param (
    [string]$DomainName = "contoso.com"
)

$scriptName = $MyInvocation.MyCommand.Name
$logFile = "C:\Logs\${scriptName}_log.txt"
Start-Transcript -Path $logFile -Append

Import-Module GroupPolicy -ErrorAction Stop

$DomainNameDN = "DC=$($DomainName.Split(".")[0]),DC=$($DomainName.Split(".")[1])"
$DomainUsers = Get-ADGroup "Domain Users" -ErrorAction Stop

$GpoName = "DisableMicrosoftDefender"

try {
    $GPO = New-GPO -Name $GpoName -Comment "GPO to disable Microsoft Defender in test environment" -ErrorAction Stop
    Write-Host "[INFO] Created GPO '$GpoName'"

    Set-GPPermission -Name $GPO.DisplayName -PermissionLevel GpoEditDeleteModifySecurity -TargetName $DomainUsers.Name -TargetType Group -ErrorAction Stop
    Write-Host "[INFO] Set GpoEditDeleteModifySecurity permissions for '$($DomainUsers.Name)' on GPO '$GpoName'"

    $RegistrySettings = @(
        @{
            Key = "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender"
            ValueName = "DisableAntiSpyware"
            Value = 1
            Type = "DWORD"
        },
        @{
            Key = "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Real-Time Protection"
            ValueName = "DisableRealtimeMonitoring"
            Value = 1
            Type = "DWORD"
        }
    )

    foreach ($Setting in $RegistrySettings) {
        Set-GPRegistryValue -Name $GpoName -Key $Setting.Key -ValueName $Setting.ValueName -Type $Setting.Type -Value $Setting.Value -ErrorAction Stop
        Write-Host "[INFO] Set registry value: $($Setting.Key)\$($Setting.ValueName) = $($Setting.Value)"
    }

    New-GPLink -Name $GPO.DisplayName -Target "$DomainNameDN" -LinkEnabled Yes -ErrorAction Stop
    Write-Host "[INFO] Created GP link for '$GpoName' on $DomainNameDN"
}
catch {
    Write-Host "[ERR] Failed to configure GPO '$GpoName': $_"
}

Stop-Transcript