Active Directory Lab Run Down

Booting VM

  1. Download & install VirtualBox from https://wwwvirtualBox.org.
  2. Open VirtualBox → New → give VM name WS-Server-2022 → Type: Microsoft Windows → Version: Windows 2019/2022 (64-bit).
  3. Assign RAM: 4096–8192 MB (4–8 GB). Create a virtual hard disk (VDI, dynamically allocated) with 40 GB.
  4. In VM settings → Storage → attach the Windows Server ISO to the optical drive.
  5. Create a second VM for a Windows client: name Client-Win10, assign 2–4 GB RAM, 40 GB disk, attach Windows 10/11 ISO.

Install Windos Server 2019

  1. Start WS-Server-2022. Follow installer: choose Windows Server 2022 Datacenter (Desktop Experience).
  2. During install, create an administrator password. Complete installation and sign in to the server desktop.

Configure IP on the Server

  1. Open Settings → Network & Internet → Ethernet → Change adapter options (or use Control Panel).
  2. Right-click the NIC → Properties → IPv4 → Properties → Use the following IP address:
    • IP: 172.16.0.1
    • Subnet mask: 255.255.255.0
    • Default gateway: 10.0.2.2 (your VM NAT or host adapter depending on setup)
    • Preferred DNS server: 127.0.0.1 (server will be DNS for domain)
  3. The NAT connecting you to the internet should alredy be automatically configured
  4. Command to verify: open PowerShell and run: ipconfig /all

Install Active Directory Domain Services (AD DS)

  1. Server Manager → Add roles and features → Next → Role-based → select Active Directory Domain Servicesand install.
  2. After install, in the notification flag click Promote this server to a domain controller → Create a new forest: mydomain.com.
  3. Set Directory Services Restore Mode (DSRM) password (remember it). Continue and reboot when prompted.

Create OUs Users and Groups

  1. Open Active Directory Users and Computers.
  2. Right-click the domain → New → Organizational Unit → create HR, IT, Sales.
  3. Under IT create a user: jane.technician → set password and uncheck “User must change password at next logon” (for lab).
  4. Create a security group: HelpDesk-Staff and add jane.technician to it.

Create Group Policy (GPO)

  1. Open Group Policy Management (Server Manager → Tools).
  2. Right-click the domain → Create a GPO named Baseline-Workstation. Edit it.
  3. Computer Configuration → Policies → Windows Settings → Security Settings → Account Policies → Password Policy → Minimum password length = 8

Install RAS/NAT

  1. Open Server Manager → Select add roles and features
  2. Click Next untill you navigate to Server Roles → Select Remote Access → Click next and select routing → click next utill you navigate to Confirm installation selections and click Install
  3. Server Manager → Tools → Routing and remote access → Right click DC local → Configure and enable routing and remote access → Next, select (NAT), Next → Select public interface to connect to the internet → Next → Finish

Configure DNS/DHCP (DNS is installed automatically with AD)

  1. Confirm DNS service is running: in Server Manager → Tools → DNS → check forward lookup zones—mydomain.com should exist.
  2. (Optional) Install DHCP role if you want the server to hand out IPs. For simplicity, you can set your client VM to static IPs or use VirtualBox NAT. Command to verify DNS: in PowerShell:
booting virtual box DNS zone ping

Install Windows Clinet and Join Domain

  1. Boot Client-Win10.
  2. Click start → Go to command line → Type ipconfig
  3. Restart client.