1. Lab Requirements

For this lab, you will need at least 60GB of hard drive space for each VM, and a minimum of 16GB RAM. In the following section, I will provide links for the necessary ISO downloads. The required virtual machines are as follows:

  • 1 Windows Server (2019) VM
  • 2 Windows 10 Enterprise VM’s

2. ISO Downloads

Microsoft evaluation center has all the necessary 64 bit ISOs to get started - Link to ISOs Select Windows -> Windows 10 Enterprise. Select “Download the ISO” Microsoft Eval screenshot Regrettably, Microsoft requires you to complete a form before initiating the download. This step needs to be repeated for Windows Server. Once you’re done, navigate back to the eval center and select “Windows Server” from the navigation bar.

Eval Center

3. Upload the ISOs To Proxmox

As of this writing, I’m currently using Proxmox version 8.0.3. Any recent version will do just fine.

I have installed Proxmox on a 1TB SSD. Your setup may look different from mine. Under Datacenter head to local(pve). Select ISO Images. From there, you can upload the eval ISOs we downloaded earlier. ISO images location

Select the file and upload. uploading screenshot

4. VM Configuration

Select the Create VM button to get started. Name the VM under the General Tab. VM - General Select the ISO. VM - ISO Leave everything as default under system. VM - System Defaults are also fine here. For this tutorial, I’m not too worried about disk performance, but if you are, VirtIO is the best for performance. You are required to install VirtIO drivers for Windows if you decide to select this option. For more info on this, go here - Proxmox Documentation VM - Disks Usually, you should select for your VM a processor type which closely matches the CPU of the host system. The one downside is that if you need to do a live migration between different hosts, your VM might end up with a different CPU and microcode version. In this case, I will leave the default CPU x86-64-v2-AES. x86-64-v2-AES is a generic type that simply copies the cpu at hand. x86-64-v2-AES is also the new minimum for RHEL 9. VM - CPU 4GB of RAM will be enough for this lab. VM - RAM For our network, I have created two bridges - vmbr0 and vmbr1. 0 is for internet and 1 is for internal networks only. I will be using our internal network only for this lab. Intel E1000 is fine. If I was building this lab for performance, I would go with the VirtIO network card. VM - Network My network Config Select Finish. VM - Finish For our Windows 10 Enterprise VMs, the process is the same. We will select the same settings from our Windows Server 2019 domain controller. Create two VMs. VM - Windows 10

5. Configure The Domain Controller

Start the VM, then double click on the VM to bring up the VNC console window. Select Next, Install now. Windows server install Select Standard Evaluation (Desktop Experience) Windows server Select Next, and then select the terms. Select Drive 0 and click Next. windows server Once the files have finished copying to the disk, create an admin password, and then select finish. First, let’s rename the our DC. Right click on “This PC” and select Properties. PC Settings Select Change settings. Select Change. I’ll name my domain controller DC1. Select OK. Reboot. DC1 Upon login, server manager appears. Select Manage at the top -> Add roles and features. Roles and features Select Next, then Role-based installation. Under server Roles, select Active Directory Domain Services. Roles and features Select Next, Install. Once the install is finished, you can select Close. In server manager, select the yellow exclamation mark next to manage. It’s time to promote the server to a domain controller. Promote server Add a new forest. I’ll use DC1.local. New forest For the DSRM password, I will use the same password as the admin account. DSRM Ignore the DNS option for now. Enter a NetBIOS name. netbios name Click Next on Paths. Click Next on Review Options. Once the prerequisites pass, you may install AD DS. Reboot the VM once the installation has finished. Tip: To send a Ctrl+Alt+Delete in Proxmox, click the arrow on the left hand side of the window. Proxmox Click the A button, select Ctrl, Alt, Delete (last button in the menu). Proxmox Let’s move on to our Windows 10 PCs.

6. Setting Up The User Machines

Start PC1 and 2. Select Next, and install now. Windows Accept the terms, then select Next. Windows The installer will reboot the machine once the install is finished. Choose your region, keyboard layout. Because I’m using an internal network with no internet, I will select “I don’t have internet” at the bottom left. windows install Select continue with limited setup. The Windows machines will be joined to the domain later. You may enter any username for now. Setup local user Setup the security questions. Uncheck all under privacy settings. privacy settings Just like the DC, we need to rename our VM using the same process. Let’s set up the network. I need to setup the IP addresses for both machines manually because of my internal network setup. DC - PC1 - PC2 - network configuration Let’s perform a ping from our DC to the Windows 10 VMs. Ping check Everything looks good. Now we are ready to setup the domain users,groups and policies.

7. Setting Up Users, Groups and Policies

On our DC, head to Tools -> Active Directory Users And Computers. AD users and computers Time to create some users for our lab environment. Bob Frank with a password of P@$$w0rd!1 Alice Frank with a password of P@$$w0rd!2 Ava Holland with a password of P@$$w0rd!3 Ava will be our new Domain Admin.

Right click on your domain -> New -> User. New user creation Enter in Bobs details. Bobs details Enter a password. I’m going to set the password to never expire. Password setup

Right click on Ava and select properties. Ava properties Select the Member Of tab. Select Add. Search and add all the entries listed below:

  • Administrators
  • Domain Admins
  • Enterprise Admins
  • Group Policy Creator
  • Schema Admins Ava admin Click Apply, then Done.

8. Joining Our Machines To The Domain

Open a console to PC1. Click the start menu and search for Access work or school. join domain Click on Connect -> Join this device to a local Active Directory domain. join domain Our domain name is DC1.local. A new window will popup asking for the administrator account. I will use Ava Holland (aholland). join domain Select Skip. This feature isn’t required. join domain Reboot the machine and repeat the process for PC2. Our machines are now joined to the domain: join domain

Now you have a basic AD lab setup. Happy hacking!