Active Directory Refresh - devinziegler/Devin-Tech-Journal GitHub Wiki

Lab00 - Routing and Windows

This lab was mainly a refresh of the the things from last year. This entry should serve as a reminder any time I need to look back on creating a new system or perhaps if I need to reset a system in the future. This entry will also serve as a failsafe just in case I lose track of any information about my environment.

Knowledge Refresh

The current state of the environment look like this:

• ad01-devin
• wks01-devin
• mgmt01-devin
• fw01-devin

Firewall is the start of any environment. This firewall like last year, has a LAN and WAN interface. Make sure all internal systems are set to LAN in vcenter. Next, we have the active directory server running on a windows core machine. Mgmt01 is being used as a GUI to interface with ad01. This makes DNS more user friendly. The only purpose of the workstation at this time is to be a domain member. Something important to note is that mgmt01 is not a domain controller. This is a server manager with server manager tools installed. ad01 is the only domain controller on the network as of now.

Firewall

resources for setting up the firewall can be found:

• PfSense Entry

Active Directory

The Active Directory machine is also a DNS server for our LAN. Before this time, we have used the GUI to setup active directory. A resource for this can be found below in from a previous entry:

• Active Directory & DNS (GUI)

Installing the features and promoting the server in a terminal is not very difficult. Use the following commands:

Install-WindowsFeature AD-Domain-Services -IncludeManagementTools

This command installs the features & tools needed for active directory to function as intended.

Install-ADDSForest -DomainName <domain.name>

This allows for the promotion of the server to domain controller. For more resources the Microsoft website has documentation on Active Directory cmdlets. That can be found here. Some things I need a refresher on are creating users for AD using the terminal, as well as adding them to groups.

Management

I think we ended up with a management server at the end of the semester. However, now we have a dedicated server. This is a system that is joined to the domain but not a domain controller. Servers can be added using the manage button in the top right of the server manager program. This can also be done by right clicking the all servers tab on the left side as seen below.

Final Notes

Basically everything else in the lab was the same as last year, I will post resources to refresh your brain below.

• Adding Users To Active Directory & Making an Domain Admin
• DNS forward and reverse zones & records
• Powershell Management Cmdlets