Customer: Local Authority Shared Services
LASS was a joint venture between Local Authority and private industry to delivery IT shared services to the county. As part of the formation of this organisation, they required a new AD Forest to be deployed for all LASS staff. As part of this engagement I was responsible for the design and deployment of the AD Forest including domain, organisation unit structure, group policies, DNS, user creation and security.
The project involved creating an external AD trust between the LASS AD domain and LA AD forest and configuring account moves using ADMT to preserve SID history. Implementation of cross forest authentication and permissions to file shares and applications. Implementation of Azure AD, Azure AD Sync, ADFS and SSO to a new Office 365 tenant.
- Azure AD Sync
- Azure AD
- ADFS with SSO with custom claims based rules to prevent access from unauthorised locations
- Active Directory deployment
- Group Policy and Server Hardening using Windows Security Baselines
- OU structure and creation
- External AD Forest trust relationships
- Cross forest authentication and permissions
- ADMT migration of users from old domain to new