Creating an Active Directory Home Lab

At some point in your IT career, you are going to need to build yourself an Active Directory home lab. This tutorial covers segmenting your lab from the rest of your home network, Installing Windows Server 2019, Installing Active Directory, and then joining a Windows 10 workstation to a domain.

Other than the physical hardware costs of running your own lab, Microsoft basically allows you to set all this up for free using their trial software licenses. Even when the licenses expire, ill show you at the end of this tutorial how to re-arm the trial license to give you even more time in your lab.

Even though this tutorial is covering Windows server 2019, the steps are pretty much the same for setting up Active Directory for any version of Windows Server you are likely to come across today. You could even follow these same steps and set this lab up in the cloud with Azure or AWS.

Hardware & Virtualization

Gone are the days of having to run Physical servers and Pcs around your house to have a home lab. With the introduction of Virtualization, you can now build a home lab on any modest PC or laptop. You could even take all the steps below to build an active directory domain and spin yourself up a lab in the cloud with Azure or AWS basically for free using either vendor’s 12 month Free Tier.

Now depending on how many VMs you want to run at the same time, depends on the resources the host server will need. To follow along with this tutorial, you will need at least 3 Spare CPU cores, 5GB RAM, 80GB of free disk space minimum. Which is a pretty modest amount of resources for a basic Active Directory Lab. Obviously, the more resources you can spare for each Virtual Machine the faster your lab will be.

In this tutorial, I will be using VirtualBox. However, use whatever Virtualization Software you feel most comfortable with. The steps below will pretty much work for any Virtualization Software.

Segmenting the Lab network using PFSense

The first thing you will want to do in creating a home Lab is segment the Lab environment from your home network. This is where PFsense comes in, Pfsense is a software firewall /router based on FreeBSD and will allow you to set up a self-contained network within your virtual environment. This will allow you to configure DHCP and DNS and the active directory domain without affecting anything on your home network. This also becomes more prevalent when you start to run actual attacks against your test environment.

• Start by downloading the latest version of PFSense from here

• On the download page make sure you select the 64-bit ISO and select a mirror location nearest to you.

PFSense Minimum Requirments:
1 x CPU
512MB RAM
8 GB Hard Disk Drive
2 x Compatible Network Cards
Bootable USB drive or CD/DVD Drive

Create the PFSense Virtual Machine

• Firstly start by creating a New virtual Machine. Give the New Virtual machine a Name and point to where you want to store the VMs. Select the type as BSD and the FreeBSD \\64 Bit Version.

• Set the amount of memory you want to allocate to the PFsense firewall. I have used the Minimum of 512MB on this tutorial which should be fine for this lab. However, if you find this a bit slow you can always throw extra memory at it in the future.

• On the Hard Disk selection, select that you want to create the Virtual hard disk now and click the Create button.

• You should now be in the Create Virtual Hard Disk window. Check the file location where you want to store the Virtual Machines is correct. Keeping with the Minimum requirements, set the Virtual Machine file Size to be at least 8GBs. Leave everything else default.

• Go to the settings of the new Pfsense Virtual machine and select storage and insert the pfsense CD you downloaded at the beginning of this tutorial.

• Staying in Settings of the PfSense Virtual Machine, select the Network tab. The first adapter needs to be setup as a bridged adapter, also select which of the host’s physical network adapters to use.

• Then Select the Adapter 2 tab and select the tick box to enable the 2nd network adapter.

• Set Attached to Internal Network and type a name for your internal network. I have gone for LAB but you can call it anything you like.

• Click Ok to save the configuration, Then start then PFSense Virtual Machine. This should run the PFSense ISO we added earlyer. After a few minutes, you should see the PFSense installer message below.

• Accept the Copyright, then select Install and OK.

• With the arrow keys find the keyboard layout you want, then hit enter to select.

• Next is partitioning the Virtual Hard disk. Just use the Auto (UFS) Guided disk setup and select OK.

• The PFSense installer should then start.

• With Pfsense installed, Select No in regards to doing a manual configuration.

• With PFSense now configured and installed, Select reboot. PfSense should then load.

Note: Make sure you dismount the PFSense CD otherwise the CD will start the installer again.

• Once PFSense has fully rebooted you should see a screen that looks as below. The Wan address should be an IP on your home network and the LAN on a completley diffrent IP range. In my case that IP is 192.168.1.1/24.

