IR 310: Making a Domain Controller (10 pts)

What You Need for this Project

• A Google Cloud account.

Purpose

Creating a Windows Cloud Server

Connect with RDP and log in with the account Google Cloud created, as usual.

When a blue "Networks" bar appears at the right of your desktop, click Yes.

Adding the "Active Directory Domain Services" Role

• Click "2 Add roles and features" In the "Before you begin" page, click Next
• In the "Select installation type" page, accept the default selection of "Role-Based or feature-based installation" and click Next.
• In the "Select destination server" page, accept the default selection, and click Next.
• In the "Select server roles" page, click the box next to "Active Directory Domain Services".
• An "Add Roles and Features Wizard" box pops up. Click the "Add Features" button.
• In the "Select server roles" page, click Next.
• In the "Select features" page, click Next.
• In the "Active Directory Domain Services" page, click Next.
• In the "Confirm installation selections" page, verify that your screen matches the image below, and click Install.

A progress bar move across the window. When it finishes, it shows a gray message near the top saying "Configuration required". Click Close

Promoting the Server

Click "Promote this server to a domain controller", as shown below.

In the "Active Directory Domain Services Configuration Wizard", make these selections:

• In the "Deployment configuration" page, click the "Add a new forest" button. Enter a Root domain name of hackme.com and click Next.
• In the "Domain controller options" page, accept the default selections. When the page finishes loading, enter P@ssw0rd in both password boxes and click Next. (You may prefer to choose a more secure password.)
• The "DNS options" page has a yellow message saying "A delegation for this DNS server cannot be created...". That's normal. Click Next.
• In the "Additional options" page, accept the default NetBIOS domain name, and click Next.
• In the "Paths" page, accept the default options, and click Next.
• In the "Review Options" page, verify that your screen matches the image below, and click Next.

A red bar appears, saying "One or more prerequisites failed...". In the lower right, the problem is explained: the administrator password does not meet requirements, as shown below,

Assigning an Administrator Password

In the Administrator Command Prompt window, execute this command:

net user administrator P@ssw0rd123

Close the Administrator Command Prompt window.

In the "Active Directory Domain Services Configuration Wizard", on the "Prerequisites Check" page, at the top center, in small blue type, click "Rerun prerequisites check".

Now the check passes, as shown below.

Click Install.

The server installs software and restarts.

Logging In

Log in with these credentials:

• Username: HACKME\Administrator
• Password: P@ssw0rd123

Creating the Wally Account

If Server Manager is not open, click Start, "Server Manager" to open it.

In Server Manager, in the top right, click Tools, "Active Directory Users and Computers".

In the left pane, expand hackme.com and right-click Users.

Click New, User, as shown below.

In the "New Object - User" box, enter these values, as shown below.

• First name: Wally
• User logon name: wally

Click Next.

In the next screen, enter these values, as shown below.

• Password: W@lly123
• Confirm password: W@lly123
• User must change password at next login: Clear
• User cannot change password: Clear
• Password never expires: Check
• Account is disabled: Clear

Click Next. Click Finish.

Flag IR 310.1: Site (10 pts)

The flag is covered by a green box in the image below.