3/14/2021 Active Directory Pentesting: Lab Setup

Hacking Articles
Raj Chandel's Blog

Menu 

 Home » Red Teaming » Active Directory Pentesting: Lab Setup

Red Teaming

Active Directory Pentesting: Lab Setup

March 9, 2021 By Raj Chandel

Today in this article we will be learning how to set up an Active Directory Lab for Penetration
Testing. Active Directory is Microsoft’s directory-based identity-related service which has been
developed for Windows Domain networks. Here we will see step-by-step methods to build an
Active Directory in Windows Server 2016 on a virtual machine. So, let us get started with
con guring the lab.

Table of Contents

Introduction to Active Directory

Lab Requirements
Con guring Windows Server 2016
Installing AD DS
Network Con gurations
Post-Deployment Con gurations
Create OU and user
Add Client to the Domain

Introduction to Active Directory

The role of a directory is to store information about the objects present within it, but the Active
Directory not only stores data but also provides it to the Network Administrators and the users
https://www.hackingarticles.in/active-directory-pentesting-lab-setup/ 1/38
3/14/2021 Active Directory Pentesting: Lab Setup

of that particular domain whenever it is requested. It generally stores important information

about the users like their names, passwords, contact information, etc and provides it to other
users with authority in the same network to make use of the available information.

It stores data in a structured form hierarchically. It can have upright security with logon
authentications and by having access control over the objects present in the Active Directory.
For easy management one can also implement policy-based administration.

Lab Requirements

Virtual Machine (VMware Work Station/Player)

Windows Server 2016
Windows 10 Pro Operating System (Client)

Con guring Windows Server 2016

Power on your VMware, and let’s begin with the installation by creating a new Virtual machine
from the File option. Here you will personalise your Windows system by providing it with your
username and the password that you want to set. Then click on Next to proceed.

Now go to Virtual Machine settings and click on Network Adapter settings and make sure that
there is a bridged connection where the host system’s physical network connection will be
replicated. Let’s close this and move ahead.

https://www.hackingarticles.in/active-directory-pentesting-lab-setup/ 2/38
3/14/2021 Active Directory Pentesting: Lab Setup

Here you see that the setup did not proceed, therefore let’s go back and x this error from
occurring.

https://www.hackingarticles.in/active-directory-pentesting-lab-setup/ 3/38
3/14/2021 Active Directory Pentesting: Lab Setup

We will go back to Virtual Machine settings and click on Floppy, there under the connection
option and choose the Use oppy image le option to make it work like a charm and proceed.

https://www.hackingarticles.in/active-directory-pentesting-lab-setup/ 4/38
3/14/2021 Active Directory Pentesting: Lab Setup

Now you will select the operating system to install from the four options given below. Here we
use Standard Edition with the GUI to have a better user-interface. The Desktop Edition provides
much better features as compared to the server-core as it has very limited functions. Click on
next to proceed.

https://www.hackingarticles.in/active-directory-pentesting-lab-setup/ 5/38
3/14/2021 Active Directory Pentesting: Lab Setup

The operating system should start installing and under the customize setting option enter the
password you want to put for the default administrator account.

https://www.hackingarticles.in/active-directory-pentesting-lab-setup/ 6/38
3/14/2021 Active Directory Pentesting: Lab Setup

Now you see that your server is installed and ready to use and can nd all the basic details on
the server under the system option of the control panel.

Installing AD DS

Now let us open the system properties from the ‘Local Server’ option and let us make changes
to the domain name.

https://www.hackingarticles.in/active-directory-pentesting-lab-setup/ 7/38
3/14/2021 Active Directory Pentesting: Lab Setup

Let’s keep the computer name as DC 1 and make it the member of the workgroup with the name
‘WorkGroup’. On nishing this, click on ‘OK’ to proceed.

https://www.hackingarticles.in/active-directory-pentesting-lab-setup/ 8/38
3/14/2021 Active Directory Pentesting: Lab Setup

Come back to the dashboard and now let’s begin with con guring the Active Directory role. Click
on the Manage option at the top of the Dashboard. Then click on ‘Add roles and features.

You see the installation wizard before you and click on ‘next’ to proceed.

https://www.hackingarticles.in/active-directory-pentesting-lab-setup/ 9/38
3/14/2021 Active Directory Pentesting: Lab Setup

Then select Role-based or feature-based installation as it allows you to manually con gure all
the prefered roles at your convenience.

https://www.hackingarticles.in/active-directory-pentesting-lab-setup/ 10/38
3/14/2021 Active Directory Pentesting: Lab Setup

Choose the server you have created from the server pool that is available before you.

https://www.hackingarticles.in/active-directory-pentesting-lab-setup/ 11/38
3/14/2021 Active Directory Pentesting: Lab Setup

Now choose the server roles you want to add. Here we require Active Directory Domain
Services. We check that option and click next to proceed.

https://www.hackingarticles.in/active-directory-pentesting-lab-setup/ 12/38
3/14/2021 Active Directory Pentesting: Lab Setup

In features installation Choose Group Policy Management. It is a management feature in

Windows that allows you to control multiple users and computer con gurations present in an
Active Directory environment. Click on Next to proceed.

https://www.hackingarticles.in/active-directory-pentesting-lab-setup/ 13/38
3/14/2021 Active Directory Pentesting: Lab Setup

Now let us con rm the selections you have made for the installation of the Active Directory
Domain Server and proceed.

https://www.hackingarticles.in/active-directory-pentesting-lab-setup/ 14/38
3/14/2021 Active Directory Pentesting: Lab Setup

Let us wait for the installation to complete and close the window when it is ready.

https://www.hackingarticles.in/active-directory-pentesting-lab-setup/ 15/38
3/14/2021 Active Directory Pentesting: Lab Setup

