Home Lab Build – Active Directory

In this part of the Home Lab Build series, we’ll step through the creation of a Windows 2012 R2 Domain Controller. While one of the more basic installs, it can carry some fairly important tasks within a lab environment. You can find the visio file for the diagram is here.AD-Build

If you want a basic set up with some kind of identity source, name resolution and a time sync source all in one, building a Windows AD box is going to be on your short list. Also, if you plan on studying for a Microsoft or VMware certification, having a grasp on Active Directory is a must. Like it or loath it, Windows and in turn Active Directory dominates many corporate networks today. So let’s get to it.

At a high level we want to accomplish a few things:

  1. Install Windows 2012 R2 on a new VM
  2. Set an Administrator password
  3. Install VMware Tools
  4. Set a static IP
  5. Set a nameserver
  6. Set a hostname
  7. Disable the local firewall
  8. Enable Remote Desktop Access
  9. Add the Active Directory and DNS roles
  10. Set a Domain Name for the new Domain
  11. Set a Restore Mode password

First up, using the vSphere Desktop Client, create a VM with a Guest OS of Windows Server 2012 (64-bit). Change the NIC from E1000E to VMXNET3 and leave all other “Create New Virtual Machine” wizard settings to their defaults. Using Thin provisioning is a good idea in a lab environment especially if you’re disk space constrained. If you have more than 2 physical cores on your ESXi hosts, change the vCPU count of your VM to 2 but don’t do this if you lab only has 2 physical cores. Mount the Windows 2012 R2 ISO to this VM and then power it on.

Once the Windows installer is booted, select the appropriate language and click the “install now” button. Setup will give you a choice for the OS version, in this case, we want the standard GUI installation. On the following screen you’ll be asked if you want to “upgrade” an installation or “custom” which actually means “install windows only”. Select “custom” and then use the whole disk without creating any partitions by just clicking “next”. The installation of the OS will now commence and will take a few minutes (depending on your hardware).

After the install is complete and the server reboots you will be asked to set an Administrator password. Once logged in to the server, VMware Tools is the first thing that should be installed. This will provide the drivers and utilities needed to get the most out of this VM. Specifically, without VMware Tools, the VMXNET3 network card we chose to use does not have default drivers in Windows. Reboot the server once the VMware Tools installation is complete.

The server can now have it’s network identity created. We’ll set a static IP, a subnet mask, a gateway and a name (DNS) server. We’re actually going to set the DNS server to the localhost IP because this server will have the DNS services running on it. Finally we’ll set a hostname turn off the local firewall and then reboot once again.

IP: 192.168.20.20
SNM: 255.255.255.0
GW: 192.168.20.1
DNS: 127.0.0.1

After the server is on the network with the correct details, we will enable the ability to remotely manage it with a Remote Desktop Client and then add the “Active Directory Domain Services” and “DNS Server” roles. As we step through this wizard we will create a new forest with the domain name of “labguides.local” and configure a Directory Services Restore Mode password.

LoginFinally once the wizard is over and server rebooted, you can login to the domain with the original Administrator password that was created upon first boot. If you’d like to set your domain up exactly the same as mine, you can grab the script export from my build here

If you need more information, watch the video for a detailed guide on how to accomplish these tasks.

  • Mike

    Thanks for the great series!
    One small thing, the file: script export from my build here: bit.ly/1xm2Sec is not available, same was with other stuff too from previous posts of the series.

    • nickmarshall9

      Thanks for letting me know Mike. Seems that Dropbox doesn’t like me moving files around while retaining links. I’ll update the blog post.

      • Mike

        You are welcome Nick.
        So when you create a link in dropbox for a file or folder , it saves the place of the file/folder and if you move, link work work, just FYI, that is how it works.