Now it is time to move into setting up an Active Directory environment for my lab using a Windows Server 2019 virtual machine.
I will not be going over a detailed step-by-step walkthrough in this post, but instead summarizing what I have learned and applied. Throughout the post, I will provide links to guides I used to set everything up.
What is Active Directory?
Active Directory (AD) is essentially a database that connects users within a network and sets security controls and permissions for specific groups. In a large-scale, such as a corporate network, with an overwhelming number of computer stations and devices, AD makes it possible to centrally manage these devices along with setting their permissions.
How Does Active Directory Work?
Servers controlling AD services are called Domain Controllers (DC)s. A DC is often configured in a Windows Server environment and is in charge of setting up and managing AD’s core capabilities and features.
Under a DC, you can add user and computer accounts. User and computer accounts are based on the user, perhaps an employee, or a computer, such as a specific location. User and computer accounts are based off of the schema which is the types of data stored into the DC.
- Schemas can be passwords, usernames, emails, office extensions, etc.
Each Domain Controller which consists of user and computer accounts is known as an entire domain.
It is good practice to add sets of accounts into Groups to better organize users that may require the same permissions without having to manually set the permissions for each user.
These Groups are then organized into Organizational Units (OU), which are used for administrative purposes.
For example, lets say you have x employees at y different locations. Each of these locations have a group and within these groups are sub-groups consisting of the employees in that department. Under each OU, you can set a local administrative account so the administrator has direct control over their specific group. Now, one admin doesn’t have to set, manage, and maintain every group as each OU has a local administrator.
Active Directories can quickly get more complex than this, but this is all I need to understand for this home lab.
Install and Setup Windows Server 2019
Again, this will not be a step-by-step walkthrough of the configuration process as that would take entirely too much time and my fingers don’t have that kind of lifespan.
In order to set up and work on an Active Directory, you need to run a Windows Server environment. This is done on my Ubuntu desktop (main PC) using virtual machines on VMWare. You can download an ISO image for Windows Server 2019 here.
To set up the Windows Server environment, I followed this simple tutorial on YouTube by Heath Adams, the Cyber Mentor.
After downloading and configuring the Windows Server VM, it is time to install my AD onto the server. A 20 minute tutorial on YouTube by MSFT WebCast will run you through the installation and configuration process of the AD, along with installing DNS and DHCP functionalities so I can set up my own Domain Controller (DC).