Joining WolfTech Active Directory

WolfTech Active Directory is NC State’s primary Active Directory environment for managing Windows systems.  However, Linux, Macintosh, and other *NIX variant operating systems can also join WolfTech AD and use it for authentication/authorization.

If you are a NCSU campus organization, not part of WolfTech Active Directory and wish to be, please submit a ticket to the Service Now queue “OIT_WINDOWS”.  Someone will get in touch with you to discuss next steps.

When one joins a Windows system to WolfTech AD, several things will happen by default:

  • Baseline security settings are applied to the Windows system via Security baseline group policies.
    • There are domain settings that are applied to all Windows machines
    • additional settings for security and/or other functionality may apply at your college and/or departmental level.
  • A couple of PKI certs from the WolfTech AD PKI will be installed.  These are used by the Campus SCCM infrastructure.
    • one for computer “Client authentication”
    • one for computer “Server authentication”
  • The System Center Configuration Manager (SCCM) agent will be installed.  Once installed & functional, it will
    • configure your Windows system for monthly Microsoft patching
    • install the Spirion client (data loss protection software) as required by OIT policy
    • configure System Center Endpoint Protection (SCEP), a managed implementation of the built-in Microsoft Defender antivirus/antimalware suite
    • install a SCCM agent “health” script; a package that attempts to correct functional issues with the SCCM agent itself.
  • Microsoft’s Local Administrator Password Solution (LAPS) is configured on each Windows system.  LAPS ensures that the local Administrator account has a unique password on each client system to prevent lateral movement.

Your college and/or departmental level Windows IT support has the ability to customize your experience to suite your department’s requirements & workflow.