How to Setup a Basic Home Lab Running Active Directory (Oracle VirtualBox) | Add Users w/PowerShell

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Relatively lit :>

👍︎︎ 1 👤︎︎ u/joshsmad 📅︎︎ Jan 04 2021 🗫︎ replies

Captions

hey everybody it's josh here again so today i'm going to show you how to create a full-blown active directory lab on your personal computer using virtualbox so configuring and running this lab will definitely help your understanding of how active directory works as well as windows networking in general i would recommend maybe running through a few times just to kind of get used to it and kind of develop that intuition and base knowledge and then after a few times i would recommend even try building this lab we're about to do without watching this video just to like see if you can do it and kind of learn along the way so just to give a high level overview and the kind of visualization of what we're going to do in this lab i'm going to use this kind of diagram that you can look at to get an idea so the first thing we're going to do is download and install oracle virtualbox which is what we're going to use to run our virtual machines on after that's installed we're going to download a windows 10 iso and a server 2019 iso that we're going to use to install the two operating systems on two separate virtual machines next after we have everything downloaded and installed we're going to create our first virtual machine which is going to be our domain controller which is going to house active directory we're going to give this virtual machine two network adapters one is going to be used to connect to the outside internet and the other one that's going to be used to connect to the virtual box kind of private network that the clients are going to connect to after our virtual machine is created we're going to install server 2019 on it and then we're going to assign ip addressing for the internal network the external network will automatically get ip addressing from your home network or like your home router so we don't have to worry about it after we have ip addressing setup we're going to name the server and then we're going to install active directory and create our domain then we're going to configure that and routing so the clients on the private network can reach the internet through the domain controller next we're going to set up a dhcp on the domain controller so when we create our windows 10 machine it can automatically get an ip address and then the last thing we do on the domain controller before we create our client virtual machine is we're going to run a powershell script that will automatically create a thousand users in active directory and i'll kind of go through the script a little bit to explain what each line is so you can kind of get an intuition on how powershell is useful and like what kind of things you can use it for after creating the users we're going to create another virtual machine and install windows 10 on it and that virtual machine will be connected to the private virtual box network we're going to name that machine client1 and join it to the domain and then we're going to log into it with one of our domain accounts at this point our tutorial is going to be pretty much concluded so this environment we're building is a pretty basic windows networking environment with active directory and then just a few networking services and we'll also use this environment for future videos to come i'm hoping with this video and the subsequent ones that you can kind of get a better understanding of how the environment might work at like in your office or your school or something where you can take the same username and log into like a bunch of different computers with that same name without having to really do anything hopefully like observing this video and kind of building the environment you can generate that understanding and it will it will help you in the future hopefully also everything we're doing in this video you can kind of use as your own generated experience like something to put on your resume and if you don't know what i'm talking about just check out this video it explains everything but yeah so if you're excited to learn some new skills and stuff go ahead and smash that like button for the algorithm and let's get started so the first thing we're going to do is download virtualbox so just go to the link in the description it just links to here and it doesn't matter if you have windows or mac just pick the appropriate one and download it and install it and after a virtual box is installed go ahead and download the extension pack as well it should be on here somewhere i'm blind right now oh extension pack just download this right here after you install virtualbox so first install virtualbox then install the extension pack then after a virtual box is done go to this link in the description to download windows 10 and you may have to fill out some stuff in here like pick windows 10 confirm choose your language say english confirm and choose 64-bit i'm not going to download i'm not going to download this again because i already did but just make sure you remember where you downloaded it like put on the desktop or something if if you are scared you might forget so download windows 10 put it on the desktop and then go to the server 2019 link again i'll put this in the description make sure you select iso here and continue and you have to fill all the stuff you might have to log in i'm not sure because i'm already logged in but just do the same thing fill it out 64-bit if it asks i don't think it will because i think they're all 64 right now but um just download both of them in the same location and don't forget where you put them cool so the next thing we're going to do is we're going to create our virtual machines so go ahead and open up virtualbox yours might look slightly different if you're running it on pc but we'll go to new and we're going to create the server 2019 computer first so let's just name this something simple like dc for domain controller and then we'll pick other windows 64-bit and we'll say continue and then it depends on how much ram you have hopefully you have at least eight um but i'm gonna say i'm gonna give it two gigabytes of ram you can do the same thing uh 2048 megabytes has two gigabytes so just say continue we'll create the disk with the defaults continue continue and this location's fine so we have our our dc has been created but there's nothing on it yet so before we install server 2019 let's go to settings and we're going to change a few things in here first so we'll go to advanced first and this share clipboard and drag and drop let's change these both to bi-directional this share clipboard bi-directional it means you can control c control v like in between your actual computer and the virtual machine and drag and drop bi-directional means you can drag files like from your desktop into the virtual machine it's pretty easy i don't really necessarily plan to use them but it's nice to turn them on so we'll go to system really quick and then go to processor again depending on what kind of cpu you have if you know what you have you know you have a lot of cores go ahead and like increase it but