📕A Simple Active Directory VM Lab Set Up (Work in Progress)
Active Directory (AD) is a powerful tool used by many organizations to manage their network resources. It provides a centralized location for storing user and computer accounts, as well as permissions for accessing network resources. In this Gitbook post, I will show you how to set up a virtualized AD lab using VMware Workstation. This lab can be a great way to learn about AD and gain hands-on experience with the technology. You can also use this lab to test AD pen-testing techniques.
Overview
Understanding Active Directory and Group Policy
Requirements
VMware Workstation Player 17
Download link: https://www.vmware.com/products/workstation-player.html
Windows 10 Enterprise ISO
Download link: https://www.microsoft.com/en-us/evalcenter/evaluate-windows-10-enterprise
Fill out the form then click "Download now"
Click the 64-bit edition to download the Windows 10 Enterprise ISO
Windows 2019 Server ISO
Download link: https://www.microsoft.com/en-us/evalcenter/evaluate-windows-server-2019#Get-started
The same steps as downloading Windows 10 Enterprise ISO, fill out the form then download the 64-bit edition of the ISO
Installations
Domain Controller
Launch VMware Workstation Player
Click "Create a New Virtual Machine"
Click "Browse" then open the Windows 2019 Server ISO
Click Next
Input in any name for the "Full name" then click Next
A pop up will say that "You did not enter a Windows product key...", click Yes
Name your virtual machine to anything you want (I named mine as "Domain Controller") then click Next
Select "Split virtual disk into multiple files" then click Next
Uncheck the "Power on this virtual machine after creation" box then click Finish
The Domain Controller virtual machine is now added
Back on VMware Workstation Player home menu, select the domain controller virtual machine and click "Edit virtual machine settings"
Select the Floppy device and click Remove
Select the Memory device and increase the memory to 4 GB (we can change it back to 2 GB after the installation step) then click OK
Now launch the domain controller VM, then quickly press any key once the VM boots up and prompts "Press any key to boot from CD or DVD. ." message. If you missed this step, just exit and relaunch the VM again.
Then click Next, then "Install now"
Select Windows Server 2019 Standard Evaluation (Desktop Experience) for the OS then click Next
Check the "I accept license terms" box then click Next
Select "Custom: Install Windows only (advanced)"
Click "New", then "Apply", then "OK", then finally Next
Now we wait for a bit as the VM is installing the OS, then it will automatically restart and greet us with the "Customize settings" screen
Input any password you want for the Administrator (best to note it down somewhere), then click Finish
The Windows Server VM will tell us to "Press Ctrl + Alt + Delete to unlock"
Click the red boxed icon located at Workstation Player top bar the to send Ctrl+Alt+Del to the VM
Log into the Administrator with the password that you just set earlier
Now we want to get full-screen mode on the Domain Controller VM On the Workstation Player top bar, Click "Player", then "Manage", then "Install VMware Tools..."
In the VM, open the File Explorer and click on "This PC", you will see the VMware Tools is mounted, double-click it to start the installation of VMware Tool
In the installation, click Next, then choose Complete Install and click Next, then click Install, then click Finish
There will be a pop-up that will ask you to restart once the installation is done, click Yes
The VM will restart. Once it booted up, we can toggle full-screen mode for the Domain Controller VM.
Login into Windows, then we're going to rename the computer
Click the Windows icon on the bottom left, then type "View your PC name", then select the option
This will prompt up the About page from the System settings, scroll down a bit, and click Rename this PC
Rename this to "DC" or whatever name you like but make sure the name clearly indicates the machine is a domain controller, then click Next
Windows will ask you to restart, click Restart Now
Once the VM finished restarting, log back into Windows
We will now configure the VM into a Domain Controller
Whenever we login into the Windows Server, the Server Manager is launched
In Server Manager, click Manage, then click Add Roles and Features
Click Next, then choose "Role-based or feature-based installations" for Installation Type, then click Next
Click Next for the Server Selection page, then check the "Active Directory Domain Services" box in the Server Role page, then click Add Features, then click Next
Click Next for the Features page, then click Next for the AD DS page, then click Install for the Results page
Once the installation is done, click Close
On the top bar of the Server Manager, click the Notification icon (the flag), then click "Promote this server to a domain controller"
Select "Add a new forest", then name the root domain as "ADLAB.local" or whatever name you want, then click Next
Set the DSRM password to the same password that you set for the Administrator user earlier, then click Next
Click Next for the DNS Options page, then click Next for the Additional Options page, then click Next for the Paths page, then click Next for the Review Options, then finally click Install for the Prerequisites Check page
The Domain Controller VM will automatically restart once the installation is done
We can check by unlocking the Windows Server login screen and see that we're now part of the ADLAB domain
Domain Machine
Back on the VMware Workstation Player menu, click "Create a New Virtual Machine"
Click "Browse" then open the Windows 10 Enterprise ISO, then click Next
Select Windows 10 Enterprise for the version of Windows to install, then click Next, then click Yes for the pop up about "You did not enter a Windows product key..."
Name your virtual machine to anything you want (I left mine as default) then click Next
Select "Split virtual disk into multiple files" then click Next
Uncheck the "Power on this virtual machine after creation" box then click Finish
Back on VMware Workstation Player home menu, select the Windows 10 virtual machine and click "Edit virtual machine settings"
Similar step to when setting up the Domain Controller VM, select the Floppy device and click Remove, then click OK
Now launch the Windows 10 VM, then quickly press any key once the VM boots up and prompts "Press any key to boot from CD or DVD. ." message. If you missed this step, just exit and relaunch the VM again.
On the Windows Setup page, click Next, then click Install Now
Check the "I accept license terms" box then click Next
Select "Custom: Install Windows only (advanced)"
Click "New", then "Apply", then "OK", then finally Next
The VM will automatically restart and boots up into Windows setup page
On the region select screen, click Yes, then click Yes for the keyboard layout page, then click Skip for the adding second keyboard layout page
On the Sign in with Microsoft page, select "Domain join instead"
Input any name you want for the PC user account name, then click Next
Input any password you want for the account (best to note it down somewhere), then click Next
Input any answer for security questions (I use "tom" for all of the questions), then click Next
Uncheck all the options for the privacy settings page, then click Accept
Click Not Now for the Cortana page if it pops up, then we wait for Windows to finish setting up
Once loaded into Windows, we want to set up full-screen mode for the VM
On the Workstation Player top bar, Click "Player", then "Manage", then "Install VMware Tools..."
Open the File Explorer and click on "This PC", you will see the VMware Tools is mounted, double-click it to start the installation of VMware Tool
In the installation, click Next, then choose Complete Install and click Next, then click Install, then click Finish
A pop-up will ask you to restart the computer, click No
Rename the computer, click the Windows icon on the bottom left, then type "View your PC name", then select the option
This will prompt up the About page from the System settings, click Rename this PC
Rename this PC to "CLIENT01", then click Next
Windows will ask you to restart, click Restart Now, and now you're done with setting up the 1st Domain Machine
Repeat the same above steps for another VM and have the PC renamed to "CLIENT02"
Once done, we now have 1 domain controller and 2 client machines in our virtualized environment
Domain Configuration
Last updated
Was this helpful?