Pedro Jaime

Portfolio for Cyber Security Professional

Setting up an Active Directory Lab with a Domain Controller and Windows PC

Welcome to my blog on setting up an Active Directory lab environment! Whether you’re a student, an IT professional, or a tech enthusiast, having a lab setup is a fantastic way to gain hands-on experience with Active Directory and enhance your skills. In this guide, I’ll walk you through the process of installing and configuring a Windows 2022 server as the domain controller, as well as adding a Windows 11 PC to the domain. By the end of this tutorial, you’ll have a functional Active Directory lab that you can use for testing, learning, and experimentation.

Active Directory Overview

Active Directory (AD) is a critical component of many enterprise IT environments, providing centralized management of users, computers, and other resources. Understanding how to set up and manage AD is an essential skill for anyone pursuing a career in IT. In this lab, I’ll cover the following steps:

  1. Installing and Configuring a Domain Controller: This involves setting up a Windows Server to act as the domain controller, which is the backbone of any Active Directory environment. You’ll learn how to install the necessary roles, create users, and configure your server to handle AD tasks.
  2. Installing and Configuring a Windows 11 PC: Once our domain controller is up and running, we’ll move on to setting up a Windows 11 PC. This step includes installing Windows 11, configuring it for network connectivity, and ensuring it’s ready to join the domain. Finally, I’ll show you how to add the Windows 11 PC to your newly created domain. This process will demonstrate how devices can be managed centrally using Active Directory, providing a real-world scenario of AD administration.

By following these steps, you’ll gain practical knowledge of Active Directory setup and management. Whether you’re preparing for certification exams or simply looking to broaden your IT skills, this lab will provide you with the foundational knowledge needed to work confidently with Active Directory. Let’s get started!

Installing and Configuring Windows Server 2022.

Power on the Virtual Machine and immediately click any key.

Click Next

Click Install Now

Select the Windows Server 2022 standard Evaluation (Desktop Experience)

Accept the License Terms

Click Next

Select the Custom Install

You should have this screen now

When that is complete, create a password

After the installation and login, it should automatically pull up the Server Manager

On the Server Manager Dashboard, Click Manage >> Add Roles and Features

Keep clicking Next till you get to the Server Roles menu

Select Active Directory Domain Services

Select “Add Features

Click on Next till you get to the Confirmation menu, then click Install

Select “Promote this server to a domain controller

Select Add a new forest and Specify a domain name

My domain name will be pedrojaime.com

Click Next

Set a Password

Click Next till you get to the Prerequisites Check Menu

Click Install

After it finishes installing, it will Reboot

After the Reboot, Log back in

Creating a helpdesk user with administrative rights

We’ll create a user account called “helpdesk” and grant it administrative rights. This user will have elevated privileges, which is essential for performing administrative tasks within the domain.

Name the user helpdesk

Add a password then click next.

Click Next

Let’s add some users.

In the Server Manager Select Tools Active Directory Users and Computers

Select your Domain Name (pedrojaime.com) > Users, Right Click & Select New User

Enter the First and last name & User login name for the user.

Set a password that never expires. Select Finish.

The user Jon Snow should appear here.

Powershell: Creating 100 users!

To make things more interesting, we are going to run a PowerShell script that automatically creates 1000 users for us.

To get access to this script go to this GitHub repository. It will automatically download to your computer. Extract the file from the zip file and add it to your desktop.

When you open up the file you should see this

If you click on the “names” you will have a list of generated names.

To open the PowerShell script, search Powershell ISE on your Windows and run as administrator.

Go to open script on the top right.

Go to Desktop (or wherever you installed it) > AD_PS-master > 1_CREATE_ USERS

This is the source code of the script that will create 1000 users for us.

If you try to run this it will fail.

To get around this you need to enable the execution of all scripts by using this command: Set-ExecutionPolicy Unrestricted then press enter

Say Yes to All.

Now we can start to run the script.

Navigate to the directory that the script is in. Now click run.

Click Run once.

Now it should be creating the users.

As you can see, it made an Organizational unit (OU) called _USERS with all the users in it.

If we right-click the Organizational unit (OU) called _USERS and click Find you can see that there are 1000 users.

Search for “Windows Defender Firewall” > Turn Windows Defender Firewall on or off.

Now we have to disable the firewall to analyze all types of vulnerabilities.

Turn off the firewall for all Networks

Now Use OPNsense as the default gateway for the Domain Controller

~ Navigate to Control Panel > Network and Internet > Network Connections

~ Enter the following configuration

Configuring Windows 11 Desktop & Adding a User to the AD Domain

The goal of this portion of the lab is to add 2 Windows 10 desktops to the Domain and complete the active directory lab. This portion of the lab is very easy to set up.

Install in Virtualbox as usual with defaults

Do not worry about a product key, simply click Next

Go to Control Panel and click View network status and tasks

Navigate to Change Network Adapter settings

Right-click on Ethernet0 and select properties

Go to Properties

Select IPV4

Add an IP Address(198.168.1.3) & Use 192.168.1.5 as the default gateway

Make sure that the DNS server is the IP address of the Domain controller/Server 2022
or else you won’t be able to contact it (198.168.1.4).

Join PC to pedrojaime.com Domain

First, go to the File Explorer, right-click on This PC, then click Properties.

Then click Domain or Workgroup.

Click Change

Type the domain you want to join and click OK.

Put in your username and password

Now restart the PC

If we want double check to see if we successfully added it to the domain lets go back to our Windows Server and go to Active Directory Users and Computers > Computers, you will see that the Windows 11 PC is there.

So let’s see if we can sign in using Jon Snow now that we have joined the PC to the Domain.

We are signed in as Jon Snow.

Congratulations on setting up your Active Directory lab! By following this guide, you’ve installed and configured a domain controller, set up a Windows 11 PC, and added the PC to your domain. These steps have given you a solid foundation in managing an Active Directory environment, which is a crucial skill for IT professionals.

In this lab, you’ve learned:

  1. Installing and Configuring a Domain Controller: You’ve seen how to set up a Windows Server to act as the backbone of your Active Directory environment, handling tasks like user and computer management.
  2. Installing and Configuring a Windows 11 PC: You’ve installed Windows 11, configured it for network connectivity, and prepared it to join your domain.
  3. Adding the Windows 11 PC to the Domain: You’ve added a Windows 11 PC to your domain, demonstrating how devices can be centrally managed using Active Directory.

These skills are essential for anyone working in IT, as they form the basis of user and resource management in many organizations. Your new lab environment is a powerful tool for testing and learning, allowing you to experiment with Active Directory features and deepen your understanding.

I encourage you to continue exploring and experimenting with your lab. Try adding more devices, setting up group policies, managing user permissions, and exploring other Active Directory features. The more you practice, the more proficient you’ll become.

Thank you for following along with this guide. I hope it has been informative and helpful. If you have any questions or need further assistance, feel free to reach out on my LinkedIn. Happy learning!