if you have no idea or if you're on some laptop that you think thinks may suck just leave it at one core but i'm gonna change mine to four it tends to speed things up a little bit and then lastly we'll go to network here and remember if we look at the diagram we're creating our domain controller right now so we wanna have two nics we want one that's dedicated for the internet that's going to be running uh nat and then we'll have one that's dedicated for the internal vmware network so our first adapter this is the one that's it comes with already it's matted this is going to connect to our our house internet so we want to add one more adapter so we're going to add one and it's going to be on the internal network so we'll say okay to this and now our rvm is pretty much configured but it's still empty so we're going to go ahead and double click it to start it it's going to open up this window somewhere mine opened on like the other monitor for some reason so this is where we're going to select the server 2019 iso that we downloaded earlier so we'll click this and we're going to go to add i already did it but we'll go to add and you'll browse to where you put the server 2019 iso it it might be in a different location in fact it will be and it will probably be named something weird depending on what you know the name was when you downloaded but anyway go to the server 2019 iso and double click it to select it and then you'll have selected it here and we'll say choose and then we'll say start to start the virtual machine and this whole process like tends to take a while so i'm gonna kind of trim my video up a little bit so you don't you don't have to wait for mine to go but you may have to pause my video like several times because your computer is probably going to take a while to install everything so i just want to say that and if it looks like my thing is going faster than yours cool so now that it has started up we'll just go next and we'll say install and then we're going to select either one of the desktop experience ones if we select one of these ones the non-desktop experience after it installs it's just going to have a command line and we won't have any gui so go ahead and select standard i suppose desktop experience and we'll say next and we'll accept these license agreements and we're going to say custom install if we already have some version of server installed already on this vm we would we may select this one if we want but we're just going to format the hard drive and install it from scratch so we'll just say select that one custom and then we'll say next and this part will take a while so i'm just going to trim this out also the the server is going to restart several times during this phase and it will get to like a black screen where it's like um pressing your button to like boot like you don't want to do that because you don't want to boot into the setup again just just don't touch it and then it will end up booting into windows eventually so here we can leave this and it will restart by itself or we can just kind of force it and then here's the screen you don't want to push anything here so don't push anything it's doing it again don't push anything just let it start up again cool okay so server 2019 is installed so let's uh this is the built-in kind of default administrator account so let's just give it a password of password one with a capital p just like this we're gonna use this password for everything in our lab so we don't like forget and like you know waste time so we'll say finish cool so we have our server now and you'll see here it says like press control delete to unlock and like you press a bunch of times like nothing happens because it's it's in a vm there's always like some special way to press ctrl alt delete in vm so we'll click on our window and depending on if you're using mac or pc you'll go to input and then keyboard and then you'll see this like insert control alt delete and then it you can click it and it will push it for you or you can kind of do this keystroke if you can figure out what that is so if you click this for example it will type control up alt delete for you and now we can log in with our password that we won't forget because it's so easy don't use that password in real life by the way lab is okay so we'll let our server start up here for the first time and the very first thing we're going to do we're going to install something called the vm guest editions it kind of will give us a better experience you'll notice on my screen the mouse is kind of it's kind of lagging around a little bit and it it just kind of it kind of sucks and then when we make this bigger like the screen the vm itself like doesn't get any bigger see so to do that we'll go to devices up here and then we'll click insert guest additions cd image and we can just close all these these things that are opening here don't need to deal with it quite yet so after again make sure this is inserted and then go when you go to your server go to explorer down here and then go to pc and then this you'll see this uh virtualbox guest edition so go ahead and double click that and then run the amd 64 one and just like next next next next yes continue like you know whatever all the positive things so let this install say yes doing this ahead of time kind of makes our life much much easier a better quality of life because like everything kind of speeds up a little bit so instead of rebooting now um if you did it's okay but just say i want to reboot later and then we're actually going to shut the vm down first so just go shut down and just say continue we'll let this shut down i noticed for some reason uh maybe it happened like once when i just restarted like it didn't it didn't work or something so i'm just going to shut it down this time so this is our ignore this it's not you know part of the lab so go to our dc this is our vm we made and we can double click it to start it or click start here so i'll just double click this start our virtual machine backup and then if you know the keystroke go ahead and push it otherwise go to input and control delete and then we will log in one more time we're going to be restarting a whole bunch of times by the way so we have this now we'll notice you notice the mouse is it's not really lagging anymore right and then we should be able to resize this i think it takes sometimes it takes some time to to start working okay there we go so for example you can just make this window big and it will it will kind of auto adjust the resolution that's what that that guest um what is that called the the guest additions does so cool so now that we have that installed let's go ahead and set up our ip addressing so remember if we look at our diagram here we have two nics we have that kind of one that's dedicated to the internet and then we have this kind of internal one that's going to be used for our internal network and the one that's on the internet it will get it will automatically get an ip address from like your home router so we don't have to do anything from for that one but for the internal one we have to set it up manually so we'll go back to our vm here and we'll click this kind of network looking icon down here and then click network