# Endpoint 1

## Rename PC

The first thing is to rename the pc for your network. Do restart once renamed.

![](/files/e2HpZC2UmwmNslrA7qjg)

## Disabling Windows Security

### Virus & Threat Protection

![](/files/3ZzqCiAjr97j3SpEX0EU)

### Registry

![](/files/HmhvSTjmeqmJNRlSujFt)

```
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender
```

* DisableAntiSpyware => 1
* DisableRealtimeMonitoring => 1
* DisableRoutinelyTakingAction => 1
* DisableAntiVirus => 1
* DisableSpecialRunningModes => 1
* ServiceKeepAlive => 0

![](/files/YIgQqAGjdTKFV8TaazbM)

```
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender\Signature Updates
```

* ForceUpdateFromMU => 0

![](/files/6rAvmtMBUHJFFWPcVE7l)

```
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender\Real-Time Protection
```

* DisableRealtimeMonitoring => 1
* DisableOnAccessProtection => 1
* DisableBehaviorMonitoring => 1
* DisableScanOnRealtimeEnable => 1

![](/files/WLXCQduCHRYVmrv9nMhi)

```
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender\Spynet
```

* DisableBlockAtFirstSeen => 1

## Join the Domain

Now that our client is prepped, its time to join the Domain.

### Changing DNS Server

To be able to join the domain, we need to set the AD server as our DNS server.

![](/files/vXpMtPv0xt0fmbNfKPmm)

#### Check Connectivity

```
PS C:\Users\ladmin> ping dc1.4pfsec.local
```

![](/files/0aOluQOtuHLoHMB6KYNd)

### Join Domain

Search for `Access work or school` and hit `connect`.

![](/files/2kskmfSaa1Tkt6n1R0wn)

Now we want to select `Join this device to a local Active Directory domain`.

![](/files/fmwAjkabIIFf9t28ZsGt)

![](/files/KuBSmmS96pOtCdxFex7H)

Now enter the domain name.

`4pfsec.local`

![](/files/qM4EGHLLWOr2NOK4y5CA)

![](/files/r9Cv273up57Oka7fRY7V)

There should be a pop up asking for credentials as shown below and hit skip.

![](/files/SkRSY646DNOjqLsk7y0h)

Hit skip upon seeing the following prompt.

![](/files/ebykPlqejKoyjSlB1fqt)

Once done, hit restart.

![](/files/4sPPry0HBiC8GNUDLmqf)

Upon seeing the login screen, hit `other user` and you should see that now you're signing into the domain `4pfsec`.

![](/files/ojXlzkJI7KpDgZEyErsA)

![](/files/5b7e517Nsnt3WVW7LGnA)

### Verify Domain Join

Now that we have successfully joined the domain, we can verify this over on the Server. Head to `Tools > Active Directory Users and Computers` on Server Manager.

![](/files/oLkw67ZV4YypINX5V8Ne)

Next, hit `Computers` and you should be able to see your newly domain joined computer as shown below.

![](/files/OBfE7Ss7SSEi7FMl0YcD)

## Set up Local Administrators

First, login to the endpoint using the Domain Admin account.

![](/files/qkuJtvSuH2rLAyUVWcWo)

Next, open up computer management.

![](/files/DUCRbqhgI7vfmKKkWlMq)

Under Local Users and Groups, head to Groups and select Administrators.

![](/files/qMVc5rcqPmL2oWtHbGCY)

Now hit add, enter a partial name and hit `check names`. It should auto complete if the user is detected. Hit `ok` after the user autocompletes.

![](/files/AU3UTgY4NNsrDW3k1aoO)

You can opt to add more administrators into your lab for various reasons.

## Enable Network Discovery (SMB/Print Service)

Head over to `Control Panel\Network and Internet\Network and Sharing Center\Advanced sharing settings` on your control panel and turn `Network Discovery` and `File and Printer Sharing` on as shown below.

![](/files/lTwgomISYVBA59fz49qH)

### Test Network Discovery

Type `\\{DCName}` into explorer to see if the shares show up. If the shares you setup on the DC shows up, you're all set.

![](/files/6fiAvgv9qtjyN3cW5YBs)


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://ad.4pfsec.com/domain-setup-4pfsec.local/endpoint-1.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.