So Just to recap, we have set up PFsense on a virtual machine, this is then acting as a router/firewall bridging the connection between your home network and the virtual segmented “LAB” network we created in Virtualbox. This will allow us to set up Active Directory, DNS, And DHCP in our LAB environment without affecting any other device on your home network. Also if you ever need to kill the internet quickly In your LAB environment just turn off the PFSense Virtual Machine and it will be totally isolated again.

Installing Windows Server 2019

With PFsense all setup, Its now time to create the windows server Domain Controller In the new “LAB” Segmented Virtual network you just created. If you are unable to get your hands on a full copy of Windows 2019 Server, don’t worry. Microsoft allows you to download a 180-day trial of most of their currently supported operating systems and software through the evaluation center. At the time of writing this tutorial they still even have copies of Windows Server 2012 which you can download..

The Link below will take you straight to the Evaluation Center download for windows server 2019, to follow along with this tutorial you will need to download the ISO image. However, you could just as easily download the VHD and skip the steps below until you get to the section on setting up Active Directory.

https://www.microsoft.com/en-us/evalcenter/evaluate-windows-server-201

Windows Server 2019 Minimum requirements:
1.4 GHz Processor
512MB for core and 2GB With Desktop Experience installed
32 GB Hard Disk I will go with 50GB and can always increase this at a later date

• Start by creating a new VM in Virtualbox. Give it a Name, Windows 2019 for the operating system and make sure you select at least 2048 MB of Memory.

Note: The more memory you can throw at the VM the quicker and more responsive the virtual machine will be.

• Make sure “create a virtual hard disk now” is selected then click create. In the create a virtual hard disk menu choose any size over 32GB minimum. I have gone for 50GB as its a nice round figure and it is what VirtualBox Defaults to for windows 2019 servers. Leave the default settings set for hard disk type “VDI” and physical hard disk “Dynamically allocated” then click Create.

Don’t get too hung up on the size of the virtual machine, Virtualbox allows you to resize the VM if needed after it’s been created.

• Select the settings of the new VM and click Storage and insert the the Windows 2019 Iso you downloaded at the start of this section.

• Join the network adapter to the Internal Network “LAB”. and select OK.

Remember: if you called the internal network something other than LAN when you set up the PFSense Firewall switch it to this instead.

• Fire up the VM and you will be presented with the Windows Server 2019 setup window. Select your langauge and click Next.

• Click the Install now button.

• Select “Windows Server 2019 Standard Evaluation (Desktop Experience) and click next.

• Accept the liscance terms and click Next.

• Choose Custom: Install Windows only (advanced), Click next.

• Click Next to allocate all the Space to the Virtual Machine.

• Windows Will now Install… Depending on how much resource you gave the Virtual Machine at the start will depend how quick windows instals so it might be worth taking a quick smoke break here.

• Once windows has finished installing, the server will reboot and you will be presented with a window asking you to set a Local Administrator password. Set a secure password by entering it twice and click finish.

• After a few miniutes you will get the Ctrl+Alt+Del Screen. Hit Ctrl+Alt+Del and login as administrator with the password you just set.

So that’s the initial install of Windows Server 2019 Installed. However, we still have quite a few steps to make it an actual domain Controller. Next, because we are using Virtualbox we also have to install the Guest additions CD to enable all the extra features. If you are using some other HyperVisor software Other than VirtualBox install any additional software needed.

VirtualBox Guest additions CD

The VirtualBox guest additions enables all the cool features like a shared clipboard which allows you to drag and drop items from the host to the VM and back again and Improved Graphics support.

• In your windows Server 2019 VM, while it is running click Devices at the top of the window and select Insert Guest Additions CD.

• Check This PC and you should see the Guest Additions mounted as a CD as a D: drive.

• Browse the Guest additions Disk D: and select the 64Bit windows installer VBoxWindowsAdditions-amd64.exe

• When presented with the VitrtualBox Guest Additions Setup Click next to continue.

• Leave the destintion default and click next.

• Again, leave everything default and Click install.

• Additions will then install onto the virtual machine.

• Half way through the install you will get a prompted to install device software from Oracle, click Install.

• The screen will flicker a few times as the VirtualBox additions display drivers get installed. Make sure Reboot now is selected and click Finish.

Once the server reboots you can enable Shared Clipboard and Drag and Drop to Bidirectional via the devices menu in the VM window. This makes moving files between the host and the Virtual Machine so easy and worth enabling.

Set a static IP Address

As we currently don’t have any DHCP server on our LAB network we won’t have been dynamically given an IP address. So will have to set one up manually.

• Open Control Panel and change the default view to large \ small icons.

• Select Network and Sharing Center.

• In Network and Sharing Center click Change Adapter settings in the menu on the left.

• Right click the network conection called Ethernet and select properties.

• Then left click Internet Protocol Version 4 (TCP/IPv4) so its highlighted and click properties.

• Switch both the IP address and DNS from automatically obtain too use the following and to keep things simple enter the Static IP details below.

When these are all set just hit OK and the New IP address settings will take effect.

Set a Static IP with the Command line

If you want to get a bit fancy, you can also set a static IP from the command line. Use the netsh commands below to set a static IP and point to the DNS Servers.

netsh interface show interface
netsh interface ip set address "Ethernet" static 192.168.1.2 255.255.255.0 192.168.1.1
netsh interface ipv4 add dnsserver "Ethernet" address=192.168.1.2 index=1
netsh interface ipv4 add dnsserver "Ethernet" address=192.168.1.1 index=2

Set a Static IP with PowerShell

Of course, there is also a Powershell option to set a static IP as well. This is much like setting a static IP from the Command Line but you need to use 3 different commands to set it up.

• Type Get-NetIPinterface from the powershell prompt to show all the avalible interfaces. Note down the InterfaceIndex number displayed in the first column.

• Then use New-NetIPAddress and the InterfaceIndex number you noted down from the previouse command. add the IP Address, prefix Length ( Subnet) and Default Gateway.

New-NetIPAddress -InterfaceIndex 6 -IPAddress 192.168.1.1 -PrefixLength 24 -DefaultGateway 192.168.1.1

• Lastly use the Set-DNSClientServerAddress command and the Interface Index number we noted down from the start to manually set the DNS servers the network Interface points to.

Set-DnsClientServerAddress -InterfaceIndex 6 -ServerAddresses 192.168.1.2

Set Server Name

Before we can move on to Installing Active Directory you need to rename this server. You will probably find it is currently rocking random name generated when you installed Windows server 2019.

• Firstly open Control Panel and select System

• When the system window opens click the change Settings button in the Computer name, Domain and workgroup settings section.

• Select Change in the system propertys window.

• Delete the Current default name of the server and replace it with DC01. You can call the server anything you want however if you want to follow along keep it as DC01.

• Click Ok to save the New name and you will be asked to reboot the Server for the name to take effect.

Rename the Server From Command Prompt

There is no real easy way to rename the Server from command prompt and I only left this in the tutorial for completeness. The other options to rename the server are alot easyer to remember then using the WMIC command below.

• First you need to find out the current default name of the server. Just type hostname at the prompt and it should present you the current name of the server. Make a note of the name as you will need it for the next command.

• Now use the wmic command below to rename the server making sure to replace the WIN-0Q4k902J5A8 part with the current name of your server.

WMIC computersystem where Name="WIN-0Q4K902J5A8" call Rename Name=Dc01

• You still need to give the server a reboot for the name change to take effect. Just type shutdown /r to restart the server.

Rename Server with Powershell

To rename a Windows server from powershell is super easy. Use the rename-computer command as below.

rename-computer -newname DC01 -restart

• The server will then restart and the new name should be applyed.

Take a Snapshot

Now, it’s time to take a snapshot of the Windows 2019 server in VirtualBox. This allows you to roll back the Virtual Machine, as we have it set up now, with just a few clicks. This is handy for the next section of this tutorial where we are installing Active Directory, if you make a mistake or want to even just run through the AD process again you can just restore the snapshot. Most Hypervisors will have some sort of snapshot feature for example in HyperV it’s called checkpoints.

• In Virtual Box click snapshot on the windows 2019 Server VM and select Take. Name the Snapshot and give it a short Description.

It’s worth taking a snapshot before making any changes in your LAB Environment. it can be a real lifesaver if something does not work as expected.

Setting Up Active Directory With The Gui

In this part of the tutorial, we are going to be setting up Active Directory on our new Windows 2019 server. Active Directory is a directory service that runs on Microsoft Windows Server that allows administrators to manage permissions and control access to network resources. Within Active Directory data is stored as objects, which include users, groups, applications, and devices.

We will delve deeper into Active Directory in upcoming tutorials where I will look at different exploits that still work even on the latest Windows Server Versions. The real takeaway from this is that Most companies will be running some form of Active Directory in their Organization and knowing how to install and manage it can be a real benefit.

So let’s Get started.

• Firstly start by opening Server Manager. This may take a few miniutes for it to populate all the data.

• Once Server Manager is open Click Manage and then Add Roles and Features.

• In the Add roles and features wizard click the third option on the left menu for server selection and you will then be able to select Server Roles.

• Tick the box next to Active Directory Domain Services.

• You will then be prompted with a window showing all the services or features that will be installed. have a quick read through whats being installed. Make sure include managment tools is selected and click add feature.

• Its also worth adding the DHCP Server role. This is not needed for the Active directory setup. However, we might as well install it now, so we dont have to statically assign the IP Address of every device we connect to the LAB.

• Click Next to move to features. leave everything as default.

• Now click Next through AD DS, DHCP Server and DNS Server leaving everything as default until you get to confirmation. From here click Install

This will now install everything needed for Active Directory Domain Services, DHCP Server, and DNS Server.

• After the installation has finished Click Close, to close the Add Roles and Features Wizard.

• In Server manager you should now see the Flag has a yellow triangle next to it. click this and select Promote this Server to a domain controller.

• You should see the Active Directory Domain Services Configuration Wizard pop up. Select Add a new forest and enter a domain name. I have gone for Empire.local “yes I am a big Star Wars Fan” but you can call your domain what ever you like. Click Next.

• In the Domain Controller Options, set an Directory Services Restore Mode password, confirm the password and then click next.

• Verify the Netbois name is correct and click next.

• leave the AD DS database, log files and SYSVOL folder locations as default, click next.

• Review all the Configurations we have just set are correct. Click Next.

Note: Take a look at the View Script button. This gives you a nice PowerShell Script for automating additional domain controllers to your domain in the future.

• The Server will run through some Prerequisites checks. Dont worry to much about the errors generated here and click install.

• The Installation should now start.

• Once the Server has finished being promoted to a domain controller, Reboot to complete the Installation.

Once the server has rebooted you will have a full setup and working domain controller in your LAB. I have also added how to Install Active Directory with PowerShell below. If you fancy giving it a go as well, restore the checkpoint. Otherwise, skip to Setting up DHCP.

Install Active Directory with PowerShell

Installing Active Directory with Powershell is actually “pretty simple” and has recently become my preferred method to install Active Directory after looking into a lot of automation.

• Lets get started by first installing Active Directory Domain Services and the managment tools. In powershell type the Install-WindowsFeature command below.

Install-WindowsFeature AD-Domain-Services -IncludeManagementTools

• Once that completes type the Install-ADDSForest command below to promte this server to a domain controller

Install-ADDSForest -DomainName "Empire.local" -DomainNetbiosName "empire" -InstallDNS:$true -NoReboot

Note: If you don’t use the -NoReboot switch on the above command the server will automatically reboot as soon as Active Directory is installed.

• Enter a Domain Services Restore Mode (DSRM) password twice.

• Hit Y and Enter to confirm you want to configure the server as a Domain Controller.

• Active Directory will start to install. You will get some warnings as below. However, don’t worry, too much about these in our LAB enviroment. Aslong as the Status when it completes is successful, we should be all good.

• Now all we have left to do is type restart-computer in Powershell to reboot the server and complete the Active Directory setup.

restart-computer

Once the servers restarted, it will be set up exactly the same as it was with the GUI. (Domain controller with DNS)

Note: Use Install-ADDSDomainController to add a new domain controller to an existing Active Directory domain or Install-ADDSDomain to create a new domain in an existing Active Directory Forest.

Take another snapshot!

• Take another snapshot now in VirtualBox. We can then roll back to the fresh install of Active Directory if we every need to. Give the SnapShot name and a short description. Then Click ok to save.

Setup Windows DHCP Server GUI

DHCP is not essential for your lab to work, as you could statically assign IP address for every device you connect your LAB too and it would work just fine. Furthermore, you could actually set up DHCP to come from the PFSense router instead if you prefer. Windows DHCP is easy to customize and configure and I have personally been using windows DHCP Server since the days of Windows NT and prefer it over most other DHCP server solutions out there.

• In Server Manager go to add roles and features, select Server roles and tick DHCP Server. Add all the features and make sure Include Managment tools if ticked.

• Once DHCP is installed you should be able to find the DHCP app by searching in the start bar OR can be found in Administrator Tools.

• With DHCP Open, Right click IPv4 and select New Scope.

• The New Scope Wizard window should pop up, Click Next .

• Give the Scope a name and a description, then click next.

• Now enter the range of IP addresses you want the DHCP Server to manage. In this tutorial i am using a full 24 bit subnet which is basically 254 IP Addresses, so is going to be everything from 192.168.1.1 to 192.168.1.254. Click Next.

