learn more about Microsoft tiers, please start with: https://social.technet.microsoft.com/wiki/contents/articles/37509.active-directory-red-forest-design-aka-enhanced-security-administrative-environment-esae.aspx
20 |
21 | Authors
22 | David Rowe - @customes
23 | See also the list of contributors who participated in this project.
24 |
25 | License
26 | This project is licensed under the MIT License - see the LICENSE.md file for details
27 |
28 | Acknowledgments
29 | Microsoft technet scripts and gpos used. Much appreciation.
30 |
--------------------------------------------------------------------------------