and then we say i think it's change adapter options i don't usually go to it this way so we will notice we have two of them here and we have to kind of figure out which one is which and then name them appropriately because we have to use these later for something when we're setting up routing so let's check out the first one we'll go to status and details and this looks like your proper home ip address like 10 dot something so this is probably this is probably the one right that's connected to the internet this is the comcast dns server for me so i'm going to rename this one you can right click it and say rename we'll name this one like internet internet just so we can kind of identify it and we'll look at the other one i know this one's the internal one but i just want to kind of explain so we go to details and you can see this like 169.254. this this basically means that this adapter if we look at the picture this adapter was looking for a dhcp server here to try to get an ip address from somewhere but it was unable to find one so this this going back to the vm this 169.254 address was automatically assigned to it so that's how we know it's the internal one so when you find the adapter with this one you know it's the internal one so i'm gonna go ahead and rename this one to um i'll name this like something like really obvious like internal some something like this just so it's very different from the other one so we have our ip addressing setup we didn't have to do anything with this one it's for the internet this one's for our internal network here so the next thing we're going to do is we're going to rename this pc because it has a some kind of weird name right now so the easiest way to do that is to right click the start menu and go to system and then we'll click rename this pc we can see the current name is some like arbitrary name so we'll just name it dc this stands for domain controller and we'll say next and we'll say restart and continue it's going to restart it again going to do this a whole bunch of times cool so we will log in again again input keyboard control delete password one cool so the next thing we're going to do looking at our diagram to kind of give us a good overview of kind of what's going on and what we've done so far so so far we've created our virtual machine here we have our internet nick we have our internal nic and we we gave an ip address oh we didn't actually give the ip address so let me let me do that now i meant to do that before we restarted but so let's do that now so we'll click on network again down here let's go back to the vm we'll click on network down here and we'll say change adapter options and we'll go to internal here and we'll say properties and we'll change we're going to change our ipv4 and then we're going to say use the following ip addresses so if we look at our diagram um the way i kind of architected this out i don't really have time to dive into the like nuances of ip addressing and all that so you'll just have to take a leap of faith for now but um we we're going to assign this ip address to our our internal one this 172.16.0 and then the mask 2.5250 and we're not going to use a default gateway because the domain controller itself is going to serve as the default gateway has two nicks one on the internet one on the inside so this particular nick is not going to use the default gateway and then for dns server when we install active directory it automatically installs dns so this server is going to actually use itself as the dns server so to do that we can either we can either enter like its own ip address we can do this and that works fine or we can also enter the loopback address which is this this is kind of a it's kind of a generic address that refers to myself so whenever a computer pings like one twenty one two seven zero zero one they're pinging themselves automatically so likewise if we wanna use ourself as the dns we can kind of use this loopback address and this computer will use itself as dns so we'll say okay okay okay now now we can close this so looking at our network diagram we have our nics we configured ip addressing for this one this nic is connected to the internal network where nothing else is actually there yet so the next thing we're going to do is we're going to install active directory domain services that's this adds thing and then we're going to create a domain so that's the next step kind of what we're going to do so we can close this and close this and then where it says add roles and features we'll click on this we'll say next next and this is where you pick the server where you want to install the thing that you're going to install which is active directory domain services we only have one server so we're just going to select the server we're going to use and then we're going to choose active directory domain services which is right here be sure you don't accidentally choose one of the other ones active directory domain services and we'll say next next next and then install and this tends to take a while so i may um i'm just going to cut this out to save you some time cool so now that the roll has been installed we can close this and we'll notice up here there's this little flag with this yellow thing so let's go ahead and click that and then we got we have to do our post deployment configuration that is we installed the software for active directory domain services but we didn't actually create the domain yet so we'll click this to promote this computer.2 domain and we are going to say add new forest and then we can name the domain anything you want like you can name it like even like this um but for our example um we're just going to use like uh mydomain.com just because it's like you know kind of generic and i think i i can't remember if i wrote the script to i hard coded this or not but just use this to kind of follow along more easily with the tutorial so we'll say make sure we say add new for us mydomain.com and we'll say next and we're never going to use this but we have to enter it anyway so i'll just put password one this is oh my god i always do that i always mess up the password okay so next just say next here and next and next next and install and then now that it's finished it's going to automatically restart the computer for us so now after an eternity it has restarted we're going to log in again with our built-in admin password or out built in admin account and you'll notice we have this like my domain slash administrator now didn't have that before so log in with password1 and now we're we're actually going to create our own dedicated domain admin account instead of using the built-in administrator account so we can do that by going to start and then administrative tools and then active directory users and computers be careful you don't click on one of the other active directory things so active directory users and computers wait for that to open so we can expand this and then see this mydomain.com this is our newly created domain it's all fresh so let's just um let's create an organizational unit to put our admin account in so an ou there's a lot that can be said about these but we can just think about it as kind of like a folder in active directory for now so