Lab 2: Server 2019, ADDS and DNS - NathanStMarie/tech-journal GitHub Wiki

Server 2019

  • Edit the virtual machine properties for ad01, setting Network Adapter 1 to lastname-LAN adapter.
  • Use default settings except:
    • Do the Product Key later
    • Set and remember the Administrator Password
  • Start Server Manager, set the following:
    • IP address: 10.0.5.5
    • Netmask: 255.255.255.0
    • Gateway 10.0.5.2 (this is fw01)
    • DNS 10.0.5.2
    • Set discoverable option to Yes for systems on the LAN.
    • Set the time to UTC-5:00 Eastern Time (US & Canada)
    • Computer name: ad01-nathan (ad01-firstname)
  • Reboot!
  • You can check if the setup was done right by:
    • Use Powershell to see results from whoami command and `ping google.

Install the ADDS Role:

  • Server Manager > Manage > Add Roles and Features > Select Active Directory Domain Services > Add Features > Pick Active Directory Domain Services
  • Choose restart destination server and select yes in the confirmation dialog.
  • After installation, promote the server to be the primary domain controller for nathan.local (firstname.local).
  • Click the GUI link "Promote this server to a domain controller"
  • Add a new forest, with root domain name: nathan.local (firstname.local)
  • Enter the DSRM password. (remember this)
  • This installation will take a while, and requires a reboot. Log back in as the domain admin rather than the local admin.

DNS, adding records

  • After the reboot, ad01's DNS server points to 127.0.0.1. We need to add DNS records such that anyone using ad01 as a DNS server can find the domain name fw01.nathan.local to 10.0.5.2
  • In Server Manager > DNS, Right-click on ad01-nathan, and click DNS Manager
  • Add New Host (A or AAAA) to the Forward Lookup Zone:
    • Name: fw01-nathan
    • IP: 10.0.5.2
    • Check "Create associated pointer (PTR) record
  • Under the Reverse Lookup Zones, right-click and add New Zone...
  • Network ID: 10 .0 .5 .[]
  • Make sure to uncheck the PTR records from the A record of fw01-nathan and ad01-nathan and recheck and apply.
  • The reverse DNS entry for fw01 and ad01 should be in the 5.0.10 reverse lookup zone. May need to refresh the view.

Create Named Domain Users on ad01

  • Under Server Manager > AD DS, right-click AD01-NATHAN > Active Directory Users and Computers
    • nathan.local > Users, Right-click New > User
    • Add user:
      • First name: Nathan
      • Last name: St. Marie
      • Full name: Nathan St. Marie (ADM)
      • User logon name: nathan.stmarie-adm
      • Uncheck user must change password at next login.
    • Add that user to the Domain Admins Group (name is Domain Admins)
    • Replicate the above process, except no "adm" and don't add the user to the Domain Admins group.

Have wks01 join nathan.local

  • Change the DNS server address to: 10.0.5.5 (same process as before)
  • This PC > Properties > Computer name, domain, and workgroup settings > Change Settings
  • Computer name (remains): wks01-nathan
  • Member of Domain: nathan
  • Enter Domain Admin account to solidify domain joining.
  • Restart the Workstation.