LogoLogo
  • Active Directory Pentesting Lab by Nee
    • Infrastructure
  • Network Setup
    • Vswitch & Port Group Configuration
    • pfSense Firewall
  • Deploying Systems
    • Windows Server 2022 [Domain Controller]
    • Windows 11 Pro [Endpoint]
  • Domain Setup [4pfsec.local]
    • Domain Controller 1
    • Endpoint 1
  • Penetration Testing
    • Introduction
Powered by GitBook
On this page
  • Accounts
  • PC Name
  • Network Settings
  • Active Directory Services
  • Promoting Server to DC
  • DNSClient Server Address
  • Active Directory Certificate Services
  • Configuring Certificate Services
  • Adding Users & Service Accounts
  • User Accounts
  • Service Account
  • Service Principal Name (SPN) setup
  • SMB Share
  • Create a folder
  • Create New Share
  1. Domain Setup [4pfsec.local]

Domain Controller 1

PreviousWindows 11 Pro [Endpoint]NextEndpoint 1

Last updated 2 years ago

Accounts

Most Secure Password = P@ssw0rd

PC Name

First I'll be renaming my server as shown below.

Network Settings

Its important to set a static IP for our Domain Controller.

Active Directory Services

Next, I'll be adding the active directory domain services role on to the server.

Promoting Server to DC

Once the active directory domain services is done installing, there'll be a prompt asking to promote the server to a Domain Controller. Let's go ahead and do that.

After a restart the domain will be populated as shown bellow. If you see something like this, you've done it correctly.

DNSClient Server Address

Now that we have the Active Directory service up and running, we can set the correct interface which will be handling our DNS Queries.

Set-DnsClientServerAddress -InterfaceIndex 15 -ServerAddress 10.11.12.10

Active Directory Certificate Services

Next, AD Certificate Services can be optionally added to the server for LDAP.

Configuring Certificate Services

Similar to the case above, a prompt will request to configure the Certificate Services.

Reboot the server for changes to take place!

Adding Users & Service Accounts

I'll be adding a couple users into the domain for the lab's purpose.

User Accounts

John Hammond

First = John
Last = Hammond
logon = john
password = P@ssw0rd

Heath Adams

First = Heath
Last = Adams
logon = heath
password = P@ssw0rd

Service Account

Go ahead and copy he Administrator account to create the service account.

First = SQL
Last = Service
logon = SQLService
password = MiP@ssw0rd!
Description = Devs pls take note: password = "MiP@ssw0rd!"

Service Principal Name (SPN) setup

A service principal name (SPN) is a unique identifier of a service instance. SPNs are used by Kerberos authentication to associate a service instance with a service logon account. Lets go ahead and create that.

setspn -a 4pfsec-DC/SQLService.4pfsec.local:60111 4pfsec\SQLService

Verify SPN

Now that we have setup the SPN, lets verify that its up and running as per expectations.

setspn -T 4pfsec.local -Q */*

SMB Share

Create a folder

First, create a folder that you'd like to share out to your network.

important

Create New Share

Hit install
Hit configure
Hit create