we'll name it uh we'll see my admins i'll uncheck this because it's annoying when i try to delete it later and inside of here we will create a new user and just name it like whatever your name whatever your name is and then for the username like kind of the common naming convention in a lot of organization is is like a dash and then like whatever their naming convention is so for example we're going to use like first name our first initial last name so in our case i'm going to use a dash j matacor to signify this as an admin account for j matic or josh matacor that's me so stream or we'll say next and password we're just gonna use password one for everything now i'm gonna uncheck user must change and then i'm gonna check uh no not that one i'm gonna uncheck password never expires because it's a lab environment i don't want to deal with the password um until we do password policy or something so we'll say finish and you'll notice our account here so we have an account but it's not an admin yet even though we named it a dash so to make a domain admin we will right click it and go to properties and we'll go to member of and i'll say add and then we'll say domain admins and we'll say check we see it resolves to domain admin so we'll say okay apply okay so now we have our very own domain admin account so to use this let's go ahead and log out of the domain controller so we'll say sign out and then we'll do our control alt delete again and then instead of logging into this administrator one we're going to go to other user and we see it says sign into my domain here we're going to use our domain admin account so i'm going to do a dash j matakor so whatever you made yours a dash you know whatever your name is um and then password hopefully you did password one it's easy we'll say enter cool pulled our name from active directory and we're it's gonna log us in so now that we've logged in looking back at our kind of network map over here the next thing we're going to do is install raz slash nat that's like remo access server network address network address translation the purpose of this is to allow when we create our windows 10 client it's going to allow this client to be on this kind of private virtual network but still be able to access the internet through the domain controller so we're going to install nap like raz and nat on the domain controller to allow our clients to do that so to do this we will go to add roles and features say next next and this is our server yep next and for roles it's remote access which is kind of a strange name for what we're doing but it's that's the role we need to install so next and we're going to install routing and this like other thing is automatically selected so we'll say next next next and and then install and this will take a little while so i'll trim this out now that the roll is done installing we can close this and then we can go to tools and then go to routing and remote access and sometimes this messes up and i have to restart the computer but hopefully it doesn't this time so we'll go to configure and enable we'll say next and then we want to install nat to allow internal clients to connect to the internet using one address so we'll say next and for some reason yeah this this is supposed to be selected and we're supposed to be able to see um like our internal and external interface here but we can't for some reason so i'm gonna cancel this let me let me try to open it again so we'll go to tools and then routing i don't know why that happens it's like really troublesome so we'll right click this again configure next nat wow surprise it's here so use this public interface to connect to the internet not that's why we named these so we can like obviously see which ones which and we figured out this is our internet one so the one that we named internet we'll select this one like use this interface to connect to the internet so we'll choose the internet interface and we'll say next and say finish take a little bit cool and now we see this thing is green and it has this like little arrow that's up and so this is configured totally so if we look at our network diagram again we have all this that stuff set up over here and then we have our domain setup and then we just configured this ras and nat so this is finished now so now once we have windows 10 clients they'll be they should be able to get to the internet assuming we um you know set up dhcp for them which is the next step so the next thing we're going to do is we're going to set up a dhcp server on our domain controller with this scope information and i'll kind of explain that in a little bit but what this is going to do is allow our windows 10 clients to get an ip address that will let them get on the internet and browse the internet even though they're on this kind of private internal network just like in your office or school so to set up our dhcp we'll go back to the domain controller we'll go to add roles and we'll say next this is our server you'll notice the name changed to like dc.something so we'll say next and then we're going to select dhcp and add features and next next next install again this will take a little bit so we'll just wait for that so our dhcp role is finished installing so we can close this window and we can go to tools and dhcp and we can set up our scope assuming that it opens so here's our kind of dhcp control panel so the whole purpose of dhcp is to allow you know computers on the network like client computers on the network to automatically get their ip addresses so looking at our diagram here we defined the scope as we're gonna we're gonna create a scope that will give the ip addresses in this range this 172.16.0.100 with this subnet mask so going back to the vm we can go to our dhcp server here and we'll notice these are both down they're red so we're going to right click one and we're going to say new scope we'll say next and i in my lab i usually name the scope after what the ip range is so i'll just name this once in default 16.0.100 through 200 because that's that's our range we're going to use i'll say next the star address is 172.16.0.100. 16.0.200 and then i gave this mask of slash 24 aka 255 255 2550. um it i wish i could just like explain ip addressing in depth here but it will take like you know like three hours probably well maybe you can do it in an hour with examples but it takes a long time just gonna have to have faith on these i guess uh so we'll say next and exclusion so like what ip addresses don't we want to give out in that range and we don't really need to add any exclusions lease duration is how long a computer can have that ip address before it needs to be refreshed and it just depends on your use case so for example if you're running a like a cafe like a starbucks or something and you have a lease time of eight hours say somebody comes and gets on the wi-fi drinks coffee and then leaves after like 30 minutes like that at least or not eight hours sorry like eight days at least it's gonna be tied up for eight days and no one else can have the ip address until the lease expires so if you're like running a cafe you may want to make the least like two hours instead of eight days or something but if you're just on a lab like our