# Endpoint 1 ## Rename PC The first thing is to rename the pc for your network. Do restart once renamed. ![](https://1937192737-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FObuEPM0wMmlYGGoxYCbD%2Fuploads%2FoQOy8raPM6vqMTkwhCib%2Fimage.png?alt=media\&token=7e93f5b5-9d57-481b-9e5a-eac68c1aa0b7) ## Disabling Windows Security ### Virus & Threat Protection ![](https://1937192737-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FObuEPM0wMmlYGGoxYCbD%2Fuploads%2FP5KupxUuCVenfyekdqtV%2Fimage.png?alt=media\&token=c70a5cc4-d202-4760-8a11-854e8c6371ac) ### Registry ![](https://1937192737-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FObuEPM0wMmlYGGoxYCbD%2Fuploads%2Fu51fL2bJjcy8YyHBjV4n%2Fimage.png?alt=media\&token=c669c2b0-bc21-49ef-9c51-f09475f8641e) ``` HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender ``` * DisableAntiSpyware => 1 * DisableRealtimeMonitoring => 1 * DisableRoutinelyTakingAction => 1 * DisableAntiVirus => 1 * DisableSpecialRunningModes => 1 * ServiceKeepAlive => 0 ![](https://1937192737-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FObuEPM0wMmlYGGoxYCbD%2Fuploads%2FcoRpzP0c9sHkdpx4xbxY%2Fimage.png?alt=media\&token=6237e7cb-a089-4080-b2f1-03ba9f97f1fd) ``` HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender\Signature Updates ``` * ForceUpdateFromMU => 0 ![](https://1937192737-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FObuEPM0wMmlYGGoxYCbD%2Fuploads%2FIguG4OSh9f4iW4nY65ot%2Fimage.png?alt=media\&token=6434b97c-ed9b-4e43-a5f4-a26da4cc2cee) ``` HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender\Real-Time Protection ``` * DisableRealtimeMonitoring => 1 * DisableOnAccessProtection => 1 * DisableBehaviorMonitoring => 1 * DisableScanOnRealtimeEnable => 1 ![](https://1937192737-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FObuEPM0wMmlYGGoxYCbD%2Fuploads%2Fhopy8PHqtYfgF2P4jSAb%2Fimage.png?alt=media\&token=6c59a8c9-a021-4ec3-a087-91ef621147ee) ``` HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender\Spynet ``` * DisableBlockAtFirstSeen => 1 ## Join the Domain Now that our client is prepped, its time to join the Domain. ### Changing DNS Server To be able to join the domain, we need to set the AD server as our DNS server. ![](https://1937192737-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FObuEPM0wMmlYGGoxYCbD%2Fuploads%2FfpBFgOovao3NxhwkfeM9%2Fimage.png?alt=media\&token=95798352-d4f3-4280-a210-5733af727a57) #### Check Connectivity ``` PS C:\Users\ladmin> ping dc1.4pfsec.local ``` ![](https://1937192737-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FObuEPM0wMmlYGGoxYCbD%2Fuploads%2F2ORLvt4r8FfJB2RkbY6x%2Fimage.png?alt=media\&token=1d63a142-0fae-41c2-8e7f-adf9dbda3a18) ### Join Domain Search for `Access work or school` and hit `connect`. ![](https://1937192737-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FObuEPM0wMmlYGGoxYCbD%2Fuploads%2Fnud2zCrw7oAC2NDpiF8f%2Fimage.png?alt=media\&token=9b14dfb6-1f7a-4e8d-b458-620574474bea) Now we want to select `Join this device to a local Active Directory domain`. ![](https://1937192737-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FObuEPM0wMmlYGGoxYCbD%2Fuploads%2FmVv3vgkfqudry9tlyAdE%2Fimage.png?alt=media\&token=d5b002fa-9dd4-4caa-ab67-89bc721bae57) ![](https://1937192737-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FObuEPM0wMmlYGGoxYCbD%2Fuploads%2FSDezrqSlY9NjJ3bavq6E%2Fimage.png?alt=media\&token=1542277b-5c71-4935-8c35-facaf49d28af) Now enter the domain name. `4pfsec.local` ![](https://1937192737-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FObuEPM0wMmlYGGoxYCbD%2Fuploads%2FgI9euKDTlcKpjD2zzSrR%2Fimage.png?alt=media\&token=79b97cbf-ec9f-42ec-a479-1e195b4ec9c1) ![](https://1937192737-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FObuEPM0wMmlYGGoxYCbD%2Fuploads%2FrGyt6js4sKo4ztR4h4IK%2Fimage.png?alt=media\&token=04da70ca-f948-4e5c-a28d-9228ed0d4840) There should be a pop up