Lab02 setup - jacob-dinapoli/tech-journal GitHub Wiki

  • First Step: Edit virtual machine properties
    • In the ad01 workstation go to Edit Settings
    • Change the Network Adapter to the LAN.
    • Start the virtual machine.
  • Second Step: Login
    • Login to the administrators account.
    • This will bring you to changing the password.
    • For this lab we will change the password to "Champlain!123"
  • Third Step: Host and Network Configuration
    • If the Server Manager is not already running, invoke it from the start menu.
    • Change the Internet Protocol Version 4 Properties
      • IP Address: 10.0.5.5
      • Subnet Mask: 255.255.255.0
      • Default Gateway: 10.0.5.2
      • DNS Server: 10.0.5.2
    • If the Discoverable option shows up, select yes; this means you are on your LAN.
    • The time should be set to UTC-5:00 Eastern Time(Us & Canada)
    • Locate how to change the computer name; change it to "ad01-jacob-dinapoli"
    • Restart:)
  • Fourth Step: Check Networking
    • Server Manager should pop up
    • Check if computer name is correct
    • Launch Powershell
    • Run the following commands
      • whoami
      • ping google.com
  • Fifth Step: Installing the ADDS Role
    • Open Server Manager
    • From the manage menu, select "Add Roles and Features"
    • A Pop up window will show
    • Do not make changes to the Installation Type and Server Selection.
    • Within the Server Roles tab, select "Active Directory Domain Services"
      • Select add features
    • Do not make changes to Features and AD DS roles.
    • In confirmation tab, check off the "Restart..."
      • Select yes on the confirmation dialog.
    • Install:)
  • Sixth Step: Promotion
    • Select the link to Promote this server to a domain controller.
    • Select add a new forest for the deployment operation.
    • for the root domain name use your first name and .local; "jacob.local"
    • Click Next.
    • Enter the DSRM password, this password is used to recover the directory in case of error.
      • The password I am going to set is, "Champlain!123"
  • Seventh Step: DNS Error
    • There will be an error that pops up.
    • This is because we gave our environment a .local top level domain(TLD)
    • Since this is an internal domain, we will leave it as is.
    • Install:)
  • Ninth Step: DNS
    • After the installation, you should see that the servers network configuration has changed.
    • The DNS server points to 127.0.0.1
      • This is the local loopback adapter for ad01
    • DNS queries not handled locally are forwarded to fw01, which will then forward to its DNS server
  • Tenth Step: Adding a DNS Record
    • The following commands run from ad01 show that we cannot access fw01 by name and only by IP address.
      • hostname
      • ping 10.0.5.2
      • ping fw01-jacob-dinapoli (will not work)
  • Eleventh Step: DNS Manager
    • Within Server Manager
    • Invoke DNS Manager from the Server Management/DNS.AD01 context menu.
  • Twelfth Step: Forward Lookup Zone
    • The DNS Manager window will pop up
    • Find and expand the forward lookup zone for your new domain.
    • Right click your name, jacob.local
    • Select New host
    • Within name put the name for the fw01 server, fw01-jacob-dinapoli
    • In IP address put 10.0.5.2
    • Check off "Create associated pointer record"
    • Add Host
  • Thirteenth Step: Reverse DNS
    • We will add a reverse primary lookup for all IP addresses in the 10.0.5.0/24 Network
    • Right click on Reverse Lookup Zone
    • Select New Zone
    • Keep the defaults
    • Add a network ID for 10.0.5
    • Select your user.local (jacob.local)
    • Right click and bring up properties on fw01-user (fw01-jacob-dinapoli)
    • Uncheck the "Update associated pointer record"
    • Do the same for the ad01
  • Fourteenth Step: Create Name Domain Users on ad01
    • In this step we will create a named domain administrator account as well as a named non-privileged user account.
    • On the ad01, locate the Active Directory Users and Computers Option.
      • In Server Manager, go to AD DS tab and right click on server name.
    • Under the domain's user, right click on the Users tab.
      • Select new -→ user.
    • I will add a new user(jacob.dinapoli-admin) which will be a Domain Administrator
    • Click Next
    • We will uncheck the user must change password at next login(for lab purposes)
    • The password I will use is "Champlain!123"
    • Click Finish.
    • Right Click on the user just created and select "Add to a group"
    • Type Domain Admins in the field
    • Click Check Names.
    • Create a non-privileged account(skip the addition to Domain Admins)
  • Fifteenth Step: Preparing wks01 to join yourname.local(jacob-dinapoli.local)
    • In this step, we will be setting wks01's DNS to ad01's address(10.0.5.5)
    • On wks01 desktop, locate to the IPv4 Properties.
    • Change the preferred DNS server to the one above.

Now that you are using your new DNS server, we can attempt to ping by hostname. The following screen shows that you should be able to do a reverse lookup to fw01's PTR record using nslookup. You can also ping by fully qualified hostname. You cannot ping by the unqualified "fw01" hostname because we are not a domain joined system yet nor do we have a DNS suffix configured for yourname.local on wks01.

 * Open up powershell and run these commands: 
      * hostname 
      * whoami 
      * ping fw01-jacob.dinapoli
           * This command should not work. 
      * nslookup 10.0.5.2 
      * nslookup fw01-jacob-dinapoli.jacob.local 
      * ping fw01-jacob-dinapoli.jacob.local 
      * ping jacob.local 
           * This command pings the domain.
  • Sixteenth Step: Joining wks01 to your new domain
    • We will be joining the domain that we just created.
    • Within the control panel, locate "Computer Name/Domain Changes"
    • Select the domain bubble and put the domain name (jacob)
    • if everything went well, you will be prompted for an admin password.
      • use the one you created on ad01.
    • You should have been successfully welcomed to the domain.
    • Restart wks01.