Well here we are again for the third and final time! In our first part, we downloaded Windows Server and Workstation Images (for FREE) and created our Virtual Machine(VM) templates in VirtualBox. Our second part consisted of us installing our operating system for the Domain Controller, File Server, and an enterprise edition windows 10 workstation. For today’s final episode we are going to be installing the necessary server modules and setting up the domain.
I really want to apologize to you all for having to click through three different posts to get here. Unfortunately due to all the screenshots and my web hosting plan, separating this was the only way. Honestly this whole series taught me a lesson. I really need to get into video! At least for the tutorials on this blog. I could have produced a better quality tutorial at probably half of the time. So, lessons learned and we will see where this takes us in the future. That being said.. lets move on!
NOTE: As a reminder, to press Ctrl + Alt + Del in VirtualBox you press your host key (default is right ctrl key) + Del.
Domain Controller Setup
Start up and log into your Domain Controller VM. We will now be setting up our network. First thing is first, we must change the name of our DC. At this point I am assuming you are at the WinHackEnv-DC desktop. Right click the Windows Icon in the left corner. Once the menu appears left click “System”
In the System Settings, you should now be on the About section. Scroll down and select “Rename this PC”. A pop-up window will appear. Rename your DC to your choosing, I like my current name notation so I am still going with WinHackEnv-DC. After typing in your name, click “Next” followed by “Restart Now”.
Once your machine has rebooted, log back in. The Server Manager Application should start up immediately, if not open it up. At the applications top grey bar, click Manage -> Add Roles and Features.
You should now be on the Add Roles and Features Wizard now. For simplicity please follow the chart I made below of all the settings to select in the Wizard:
Screenshot of Success:
Once you have successfully installed the AD Domain services, click “Close” on the Wizard. You should be back on the Server Manager. You will see the little Flag in the top Manager bar has a caution triangle on it. Once you click on it you will see that a “Post-Deployment” notification indicator asks you if you would like to “Promote this server to a domain controller”. Click on the hyperlink notification.
Another wizard titled “Active Directory Domain Services Configuration” should pop-up. Please follow the below chart to complete the wizard:
Screenshot of successful AD configuration:
The VM should restart on its own. You will have further confirmation that a domain has been added as your Windows Logon Screen should be listed as “DOMAIN_NAME\Administrator”. Log back into the DC and open the Server Manager again. We are now going to install the Active Directory Certificate Services. This way we will be able to utilize LDAP like a real Windows Enterprise Domain. In order to do this on Server Manager, again we will click “Add Roles and Features” under “Manage”. Complete the Wizard IAW with the below table:
Screenshot of successful AD Certificate Service install:
Once the install is complete you will be given the option to close the wizard. Do this now and find yourself back at the Server Manager. You will again see the yellow caution flag on the Server Manager top bar indicating a Post-Deployment Configuration to configure “Active Directory Certificate Services”. Click on that hyperlink now.
You will be brought to another wizard, this one is title AD CS Configuration Wizard. Please use my cool little chart to select the proper settings:
Successful AD CS Configuration:
Your DC and domain has been successfully setup! Now restart the machine and lets add some users to the domain before we add the other machines to our network.
Adding Users to the Domain
Once your machine has started up go to the Server Manager. At the top Dashboard bar select “Tools” -> “Active Directory Users and Computers”. This will open a management snap-in where you can edit all the groups, computers, and users of your domain. Go to the “Users” folder and right click it, select “New” -> “User”.
Note: You may be wondering why I don’t have all of those Groups in my Users folder. That is because I created a new OU under Paradise.Local by right clicking -> “New” -> “Organizational Unit” and naming it groups. I then dragged and dropped all the Groups into the folder. This is completely optional. This is just something I almost always do on my DCs.
When the “New Object – User” Screen comes up, make a user. I put in the first name (REQUIRED) and named my username Bob and continued to use the same password. Also, to make things easier I selected “User must change password at next logon”. I also make another user named Fred.
