Lab Configuration 2 - adaley0518/Tech_Journal GitHub Wiki

Prerequisites:

  • wks01 should be able to ping champlain.edu via the default gateway at 10.0.5.2

Configuration

  1. Adjust the network adapter for ad01

    • network adapter: LAN

  2. use default settings with the following exceptions

    • Product Key --> do later
    • Administrator Password

  3. Host and Network Configuration

    • Server manager should be running already (may take some time)
    • go to Local Server Manager to begin configuration changes
    • Set the following (ethernet0 --> properties)
      • IP address: 10.0.5.5
      • Netmask: 255.255.255.0
      • Gateway: 10.0.5.2 (fw01 should be running)
      • DNS 10.0.5.2
      • Select yes for allowing PC to be discoverable on your LAN
      • Time should be set to UTC-5:00 Eastern Time (US & Canada)
      • Computer name: ad01-amber
      • Then reboot computer

  4. Checking Network

    • powershell or cmd
    • whoami (check hostname)
    • ping google.com

  5. Installing ADDS Role

    • Server manager
      • click 'manage' tab
      • click 'add Roles and Features'
      • click 'next x2 '
      • click 'ad01 and next'
      • when at server roles
        • check off ' Active Directory Domain Services'
        • click 'add features'
        • should install and choose the restart destination server option and select yes on the confirmation dialog

  6. After Installing, Promotion

    • we need to configure our server to be the primary domain for amber.local.
    • click on the flag with ! and click 'promote this server to a domain controller'
    • In the active directory domain services configuration wizard, we are going to create a new forest.
      • be in deploy configuration
      • select 'add new forest'
      • root domain name: amber.local
      • enter DSRM password incase

  7. DNS Error

    • an error is indicated during installation. Installation can take time after a reboot. When I log back in it should be Domain administrator as opposed to local Administrator --> (AMBER\Administrator)
    • After installation, the ad01's servers network config has change. DNS server is now 127.0.0.1.

  8. Adding a DNS Record

    • creating a DNS recond on server so anyone using ad01 as a DNS server can resolve the domain name fw01.amber.local. to 10.0.5.2
    • powershell
      • hostname = ad01-amber
      • ping 10.0.5.2, should work
      • ping fw01-amber, shouldn't work

  9. DNS Manager

    • find and invoke DNS Manager from server manager/dns/ad01 menu
      • Click 'DNS'
      • on ad01-amber, right click 'DNS Manager'

  10. Forward Lookup Zone - amber.local

    • find and expand the forward lookup zone for new domain'
      • click 'Forward Lookup Zones'
      • click 'amber.local'
      • right click 'New Host (A or AAA)
        • name: fw01-amber
        • FQDN: fw01-amber.amber.local
        • IP Address: 10.0.5.2
        • check off 'create associate pointer record
        • 'add host'
        • DNS warning, click okay

  11. Reverse DNS

    • still in the DNS Manager, under 'Forward Lookup Zones'
      • click 'Reverse Lookup Zones'
      • right-click, 'new zone'
      • click next till 'Network ID' --> 10.0.5.
      • follow instructions till end
    • now, go to 'amber.local'
    • click on 'fw01-amber'
      • click the box for 'update associated PTR record'
      • click 'apply' then 'ok'
      • then do same for 'ad01-amber'
    • both fw01-amber and ad01-amber should be in the reverse lookup zones/ 5.0.10 in-addr.arpa
      • will say:
        • Name: 10.0.5.2 --> Type: PTR --> DATA: fw01-amber.amber.local
        • Name: 10.0.5.5 --> Type: PTR --> Data: ad01-amber.amber.local

  12. Create NAmed Domain Users on ad01

    • Create a named domain administrator account as well as a named non-privileged user account
      • click 'AD DS'
      • right-click, 'Active Directory Users and Computers'
        • got to 'amber.local
        • click on users
        • right-click 'new', then 'user'
        • Create Admin
          • First Name: Amber
          • Last name: Daley
          • Full Name: Amber Daley (ADM)
          • user logon name: amber.daley-adm @amber.local
          • user logon name (pre-Windows): AMBER\ (seperate box) amber.daley-adm
          • next
          • uncheck user must change password at next login
        • add user to Domain Admins Group
          • find Amber Daley (ADM)
          • right-click on name, 'add to group'
          • enter the object name: Domain Admins, hit OK
        • add Non-privileged account
          • 'new', 'user'
          • same steps as ADM but no adm and skip addition to the Admin Group
    • Note: only log in as amber.daley or amber.daley-adm depending on privileges

  13. Preparing WKS01- to join amber.local

    • set wks01 DNS to 10.0.5.5
      • IPv4 properties of ethernet0
    • powershell
      • hostname: wks01-amber
      • whoami: wks01-amber\amber.daley-loc
      • ping fw01-amber: shouldn't work
      • nslookup 10.0.5.2: unknown --> 10.0.5.2 & fw01-amber.amber.local --> 10.0.5.5
      • nslookup fw01-amber.amber.local: unknown --> 10.0.5.5 & fw01-amber.amber.local --> 10.0.5.2
      • ping fw01-amber.amber.local: should work
      • ping amber.local: should work

  14. Joining wks01 to your new domain (control panel, system)

    • if hostname isn't wks01-amber change it
    • Window security --> Computer Name/Domain Changes
      • username: amber.daley-adm and pass
    • if went well should say welcome to the amber domain
    • and restart wks01

  15. If time check:

    • ad01
    • got to the active directory users and computers
      • go to amber.local
      • computers
        • should see WKS01-AMBER
    • sign out of wks01 and sign in as *user: amber.daley@amber *pass: whatever is set
    • once in go to powershell
      • nslookup 10.0.5.2: should see all the info for ad01 --> 10.0.5.5 and fw01 --> 10.0.5.2
      • nslookup fw01-amber: same results
      • nslookup amber.local: ad01 --> 10.0.5.5 and amber.local --> 10.0.5.5