• Now Add some exclusions, these are devices which need to be staticly set for example the Active Directory domain controller we just created. Here i have included everything from 192.168.1.1 too 192.168.1.49 to not be issued out by DHCP.

• Set the lease Duration. This is how long a device keeps a IP Address for before asking for a new one. Leave this on the default of 8 Days, click Next.

• Now we have to configure options within DHCP, like which DNS servers to use and whats the deafult gateway. Select Yes. I want to configure these options now and click Next.

• Type the ip address of the default gateway. In this LAB its the PFSense router on 192.168.1.1. Type this address into the IP address field and click Add.

• Set up the DNS options, adding the FQDN we set when setting up Active Directory “Empire.local”. Then set the IP of where your DNS servers are. This currently is only this server DC01. Add the ip 192.168.1.2 to the IP address field and click Add. Then click next.

• Dont worry to much about adding any WINS information, Just leave everything default and click next.

• Select yes i want to activate the scope now. and click next.

And is as easy as that so any new Devices joined to our Lab will now get a dynamic IP Address from this DHCP Server unless the IP address has been statically assigned on the device. This will help when we add a windows 10 VM to the LAB network in the coming sections of this tutorial and join it to the Active Directory Domain.

Set up Windows DHCP Server from Powershell

As with all windows features you can also set up DHCP from PowerShell. This again is probably a quicker option than using the GUI and is handy to know if you are ever looking at automating an installation.

• Type the Install-WindowsFeature command below to install DHCP and the ManagementTools.

Install-WindowsFeature DHCP -IncludeManagementTools

• Next we need to create the security Groups using the Network Shell (netsh) Command bellow. this adds the DHCP Administrators and DHCP Users security groups to the local users and groups on the DHCP server. Once the command comes back sucessful type Restart-service dhcpserver to restart the DHCP service.

netsh dhcp add securitygroups

Restart-service dhcpserver

• Authorize the DHCP Server in Active Directory this adds this DHCP server to the list of authorized DHCP servers in Active Directory.

Add-DhcpServerInDC -DnsName Dc01.empire.local -IPAddress 192.168.1.2
Get-DhcpServerInDC

• Configure the Scope using Add-DHCPServerv4Scope command adding the start and end range as below. In this tutorial we are using the full 24 bit subnet. which is 192.168.1.1 to 192.168.1.254.

Add-DhcpServerv4Scope -Name "Empire" -StartRange 192.168.1.1 -EndRange 192.168.1.254 -SubnetMask 255.255.255.0 -State Active

• Just like you did in the GUI Version, Exclude all ip addresses from 192.168.1.1 to 192.168.1.49 from the DHCP leases. Use the Add-DhcpServerv4ExclusionRange command below.

Add-DhcpServerv4ExclusionRange -ScopeId 192.168.1.0 -StartRange 192.168.1.1 -EndRange 192.168.1.49

• Lastly add the options for the Default Gateway and DNS Server using Set-DHCPServer4OptionValue command.

Set-DhcpServerv4OptionValue -OptionId 3 -value 192.168.1.1 -ScopeId 192.168.1.0
Set-DhcpServerv4OptionValue -DnsDomain empire.local -DnsServer 192.168.1.2

Setup a Windows 10 Virtual Machine

Having an Active Directory Server on its own network is all good and well but it does not really do much unless you have devices that connect to and use Active Directory. In this section, I am going to go through Downloading one of Microsofts Pre-built developer Virtual Machines. This is mainly because this tutorial is long enough already. However, if you want to create your own windows 10 VMs and connect them to the LAB network that’s fine skip to the domain Joining Section below.

• Start by downloading the Pre-Built Windows 10 Virtual Machine from the link below.

https://developer.microsoft.com/en-us/microsoft-edge/tools/vms/

• Select the version that corrasponds to the Virtualization software your using…i am using Virtual Box so ill download the VirtualBox VM.

• Once downloaded, extract the contents of the zip file and double click the .OVA file. This should bring up the Import Virtual Applicance window.

• Change the Name and the machine and edit the base folder to specify where you want to save the windows 10 virtual machine, click import.

Note: The importing process takes a few mins to import the Virtual Machine into VirtualBox. Have a quick break and it will be finished by the time you get back. otherwise, it’s like watching paint dry.

Once the import is complete you will see the new Windows 10 Virtual Machine in your list of servers in VirtualBox. Before we actually fire up the virtual machine we do however need to change the network adapter to our LAB network

• Right click the new Windows 10 Virtual Machine and select Settings. In Settings go to network and change Attached to : internal Network with the Name: LAB.

