Open in app

Sign in

Write

Sign in

Project — Active Directory Home-Lab

GrayyFoxx - FoxxDen
15 min readNov 26, 2023

--

Yes not a cloud project but equally as useful..

Objective:

  • Setting Up a Company domain controller with Windows server 2019

Requirements:

  • VirtualBox
  • Windows Server 2019 ISO
  • Windows 10 ISO

Process:

These steps where broken into parts namely:

  • Part 1 — Virtual Box VM setup
  • Part 2 — Installation of Windows Server 2019 on VM
  • Part 3 — Identification of Internal and external network and network configurations
  • Part 4 —Setting up the Domain Controller
  • Part 5 — Setting Up RAS / NAT
  • Part 6- Setting up DHCP server on Domain Controller
  • Part 7 — Setting up client machine

Now Lets begin

Part 1 — Virtual Box VM setup

Make sure you have virtual box downloaded and installed

  • Select new
  • Give a name. I chose DC for domain controller VM.
  • Don’t input the location of the ISO file you intend to install yet
  • Select the Other windows 64x bit in the version section and take next
  • Depending on the pc you are running, take the following metrics then take next
  • Select the virtual disk size.
  • Click Finish
  • Select the vm created and click settings
  • In the general tab, click Advanced. For the options shared clipboard and Drag’n’Drop select Bidirectional
  • On the storage tab, select the empty optical disk, beside the “optica drive” to the right click the disk and select “choose file” for the location of the iso file and the iso file you are looking for.
  • On the network tab, select adapter 1 to be NAT if not already in that state. Then select adapter 2 to be “internal network”.
  • Once all of these have been done, click okay and click start.

Part 2 — Installation of Windows Server 2019 on VM

  • Follow the installation process of the server
  • Select the first 64x bit desktop experience
  • Accept license terms and click next
  • Custom install windows only (Advanced)
  • Allocate the disk before hitting next to install
  • Wait for installation to go through
  • Once the “Customize Settings” Screen comes up, put in your password since the username by default is administrator.

for example: Password — Win5erver@1692$

  • Enter the control alt del function by taking the input tab at the top and inserting that option.
  • Enter the password used previously
  • Now before doing anything, in order to make the server not lag, go to the “Devices” section at the top and select “insert guest CD image”
  • Navigate to the “This PC” directory and double click the VirtualBox Guest
  • Double click the “VBoxWindowsAdditions-amd64” to install it.
  • Once the installation is done, click finish to reboot the server.
  • Once rebooted, logon back into the server using the credentials. You will realize that the response time is much quicker than previously and you will be able to increase the VM screen.

Part 3 — Identification of Internal and external network and network configurations

  • First we determine what networks we have. Identify the internet and internal networks and rename accordingly.
  • Navigate to settings > Network & internet > Ethernet > Change adapter options.
  • Start with any, right click on it and select status > details. If “Connection-Specific DNS” has a service provider name then it is for the internet. Rename as internet and the other internal. Won’t be placing that info on here though😅.This is how the internal network will look like and anything other than this will be the internet line.
  • The internal adapter connection seemingly looks for a dhcp which has been set. if they are none, it remains with the IP it came with in the VirtualBox.
  • We are going to assign an IP based on the architecture to the internal network. Right click the internal network, select Properties > TCP/IPv4 > Properties then assign the values

IP — 172.16.0.1
* Mask — 255.255.255.0
* Gateway — <empty>
* DNS — 127.0.0.1 (preferred) then select ok

  • Rename the Server to DC (Domain Controller)
    * Right click start menu > System > About > Rename PC — DC
    * Select Option to restart. They maybe a popup asking if the restart is planned or not but its not as important in this case so just select any then continue and after it loads up again, Login once more

Part 4 — Setting up the Domain Controller

  • Navigate to the server manager program
  • Click Add roles and features
  • Click next up until the “Server Roles” section. Select “Active Directory Domain Services” > Add features > Next
  • Hit next until you reach install and click install.
  • Once the role installation is done, you’ll observer a flag at the top right.
  • Click the flag and click “Promote server to a domain controller”
  • Add Forest — Root domain name: <DOMAIN NAME> > next
  • Directory Services Restore Mode (DSRM) password : Winserver2019#@ > next
  • The NetBIOS domain name is part of the domain you gave : <DOMAIN>
  • Hit next till the end then hit install
  • After the install is done, the server will restart
  • On the next login what you will notice is that the name will now be ,<DOMAIN>\Administrator. Taking part of the domain name.

