Professional Documents
Culture Documents
BrownInfoSecGuy Home
Blog
About Me
Resources
environment the tool can be easily stretched for production environment as its
released under MIT license.
The process to manually configure a domain controller using GUI can be painful
especially if you need to create and teardown the lab frequently. This single tool
can not only configure a domain controller quickly but can also automate
additional configuration such as creating share, creating users, and configuring
group policy object for disabling Windows Defender which is something
desirable especially in a lab environment.
This blog post will provide an overview of the tool and demonstrate how it can
be used to automate configuring a domain controller and workstation.
There are few things to keep in mind before using the tool.
https://browninfosecguy.com/Active-Directory-Lab-Setup-Tool 2/15
7/18/2021 Active Directory Lab Setup Tool
https://browninfosecguy.com/Active-Directory-Lab-Setup-Tool 3/15
7/18/2021 Active Directory Lab Setup Tool
https://browninfosecguy.com/Active-Directory-Lab-Setup-Tool 4/15
7/18/2021 Active Directory Lab Setup Tool
If everything went according to plan your server should reflect something like
our lab server as shown in Figure 4.
The next step is to install the role of Active Directory Domain Services on the
server and configure the Domain controller. As shown in Figure 5, Option 2
installs the role of Active Directory Domain Services and configure the Domain
controller after we supply the forest name.
https://browninfosecguy.com/Active-Directory-Lab-Setup-Tool 5/15
7/18/2021 Active Directory Lab Setup Tool
Once the role is successfully installed the setup for Domain controller begins as
shown in Figure 6.
https://browninfosecguy.com/Active-Directory-Lab-Setup-Tool 6/15
7/18/2021 Active Directory Lab Setup Tool
Once the Domain controller configuration finished the machine restarts and if
everything went according to plan our server will be configured as shown in
Figure 7.
https://browninfosecguy.com/Active-Directory-Lab-Setup-Tool 7/15
7/18/2021 Active Directory Lab Setup Tool
The next step is to configure users, create a GPO to disable windows defender
and create a share. Option 3,4 and 5 accomplishes that for us. We can clearly see
our user accounts created correctly in Figure 8.
https://browninfosecguy.com/Active-Directory-Lab-Setup-Tool 8/15
7/18/2021 Active Directory Lab Setup Tool
Figure 10 shows the GPO to disable Windows Defender also Figure 11 shows
the network share named “hackMe” configured correctly.
https://browninfosecguy.com/Active-Directory-Lab-Setup-Tool 9/15
7/18/2021 Active Directory Lab Setup Tool
Now that our Domain controller is configured and ready. The next step is to
configure our workstation and join the Domain. We start with a fresh install of
Windows 10 Enterprise as sown in Figure 12.
When we try to run the tool on a fresh install, we get the error as shown in
Figure 13. We can easily fix it by changing the script execution policy.
https://browninfosecguy.com/Active-Directory-Lab-Setup-Tool 10/15
7/18/2021 Active Directory Lab Setup Tool
Once the execution policy is changed, our tool start working again. To add the
workstation to the domain we need to configure the domain name server on our
workstation. The domain name server should point to the IP address of our
Domain controller. We start by selecting option 6 as shown at ①, we are then
displayed with network interfaces configured on the machine. As discussed
earlier we need to select the correct network interface to configure the DNS
server. On our lab server we select interface 5 as shown at ③ and then providing
the IP address of our Domain controller as shown at ④. Once we are finished the
machine restarts.
https://browninfosecguy.com/Active-Directory-Lab-Setup-Tool 11/15
7/18/2021 Active Directory Lab Setup Tool
We can confirm that the DNS is configured correctly by observing the properties
of network interface as shown in figure.
The only thing left to do is add our workstation to the Domain. Option 7 help us
add the workstation to the Domain, we need to provide the domain name as
shown at ② we are then prompted for Domain Admin credentials. The system
will restart itself and if everything went according to plan the workstation is
added to the Domain as shown in Figure
https://browninfosecguy.com/Active-Directory-Lab-Setup-Tool 12/15
7/18/2021 Active Directory Lab Setup Tool
https://browninfosecguy.com/Active-Directory-Lab-Setup-Tool 13/15
7/18/2021 Active Directory Lab Setup Tool
I hope this tool can help automate the process of confguring an Active Directory
lab for your testing environment quickly and effectively. If you have any
comments or suggestions please feel free to contact me.
Share:
Twitter
Facebook
About Sonny
https://browninfosecguy.com/Active-Directory-Lab-Setup-Tool 14/15
7/18/2021 Active Directory Lab Setup Tool
https://browninfosecguy.com/Active-Directory-Lab-Setup-Tool 15/15