home lab eight eight days i mean that's good as any i guess so we're just gonna say next and it's asking if we wanna configure dhcp options that means like we wanna tell the clients which server to use for dns like which server to use for like the gateway and we do want to configure those things because we want them to be able to get on the internet so we're going to say yes and it's saying to add an ip address for a router used by clients to enter the address below so if we look at our network diagram here we see that we configured nat on the domain controller and the domain controller has like routing configured as well so its job is to amongst other things like forward traffic from the clients to the internet so because of this the clients are going to use this internal nick of the domain controller as their default gateway slash router so going back to our dhcp configuration we're just going to enter the domain controller's ip address here it's hard to talk and like do stuff at the same time so this is the domain controller's ip address that has um nat configured on it so let's say next and then it's asking like what do you want to use for your your domain server or your dns server again when you install active directory on the domain controller it automatically installs dns and so because of that we're going to use the domain controller as our dns server well we essentially have to do that or we can't join the domain in this case so we'll say next uh oh it's already here by the way so that's why i don't have to add it so we'll all say next and win server wins um i don't care about this i think it's old so we'll say next and yes i want to activate the scope so we'll say next and finish and you may have to let me refresh this yeah you may have to um right click the dhcp server up here and say authorize so we'll do that and then right click this one more time and say refresh and then we can see our ipv4 thing turned green here and then we can see our scope here we don't if we could click lisa's there's no leases in there yet because we didn't create our client computer but um anyway we have our our dns set up now so before we actually go and create our create our client computer and like join it to the domain and all that first we're going to um use our powershell script to create a whole bunch of users in active directory so we can kind of have a bunch of sample users and we don't have to manually create a whole bunch of them so to do that we're going to get this link from actually let me just uh okay actually before we do any of that go back to the um the domain controller here and then we have to make a configuration that lets us browse the internet from the domain controller usually you don't want to do this unlike a production environment but we're just in a lab so we're going to click configure this local server and then we're going to disable this internet explorer enhanced security thing right here so click on and then we're going to turn off if this is on like before every page loads it like spams us like are you sure you want to load this are you sure but if we turn off we can just browse um pretty pretty normally so i'm going to copy the link to the source code for the powershell script we're going to use to create all the users i'll put that link in the description but we'll go to the domain controller and open up internet explorer and say okay and then we'll paste that link up here it's this link right here again in the description we'll say enter it's gonna download so we're going to save as and just we're going to put it on the the desktop so it's easy to access so save that to the desktop i'm going to minimize everything here minimize active directory let's just go ahead and extract this script on the desktop and i'll kind of explain it before we dive into like running running it and everything so i'll open this folder and there's this powershell script in here as you can see and then there's this plain text file called names let's open this first i'll make this bigger basically this has a thousand randomized names in it it's just names of um i think i use like some name generator to like create it so at the very top go ahead and add your own name we're going to use this file to programmatically create all of these users and we're going to create one for ourselves too so go ahead and put your name at the top i mean it doesn't have to be your name but it's for you know realism i guess so we'll add your name we'll save this and we'll close this and then click on start and then go to windows powershell and this powershell ice the plane one go ahead and right click that and then go to more and then run as administrator and let's say yes we'll let this open and then we'll go to open here and then go to the desktop and then our folder and then we're going to open this powershell script i'll blow this up a little bit and don't worry about this it looks noisy but i'll explain everything we can close that blow this up a little bit more so before we run anything or do anything we have to enable the execution of all scripts on this server so for example i'll show you if i try to like run this as is it will say like it's not digitally formed you can't run it so to get around this this is a security feature but this is our lab so we don't care so i'm just going to say set execution policy to unrestricted so set execution policy unrestricted and say enter and that's going to be like are you sure you want to do this just say yes to all and then we're good to go so before we run this script i just want to kind of explain it if you don't care about the explanation just go ahead and use the bookmarks to skip ahead of this section but i'm going to take a little bit of time to explain this here so i just collapsed this so up here these are just variables that are used um as you can see like i named it pretty well i guess but this is going to be the password that all of our user accounts are going to use so they're all going to use the same password and this get content from this dot backslash names text this basically um let me open this again so this get content basically like it you can imagine it is like just taking all these names and like copying them and then pasting them into inside of this variable is kind of an array so it just pulls in all these names and puts them into this kind of array here cool and then this line this password equals this convert to secure screen password blah blah this create this like takes this plain text password that is this password one and creates it into a like a i guess an object that powers all can use as a secure password so this is used later on down here when we're creating the users in active directory so this line just takes the plain text password and creates kind of a password object for it and then this new 80 organizational unit dash name users all this line does essentially if i go back to active directory let me reopen that again i'll go to start admin tools active directory users and computers so all this line does here new adou you remember we created this like admins ou like we right clicked here and then we said new and then we said organizational unit all this line does is create another one of those with the it's called underscore users this time instead of underscore admin and then this dash protected from accidental deletion equals false all that is is organizational unit so if you're creating a new one all it does this false essentially like unchecks this box so that's that's all that line does and then this for each this is essentially a loop um you can collapse it um it says for each n inside user first to the last list so basically this user first and last list contains like a whole list of users and then this block of code will run for each individual user in that list and this n is representation of the current user that's being examined so the first n for example the first n will be the first end will be josh matakoro the second end will be this person so this loop will run like a thousand times for each like one for each user cool so crap so this first line here this first equals n dot split from space first element to lower so what this line does this n dot split is so this is n and it's going to split it based on this space right here so it's going to split and then it's going to take the first element that's element 0 and then store it in this variable called first which is going to be the first name the second line here is going to again split it from the space and then it's going to take sorry it's going to split from the space and then it's going to take element one so this is element zero this is element one and it's going to store in the last name or last and then this username variable here it kind of concatenates two things it takes the first name so that is this dot sub string zero one so that means at the zero place take one character so in other words it's going to take the first character of the first name and then kind of glue it to the last name and then put it to lower case so this is going to become like something like this like j matakor and this is going to become d earls and this is going to become snl so this line it's it's kind of manipulating the first and last name to create the username and then this line line 13 this is just it's just outputting something to us on the screen um it's going to be in like the cyan or light blue color it's going to say like creating like this user it doesn't do anything but just alert us that uh a user is being created and then this line this is actually just one line it's just really long so i kind of split it up into you know multiple lines to look at easily this new user you can probably guess what this does it just creates a new user in active directory so that's the kind of the equivalent of like coming in here and like right clicking and saying like new and then user and then like filling in these relevant fields that's what this thing is doing so it's making a new user the password it's assigning is this password which is actually password1 the given name is the first name which was created here it's being passed in last name as you can guess is here this display name name and then employee id they're all going to use the username that's going to be like the first initial last name password never expires equals true that's the equivalent to like checking that box or whatever when we create it with the gui and then the ou it's going to get put in this ou like called underscore users it's not created yet but that's what this line does it's going to create the ou for us and then enable just means the user account is going to be enabled so when we run this it's going to pull like all these thousand users and it's just going to create all these users with this code and it's pretty it's pretty cool i guess so if we look in here and we we refresh our domain we don't see the ou in here the user's ou so that's cool and then oh also one last thing before we run this we have to if we run it from this kind of like interface we have to go to the actual directory where the script is at to make it work i guess to be able to actually pull in this names dot text oh there's another way to do it but i'm just going to go to that directory so we'll go down here and we're we're going to go to cd for change directory and we're going to go to the c drive and we put it on our desktop remember so we'll go to users and then whatever your account is that you're logged into mine is a dash j matacore and then backslash desktop backslash ad here and then we'll say enter and then if we say ls we can see that the name text is in here so all we have to do now is click play and it should uh create all of our accounts oh it says are you sure you want to do this you got it from the internet so we can just say run oh that was odd what did i do okay so it's going to import the active directory module and then it's just going to start creating the users and this blue kind of blue thing you're seeing on the screen this is a result of a result of this line right here it's right oh my god i made a typo uh crap uh anyway this blue thing you're saying is a result of this line so if you if you want to be like you know special or something you can you can change the foreground to magenta or you can you know change the colors or something or manipulate this literally in any way you want to and it's just going to go through and create the users and this is going to take forever because there's a thousand users so i'm just going to stop the recording and let it go and then i'll come back when it finishes oh actually by the way before i do that check out active directory in the meantime really quick and we'll right click on our domain here and we'll say refresh and then when we refresh it we can see that we have our our users folder that the script created and we can see there's a bunch of users inside and also if we right click our domain and we say find and we make sure this user's thing is selected and we just say find like this you can see there's like a whole bunch of users now it's like 400 something users and they'll be more and more until there's like you know over over a thousand when all of them are done creating so i'm just gonna kind of get out of this for now you might have noticed a couple errors in here let me see if i can i don't know if i can go to it well there's some errors but that's because there's there's duplicates somewhere in this list and i i just didn't take the time to figure out where they were so don't worry if you see the errors the script will still run and it should be it should be okay so now that all of our users are created we'll go back to active directory just to kind of check things out so i'll refresh this again and then i will i can go to find and try to search for yourself and see see um you should if you search like this like your first initial and last name it should find um yeah you found your user in here and i wonder if we search for like just like your last name if it will find both yeah so i searched for just my last name and it found like um this is one of them is the admin account yeah this is the admin account and then it found this other one which is just our normal account like the non-administrator account so that's pretty cool and also if we search for just uh blank we can see that it's gonna find like about a thousand maybe like you know a little more based on like yeah there's some