Create dedicated domain admin account

  • Search active directory users and computers in the start menu bar
  • Right click the domain name — xencorp.net > New > Organizational Unit > Name: _ADMINS
  • The feature “Protect container from accidents…” check it off for this. Though it is a security measure which is used.
  • Right click _ADMINS > New > User
  • Give the user
    * First Name : Grayy
    * Last Name : Foxx
    * logon name: a-gfoxx (Search best practice for naming conventions)
    - Next > Give a password and check the option password never expires (Since this is a demo). Make sure not to repeat characters — Gray@Fox11@2001$
  • Once all is done and the review is okay, click finish

- Now in order to actually make the user an admin account
* Right click the user
* Click properties
* Member of > Add
* In the box type “Domain Admins” then click check names > ok > ok

  • Sign out and sign back into the with the created admin account.
  • Select other user and input the username and password

Part 5 — Setting Up RAS / NAT

  • Navigate to the server manager. Click Add role and features
  • Click next till the “Server Roles” section
  • Select “Remote Access” option > Next > Next
  • In Role Services under Remote Access, Select Routing > Add features
  • DirectAccess and VPN (RAS) will automatically be selected at the top
  • Click next till install
  • Click install
  • Go to “tools” at the top section of the server manager
  • Select routing and remote access
  • Right click on DC (local) > configure and Enable Routing and Remote access
  • Next > NAT > Select the internet option which we renamed in previous steps. This is to enable the internet network to have access to the internet.
  • Make sure to select the one you labeled as INTERNET and not the internal internet
  • Next > Next > Finish
  • When you see it as green (DC) is it properly set

Part 6- Setting up DHCP server on Domain Controller

  • This will allow all windows 10 client connected to have an IP to connect them to the internet.
  • Navigate to the server manager > add roles > Next
  • At “Server selection” you will notice the domain you created added after DC — e.g. DC.xencorp.net
  • Next > At “Server Roles”, Select “DHCP server” > Add features.
  • Hit Next till the very end then install.
  • After the installation is done, close and go to the top right
  • Tools > DHCP. What we’ll be doing here is setting up the scope of the IP which will be assigned to the client servers automatically
  • Got to the top left of the DHCP window
  • dc.xencorp.net > IPv4 > Right click > New Scope
  • Next > Name: 172.16.0.100–200 (chose this since it says all the IP which will be assigned)
  • Place the start and stop IP (172.16.0.100 and 172.16.0.200 respectively)
  • Length: 24 > Subnet mask: 255.255.255.0 > Next
  • Next (No exclusions will be added) > Next (Lease duration is like how long will access be granted. No need for now) > Default Gateway: 172.16.0.1 > add > Next
  • In “Domain Names and DNS Severs”, if the IP address is stated there, change it to the gateway IP.
  • Click Next till reach finish.
  • If the DHCP server is not authorized, right click on is and select authorize option then refresh.
  • Navigate to the Domain Controller (Server Manager) — Need to make a configuration to let us browse the internet from the domain controller. Not done in production environment but in lab alone. This is to download a file we need for the setup of users
  • Click the link below to capture the file and send to the server in the VM. Follow the video above on how to transfer the files
  • Download and send to the VM.

YouTube

Edit description

www.youtube.com

Thats how the file should look once downloaded and extracted
  • Open the Create user file in Windows PowerShell IDE (Light blue one) (Run as Administrator).
  • Run the command <Set-ExecutionPolicy Unrestricted> and select “Yes to all” allowing access to use of all commands.
  • Add your name to the names.txt file from the extracted files and leave just 12 name in total there.
  • Open the PowerShell file form the interface
  • Change directory to the folder containing the files within to be used

What this code does is automatically generate the users given in the name.txt file and assign a password which is stated in the script to all of the users generated.

  • Recall the directory path again but this time remove the cd from it and include the name of the code file then hit enter to execute. Confirm execution order when asked
  • Navigate to the “Active Directory User Names and Computers”
  • Select the user file to see the users created.

Part 7 — Setting up client machine

  • Follow the VM installation process again but this time use the windows 10 pro iso. Windows 10 Home version doesn’t work with servers.
  • For the network tab, change Adapter 1 to internal network
  • Start
  • Ensure that the VM is connected to the domain controller from the processes going on
  • If the process completes without indicating the domain name in the network section, you would have to do the connection through a manual process
  • Settings > About your pc > Systems info > Advanced Systems settings > Change
  • Change the name to — Client-1
  • Down at “member of” select Domain and input the domain name xennixcorp.net
  • Use the domain admin account credentials created previously and click ok

* a-gfoxx
* Gray@Fox11@2001$

  • Restart the client pc

- If you navigate to Server manager > tools > dhcp > ipv4 > address leases, you will see the name of the server joined

Given the protocol I used was DHCP — Dynamic Host Control Protocol — which is a network protocol which automatically assigns IP addresses and other network configuration information to devices on a network. I defined a scope between 172.16.0.100–200, the automatically assigned IP addresses will be chosen from within this range.

  • Once the connection has been established, rename the pc
  • Login using one of the generic users we created <dearls>
  • It will load up like this <image preparation>
  • Notice the user we are logged in as.

And that’s how an DC is setup with Windows Server 2019.

Video Sources of this will be placed below

Until the next one.

GrayyFoxx..

Active Directory
Domain Controller
Windows
Servers
Projects

--

--

GrayyFoxx - FoxxDen

Written by GrayyFoxx - FoxxDen

5 Followers

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams