Prologue
Hello, hackers! It feels incredible to be back after what seemed like an eternity of silence. I apologize for my prolonged absence, but rest assured, I've been brewing something truly extraordinary during this time. Today marks the beginning of a new series that I'm thrilled to share with you. We'll delve into the captivating realm of Active Directory (AD) and its wonders.
In this series we will be covering the basic of Active Directory to exploiting it by setting up our own lab. So, without further ado, let's embark on this epic journey to set up a Local AD lab. Buckle up, because we're about to take the first step - Setting up our Domain Controller!
As any IT professional will tell you, Active Directory is the heart and soul of Windows network environments. It provides centralized authentication, authorization, and directory services, making it an essential tool for managing users, computers, and other network resources. Whether you're an aspiring IT pro, a seasoned sysadmin, or just a curious techie, building a Local AD lab is a fantastic way to expand your skills and explore the magic of AD firsthand.
Before we dive into the nitty-gritty, let me clarify that this series is designed for enthusiasts and learners who want to experiment and gain practical experience in a safe environment. Creating a Local AD lab allows you to experiment, make mistakes, and learn from them without risking real-world production systems.
I have listed my system configuration which I have used to set up the AD lab below. I would suggest you to have atleast 16GB of RAM and SSD for storage to have smooth experience with the lab setup.
C:\Users\aidenpearce369>wmic cpu get caption, deviceid, name, numberofcores, maxclockspeed
Caption DeviceID MaxClockSpeed Name NumberOfCores
Intel64 Family 6 Model 140 Stepping 1 CPU0 3302 11th Gen Intel(R) Core(TM) i7-11370H @ 3.30GHz 4
C:\Users\aidenpearce369>wmic memorychip get capacity, devicelocator, speed
Capacity DeviceLocator Speed
8589934592 Controller0-ChannelA 3200
8589934592 Controller1-ChannelA-DIMM0 3200
C:\Users\aidenpearce369>wmic diskdrive get caption, size, interfacetype
Caption InterfaceType Size
NVMe SAMSUNG MZVLQ1T0HBLB-00B00 SCSI 1024203640320
Installing Windows Server
In order to set up our local AD lab, we need to lay a foundation for our Active Directory infrastructure. To do that we need to install and configure a Domain Controller.
A domain controller is a specialized server in Active Directory (AD) that manages user accounts, authenticates logins, and controls access to network resources. It ensures security, replicates data across multiple servers, and enables Single Sign-On for easier access to various resources. In essence, it acts as the administrative hub of the AD environment, making user management and network security efficient and centralized.
In Active Directory (AD), a domain controller plays a central role as a critical component of the entire network infrastructure. It serves as the heart and soul of the AD environment, responsible for managing user accounts, authentication, and directory services.
We will be using Windows Server OS to install and configure our Domain Controller through AD DS feature. AD DS stands for Active Directory Domain Services. It is a feature provided by Microsoft Windows Server operating systems and serves as the core foundation for centralized user and resource management in a Windows network environment. AD DS provides several essential capabilities, making it a fundamental component for managing a Windows domain.
The whole lab set up will be done on VMware Workstation Player. We will be installing Windows Server 2019 to configure our Domain Controller. You can find the image file for the Windows Server 2019 from the below link.
https://www.microsoft.com/en-us/evalcenter/download-windows-server-2019
Lets build our VM with the downloaded image
NOTE : While configuring the VM, remove the Floppy Disk device from the Virtual Machine Settings. It will cause lot of troubles while installing the OS in VM environment.
That's it. Lets begin the installation of Windows Server 2019.
We will be using Windows Server 2019 Standard Evaluation (Desktop Experience). The Desktop Experience version is suitable for scenarios where you need to interact with the server using a GUI for administrative tasks or if you plan to run applications that require a graphical interface. The Datacenter edition includes all the features available in the Standard edition and additional advanced features that are specifically designed for high-end datacenter environments. Notably, Datacenter edition allows features like Shielded Virtual Machines, Storage Spaces Direct, and Software-Defined Networking (SDN). For our lab environment the Standard Edition is sufficient for us.
After completing the installtion, it will prompt us to enter password for the Administrator account. Set the password carefully, because the account will be later converted into Domain Admin after installing AD DS.
We also need to change the machine name of the server in a suitable naming format for easier configuration and working.
NOTE : Since the Domain Controller in a AD environment is a centralized server like a heart in human body, we need to assign static IP to it, so that all AD objects under the Domain Controller can be connected without any randomization.
We will be assigning static IP along with the desired gateway for the DC (Domain Controller). For the DNS server, we can either use the loopback address 127.0.0.1 or the DC's static IP.
Verifying the network changes reflection for the interfaces.
Bringing Domain Controller Alive
Hold On! We haven't done with the setup. Up to now, it's still a Windows Server and not a Domain Controller. To convert a Windows Server to Domain Controller we need to promote it. For that we need to install AD DS feature in the server.
Let's add the feature through Add Roles and Features option under Manage option.
Follow the below steps to complete the installation of AD DS feature in Windows Server 2019.
Now AD DS has been installed and we are one step away from bringing our DC alive. Just promote the server to Domain Controller as shown below.
Since we are creating a AD environment from scratch, we will be creating a Forest. Don't worry, terms like Forest, Domain, Trust etc will be discussed later in depth.
We will be naming our root domain name (top level domain in AD) as pwners.lab for our AD environment.
Configuring the functional level and capabilities along with the DSRM password for the Domain Controller.
DSRM stands for Directory Services Restore Mode. It is a special mode in Windows Active Directory that allows an administrator to perform critical maintenance and recovery tasks when the normal mode of the domain controller is unavailable. The DSRM user is a local administrator on Domain Controller and an essential component of this DSRM mode, so the DC asks us to set the password while configuring it. Once in DSRM, the server behaves as a standalone server with no Active Directory services running. In this mode, you can perform tasks such as restoring a backup of the Active Directory database or troubleshooting AD-related issues etc.
Follow the below steps to complete the setup for Domain Controller.
After setting up our DC, just give it a fresh reboot. It should prompt the login for the builtin Domain Administrator along with the domain NetBIOS name.
Now we have logged into the Domain Controller and this Server Manager dashboard would appear in front of you.
Finally just ping the domain name to check the connectivity.
Conclusion
Congratulations! You've taken the first step in setting up your Local AD lab by creating a Domain Controller. This is just the beginning of our exciting journey together. In the upcoming parts of this series, we'll explore user and group management, organizational units, and much more on exploiting it.