This project showcases the deployment and configuration of a fully functional Active Directory environment for Saviva Labs, a fictional organization used to demonstrate real-world IT administration skills.
The environment includes domain services, organizational structure, user and group management, Group Policy Objects (GPOs), and company-branded configurations.
- π’ Project Overview
- π» Environment Setup
- 𧩠Active Directory Structure
- π₯ Users and Groups
- π Group Policy Configuration
- 𧩠Skills Demonstrated
- πΈ Project Walkthrough
- 𧩠Planned Future Enhancements
- π Summary
This lab simulates how an IT department would build and manage an internal Windows domain for a small-to-mid-sized company.
All work was performed on a Windows Server hosted in AWS EC2.
Key objectives:
- Deploy Windows Server and promote it to a Domain Controller
- Create a new AD forest: savivalabs.local
- Build a clean, professional OU structure
- Create realistic users and security groups
- Apply domain-wide security policies
- Configure Saviva-branded login banners
- Deploy a company shared drive using Group Policy
This project demonstrates hands-on experience with core enterprise technologies used in Help Desk, IT Support, and SysAdmin roles.
- Platform: AWS EC2
- Instance: Windows Server
- Domain:
savivalabs.local - Roles Installed:
- Active Directory Domain Services (AD DS)
- DNS Server
savivalabs.local
β
βββ _Admins
βββ _Servers
βββ _Workstations
βββ _Users
βββ _Groups
This structure keeps administration clean, scalable, and aligned with real-world best practices.
- Alice Johnson β Finance
- Bob Martinez β IT Support
- Carla Nguyen β HR
- David Lee β Sales
- Emily Carter β Marketing
- Finance
- IT Support
- HR
- Sales
- Marketing
Each user was added to their corresponding departmental group.
A custom GPO was created and linked at the domain level to enforce enterprise-grade password standards:
- Minimum length: 12
- Complexity: Enabled
- Maximum age: 60 days
- Minimum age: 1 day
- Password history: 24 passwords
A branded security notice displayed at logon:
Title: Saviva Labs Security Notice
Message:
βThis system is the property of Saviva Labs. Unauthorized access is prohibited.
All activity may be monitored, logged, and audited.
By logging in, you acknowledge and accept these terms.β
A shared folder (C:\SavivaShared) was created and deployed to users via GPO:
- Network path:
\\savivalabs.local\SavivaShared - Drive letter: Z:
- Label: Saviva Shared Drive
Included the following /screenshots in the repo:
- Domain Controller promotion
- OU structure
- User and group creation
- Group membership
- Password Policy GPO
- Saviva Login Banner GPO
- Login banner in action
- Shared folder properties
- Drive mapping GPO configuration
- Active Directory installation and configuration
- DNS integration
- Domain Controller promotion
- Organizational Unit design
- User and group administration
- Group Policy creation and linking
- Security hardening
- Network drive deployment
- AWS EC2 Windows Server management
This walkthrough highlights the key stages of deploying Active Directory Domain Services (AD DS) for the Saviva Labs environment. Each screenshot includes a brief explanation to guide the reader through the process.
The Windows Server instance is deployed in AWS and prepared to host the Active Directory environment.
Instance networking and system details are verified before configuration begins.
The RDP connection page provides secure access to the Windows Server instance.
Successful login confirms the server is ready for role installation and configuration.
The AD DS role is added through Server Manager, installing the components required for domain controller promotion.
The installation summary confirms all required features, including Group Policy Management.
A new forest is created with the root domain savivalabs.local, establishing the foundation of the environment.
DNS, Global Catalog, and functional levels are configured, along with the DSRM password.
All prerequisite checks pass successfully, confirming the server is ready for promotion.
The Saviva Labs OU structure is created, including Admins, Servers, Workstations, Users, and Groups.
Realistic user accounts are added to the domain and organized into their respective OUs.
Security groups are created and users are assigned following leastβprivilege principles.
All 25 screenshots are available in the /screenshots directory, organized into subfolders for easy navigation.
- Join Windows 10/11 workstation to the domain
- File server with NTFS permissions
- Software deployment via GPO
- Additional Saviva Labs branding
This project demonstrates the full lifecycle of building and managing an Active Directory environment from scratch.
It reflects real-world IT administration tasks and showcases the foundational skills required for Help Desk, IT Support, and System Administrator roles.
Saviva Labs β Projects by Jacob