built-in accounts as well so found a thousand accounts so it's pretty cool if we look in our users folder we see like all these accounts that were created so this is kind of a neat thing you can kind of experiment with it and play with it a little bit so yeah now that we have all of our users created and our whole environment set up let's let's look at our network diagram again here really quick so we pretty much have everything set up here our internet is is connected we have our nick set up we have like our domain set up with all of our users we have nat set up we have like our dhcp setup and our we're connected to our kind of internal vmware network here the very last thing we have to do really is create this windows 10 virtual machine in virtualbox it's just going to use a internal nic and it should get its ip address like it says here from our dhcp server that we configured and then we'll verify that after the fact so let's go back to our our vm actually let's minimize this domain controller because we're kind of done dealing with that for now we'll come back to it later so go to virtualbox and then we're going to create a new vm so we'll just name this one client one will be windows 10 64-bit so we'll say continue again just hopefully you have enough ram i'm going to give it actually i'll give it a 4 gigabytes if you don't know maybe just leave it at 2. just continue all of these things and then before we turn it on and do all that fancy stuff go to settings again and then go to advanced and turn on the clipboard just so we can copy and paste if we ever need to for anything and then we'll go to go to system also and then go to processor i'm going to give myself more again if you know you have it go ahead and you know give it to yourself and then for the network instead of using that and connecting to our home network we're going to click internal network adapter like looking at our diagram you can see we configured it to use the internal one so on purpose so we can connect to like we can get a dhcp address from the domain controller and we can like do all this fancy stuff we're trying to emulate like a corporate network so we're gonna choose the internal network adapter and say okay and now we can just double click our client here it will open up somewhere it keeps opening up on the other screen for me so we'll check this and then we're going to say add and then we're going to browse to wherever that windows 10 iso is that we downloaded earlier maybe you put yours on the desktop i think i mentioned maybe putting on the desktop so browse to there pick your windows 10 iso and just say choose say start and we will let it start here this will take some time too um i'll i'll probably like trim this up a little bit so it doesn't take forever cool and we can say next and install and we'll just say i don't have a product key and don't install home because you can't join the domain with home last time i checked so let's say windows 10 pro next and accept next and we're going to say custom because the hard drive is empty and we'll just say next to install and this part going to take a while i think the the computer should restart a couple times so i'll trim that out so it finished installing now it's restarting and it's going to ask us to do some other kind of lame stuff i'll just pause this while this is still going by the way don't push a button when you see that thing that uh push any key to continue because that will like restart the the setup you don't want to do that we should be almost done here okay now for our user config just say yes united states if that's what that said yes skip if this thing asks just say like i don't have internet and we'll say continue with limited setup this setup is like really strange it's like always different i i notice it must be like uh pulling stuff from the internet but anyway you don't want to um if it asks say you you're using it for home and then if it if it asks always say like oh i want to use the the limited version because it's going to try to like make you create a microsoft account you don't want to do that like create try to create a local account or um you know use for home or like whatever because this this setup like changes all the time i don't know why i just saw what i saw but anyway um this is going to be our local username so i'm just going to name it user and then we don't need a password so we'll just say next and this part you can just say next if you're impatient but i i tend to like turn all these off except and not now whatever it is you're offering cool so let me move this a little bit let me open up our domain controller to get that in the background cool so now our windows 10 is set up and the first thing i want to do is make sure the internet is working because i suspect something's wrong with it so let's just uh you know click start and then go to the command line and type ipconfig and so i have an ip address but for some reason i don't have a default gateway that's strange so let's go back to our um maybe years works for some reason maybe i messed something up i can't remember so let's go back this is the domain controller by the way so i'm just going to log in here password one so i'm going to open up the dhcp again if you forgot or if you closed it just go to like server manager actually i'll just go to server manager here and then go to oh my god then go to tools and then dhcp so i'm gonna check out our lease because for some reason i didn't my host didn't get a default gateway for some odd reason here oh that should be in server option oh no ipv4 server options oh there's just none what the heck i'm pretty sure i added that so we're going to add we're going to add router and then we're going to add the domain controller the domain controller's ip address because if we look at our network diagram the domain controller is here and it has ip address of 172 1601 and this thing is serving as the default gateway for the clients so our dhcp should have server options for a router which is the default gateway i i thought i said this but apparently apparently i didn't i guess so i'll add this say apply and then i'm going to [Music] rest restart this so i'll right click the server and all tasks and then restart we'll just wait for this to go so these are up again and server options we have our router now i don't i don't know why that happened that's very odd so if i go here this oh so i'm going to go back to the client by the way this is our windows 10 again um virtualbox client1 right here and i'm just going to say i'm just going to check again so i'll say ipconfig and no default gateway so i'm going to say ipconfig renew and see if that fixes it u dope so default gateway now we have a default gateway i don't i don't know why that happened it could be my lack of sleep or something but at least we could do a little bit of troubleshooting in the lab i guess so um it looks like our our ipi dressing works so let's try to ping like something on the internet so for example um so because google.com resolved that means our dns server is working and because we can ping to the internet that means if we look at our network diagram that means this whole like infrastructure is working so we have connectivity all the way