Lab 02 ‐ DNS & ADDS Role - AidanP017/Aidan-SYS-255 GitHub Wiki

Overview

In this lab, we made configurations on a Windows 2019 virtual machine in order to provide a domain name and active directory services for the 10.0.5.0/24 network.

How to Change a PC Name in Windows

To change a PC Name on a Windows computer, simply take the following steps:

  • Open the Start menu on the bottom-left corner of the desktop.
  • Type "View your PC name"
  • Scroll down to "Device specifications"
  • Click on "Rename this PC"
  • Enter your new PC name in the white text box.
  • Click on "Next"

Upon completing these steps, your computer will prompt you to restart the system in order to save your changes. Once you restart your computer, you will be able to see your new name for your PC configured.

How to Install the ADDS Role in Windows

To install the ADDS Role on a Windows computer, follow the below steps:

  • Open the Start menu on the bottom-left corner of the desktop.
  • Type "Server Manager" and open it.
  • Click on "Local Server" on the lefthand side of the Manager.
  • Click on "Manage" on the top of the Manager.
  • Click on "Add Roles and Features"
    • You will be directed to a Wizard.
  • Click on "Server Roles" on the lefthand side of the Wizard.
  • Check the box next to "Active Directory Domain Services"
    • In the tab, click on the box labeled "Add Features"
  • Click on "Confirmation" on the lefthand side of the Wizard.
  • Check the box labeled "Restart the destination server automatically if required"
    • Select "Yes" in the pop-up box.
  • Click on "Install" at the bottom of the Wizard.
  • Click on "Close" once the installation is complete.

How to Promote a Server to a Domain Controller

To promote a server to a domain controller in Server Manager, complete the following steps:

  • Click on the Notification icon (the flag) at the top of the Manager.
  • If you have already set up your server, you should see a notification asking for Post-deployment configuration.
    • Select "Promote this server to a domain controller"
  • Select "Add a new forest" in the Wizard and assign a root domain name for the forest.
  • Click on "Domain Controller Options" on the lefthand side of the Wizard.
  • Enter a Directory Services Restore Mode (DSRM) password for the domain controller.
  • Click "Install" once the prerequisites check has been completed.

After installing, the system will reboot and you will be prompted to log in as the domain administrator.

How to Add a DNS Record in Windows

To add a DNS record on a Windows computer, take the following steps:

  • Click on the DNS tab on the lefthand side of Server Manager.
  • Right-click on your server and select "DNS Manager"
    • You can also get to the DNS Manager by selecting "Tools" on the top of the Manager and selecting "DNS"
  • Locate your domain in the "Forward Lookup Zones" directory.
  • Right-click on your domain folder and select "New Host (A or AAAA)"
  • Assign the appropriate name and IP address to the new host.
  • Check the box labeled "Create associated pointer (PTR) record"
  • Click on "Add Host"

Upon completion of the process, you may receive a warning saying that a PTR record can not be created due to no referenced reverse lookup zone being found. To resolve this, we will have to create a Reverse DNS record.

To create a Reverse DNS record;

  • Right-click on the "Reverse Lookup Zones" directory.
    • Select "New Zone"
  • Keep clicking on "Next" until you are asked to enter a Network ID.
    • Enter the appropriate Network ID in the box and keep selecting "Next" until the Wizard is finished. The new zone will then be created.

Finally, create a new PTR record for the fw01-yourname and ad01-yourname A records by completing the following steps:

  • Open the "Reverse Lookup Zones" directory and right-click in the directory.
    • Select "New Pointer (PTR)..."
  • Type in the appropriate Host IP address and browse for the directory of your domain in the "Forward Lookup Zones" directory.
  • Select "Ok"

How to Create Named Domain Users for AD01 Workstation

To create a named domain user for an AD01 workstation, complete the following steps:

  • Select the "AD DS" tab on the lefthand side of Server Manager.
  • Right-click on your server and select "Active Directory Users and Computers"
  • Right-click on your server directory, select "New", and select "User"
  • Enter in the appropriate information, then select "Next"
  • Create a password for the new user.
    • Uncheck the box labeled "User must change password at next logon"
  • Select "Next" and then select "Finish"

If desired, add this new user to the Domain Admins Group by completing the following steps:

  • Right-click on the new user and select "Add to a group..."
  • If desired, enter "Domain Admins" in the box below.
  • Click on "Ok"

How to Add the WKS01 Workstation to a New Domain

To add the WKS01 Workstation to the new domain, complete the following steps:

  • Select the Start icon on the bottom-left corner of the desktop.
  • Enter "Control Panel" and open it.
  • Select "System and Security"
  • Select "System"
  • Click on "Change settings" under "Computer Name, domain, and workgroup settings"
  • Click on "Change" to rename the computer.
  • Enter the domain name in the box below and select "Ok"
  • Enter the user name and password of the account with permission to join the domain.
  • Click on "Ok"

You will then be prompted to restart the computer to apply your changes.

Commands

  • nslookup ip_address --- Performs a reverse DNS query.
  • nslookup fw01-your_name --- Performs a query based on the hostname.
  • nslookup your_name.local --- Performs a search for the domain's DNS server.
  • whoami --- Indicates that you are logged in as a certain user/domain user.
  • hostname --- Identifies the name of the workstation.