Skip to content
Provision a brand-new company with proper defaults in Windows, Offic365, and Azure
Branch: master
Clone or download
Type Name Latest commit message Commit time
Failed to load latest commit information.
ActiveDirectory Create SetupAdStructure.ps1 Mar 6, 2019
GroupPolicy policy update Mar 5, 2019
LabSetup new Feb 14, 2019
Monitoring/PacketBeat new Feb 14, 2019 Update Jan 15, 2019


Provision a brand-new company with proper defaults in Windows, Office365, and Azure.


OrgKit is designed to provide a series of templates to "boot-up" a new highly-documented IT environment for a mid-size organization, serve as a public example of what's possible, be a gold-standard implementation, and allow informed decisions by companies who do not know what's really done by other businesses.

The specific target is a company having to start-over after a complete network compromise, or the spin-up of a new subsidiary business.

Preliminary sources

If you want to jump ahead, here's some of the work I will be citing in addition to my own, and which you can go ahead and use yourself

Design decisions

It's important to note that the reason a comprehensive repository of Microsoft product configuration guidance for organizations is so rare is because the entire ecosystem is designed to be customized per-organization. However, most organizations are not equipped nor understand the breadth of what this really means. This divergent configuration history of their customers, along with fears about having to support it, then prevents Microsoft providing strong defaults and guidance in a generic form.

Powershell DSC

Strictly, Powershell DSC is the correct tool to build and maintain a Windows environment with this level of centralized design and vision. It is a great set of abilities, and it will likely be included in the future. However, this project is aimed at Windows administrators who will already be intimidated by the breadth of new technologies and concepts, and need to run the system over a long-term with other staff.

Powershell DSC is currently a specialized skill designed to revert anything done outside its central control. It requires whole-organization buy-in, and for that reason, the kind of use-cases for this set of guidance cannot rely on it.

Group Policy

Project operations

None of this project is sold as unique work or groundbreaking. Where possible, it will reference the existing work of others, or heavily credit them in adaptation - with their permission. Many IT organizations have a set of capabilities similar to this. They press a button and can build an entire company, just like this. However, it is proprietary work product their staff cannot publicly share. This is intended to remediate that.

You can’t perform that action at this time.