to the default gateway which is the domain controller and then the domain controller is properly natting it and forwarding it out to the internet and then it can properly come back our ping can come back and come back to us as a echo reply so all this infrastructure is working and we should be good to go so if we go back to our client here we can try of course i'm sure this is going to work but we can ping mydomain.com which is our domain controller and the ping it responds which is good so before we do anything let's change the name so for example if we type hostname we have this like kind of weird name here so let's right click the start menu and go to system and then instead of clicking rename this pc let's just scroll down a bit and say rename this pc advanced because we can we can actually join the domain at the same time so click don't type anything here i see a lot of people doing that on accident but go click this change under to rename this computer click change and then we're going to name it client one according to our network architecture diagram thing and then we're also going to try to join the domain at the same time so mydomain.com is what we named our domain so we can say okay and then you need to type a password who's allowed to join this account to the domain and remember we did we created a domain admin account we created two accounts actually we created like our normal account which i don't think will work so let's just try it i don't i don't suspect it will work i just want to convey that i guess oh it actually worked that's cool okay i was going to use the domain admin account but i mean that's cool if the normal account works and say okay and close this and say restart and then while this client is restarting let's go back to look at some stuff in our domain controller again so we'll go back to the domain controller and go to the dhcp which is it's open right here but if you if you forgot or closed it you can always go to like star and then server manager and then tools and then dhcp and dhcp is here and let's click on our this is the scope that we made for our oh my god another one opened so this is our scope so let's expand this and then let's go to um expand this more and then go to address leases and then we can see in here we have one lease from our client computer so when we created our client computer and like kind of joined it to the network um it reached out to the dhcp server automatically and requested an address and then the dhcp server gave it an address and then now we have this this lease in here so if you go to like for example your work dhcp server and you see this like lisa's folder it's probably going to have like you know hundreds of addresses per scope i mean depending on like how big the scopes are but anyway when the client gets an address it will show up in here under leases so that's pretty cool so another thing is let's go to active directory users and computers so this is still the domain controller vm so we'll click start and we'll go to admin tools and then active directory users and computers here and we'll come over here and we'll go into this computer's container and we can see that after we joined this client computer to the domain um like the thing we just did this thing automatically came in here kind of showing that this computer is a member of the domain like if i were to delete this right now if i were to delete this i wouldn't be able to log into it with one of those accounts we created so but since it's joined the domain we can use these we can use any of these accounts to actually log into that computer which is what we're going to do next so let's go ahead and go back to the um the windows 10 virtual machine so we can say you know input keyboard control delete if you need to or just you know get to it some other way and then instead of logging in with that local user that we created we can click other user and then we can see down here that we're going to sign into my domain this is mydomain.com and because of this we can use one of the user accounts that we created earlier and that kind of powershell script bulk user creation job so remember our password for like every single user is just capital p password one and remember you put your your user at the top of that file that is here it should have created something with like your first initial and then last name so if we go back to the windows 10 jmaticore and just next to sign in it should uh it should let us sign in so this is the first time we're signing in so it's doing this thing where it creates our profile and it's it's really annoying but it's it's working so essentially um looking at our network diagram we've created like a mini kind of a mini corporate network with this and we [Music] like the account creation process you can imagine it like we got hired and then our name went into like some batch file somewhere and then the next morning the batch script ran and then created like all the new accounts and our account was subsequently created and then this you can imagine this client one virtual machine you can kind of imagine it as your corporate laptop so you got that and then um you can automatically log into it with your corporate credentials because it's already on the domain and you're like already on the network and and everything like that so going back to our going back to our client computer you can see we have our desktop and everything and and we're logged in and and everything is everything is cool if we go to command line and we say like who am i um you can see that you're a member of my domain and then your username is josh matacore um i mean my username is josh matakor yeah anyway that pretty much concludes this tutorial i hope you found it useful or educational or something i know we had like some kind of error in there and it takes forever to install the os's and all that but i hope you enjoyed it and it was interesting if you did enjoy it please feel free to like and subscribe and if you know anyone who might be interested in this or might find it useful if you could share with them that would be great too but i know this was long and complicated if you have any questions or you got stuck anywhere please leave a comment i definitely read everyone's comments and i'll answer any questions that you may have you can reach out to me on linkedin or or facebook or wherever you happen to find me it should all be in the description but anyway thank you so much for watching this far i really appreciate it seriously and we will talk to you next time bye majide nagar [Music] foreign

Info

Channel: Josh Madakor

Views: 11,467

Rating: undefined out of 5

Keywords: active directory basics, active directory tutorial for beginners, how to use powershell with active directory, active directory tutorial, how to setup an active directory lab, home lab, home lab setup, active directory, oracle virtualbox setup, active directory lab setup, the cyber mentor, I.T. Career Questions, how to setup virtualbox, server basics, domain controller, Server 2019, domain services, AD DS, powershell for active directory, windows server, Microsoft DHCP

Id: MHsI8hJmggI

Channel Id: undefined

Length: 61min 50sec (3710 seconds)

Published: Mon Jan 04 2021