Mastering Active Directory: A Step-by-Step Guide to Building Your Ultimate Lab Environment, Part 2

Welcome back to the second part of my Active Directory lab walk-through on VirtualBox! In my previous blog, we laid the groundwork for building an Active Directory (AD) lab, which included downloading and installing the necessary lab requirements, and successfully setting up the domain controller on Windows Server 2019.

Now, it’s time to embark on the final phase of the lab setup, where we will be configuring the user machines, setting up users, groups, and policies, and ultimately joining our machines to the domain. If you haven’t had the chance to explore the first part of the lab walk-through, you can catch up by reading up on my last post.

Lab Requirements Recap:

• Oracle VirtualBox
• Windows Server 2019 ISO
• Windows 10 Enterprise ISO
• RAM: minimum of 16 GB
• Disk Storage: minimum of 100 GB

Setting Up User Machines:

After setting up the domain controller, we will be configuring two Windows 10 machines on VirtualBox for this AD lab setup. However, we will set up just one user machine, and as a challenge, you can set up the second user machine using the same steps.

VirtualBox Steps:

1. Open VirtualBox > New > Enter a name for the VM > Select Microsoft Windows as the Type > Select windows 10 (64-bit) as the Version > Next

use the arrows as guide

2. Set the Base Memory to a minimum of 2096 MB and the Processors to 1 cpu. Then click Next. However, you could increase them if you have enough resources on your host machine.

3. Select Create a Virtual Hard Disk Now > Set Disk Size to 50.00 GB > Next > Finish

4. Navigate to the VM settings > Storage. Select Empty > Click on the disk icon by the right > choose a disk file. Then select the Windows 10 ISO from where you downloaded it and click OK.

5. Navigate back to the VM settings > Network > Adapter 1 > Select NAT Network > OK. Here is a link to a tutorial on how to create a new NAT Network adapter on virtualbox: https://www.youtube.com/watch?v=t4qqir33snI

Windows 10 User Machine Configuration Steps:

1. Start up the VM from VirtualBox Manager, choose your preferred settings and click Next > Install now > Accept the license terms > Next

2. Select, Custom: Install Windows only (advanced) > New > Apply > Next

4. After successful installation, complete the settings to your preference. Then click Domain join instead > Next > Enter a name > Next > Enter a password and confirm it

5. Complete the security questions > Next. Then turn off all privacy settings and click “Accept”. Finally, you should have a configured user machine after reboot.

Click “Not now” as we won’t be utilizing cortana

VirtualBox Guest Additions Installation Steps:

1. Navigate to Devices > Insert Guest Additions CD image

2. Open File Explorer > CD Drive (D:) VirtualBox Guest Additions > VBoxWindowsAdditions-amd64 > Next > Next > Install > Reboot now > Finish

Rename the system:

1. Open Settings > Search for ‘About Your PC’ > Rename this PC. Enter your preferred name i.e THEPUNISHER and click Next > Restart Now > Continue.

Note: Repeat the same steps to setup the second Windows 10 user machine.

Setting Up Users, Groups, and Policies Steps:

With our Windows 10 user machines successfully set up, it’s time to move forward and configure essential users, groups, and policies on our domain controller.

Steps:

1. Start up your Windows Server 2019 VM > Server Manager > Tools > Active Directory Users and Computers.

2. We will create a new Organizational Unit (OU) called Groups. Right click on the domain name (in this case MARVEL.local) > New > Organizational Unit.

3. Move all the groups in Users to the newly created Groups OU. Make sure that Administrator and Guest users are left in the Users OU

4. Inside Users, right-click on your mouse > New > User. Then fill in the credentials according to your preference. Finally, enter a password > Select Password never expires > Next > Finish. This will create a new domain user.

set your user logon name according to your preference, i.e first initial with the last name.

Take note of whatever password you set because you will be needing it later

5. We will create a new domain admin. Right-click on Administrator > copy > enter your preferred credentials > Next > Enter a password > select Password never expires > Next > Finish.

6. We will create another domain user for our second Windows 10 user machine. Right-click on the first domain user we created (in this case, Bob jones) > copy. Enter your preferred credentials for this new domain user > Next > Enter a password > select Password never expires > Next > Finish.

Peter Parker is the second domain user we created in this case.

7. We will set up a group policy to disable windows defender in our domain. In Windows search bar, search for “Group Policy Management” and run it as “Administrator”. Then click on Domains > right-click on your domain name > select, Create a GPO in this domain, and Link it here. Finally, name the GPO as “Disable Windows Defender” and click OK.

8. We will then disable Antivirus in Windows Defender. Right-click on Disable Windows Defender > Edit > Computer Configuration > Policies > Administrative Templates > Windows Components > Window Defender Antivirus > Turn off Windows Defender Antivirus > Enabled > Apply.

Scroll down to find Windows Defender Antivirus

Follow the arrows as guide

9. Right-click on your domain name > Enforced > OK

The domain name in this case is MARVEL.local

Steps 7, 8, 9 are optional if you want to perform attacks against the domain controller.

Joining the User Machines to the Domain:

Now that we have configured our users, groups, and policies in the domain controller, it’s time to join the user machines to the domain. For the second user machine, follow the same steps for a seamless integration.

Steps:

1. Start up one of the Windows 10 VM. Then open Settings > search for “Network Status” > Change adapter options > Right-click on Ethernet > Properties.

2. In Ethernet Properties, double click on Internet Protocol Version 4 (TCP/IPv4). Select Obtain an IP address automatically > Use the following DNS server address. Then enter your domain controller’s IP address (Windows server 2019) in Preferred DNS server and click OK > Ok.

On your domain controller (Windows server 2019), open the command prompt and run “ipconfig” to procure your domain controller’s IP address

3. In Windows search bar, search for “Access work or school” and click Connect > Join this device to a local Active Directory domain > Enter your domain name > Next. Then enter the Administrator username and Password you created when you first configured windows server 2019. After that click OK > Skip > Restart now.

4. After reboot, login with one of the domain users we created while setting up our users, groups, and policies.

Log in with MARVEL\bjones in this case and To login with the other domain user, use MARVEL\pparker

We have successfully joined this Windows 10 user machine to the domain

Now, use the same steps to join the second Windows 10 user machine to the domain.

Conclusion

Congratulations, fellow cybersecurity enthusiasts! We have traversed a thrilling path, mastering the art of setting up an Active Directory lab tailored for our pursuit of cybersecurity excellence. Throughout this walk-through, we have fortified our knowledge by meticulously configuring user machines, setting up users, groups, and policies with precision.

Remember, this lab is not just an end in itself; it’s a springboard to new horizons. Continue to expand your expertise, explore advanced features of Active Directory, and explore diverse cybersecurity scenarios. Also, we should embrace the spirit of continuous learning, for it is the key to staying ahead in the dynamic world of IT and Cybersecurity. Thank you all for following along and until next time.