top of page

Creating VirtualBox VMs for Active Directory Practice Pt. 2: Set up Active Directory and Add a VM



In part two of this series, we will continue summarizing the steps from Kevtech IT's video on how to setup two virtual machines and configure them with Active Directory. To recap part one, you should now have two VMs set up in VirtualBox: one Windows Server 2016/2022, and one Windows 10 Enterprise. Now we will configure the machines to use Active Directory.


1. Install Active Directory on the Server VM.

- Open Server Manager > click on Manage (top right, on the toolbar) > Add Roles and Features > Next > Next > Next

- On the 'Select Server Roles' page, select 'Active Directory Domain Services.' In the window that will open, select 'Add Features.'

- Select Next > Next > Next > Install


2. Now, we will make the server a domain controller:

- Inside the window where Active Directory is installing, click on 'Promote this server to a domain controller.'

- In the new window, select 'Add a new forest.'

- Choose a root domain name (I simply used 'practicelab') > Next

- Choose a Directory Services Restore Mode (DSRM) password (this is used as a safe mode boot option).

- Do not change any settings on the next several pages; continue hitting 'Next' until you see an 'Install' button - hit that.

- After installation, reboot the VM. You will know the Server is now on the Domain if the login screen shows the root domain name you configured (/PRACTICELAB, in this example).


3. Configure an Administrator password for the Windows 10 VM.

- Open Computer Management (in the Windows Administrative Tools folder).

- Open 'Local Users and Groups' > Users folder > right-click on Administrator > set password


4. Install Remote Server Administration Tools (RSATs) in the Windows 10 machine. RSATs are a tool the Server can use to manage the Windows 10 machine.

- Go to Settings > Apps

- Select 'Optional Features,' hit 'Add a Feature.'

- In the window that opens, find or run a search for 'RSAT: Active Directory Domain Services and Lightweight Directory Services Tools.'

- Hit 'Install.'

- Once the installation is complete, restart the VM.

Note that this feature will not work until after we have added the machine to the domain.


5. Next, we will configure both machines with private IP addresses, and change the VirtualBox network settings.

- Kevtech uses IP addresses in the 10.1.10.0 /29 range, but you can use anything from the private IP address space.

- Control Panel > under 'Network and Internet,' click on View network status and tasks > Change adapter settings

- Right-click on your Ethernet adapter and select 'Properties'

- Select 'Internet Protocol Version 4' and click on 'Properties'

- For the server, choose an IP address (Kevtech uses 10.1.10.1) and use the same one as the preferred DNS server. Select another address (Kevtech uses 10.1.10.2) to serve as the default gateway and the alternate DNS server.

- For the Windows 10 machine, use a unique address for its main IP address, and the same default server address that the server uses (10.1.10.2 in this case). For its DNS settings, use the default gateway address as preferred DNS server, and use the Server's address as alternate DNS server.


Now to change the VirtualBox network settings:

- Go to the VirtualBox toolbar and select Devices > Network > Network Settings

- Here, change Adapter 1 to be attached to 'Host-only Adapter'

- This setting means the VM will be able to communicate with the host, and with other VMs on the host (such as our Server 2022 VM), but not with outside hosts, or the Internet. Check out the link above for an excellent summary of the different VirtualBox network options.


6. To make sure the connection between VMs is up and running, go to Command Prompt and ping the machines in both directions. Kevtech mentions that you may need to disable Windows Defender on the Windows 10 VM to allow communication, and that was true for me.

- To disable Windows Defender, go to Control Panel > Firewall > Change Firewall Settings > Turn Windows Defender on and off > turn off for both public and private


7. Next, we will add the Windows 10 VM to our domain.

First, configure a new domain account on the Server:

- Open Active Directory Users and Computers. (Look in either Programs > Windows Administrative Tools or under Server Manager > Tools.)

- Open the 'Users' folder, right-click, and select New > User

- Enter a First Name and Username > Next > enter a password > Next > Finish


On the Windows 10 machine, go to This PC > Properties > Advanced System Settings > Computer Name tab > Change > click on Domain

- Now use your new domain account for username and password


To confirm that it worked, go back to the Server and open Active Directory Users and Computers. (Look in either Programs > Windows Administrative Tools or under Server Manager > Tools.)

- Pick the correct domain folder, then look under computers to confirm that your Windows 10 VM is there.


8. Finally, let's configure a new share drive for the Windows 10 machine to access.

- On the Server, open Server Manager > File and Storage Services > Shares > right-click and select New Share > SMB Share

- In the wizard, select 'SMB Share - Quick.'

- Hit next twice, then give the new drive a name. Hit next a few more times, then 'Create.'


Now, give the Windows 10 user permission to access the drive in This PC > C: > Shares

Right-click > Properties >Sharing > Share > remove everyone except the Owner > Share > Done

- Again, in Properties > Sharing > Advanced Sharing > Permissions > remove 'Everyone'

- Finally, Properities > Security > Advanced > Add > Select a Principle

- Here, type in the Windows 10 user name and hit 'OK.'

- Select 'Full Control' and hit 'OK' three times to close the windows.


To make the drive automatically show up for the user, first copy the full drive path from Properties > Sharing

- Then go back to Server Manager > Tools > Active Directory Users and Computers

- Find the Windows 10 user name, right-click, and go to Properties.

- Open the 'Profile' tab, look at the 'Home Folder' section and click 'Connect.'

- Enter the drive path you copied in the space provided and hit 'OK.'


It may take a few minutes for it to show up for the Windows 10 VM. To make sure the drive is there, open the Win 10 This PC folder, and the drive should appear under 'Network locations.'

You can also open Command Prompt and type:

net use

which will list all share folders the user has access to.


That's all for now! Thanks again to the great Kevtech IT video that guided me through the process.

0 comments

Comments


bottom of page