Creating a Runbook
Activity Completed: June 23, 2023
Scenario
As a new StackFull Software employee, you've been tasked to work alongside Damen, the IT Security Manager, to write a runbook for the IT Pre-onboarding process. You’ll use your Windows management skills to set up a new user on a virtualized machine, and then write a runbook that details all the steps you took. This runbook will serve as a source of truth for the setup of all future new hires and their Windows machines.
Problem
Step 0
Decide the following information:
Name of the new hire
Their role
Department they’ll work with
Step 1
Join the computer to the domain.
Step 2
Switch to the server. Create a user for the new hire and set a password.
Step 3
Create a group with the department name and place the user in that group.
Step 4
Create a share on the server with the department name and share it only with people who belong to that department (read and write permissions). In the folder, create a text document called test.txt
.
Step 5
Create an OU with the department's name and place the user, group, and computer in the OU. Attach a GPO to the OU you created.
Step 6
Edit the GPO and apply the following rules:
A message should appear whenever the computer starts (do not install unauthorized programs).
Prevent the user's access to CMD.
Add script to the user's login to map the share you created.
Disable the run command from the start menu.
Step 7
Check the Event Viewer on the server machine and write down the last successful login from your user. (Note: You must log in with the domain administrator account).
Step 8
Use PowerShell to check what the latest program installed on the computer was.
Step 9
Write a PowerShell script that gives a list of all running services and puts it in a file named running_services.txt
.