ADSEcurity: minor changes

przybylskirobert · Jan 22, 2024 · 989cf9d · 989cf9d
1 parent 9b0c81e
commit 989cf9d
Show file tree

Hide file tree

Showing 28 changed files with 50 additions and 682 deletions.
diff --git a/Other/Other_steps.ps1 b/Other/Other_steps.ps1
@@ -13,9 +13,9 @@ redircmp $cmpDN
 #region Sites
 Import-Module ActiveDirectory
 Get-ADObject -SearchBase (Get-ADRootDSE).ConfigurationNamingContext `
--filter "objectclass -eq 'site'" | `
-where-object { $_.Name -eq 'Default-First-Site-Name' } | `
-Rename-ADObject -NewName "HQ"
+    -filter "objectclass -eq 'site'" | `
+    where-object { $_.Name -eq 'Default-First-Site-Name' } | `
+    Rename-ADObject -NewName "HQ"
 $subnet = Read-Host "Please provide subnet details"
 New-ADReplicationSubnet -Name $subnet -Site "HQ"
 #endrgion
@@ -37,7 +37,7 @@ $TemplatePSO.LockoutThreshold = 4
 $name = "AdminsPSO"
 New-ADFineGrainedPasswordPolicy -Instance $TemplatePSO -Name $name -Precedence 50 -Description "The Tiered users Password Policy" -DisplayName "Tiered Users PSO" -MaxPasswordAge "180.00:00:00" -MinPasswordLength 10
 Add-ADFineGrainedPasswordPolicySubject -Identity $name -Subjects `
-"Domain Admins", Tier1ServerMaintenance, tier1admins, Tier1PAWUsers, Tier2ServiceDeskOperators, tier2admins, Tier2WorkstationMaintenance
+    "Domain Admins", Tier1ServerMaintenance, tier1admins, Tier1PAWUsers, Tier2ServiceDeskOperators, tier2admins, Tier2WorkstationMaintenance
 #endregion
 
 #AD Resycle

diff --git a/PAW/AdminGroups.csv b/PAW/AdminGroups.csv
diff --git a/PAW/Create-Group.ps1 b/PAW/Create-Group.ps1
diff --git a/PAW/Create-User.ps1 b/PAW/Create-User.ps1
diff --git a/PAW/Import-GPO.ps1 b/PAW/Import-GPO.ps1
diff --git a/PAW/Link-GpoToOU.ps1 b/PAW/Link-GpoToOU.ps1
diff --git a/PAW/PAW_steps.ps1 b/PAW/PAW_steps.ps1
@@ -1,19 +1,10 @@
 Throw "this is not a robust file" 
 $location = Get-Location
-$dsnAME = (Get-ADDomain).DistinguishedName
-$dNC = (Get-ADRootDSE).defaultNamingContext
-$domain = $env:USERDNSDOMAIN
 $ScriptsLocation =  "C:\Tools\ADSecurity\PAW"
 Set-Location $ScriptsLocation
 
 Import-Module ActiveDirectory
 
-#Region create Groups 
-    $csv = Read-Host -Prompt "Please provide full path to Admin Groups csv file (without quotation marks)"
-    .$ScriptsLocation\Scripts\Create-Group.ps1 -CSVfile $csv -Verbose
-    $csv = Read-Host -Prompt "Please provide full path to Standard Groups csv file (without quotation marks)"
-    .$ScriptsLocation\Scripts\Create-Group.ps1 -CSVfile $csv -Verbose
-#endRegion
 
 #Region create Users
     $csv = Read-Host -Prompt "Please provide full path to Users csv file (without quotation marks)"
@@ -52,7 +43,7 @@ Import-Module ActiveDirectory
         $(New-Object PSObject -Property @{ Name = "Tier1 PAW Configuration - User PAC" ; OU = "OU=Accounts,OU=Tier1,OU=Admin"; Order = 1 ; LinkEnabled = 'YES' })
     )
     .$ScriptsLocation\Scripts\Link-GpoToOU.ps1 -GpoLinks $GpoLinks -Verbose
-     Set-Location $location
+    Set-Location $location
 
 dsa.msc
 gpmc.msc

diff --git a/PAW/Scripts/Create-Group.ps1 b/PAW/Scripts/Create-Group.ps1
diff --git a/PAW/StandardGroups.csv b/PAW/StandardGroups.csv
diff --git a/PAW/gpo_backup.migtable b/PAW/gpo_backup.migtable