Take a Snapshot of the windows 10 Virtual Machine

Before you do anything else take a snapshot of this windows 10 Virtual MAchine now from within VirtualBox. As I stated previously in this tutorial try and make regular snapshots of all your lab Virtual Machines. This allows you to completely destroy a Virtual Machine and have it back up and working within minutes.

• In VirtualBox Take a snapshot of the windows 10 Virtual Machine give this a descriptive name and description.

• With the Snapshot saved, Fire Up the Virtual Machine and you should promptly get logged into a windows 10 desktop.

Joining a Windows 10 WorkStation to the Domain

lastly, All we have left to do is join the workstation to our Active Directory domain. You used to just be able to go to system in the control panel to join the pc to the domain However Microsoft are slowly getting rid of the control panel icons and you now need to go to Start -> Settings -> System -> About or just search for system it will take you to the same window.

• In the About window, click Rename this PC (advanced) in the far right menu. If initially, you can’t see the menu. Make sure to maximise the about window for the options to become avalible.

• The System Properties window should appear. Click Change.

• Rename the Computer From its default name. Change the member of to Domain: Then enter the name of the Active Directory Domain you created earlyer in this tutorial. If you have been following along with my examples this will be empire.local.

• You will then be asked to enter a username and password. Enter the administrator details you created for your domain.

• After a couple of seconds you should get a message welcoming you to the domain. Click Ok

• The messages changes telling you the Computer needs to restart . Click Ok

• Close out the system Properties.

• On the WIndow that pops up type Restart Now.

Once the PC has rebooted the Workstation will be fully joined to the Domain and any user from Active Directory will now be able to log into this Computer… Have a go Login with the domain administrator account.

Join a Windows 10 PC to a domain using PowerShell

Joining The windows 10 PC to the domain using PowerShell is actually a pretty simple process just type the add-computer command below. Adding the Domain name and the admin credentials for your active directory domain.

add-computer –domainname empire.local -Credential Empire\administrator -restart -force 

• When prompted enter the Administrators password then the workstaion will restart. Once its rebooted the workstation will be apart of our new domain.

Typical Error When joining to a domain

If you get an error like below when you join the workstation to the domain it means the PC can’t find the Domain controller, check the windows 10s Virtual Machines connection to the LAB network in VirtualBox, check you can ping the Domain controller via IP first, to make sure the domain controller is up. Then, ping via hostname to check DNS is working.

If you are still having issues after this check the domain name you originally set in Active Directory if you have been following along with me the is empire.local.

Note: if you think you may have gone wrong or missed a few steps Remember you can always roll the snapshots back In Virtualbox and reinstall Active Directory if needed.

Rearm the Trial Period In the Windows 10 VM

The Windows 10 Virtual Machine Trial Expires 30 days from when you first set it up. Once the trial has expired the windows 10 VM will shut its self down after 15 mins or so. luckily Microsoft allows you to extend the trial period by running the slmgr.vbs command below.

• From an elevated command prompt type

slmgr -rearm

• You will be prompted to restart. Once restarted check the system status using the command slmgr /xpr. you will find the windows trial has been extended for another 30 days.

slmgr /xpr

What Next…….

So you now have a complete self-contained Active Directory Lab, what next? Well, the first thing I would do is create some users in Active Directory users and computers. I purposely left this step off this tutorial as it’s really simple to do and with a bit of google FU I am sure you can work it out.

You may also want to look at adding other virtual machines to your lab, check out some of my other tutorials below.

• Setup a Hacking Lab
• Setup a Vulnerable LAMP Server
• Installing Kali Linux In VirtualBox
• Installing Linux Mint In VirtualBox

The main constraint on how many virtual machines you can run at the same time is going to be the memory of your host operating system then it might be I/O on the Hard disk. so you might need to get a little bit constructive with how many resources you give each VM.

I also have a whole host of hacking tutorials, some of the most popular ones I have listed below. If you are feeling brave you can have a go in the Lab we just created. however, remember at every stage to create snapshots in VirtualBox just in case you have to roll it back.

• Token Impersonation Attack
• Brute Forcing Passwords with THC Hydra
• Basic Enumeration on a windows PC
• Creating a Payload with MSFvenom
• Password Audit Extracting hashes from NTDS.dit

Please let me know in the comments below any future tutorials you would like to see on my blog or even just to let me know if you had any problems following my steps or creating any of the virtual machines. I am always pleased with any Feedback.