Network Con gurations

Enable the ethernet connection and click on Properties. Double click on Internet Protocol Version
TCP/IPv4.

https://www.hackingarticles.in/active-directory-pentesting-lab-setup/ 16/38
3/14/2021 Active Directory Pentesting: Lab Setup

Now assign the Static IP address and the subnet mask will be automatically be assigned. Also,
assign the default gateway. Then assign DNS Server address.

https://www.hackingarticles.in/active-directory-pentesting-lab-setup/ 17/38
3/14/2021 Active Directory Pentesting: Lab Setup

Post-Deployment Con gurations

Once the AD DS feature installation is completed you see a ag noti cation, so let us move on to
the con gurations that are required in the post-deployment phase. Click on Promote this server
to a domain controller to proceed.

https://www.hackingarticles.in/active-directory-pentesting-lab-setup/ 18/38
3/14/2021 Active Directory Pentesting: Lab Setup

In Deployment Con guration let’s create a new forest with the root domain name as ignite.local.
A forest in the Active Directory is of the highest level of organisation. Each forest has the
potential to share a single database, a global address list and security boundaries. Therefore, by
default one use or even for that matter an administrator belonging to one forest cannot make us
of another forest.

https://www.hackingarticles.in/active-directory-pentesting-lab-setup/ 19/38
3/14/2021 Active Directory Pentesting: Lab Setup

Now let’s con gure the domain controller capabilities by checking the rst two boxes which
allow DNS server and Global Catalog. Also, enter the Directory Services Restore Mode
password which is a safe mode booting method for windows server domain controllers. The
Domain functional level will depend on the forest functional level. Click on Next to proceed.

https://www.hackingarticles.in/active-directory-pentesting-lab-setup/ 20/38
3/14/2021 Active Directory Pentesting: Lab Setup

You can skip this option and click on Next.

https://www.hackingarticles.in/active-directory-pentesting-lab-setup/ 21/38
3/14/2021 Active Directory Pentesting: Lab Setup

In the additional option, you can verify your NetBIOS name as entered prior and proceed.

https://www.hackingarticles.in/active-directory-pentesting-lab-setup/ 22/38
3/14/2021 Active Directory Pentesting: Lab Setup

Mention the path for creating AD DS database, log les and SYSVOL storage and proceed.

https://www.hackingarticles.in/active-directory-pentesting-lab-setup/ 23/38
3/14/2021 Active Directory Pentesting: Lab Setup

Check all the speci cations that you have set are correct and Install the con guration. On
nishing the installation, the server will reboot itself and ask you to login again.

https://www.hackingarticles.in/active-directory-pentesting-lab-setup/ 24/38
3/14/2021 Active Directory Pentesting: Lab Setup

Create OU and user

Now let us proceed to create users in our Active Directory by clicking on Tools/Active Directory
Users and Computers. It will open a new window; click on the domain name you have created
and then click on New/Organisational Unit.

https://www.hackingarticles.in/active-directory-pentesting-lab-setup/ 25/38
3/14/2021 Active Directory Pentesting: Lab Setup

A new window will appear for creating a new object. You can name it as per your requirement
and proceed.

https://www.hackingarticles.in/active-directory-pentesting-lab-setup/ 26/38
3/14/2021 Active Directory Pentesting: Lab Setup

A window to create a new object which is a user will appear. Enter all the required details of the
user and proceed.

Enter the password for the newly created user and then proceed ahead. Voila! Your user has
been created.

Subsequently you can create multiple users under an organisational unit.

https://www.hackingarticles.in/active-directory-pentesting-lab-setup/ 27/38
3/14/2021 Active Directory Pentesting: Lab Setup

Add Client to the Domain

Here in the Windows 10 system before connecting it to the domain, we have to set a Static IP
for the system and mention the IP address of the Domain Controller in the DNS server address.

https://www.hackingarticles.in/active-directory-pentesting-lab-setup/ 28/38
3/14/2021 Active Directory Pentesting: Lab Setup

Go to the control panel and check the basic information of your system and change the
computer name settings.

Now click on the change option to join the domain.

https://www.hackingarticles.in/active-directory-pentesting-lab-setup/ 29/38
3/14/2021 Active Directory Pentesting: Lab Setup

It will display your computer name and click on domain under the member and you will be
prompted to enter the username and password of the domain changes that you are making.

https://www.hackingarticles.in/active-directory-pentesting-lab-setup/ 30/38
3/14/2021 Active Directory Pentesting: Lab Setup

Once, you are done with this, restart your system and you can login with your username and
password to sign in under the domain that you had previously created.

https://www.hackingarticles.in/active-directory-pentesting-lab-setup/ 31/38
3/14/2021 Active Directory Pentesting: Lab Setup

After logging in you can open the command prompt and go too the directory in which your user
is present. Make use of the net user command and mention the user’s name with domain. You
will get details about the user

1 net user yashika /domain

https://www.hackingarticles.in/active-directory-pentesting-lab-setup/ 32/38
3/14/2021 Active Directory Pentesting: Lab Setup

Hence here your Active Directory Pentesting Lab is setup and ready to use. Happy Pentesting!

Author: Jeenali Kothari is a Digital Forensics enthusiast and enjoys technical content writing.
You can reach her on Here

 FACEBOOK  T WITTER  PINTEREST  LINKEDIN

 PREVIOUS POST NEXT POST 

A Little Guide to SMB Enumeration Passage HackTheBox Walkthrough

One thought on “Active Directory Pentesting: Lab Setup”

Prof. K
March 9, 2021 at 10:01 pm

Good tutorial. Readers may have a question regarding where they can get a free and
legal copy of Windows 10 Pro or Enterprise. Microsoft has available for developers,

https://www.hackingarticles.in/active-directory-pentesting-lab-setup/ 33/38