Lab ‐ Windows Admin Center - jacobwilliams100/sec-440 GitHub Wiki
Pre-Configuration
AD01
First, put it on the LAN network
use sconfig to set updates to manual
Setting timezone to EST
Setting hostname to AD01
IP Configuration
IPv4 Address: 10.0.5.5
Netmask: 255.255.255.0
IGW: 10.0.5.1
DNS: 10.0.5.1
Test ping to gateway, internal host, and external host
Now install active directory with Install-WindowsFeature AD-Domain-Services -IncludeManagementTools
Set up the forest with Install-ADDSForest -DomainName jake.local
Install DHCP Server Tools with server manager
Create a named Domain Admin and Domain User using Active Directory Users and Computers within Server Manager
FS01
Put it on LAN Network
start it back up, use sconfig to set updates to manual
Set system time to EST
'
Set hostname to FS01 (will need to restart)
IP Configuration
IPv4 Address: 10.0.5.7
Netmask: 255.255.255.0
IGW: 10.0.5.1
DNS: 10.0.5.5 (AD01)
Test ping
Joining to jake.local domain
use sconfig
You will need to restart.
WKS1
Put it on LAN network
IP Settings
IPv4 Address: 10.0.5.8
Netmask: 255.255.255.0
IGW: 10.0.5.1
DNS: 10.0.5.5 (AD01)
Testing Connection
Joining to domain
After doing this, restart
Task 1: Windows Admin Center on FS01
download with Invoke-WebRequest -Uri "https://aka.ms/WACDownload" -OutFile WindowsAdminCenter.msi
install with .\WindowsAdminCenter.msi
Default settings are fine
back on WKS01, connect to this URL, and use your domain admin credentials to enter the site.
You will need to manually add all hosts using the GUI
Deliverable 1: Screenshot showing three of your windows systems.
Task 2: Windows Admin Center “Extensions” for Active Directory and DNS management
After this, go to the settings wheel->Extensions
from the list, install the "Active Directory" and "DNS" Extensions, hit install for each
Back on the landing page, right click AD01 (log in with named domain admin created earlier)
We can configure ADDS and DNS (using the Extensions we installed earlier) with these icons on the sidebar
Deliverable 2. Figure out how to add functionality to WAC that will allow us to manage AD and DNS Provide screenshots
Task 3: While accessing WAC on FS01 from a browser on WKS1, use the remote powershell tool to access a powershell terminal on AD01
It's as simple as scrolling down and clicking "Powershell" on the sidebar and logging in as domain admin.
Deliverable 3. Figure out how to invoke a remote powershell session with AD01
Task 4: Use WAC to remote into WKS1
Simply trying to connect will throw this error
To make this work, we need to enable and configure WinRM, and set up the firewall to allow remote desktop connections. There are many ways to do this, so we will
Enabling WinRM
open admin powershell and run the command winrm quickcondig
Reconfiguring Windows Defender Firewall
Open Windows Defender Firewall with Advanced Security and Enable this rule:
You should now be able to access the machine with the YOURNAME\yourname-adm domain account
Go to Remote Desktop on the sidebar, and log in once again
It may tell you that you need to enable Remote Desktop, follow the link and Enable it.
Try again, and you should be able to connect now!