Learn → Build → Use
Windows and Identity
Windows administration, Active Directory, identity, access, protocols, patching, and server operations.
01
Learn
Understand Windows and Identity
Academy guides that explain the concepts, architecture, decisions, and durable operator patterns.
Comparing Identity Validation Paths Across DNS, LDAP, Kerberos, and SMBUse this supporting Insight to decide whether an identity or Windows access failure should be validated from DNS, LDAP, Kerberos, or SMB first.Comparing Windows Repair Paths: SFC, DISM, Restore, Rollback, and ReinstallUse this supporting Insight to compare Windows repair paths before reaching for SFC, DISM, restore workflows, update rollback, or full rebuilds.Identity Evidence-First Comparison Between Good and Broken PathsUse this supporting Insight to compare a working identity or protocol path against the failing one before you change AD, DNS, trust, or service settings.Planning Identity and Windows Protocol Troubleshooting Without GuessingUse this parent Insight to isolate identity and Windows protocol failures by mapping the failing boundary before changing DNS, AD, SMB, or auth settings.Planning Windows Recovery and Repair Without Making the Outage WorseUse this parent Insight to plan Windows recovery around evidence, repair-path choice, validation, and rollback before you change system state.Windows Evidence-First Recovery Workflow Before Repair CommandsUse this supporting Insight to gather Windows evidence before SFC, DISM, uninstalls, Safe Mode, or other repair commands change the system.
02
Build
Practice Windows and Identity
DIY projects that turn the concepts into working systems, labs, and repeatable environments.
Build a Raspberry Pi Travel Gateway with WireGuard for Safe Remote Access to Your Home LabA Raspberry Pi travel gateway pattern for secure WireGuard access back to a home lab while away from the trusted network.Build a Secure Remote Admin Toolkit with Tailscale, RDP Hardening, and Access ControlsA practical build for a secure remote administration toolkit using Tailscale for secure networking, along with RDP hardening techniques and access control measures to ensure a safe remote management experience.Build a Small Identity Lab with Authentik and KeycloakBuild a small identity lab with Authentik and Keycloak so you can test SSO flows, admin access, and recovery steps safely.
03
Use
Operate Windows and Identity
Free Toolchest assets for checks, scripts, evidence, reporting, and practical operator work.
AD stale computer cleanup reportA read-only Active Directory stale computer report for last logon, OU, operating system, enabled state, and cleanup planning.All-DC lastLogon collector and stale-user evidence reportCollect non-replicated lastLogon values from every writable domain controller, calculate the newest observed logon per account, and export evidence suitable for stale-user or stale-computer cleanup decisions without relying on replicated lastLogonTimestamp alone.Authenticated Users drive ACL scannerPowerShell scanner that checks fixed local drives on Windows servers for root ACL entries where Authenticated Users have broad access. Produces console and CSV evidence so admins can review exposure before any ACL changes.Certificate expiration scannerA read-only certificate inventory that finds local-machine store certificates nearing expiration and captures certificates presented by known TLS endpoints for review.Disk space cleanup candidate reportA read-only disk-pressure report that captures low-space context and returns targeted cleanup candidates from known folders without deleting, compressing, or moving anything.IIS site and binding inventoryA read-only IIS inventory that correlates sites, bindings, ports, host headers, app-pool identities, content paths, and certificate thumbprints for migration or renewal work.Inactive AD user disable review workflowTwo-phase review checklist for identifying inactive AD user accounts, validating inactivity evidence, applying exclusions, capturing approval, and preparing rollback details before any disable action.Local administrator group audit across Windows endpointsA read-only local administrator audit that records privileged group membership across Windows endpoints for review.Pending reboot detection across Windows serversA read-only pending reboot check for Windows servers before patching, application installs, or maintenance-window closure.Scheduled task inventory and failure reportA read-only scheduled task inventory that highlights failed runs, missed runs, disabled tasks, and ownership gaps.Service account usage finderA read-only service account discovery pass for Windows services, scheduled tasks, and IIS application pools.Windows firewall rule auditA read-only Windows Firewall audit that records enabled allow rules, ports, profiles, and address scopes.Windows server health snapshotA read-only Windows Server health snapshot that returns one compact row per host for uptime, disk pressure, memory headroom, stopped automatic services, and recent system errors.Windows Update readiness and repair evidence packA patch readiness and repair evidence pack for reboot state, servicing health, update logs, and approved repair actions.Windows Update Repair ChecksA staged Windows Update troubleshooting path that starts read-only and escalates only when needed.