480 Milestone 9 Blue1.local - InaFricke/SEC-480 GitHub Wiki

9.1 Server Linked Clone & Static IP

Created linked clone

  1. Use 480-utils to create a linked clone of your server 2019 base, drop it on the BLUE-LAN and call it dc-blue1

I am calling it dc-blue8

Include the start lab function

Static IP

Create a new function in 480-utils that can set a static ip of for windows systems using the Invoke-VMScript powercli function.
This function, in addition to guest credentials, can call an operating system command like netsh Set the blue1-dc's static ip to 10.0.5.5, set the netmask, gateway, and name server appropriately.

Attempt 1

  1. Change Administrator Password RR32!, deployer RR32

check ipconfig /all to confirm Ethernet0

  1. add to utils

Update the export line and add Set-WindowsIP

# Sets a static IP configuration on a Windows VM using Invoke-VMScript and netsh
function Set-WindowsIP {

    param (
        [string]$VMName,          # Name of the VM
        [string]$IPAddress,       # Static IP address
        [string]$SubnetMask,      # Subnet mask
        [string]$Gateway,         # Default gateway
        [string]$DNS,             # DNS server
        [string]$GuestUser,       # Guest OS username
        [string]$GuestPassword,   # Guest OS password
        [string]$Interface        # Network interface name
    )

    # Build netsh commands to set static IP and DNS
    $script = @"
netsh interface ip set address name="$Interface" static $IPAddress $SubnetMask $Gateway
netsh interface ip set dns servers name="$Interface" static $DNS
"@

    # Execute script inside the guest OS
    Invoke-VMScript `
        -VM $VMName `
        -ScriptText $script `
        -GuestUser $GuestUser `
        -GuestPassword $GuestPassword `
        -ScriptType Bat
}
  1. add to driver
$securePass = Read-Host "Enter guest password" -AsSecureString
$cred = New-Object System.Net.NetworkCredential("deployer", $securePass)

Set-WindowsIP `
    -VMName $CloneName `
    -IPAddress "10.0.5.5" `
    -SubnetMask "255.255.255.0" `
    -Gateway "10.0.5.2" `
    -DNS "10.0.5.5" `
    -GuestUser $cred.UserName `
    -GuestPassword $cred.Password `
    -Interface "Ethernet0"
  1. Run it

check on dc8

ISSUE DNS not set correctly getting random IPv6 fallback addresses

FIX change this line:

netsh interface ip set dns servers name="$Interface" static $DNS

to THIS:

netsh interface ip set dns name="$Interface" static $DNS

Run again and check the new DNS: