Mastering Active Directory: A Step-by-Step Guide to Building Your Ultimate Lab Environment, Part 1

In my last blog post, I promised to provide a walk-through on how to build an Active Directory lab on VirtualBox for cybersecurity practice. If you’ve ever been curious about building your very own Active Directory lab but didn’t know where to start, you’re in the right place!

Today, we’ll be diving headfirst into the world of VirtualBox, a type-2 hypervisor for x86 virtualization developed by Oracle Corporation. It allows users to extend their existing computer to run multiple operating systems including Microsoft Windows, Mac OS X, Linux, and Oracle Solaris, at the same time. Whether you’re an aspiring IT professional, a cybersecurity enthusiast, or simply someone eager to expand your knowledge, this step-by-step walk-through will guide you towards mastering the intricacies of Active Directory in a controlled, safe, and virtual environment.

Before we proceed further, what exactly is Active Directory (AD)? According to wikipedia, AD is a directory service developed by Microsoft for Windows domain networks. It is a hierarchical structure that stores information about objects on the network. It was introduced by Microsoft for centralized domain management and a directory service, such as Active Directory Domain Services (AD DS), provides the methods for storing directory data and making this data available to network users and administrators.

A domain controller refers to a server that operates with the Active Directory Domain Service (AD DS) role. Its primary functions involve authenticating and authorizing all users and computers within the domain. This includes assigning and enforcing security policies for all connected computers and managing software installations or updates. For instance, when a user logs into a computer that is part of a Windows domain, AD verifies the provided username and password by using kerberos to ascertain the user’s privileges, whether they are a system administrator or a non-admin user.

AD Server Manager

AD Lab Requirements

• Oracle VirtualBox
• Windows Server 2019 ISO
• Windows 10 Enterprise ISO
• RAM: minimum of 16 GB
• Disk Storage: minimum of 100 GB

Setting up the Domain Controller

After downloading the necessary requirements from the links above, we will now proceed to configure Windows Server 2019 on VirtualBox to set up our domain controller.

VirtualBox Steps:

1. Open virtualbox > New > Enter a name for the VM > Select Microsoft Windows as the Type > Select Windows 2019 (64-bit) as the Version > Next

Use the arrows as guide

2. Set the base memory to a minimum of 2096 MB but preferably 4096 MB for smooth operation. Set the processors to 2 cpu if you have the capacity for it, if not 1 cpu should suffice. Then click Next.

3. Select, Create a Virtual Hard Disk Now > Set Disk Size to 60.00 GB > Next > Finish

4. Navigate to the VM settings > Storage. Click on the disk icon by the right > choose a disk file. Then select the Windows server 2019 ISO from where you downloaded it and click OK.

5. Navigate back to the VM settings > Network > Adapter 1 > Select NAT Network > OK. Here is a link to a tutorial on how to create a new NAT Network adapter on virtualbox: https://www.youtube.com/watch?v=t4qqir33snI

Windows Server 2019 configuration steps:

1. Start up the VM from VirtualBox Manager, choose your preferred settings and click Next > Install now.

2. Select Windows Server 2019 Standard Evaluation (Desktop Experience) > Next > Tick the license terms > Next

3. Select, Custom: Install Windows only (advanced) > New > Apply > Next

4. After successful installation, enter a password > Finish. Then enter the password to login after finalization.

VirtualBox Guest Additions Installation Steps:

1. Navigate to Devices > Insert Guest Additions CD image

Devices can be found at the top tab of the VM

2. Open File Explorer > CD Drive (D:) VirtualBox Guest Additions > VBoxWindowsAdditions-amd64 > Next > Next > Install > Reboot now > Finish

Rename the system:

1. Open Settings > Search for ‘About Your PC’ > Rename this PC. Enter your preferred name i.e HYDRA-DC and click Next > Restart Now > Continue.

Domain Controller Installation:

1. Open up Server Manager > Manage > Add Roles and Features. Then click through Next until you get to the Server Roles.

2. Tick Active Directory Domain Services > Click on ‘Add Features’. Then click Next > Next > Next > Install. Finally, click Close after the installation is complete.

3. Select the Flag on the top right > Promote this server to a domain controller > Add a new forest. Then, enter your preferred domain name and click Next.

Enter your preferred Domain name, i.e name.local

5. Enter a password for the Directory Services Restore Mode > Confirm the password. Then click Next through to the Prerequisites Check section and click Install.

6. The system will automatically reboot after successful configuration & installation. Then enter your password to login and you should have a fully configured domain controller.

You should have something like this

Wrap-Up

There you have it! We have successfully configured the domain controller on Windows Server 2019 for our AD lab. However, our journey doesn’t end here. In my next blog post, we will continue the Active Directory lab walk-through by covering crucial aspects, including setting up user machines, creating users and groups, implementing policies, and joining these machines to the domain.

Remember, practice makes perfect, and building your Active Directory lab is a fantastic way to enhance your IT expertise, familiarize yourself with AD, and prepare for real-world challenges. Until the next blog post, keep exploring, experimenting, and expanding your horizons in the exciting world of Active Directory. Happy learning!