From securityonline.info
Deploy a small, intentionally insecure, vulnerable Windows Domain for RDP Honeypot fully automatically.
Runs on self-hosted virtualization using libvirt with QEMU/KVM (but it can be customized easily for cloud-based solutions).
Used for painlessly set up a small Windows Domain from scratch automatically (without user interaction) for the purpose of RDP Honeypot testing.
Features a Domain Controller, a Desktop Computer and a configured Graylog server for logging the actions of the bad guys.