Local AD Implementation – 1

19
Windows-Pentesting

Active Directory Implementation

Pre-requests:

  1. Windows Server 2008 r2 Data Centre (Server OS)
  2.  Windows 7 (Enterprise in our case)

Step 1:- On Server OS (as administrator) Open Network and Sharing Settings. Then after that go to Properties of the Local Area Connection (as it is primary network connection).

1

Steps 2:- Select TCP/IP4 (Internet Control Version 4). Go to its properties.

2 1

Step 3 :- Before further editing the properties first we should check the current internet configurations by opening cmd.exe and type ipconfig. Note down the settings.

3

Step 4 :- Now click on “Use the following IP address:” and fill the details shown in step 3 (In my case the settings are these but in your case there might be different). DNS server settings here are these so that  internet connection should not be broken. Save these settings.

4

Step 5 :- Type dcpromo (Domain controller Promoter) and press Enter.

5 1

Step 6:- This will open the setup wizard to create an active directory for you. Click on Next.

6

Step 7 :- In this window setup is describing what new features and security enhancements have been added compared to previous versions of OS. This also issues a warning about compatibility with older versions of windows. Click on Next.

7

Step 8 :- Now this is asking weather you want to use any existing forest or want to create a new one.

  1. If you click on the Existing forest it will ask if you want to deploy any existing domain to domain controller i.e. want to use any backup
  2.  Or you want to use any existing forest and create a new domain into that.
  3. The last option is used to create a new forest.

We will use the last option i.e. create a new domain in a new forest. Click on Next. Remember if the current local admin account does not have good password then a warning might pop-up and you have to then set a strong password for that local account. This is because the local admin account will become the domain admin account.

8
9

Step 9 :- Now it will ask us to write FQDN(Fully Qualified Domain Name) of the forest we want to create. In our case I write my own “cyberdetector.com” and your should be different according to your organization. Click on next.

10

Step 10 :-  In this step it will ask us for forest functional level i.e. the functionalities of OS which we want to include. We will take Windows Server 2003 here(it’s your choice if you want previous OS compatibility or not in my case I just included compatibility of Windows Server 2008).

11

Step 11:-  In this step, it is asking for Domain function level.(Remember domains are a part of the forest)

11a

i.e. whether we want compatibility of previous of domain functionality.

Step 12:- In this step setup is recommending us to install DNS Server. Click on Next.

12

Step 13 :- Here setup is telling us that it didn’t find any public DNS on which this server

13

Step 14 :- Setup is asking for the directories where we want to install the Database, Log files and SYSVOL.

14

Step 15 :- Now the setup is asking to create a  Restore Mode Password. In case of emergency, this Account will help in recovery.

15

Step 16:- Now it is asking to review the settings you choose to apply. After Checking all the settings click on Next.

16

Step 17:- In this step, it will start deploying domain controller settings in the server. It will take some time. Depending on your hardware configuration it may take 10-30 minutes.

17

Step 18:- Once the installation finishes It will ask us to click on Finish button.

18

Step 19 :-  Now system will restart. Now depending upon your choice you can provide local admin credentials or domain admin credentials.

19

To be continued

Leave a Reply

Your email address will not be published. Required fields are marked *