- Published on
Offsec AD (Part 2) : Linking Domain Users and Domain Computers
Prologue
In our previous blog, we embarked on an exciting journey of setting up a Domain Controller (DC), which acts as the core of a Windows-based network environment. With the DC in place, it's time to take the next step: linking users and computers to the domain. This process is essential for creating a cohesive network ecosystem, enabling centralized management, enhanced security, and seamless collaboration across the organization.
In this blog, we'll delve into the intricacies of integrating users and computers into the domain, ensuring they can harness the full power of the DC and its capabilities. Let's explore the process step by step, making it accessible to both seasoned IT professionals and newcomers alike.
Installing Windows Enterprise
We had already set up our Domain Controller using Windows Server 2019. The same way we are going to use Windows 10 Enterprise for setting up our users and machine accounts. You can find the image file for Windows 10 Enterprise from the below link.
https://www.microsoft.com/en-in/evalcenter/download-windows-10-enterprise
Lets start installing it in the VMware Workstation Player,
After creating the VM lets proceed with the installation. We will be using Windows 10 Enterprise Evaluation from the image.
Make sure to remove Floppy Disk device from the Virtual Machine Settings, otherwise you would get these kind of error while installing the image.
Proceed with the installation and complete the setup.
The minimal architecture for our offensive AD lab will be like this.
After booting the image, log into it via Domain Join Instead and create local user accounts on those machines.
Make sure to rename you machine's name for better naming convention. Now after logging in, we can find our Windows user machines are set with the created local user accounts.
Linking with DC
Yet, we are not linked to the domain with our machines. Same like our domain controller we shall provide static IP for these machines and set the DNS pointing to our domain controller. If you want dynamic IP, you can even use it with DHCP. Since it is a small lab, I need it to be more controllable for future purposes, rather being dynamic.
NOTE : Pointing the DNS of machines to the Domain Controller is the key mechanism to resolve and link to the target domain.
Now after the network changes gets reflected, lets link and connect to our domain via Access work or School -> Connect to a local domain.
Lets just enter our Domain Admin password and connect with our domain. You can just skip adding the Administrator into the domain connected machine if needed.
After connecting to the domain successfully, you should see that our computer gets added successfully in our Domain Controller.
Yaay! We have added our first machine into the domain successfully. This way you can add numerous machines into our domain effortlessly.
Now let's create our domain users to work on our domain computers. From the Active Directory Users and Computers in our Server Manager of our DC, create a new user. Be cautious while defining the LDAP attributes for the users, because it reflects everywhere in the domain.
We can see that our newly added user is part of Domain Users now.
After rebooting the machine, sign in as our new domain user and provide a new password.
Finally we have logged in as Domain User on our Domain Computer.
Similary following the same procedure to link our second machine and create a new domain user to login in it.
Now lets view the AD objects which we have created now in the Domain Controller.
Conclusion
Congratulations! You have successfully built a Home Active Directory Lab in Virtual Machines, linking users and computers to your Domain Controller. This lab will serve as an invaluable playground for learning, experimentation, and honing your network administration skills. As you explore various scenarios and configurations in this safe environment, you'll gain confidence in managing a real-world network. We will start to do some automation and exploitation stuff in the upcoming posts.