asking for credentials as shown below and hit skip. ![](https://1937192737-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FObuEPM0wMmlYGGoxYCbD%2Fuploads%2FyvKhhg3ijjyTQs0Hminx%2Fimage.png?alt=media\&token=9627769c-ec77-4922-85e9-711a0924072b) Hit skip upon seeing the following prompt. ![](https://1937192737-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FObuEPM0wMmlYGGoxYCbD%2Fuploads%2Fau1644bNvJTYcKoC1ehF%2Fimage.png?alt=media\&token=db306af6-4156-400b-a2f1-ac5cdd8cfebf) Once done, hit restart. ![](https://1937192737-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FObuEPM0wMmlYGGoxYCbD%2Fuploads%2F5idNbZVw8FraelFK6Er0%2Fimage.png?alt=media\&token=8cf3ea3e-0672-46c8-8fa6-59f37a940e97) Upon seeing the login screen, hit `other user` and you should see that now you're signing into the domain `4pfsec`. ![](https://1937192737-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FObuEPM0wMmlYGGoxYCbD%2Fuploads%2F9qAhoIZo10snLaj83hdm%2Fimage.png?alt=media\&token=86b682bc-a76d-490b-8074-37e4981c026e) ![](https://1937192737-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FObuEPM0wMmlYGGoxYCbD%2Fuploads%2FmqWk8ECYJvhBSr9MnMaC%2Fimage.png?alt=media\&token=bb7c3fd2-6f8d-47cc-a79f-d54acc98c43a) ### Verify Domain Join Now that we have successfully joined the domain, we can verify this over on the Server. Head to `Tools > Active Directory Users and Computers` on Server Manager. ![](https://1937192737-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FObuEPM0wMmlYGGoxYCbD%2Fuploads%2FWhW50fQUYvGhPPVBCCmz%2Fimage.png?alt=media\&token=f54bc19a-dbdb-4fad-8b79-aa3c6b8bc693) Next, hit `Computers` and you should be able to see your newly domain joined computer as shown below. ![](https://1937192737-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FObuEPM0wMmlYGGoxYCbD%2Fuploads%2FVsxxdMPAeJoMM35kHmjQ%2Fimage.png?alt=media\&token=08f3a8c0-0470-44cf-8da2-b6fed9da5b83) ## Set up Local Administrators First, login to the endpoint using the Domain Admin account. ![](https://1937192737-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FObuEPM0wMmlYGGoxYCbD%2Fuploads%2FHVnQSbJywXhdPcXxzQ2T%2Fimage.png?alt=media\&token=9b6a11b2-85e1-4567-8707-c6b950404778) Next, open up computer management. ![](https://1937192737-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FObuEPM0wMmlYGGoxYCbD%2Fuploads%2Fp1CcMRktv5p29D9yTcst%2Fimage.png?alt=media\&token=cbedfd7f-2976-495a-930f-1000f7a5274a) Under Local Users and Groups, head to Groups and select Administrators. ![](https://1937192737-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FObuEPM0wMmlYGGoxYCbD%2Fuploads%2F5WN7ah9vsmMPSydIStQn%2Fimage.png?alt=media\&token=2ce1f00f-27f5-4050-81a8-97548793295f) Now hit add, enter a partial name and hit `check names`. It should auto complete if the user is detected. Hit `ok` after the user autocompletes. ![](https://1937192737-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FObuEPM0wMmlYGGoxYCbD%2Fuploads%2FQ8nUi00NnKCj0Y50rU0e%2Fimage.png?alt=media\&token=f830e56b-4b56-4563-8532-4d116f4c5876) You can opt to add more administrators into your lab for various reasons. ## Enable Network Discovery (SMB/Print Service) Head over to `Control Panel\Network and Internet\Network and Sharing Center\Advanced sharing settings` on your control panel and turn `Network Discovery` and `File and Printer Sharing` on as shown below. ![](https://1937192737-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FObuEPM0wMmlYGGoxYCbD%2Fuploads%2F1oLcerbGeZXAZUnavKQp%2Fimage.png?alt=media\&token=0f745d94-ee48-47dc-b750-e70f354fc5c7) ### Test Network Discovery Type `\\{DCName}` into explorer to see if the shares show up. If the shares you setup on the DC shows up, you're all set. ![](https://1937192737-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FObuEPM0wMmlYGGoxYCbD%2Fuploads%2FAszGSTh2iHoS5WdS5VN7%2Fimage.png?alt=media\&token=fd3e61ba-bd09-4df3-b0ec-9b3651e25dff)