Active Directory Lab - Setting up an AD Domain

Written By Ryan Daly

In summary, with this project I was able to create a Domain Controller which housed Active Directory which contained two network adapters (1 which connected to the outside internet and one which connected to an internal network). I then assigned IP addressing for the internal network, created a domain, configured NAT and routing so any clients on the private network can reach the internet through the Domain Controller, and I then set up a DHCP server with a limited pool on the Domain Controller so that clients could actually get an IP address assigned from the domain controller. I then used PowerShell and a script found online to create a thousand users in Active Directory. We then joined a new client (a new Windows VM) to the domain controller through the entire network we just created.

Make sure to click the desktop experience. Also, here if you have any issues with licensing, try creating a machine without pre-selecting the ISO. For mine, I clicked Microsoft 2022 and then chose to “boot from disk” and then selected the Windows Server 2022 ISO that I had downloaded. Also, when I set up my domain controller, I went to Network in the settings and set up two Network Interface Controllers (NICs) and labelled one as External Internet and one as Internal Internet so that we can use our Domain Controller as a DHCP server that any internal computer (which I’ll make later) can connect to to get to the internet.

Setting up and naming our NICs. For this part it’s extremely important to right click and check the properties of each NIC to check which is the internal and external internet. For a point of reference, if when you go to properties, you see that it’s actively sending and receiving packets, then you know that that is your external internet and it’s connected.

Now we’re going to right click and select properties for the internal network. I renamed them for easy use. Then we’re  going to click IPv4 to set up our routing protocols.

Here we’re setting up our IP addressing for our internal network. We’re going to use 172.16.0.1 due to the fact that 172 is going to be a private IP address and, since we’re not going to have a ton of computers requesting IP addresses from our DHCP, we’re going to set up a subnet mask of 255.255.255.0 which will come into play later when we set our DHCP pool. We set this network as .1 because this is in essence going to act as our default gateway (router). For the preferred DNS we’re just going to set it as our loopback address just to establish that this computer is the DNS and have it be self-referential.

Next I’m heading into Active Directory and am setting up Active Directory Domain Services to set up our DNS.

Success!

Now that the DNS feature is installed, I’m going to actually set up a DNS and for this lab I’m just going to name it mydomain.com.

It’s going to restart after the update and now I’ll be logged in as an admin. From here we’re going to AD Users and Computers.

So now I made a new Group called _Admins and under that I’m going to make an admin user account and set a generic password (I just made my username a-rdaly).

Now I’m going to select properties on my new user account and make myself a domain admin.

Now I’m going to sign out and sign in as my new Admin User account.

Time to install RAS/NAT so we can have other computers connect to us and have the ability to administer that.

Inside roles and features, we’re going to click to add “Remote Access.”

We’re also going to install Routing.

Then we’re going to go to Tools and then routing and remote access.

We’re going to select the external Internet as our NAT. After that, it should bring us to this:

Now it’s time to set up our DHCP server so our windows 10 (or 11) clients can get IP addresses assigned to them. Add roles and features, then we’re going to select DHCP.  From there, we’re going to go to Tools and select DHCP which we just installed:

From here we’re going to set up our domain controller as the default gateway, authorize our DHCP server, and refresh to now be connected.

So we have some users to work with, I downloaded a PowerShell script from the internet that will generate us about a thousand users. So I opened up PowerShell as an admin user:

And to get around any issues with using a PowerShell script from the internet I used the “Set-ExecutionPolicy Unrestricted” command to alleviate any restrictions.

 And 1000 users later..

And to verify in Active Directory:

Now we’re going to make a client computer running windows 10 and connect that to our internal network that we created. (Windows 10 ended up crashing a TON! Ended up going with a Windows 11 ISO.)

Now we’re going to make sure that all of our networking setup went well and our new VM is connected to the internet through the domain that we set up on our DC.

From there, all that’s left is to add the computer to the domain you created and then we are all set!

 So, in summary, with this project I was able to create a Domain Controller which housed Active Directory which contained two network adapters (1 which connected to the outside internet and one which connected to an internal network). I then assigned IP addressing for the internal network, created a domain, configured NAT and routing so any clients on the private network can reach the internet through the Domain Controller, and I then set up a DHCP server on the Domain Controller so that clients could actually get an IP address assigned from the domain controller. I then used PowerShell and a script found online to create a thousand users in Active Directory. We then joined a new client (a new Windows VM) to the domain controller through the entire network we just created.

Ryan Daly
Previous

Networking Models - OSI and TCP
Next

How I Passed CompTIA’s A+ in 1 Month