First Window for User Creation Wizard:
Second Window for User Creation Wizard:
Now that we have Users created, lets get the IP address for our server. This can be done with the ipconfig command and the command prompt:
NOTE: These are specific to my machine. Your values may be different. Since we set our VMs up with a Host-Only adapter all machines should be on the same subnet. We just need our DC’s IP for configuring the domain.
File Server Setup (Optional)
While keeping the DC powered on, start up your File Server. Once you are logged in we will need to change our computer name. This will be the same exact process as I detailed before. Scroll back up if you need a refresher. I named my other server “WinHackEnv-FS”. Restart the server and log back in. Once Server Manager starts up again, go back to “Add Roles and Features” under the “Manage” option in the top bar. Follow the table below to complete the wizard:
Screenshot of File Server Roles Screen:
Connecting Machines to the Domain
Now that that the FS bit is installed. We will now setup the network adapter and join it with the domain. Right Click the Computer Icon in the right hand corner of the system tray and select “Open Network & Internet Settings”. A screen will popup detailing your network status. Select “Change Adapter Options”.
This will take you to the Network Connections Folder. Right Click your Ethernet Adapter and select the “Properties” option.
On your Ethernet Properties window and double click “Internet Protocol Version 4 (TCP/IPv4)”.
On the IPV4 Properties window, we will click the radio button for “Use the following DNS Server Addresses”. Input your Domain Controllers IP address in Preferred DNS Server. Click “OK” on all open windows to ensure the settings are taken by the network adapters. Close out all remaining windows.
Just to be sure the FS can communicate with the DC, open a command prompt on your FS and use the following command, ping <DC IP>. Ensure you get a successful reply from the DC. Next we will access the “Control Panel”. Click on the “System and Security category” followed by “System”. On this screen you will see a category titled “Computer name, domain, and workgroup settings”. Click the blue hyperlink that says “Change Settings”
Now click “Change” under the “Computer Name” section.
In the Computer Name/Domain changes click the “Domain” radio button and type <Name of your Domain>. You should get a login prompt. Type in your credentials you had set on the DC.
If your credentials were successful you should get a message welcoming you to your domain. Once you click the confirmation message, you will be prompted to restart the PC. Do that and your FS is now on the domain!
Once the machine comes back up you will be prompted to log back in as admin. Instead click “Other User”. You can log back in as one of your accounts we created earlier. I logged in as Bob.
Our final portion will be putting our Workstation on the same domain as the other devices. For this we will essentially repeat the same process as the FS. First off, we need to rename our WS! Like the servers Right Click the Windows Start Bar and click “System”. A settings window will then pop-up on the About Page. If you scroll down a tad, you will see “Rename this PC”. Rename it to whatever your liking and restart the VM.
Now we will follow SIMILAR steps we took to add the file server to the Domain. The following steps are exactly the same and you can go back to reference:
- Change the Network Adapter’s DNS Address to statically point to our DC.
- Verify machines are on the same network by pinging them.
Now we are at a familiar screen. On the System Properties pop-up, click “Computer Name”. On that tab we are gonna click the “Change” button. Click the Domain radio button and input your domain name. You should get a login prompt if all has gone well.
System Properties Window:
After clicking “Change” button:
You should now have to restart your PC. You can log in as one of your Domain accounts we created earlier and there ya go! All VMs should be on the domain with one another. As a note when you shut down this little network, shut down the DC LAST. Vice versa, when you start it up, START UP THE DC FIRST!
Unfortunately, this is where we will stop for now. As I stated in the first part of this, I just need a windows domain to test a script that I am currently working on. In the future I hope to add an attack machine to this network and run some attacks with you. If this was your intention and we did not get there I am sorry. I will tell you all you need to do is create another VM (preferably Kali Linux or Parrot) and put it’s network adapter on “Host Only”. This will allow all of your VMs to run on the same network. Well, anyway have a great day!