Skip to content

Latest commit

 

History

History
114 lines (96 loc) · 4.98 KB

README.md

File metadata and controls

114 lines (96 loc) · 4.98 KB

Microsoft Active Directory Logo

On-premises Active Directory Deployed in the Cloud (Azure)

This tutorial outlines the implementation of on-premises Active Directory within Azure Virtual Machines.

Environments and Technologies Used

  • Microsoft Azure (Virtual Machines/Compute)
  • Remote Desktop
  • Active Directory Domain Services
  • PowerShell

Operating Systems Used

  • Windows Server 2022
  • Windows 10 (21H2)

High-Level Deployment and Configuration Steps

  • Step 1: Create Two VMs
  • Step 2: Test VMs Online Connectivity
  • Step 3: Allow Permissions on DC-1's Firewall
  • Step 4: Test Communication between VMs
  • Step 5: Set up Domain
  • Step 6: Created Organzational Units (OU) in Active Directory
  • Step 7: Join Client-1 to Domain
  • Step 8: Setup Remote Desktop for Non-Admin Users on Client-1
  • Step 9: Create Additional Users via Powershell ISE
  • Step 10: Test New User Accounts

Deployment and Configuration Steps

Disk Sanitization Steps

Step 1: Log into Azure --> search "virtual machines" --> click "create azure virtual machine" to create VM#1. Name this first virtual machine "DC-1" using your current region --> set the image type as "Windows Server 2022" (effectively making it a domain for the lab) --> Set username and password --> create VM #2 --> title it "Client-1" (repeat the same steps used to create VM#1 except for the image type select "Windows 10 pro" since this VM will be the employees'/ cleints' computer).


Disk Sanitization Steps

Step 2: Go to DC-1's network settings --> select networking --> click the hyperlink next to "network interface" --> "IP Configurations" --> "ipconfig1" --> change the assignment from dynamic to static (this ensures DC-1's IP address will not change) --> check the NIC settings to make sure both VMs are on the same "Vnet". This will ensure both VMs can communicate & connect with each other later in this lab.


Disk Sanitization Steps

Step 3: Remote Desktop into DC-1 via windows firewall security settings --> Advanced settings --> inbound/outbound rules to allow "IPV4 permissions" on DC-1's Firewall. This will open the firewall for connectivity after DC-1 is converted into a domain.


Disk Sanitization Steps

Step 4: Ensure communication between both VMs via perpetual ping using cmd:ping -t (Ip Address).


Disk Sanitization Steps

Step 5: Install "Active Directory" on DC-1. Set up DC-1 as a new domain.


Disk Sanitization Steps

Step 6: Remote Desktop into DC-1 to create two "Organzational Units" (OU), one titled "Admins" and another titled "Employees" within Active Directory.


Disk Sanitization Steps Disk Sanitization Steps

Step 7: Change Client-1's "DNS settings" in Azure to match the same private IP Address as DC-1 via network settings in DC-1. Go into Client-1's network settings --> Network Interface (NIC) --> DNS server --> custom DNS settings --> add DC-1's private IP Address as the DNS server to connect to for Client-1. Restart Client-1 to flush the DNS cache --> change Client-1 to the same domain as DC-1 via "about PC" --> rename this PC advanced --> type DC-1's domain name under the "domain section" --> create a new OU named "_clients".


Disk Sanitization Steps

Step 8: Use Remote Desktop in the system settings to allow domain users access for all non-admin users on Client-1 VM under "user accounts" --> "select users that can remotely access this PC" --> click "add" and type in "domain users".


Disk Sanitization Steps

Step 9: Use a random account generating script to create at least 100 users for this lab. Upload script via "Powershell ISE" (run as administrator) to Client-1. This will create 100 new users with random names. This is done to simulate employees within the company.


Disk Sanitization Steps

Step 10: Log into any newly generated user account on Client-1 VM. The login attempt with the user's name & generic password should be successful. That is the conclusion of this lab.