CHRIS//PARACKAL
post • proof of work
2026-02-22 windows-server • active-directory • dns • gpo

Windows AD deploy: DNS-first, GPO basics, and keeping it boring

A small AD build that behaves like enterprise: DNS done right, GPOs scoped, and changes documented.

What I did

  • Promoted a server to DC and verified DNS health before touching anything else.
  • Created OUs for users/computers and applied GPOs with tight scope.
  • Locked down admin practices (separate admin account, least privilege).
  • Wrote a recovery checklist (IP changes, SYSVOL/DFSR sanity checks).

Notes

This is written as a real log — configs, mistakes, and the “why.” If you want the raw screenshots/config snippets, ping me on LinkedIn.

← Back to Portfolio