Welcome to my blog on setting up an Active Directory lab environment! Whether you’re a student, an IT professional, or a tech enthusiast, having a lab setup is a fantastic way to gain hands-on experience with Active Directory and enhance your skills. In this guide, I’ll walk you through the process of installing and configuring a Windows 2022 server as the domain controller, as well as adding a Windows 11 PC to the domain. By the end of this tutorial, you’ll have a functional Active Directory lab that you can use for testing, learning, and experimentation.
Active Directory Overview
Active Directory (AD) is a critical component of many enterprise IT environments, providing centralized management of users, computers, and other resources. Understanding how to set up and manage AD is an essential skill for anyone pursuing a career in IT. In this lab, I’ll cover the following steps:
- Installing and Configuring a Domain Controller: This involves setting up a Windows Server to act as the domain controller, which is the backbone of any Active Directory environment. You’ll learn how to install the necessary roles, create users, and configure your server to handle AD tasks.
- Installing and Configuring a Windows 11 PC: Once our domain controller is up and running, we’ll move on to setting up a Windows 11 PC. This step includes installing Windows 11, configuring it for network connectivity, and ensuring it’s ready to join the domain. Finally, I’ll show you how to add the Windows 11 PC to your newly created domain. This process will demonstrate how devices can be managed centrally using Active Directory, providing a real-world scenario of AD administration.
By following these steps, you’ll gain practical knowledge of Active Directory setup and management. Whether you’re preparing for certification exams or simply looking to broaden your IT skills, this lab will provide you with the foundational knowledge needed to work confidently with Active Directory. Let’s get started!
Installing and Configuring Windows Server 2022.
Power on the Virtual Machine and immediately click any key.
Click Next
Click Install Now
Select the Windows Server 2022 standard Evaluation (Desktop Experience)
Accept the License Terms
Click Next
Select the Custom Install
You should have this screen now
When that is complete, create a password
After the installation and login, it should automatically pull up the Server Manager
On the Server Manager Dashboard, Click Manage >> Add Roles and Features
Keep clicking Next till you get to the Server Roles menu
Select Active Directory Domain Services
Select “Add Features“
Click on Next till you get to the Confirmation menu, then click Install
Select “Promote this server to a domain controller“
Select Add a new forest and Specify a domain name
My domain name will be pedrojaime.com
Click Next
Set a Password
Click Next till you get to the Prerequisites Check Menu
Click Install
After it finishes installing, it will Reboot
After the Reboot, Log back in
Creating a helpdesk user with administrative rights
We’ll create a user account called “helpdesk” and grant it administrative rights. This user will have elevated privileges, which is essential for performing administrative tasks within the domain.
Name the user helpdesk
Add a password then click next.
Click Next
Let’s add some users.
In the Server Manager Select Tools > Active Directory Users and Computers
Select your Domain Name (pedrojaime.com) > Users, Right Click & Select New > User
Enter the First and last name & User login name for the user.
Set a password that never expires. Select Finish.
The user Jon Snow should appear here.
Powershell: Creating 100 users!
To make things more interesting, we are going to run a PowerShell script that automatically creates 1000 users for us.
To get access to this script go to this GitHub repository. It will automatically download to your computer. Extract the file from the zip file and add it to your desktop.
When you open up the file you should see this
If you click on the “names” you will have a list of generated names.
To open the PowerShell script, search Powershell ISE on your Windows and run as administrator.
Go to open script on the top right.
Go to Desktop (or wherever you installed it) > AD_PS-master > 1_CREATE_ USERS
This is the source code of the script that will create 1000 users for us.
If you try to run this it will fail.
To get around this you need to enable the execution of all scripts by using this command: Set-ExecutionPolicy Unrestricted then press enter
Say Yes to All.
Now we can start to run the script.
Navigate to the directory that the script is in. Now click run.
Click Run once.
Now it should be creating the users.
As you can see, it made an Organizational unit (OU) called _USERS with all the users in it.
If we right-click the Organizational unit (OU) called _USERS and click Find you can see that there are 1000 users.
Search for “Windows Defender Firewall” > Turn Windows Defender Firewall on or off.
Now we have to disable the firewall to analyze all types of vulnerabilities.
Turn off the firewall for all Networks
Now Use OPNsense as the default gateway for the Domain Controller
~ Navigate to Control Panel > Network and Internet > Network Connections
~ Enter the following configuration
Configuring Windows 11 Desktop & Adding a User to the AD Domain
The goal of this portion of the lab is to add 2 Windows 10 desktops to the Domain and complete the active directory lab. This portion of the lab is very easy to set up.
Install in Virtualbox as usual with defaults
Do not worry about a product key, simply click Next
Go to Control Panel and click View network status and tasks
Navigate to Change Network Adapter settings
~ Right-click on Ethernet0 and select properties
Go to Properties
Select IPV4
Add an IP Address(198.168.1.3) & Use 192.168.1.5 as the default gateway
Make sure that the DNS server is the IP address of the Domain controller/Server 2022
or else you won’t be able to contact it (198.168.1.4).
Join PC to pedrojaime.com Domain
First, go to the File Explorer, right-click on This PC, then click Properties.
Then click Domain or Workgroup.
Click Change
Type the domain you want to join and click OK.
Put in your username and password
Now restart the PC
If we want double check to see if we successfully added it to the domain lets go back to our Windows Server and go to Active Directory Users and Computers > Computers, you will see that the Windows 11 PC is there.
So let’s see if we can sign in using Jon Snow now that we have joined the PC to the Domain.
We are signed in as Jon Snow.
Congratulations on setting up your Active Directory lab! By following this guide, you’ve installed and configured a domain controller, set up a Windows 11 PC, and added the PC to your domain. These steps have given you a solid foundation in managing an Active Directory environment, which is a crucial skill for IT professionals.
In this lab, you’ve learned:
- Installing and Configuring a Domain Controller: You’ve seen how to set up a Windows Server to act as the backbone of your Active Directory environment, handling tasks like user and computer management.
- Installing and Configuring a Windows 11 PC: You’ve installed Windows 11, configured it for network connectivity, and prepared it to join your domain.
- Adding the Windows 11 PC to the Domain: You’ve added a Windows 11 PC to your domain, demonstrating how devices can be centrally managed using Active Directory.
These skills are essential for anyone working in IT, as they form the basis of user and resource management in many organizations. Your new lab environment is a powerful tool for testing and learning, allowing you to experiment with Active Directory features and deepen your understanding.
I encourage you to continue exploring and experimenting with your lab. Try adding more devices, setting up group policies, managing user permissions, and exploring other Active Directory features. The more you practice, the more proficient you’ll become.
Thank you for following along with this guide. I hope it has been informative and helpful. If you have any questions or need further assistance, feel free to reach out on my LinkedIn. Happy learning!