Milestone #2 - wAlber47/Tech-Journal GitHub Wiki

Before starting this, make sure to have these installed on the ESXi server from rackstation:

  • SW_DVD5_WIN_ENT_LTSC_2019_64BIT_English_-2_MLF_X22-05056.ISO
  • SW_DVD9_Win_Server_STD_CORE_2019_1909.4_64Bit_English_DC_STD_MLF_X22-29333.ISO
  • VMware-VCSA-all-6.7.0-15976714.iso

Server19 Creation

We want to create a baseline Windows 2019 Server Virtual Machine that can be deployed to easily create an Active Directory server for our network. Using the second of the three ISO's above, create a new virtual machine with these configurations:

image

For Virtual Hardware:

Device Configuration
CPU 2
Memory 4 GB
Hard Disk #1 40 GB (Thin)
Hard Disk #2 40 GB (Thin)
Network Adapter #1 VM Network
CD/DVD Drive #1 SW_DVD9...

From here, power on the machine and following the installation instructions. Make sure to choose Desktop Experience.

When prompted for the Administrator password, we want to make it so there is no password for this user. This can be by done by typing ctrl+shift+f3. This reboots and takes us to audit mode. It should boot up to the desktop.

Once booted, move the SysPrep tool off to the side and open up an administrator PowerShell console. Use sconfig to enter Server Configuration.

Then, we need switch update settings to manual, download and install all updates, and change the time zone to EST. Downloading updates may take multiple reboots and may take some time. Wait until the prompt shows that there are no available updates.

image

After this, we need to create a new admin user, named "deployer". This can be done here:

image

To install SSH tools on this machine, so that we can access the server, follow these commands:

  • Add-WindowsCapability -Online -Name OpenSSH.Server~~~~0.0.1.0
  • Start-Service sshd
  • Set-Service -Name sshd -StartupType Automatic
    • Starts sshd automatically.
  • Set-ItemProperty "HKLM:\Software\Microsoft\Powershell\1\ShellIds" -Name ConsolePrompting -Value $true
  • New-ItemProperty -Path HKLM:\Software\OpenSSH -Name DefaultShell -Value "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -PropertyType String -Force
    • Sets default SSH shell to PowerShell.

After this step is complete, run disk cleanup and select everything. Make sure VMWare Tools are installed (Mount+Restart+Run).

Now that everything else should be set, we can SysPrep the machine. We should pull a file from the Github share using:

  • wget http://raw.githubusercontent.com/gmcyber/480share/master/unattend.xml -Outfile C:\unattend.xml

Then, open a new CMD and go to the C: Drive. From here, we can run:

  • C:\Windows\System32\Sysprep\sysprep.exe /oobe /generalize /unattend:C:\unattend.xml

Should throw no errors, and pop up with a "Sysprep is working ..." menu. Once the system turns off, remove the ISO file, (No Power On Either).

Take a base snapshot of this machine.

Deploying Active Directory

This machine should be ready to go ahead and install ADDS. However, there are a few things that need to be done before this:

  1. Change to 480WAN
    1. IP Address: 10.0.17.4/24
    2. Hostname: dc1
    3. DNS+Gateway: 10.0.17.2
  2. SSH into System from xubuntu
  3. Install ADDS (alber.local)
  4. Install DNS
    1. Create A+PTR Records for vcenter.alber.local at 10.0.17.3
  5. Enable Remote Desktop
  6. Install DHCP
    1. Create a DHCP Scope from 10.0.17.101-10.0.17.150
    2. Router: 10.0.17.2
    3. DNS: 10.0.17.4
  7. Create named domain admin (willaim-adm.alber.local)

Out of these things, I won't be making guides for things like setting up the network settings or connecting through SSH, but there will be sections for the other pieces.

Installing ADDS+DNS on Powershell

  • Add-WindowsFeature AD-Domain-Services
  • Install-ADDSForest -DomainName alber.local -InstallDNS

DNS Configuration

In order to add the DNS Records for the vCenter server:

  • Add-DNSServerResourceRecordA -name vCenter -ZoneName alber.local -IPv4 10.0.17.3
    • Creates the A Record for vCenter.
  • Add-DNSServerResourceRecordPTR -Name "4" -ZoneName "17.0.10.in-addr.arpa" -ComputerName vcenter.alber.local
    • Creates the PTR Record for vCenter.

Enabling RDP

image

DHCP Configuration

  • Install-WindowsFeature DHCP -IncludeManagementTools
  • netsh dhcp add securitygroups
  • Restart-Service dhcpserver

image

image