Building on the first project that set up our simulated Active Directory environment, we now move to the next step in our tutorial series. Welcome to the "Active Directory Deployment and Configuration" project, where we explore the details of deploying and refining an Active Directory system. This project is designed to impart a fundamental understanding of Active Directory services, emphasizing key aspects such as installation, forest creation, user account administration, domain integration, and customized Remote Desktop access.
- Configure and install Active Directory services on the designated Domain Controller virtual machine.
- Establish a new Active Directory forest.
- Create and administer user accounts with administrative privileges for effective management of the Active Directory environment.
- Integrate the Client-01 virtual machine into the established domain, ensuring seamless communication with the Active Directory infrastructure.
- Configure Remote Desktop access specifically tailored for non-administrative users, enhancing user accessibility while maintaining security protocols.
- Microsoft Azure (Virtual Machines/Compute)
- Remote Desktop
- Active Directory Domain Services
- Windows Server 2022
- Windows 10 (21H2)
- In the Server Manager dashboard, click Add roles and features and continue the setup
.
.
.
Select Active Directory Domain Services and finish the installation
.
.
.
- Once the installation is done, notice the flag on the top left of the Server Manager
- Click on the flag and promote DC-01 to Domain Controller.
.
.
.
- We will now add a new Forest and set the Root domain name to “mydomain.com”
- Finish setup and restart DC-01
- Log back in with “your username"@mydomain.com
.
.
.
- Once DC-01 has rebooted, click on tools and select Active Directory Users and Computers
- Right click on mydomain.com and select new and click on Organizational Unit
.
.
.
We will be creating an OU named _EMPLOYEES and _ADMINS
.
.
Right click on Users and create a new user named Jane Doe with the username jane_admin
.
.
.
Now we will turn Jane Doe into an admin by right clicking her name and adding her to the “Domain Admins” Security Group
.
.
.
Logout of DC-01 and log back in with Jane Doe’s credentials
.
.
.
For Client-01 to join the domain, we first have to set it’s DNS server as DC-01’s private address.
- In the Azure Portal, select Client-01 -> Networking -> Network interface and click on DNS servers
.
.
.
Select a custom DNS server and type in the private ip address of DC-01 and restart Client-01
.
.
.
Now log back in to Client-01 using your original admin credentials. Click start and go to Settings > Rename this PC (advanced) > Change and add “mydomain.com” and login with the admin credentials previously created (jane_admin)
Once Client-01 has been added, the VM will restart.
.
.
.
- Log back into Client-01 using jane_admin and open Settings > Remote Desktop> User Accounts and click “Select users that can remotely access this PC”
- Add Domain Users
This will allow normal users to login to Client-01
.
.
.
We've successfully concluded the Active Directory Deployment and Configuration phase. Through configuring Active Directory on the Domain Controller, we established our infrastructure by creating a forest, administrator account, and ultimately integrating Client-01 into the domain. In the upcoming project, we'll be generating users and simulating various Active Directory scenarios.