A Quick 'n Dirty Guide to Setting up a Windows Server Lab

on

This is a very shallow guide to be read in conjunction with Azure AD Connect: Your first step towards an Hybrid Windows Environment. It was originally part of that post but it started getting a bit long so I decided to throw it into a post of its own. 

If you’re new to Windows sysadmin’ing and learning everything from the ground up, then I suggest checking out some of my other posts with the Basics tag where I cover stuff like setting up a Windows 10 VM; A Basic Introduction to Intune / Microsoft Endpoint Manager; and How to set up Autopilot.

Now this post is meant to be temporary as I plan on doing a proper guide on setting up a labs using the fantastic PS-AutoLab module but But like they say... "NOTHING IS MORE PERMANENT THAN A TEMPORARY SOLIUTION" which is painfully true in IT. 

So, until I get around to that… follow the guide I wrote about setting up a Windows 10 VM but grab a Windows Server ISO instead. 

Once it’s installed, Server Manager will open automatically the when you login, Click on Configure this local server:

Apply whatever available updates are available and give your VM a decent name while you're at it. 

 After rebooting, you'll need to assign your Windows server a static IP.before installing the DNS service. 

So start by right clicking on the Start button > Selecting Network Conditions > Change Adapter Settings > Right Clicking on your NIC > Properties

If you want to make your learning experience a little bit easier, go ahead and unselect Internet Protocol Version 6 (TCP/IPv6). This is just a homelab afterwall and, honestly? If you're reading this guide, I suggest tackling IPv6 later down the road anyway😜.

If you're not sure what IP addresses to use, open a CMD prompt and run´ipconfig /all

Note: The following print-out is from an ADDC I've already set up, which is why the VM is already domain joined to lab.int and has 127.0.0.1 (localhost) set as one of the DNS servers. I told you that this was a quick 'n dirty guide!

Now back  Server Manager, click on Manage > Add Roles and Features > Next > Next and install the following roles:

  • Active Directory Domain Services
  • DNS Server


Follow the prompts until it finishes installing. Then launch the Wizard once it asks you to promote the machine to a domain controller.

At the Deployment Configuration windows, since this a brand new environment, select the Add a new forest radio button >  type in a Fully Qualified Domain Name (FQDN). I suggest you use something that is registered as a Special-Use Domain Name by IANA, as it's used by Multicast DNS (RFC 6762, 3). RFC 2606 specifies .test, .example, .invalid and .localhost for testing & documentation examples. Therefore, they should never be registered as official TLDs, but they do have some special purposes, as described in RFC 6761, 6.

If you decide to use a domain that you own (e.g. contoso.com) then best practice is using a prefix e.g. AD.contoso.com so that you keep your infrastructure seperate from your public facing domain. Regardless, don't use a domain that you do not own. If you, one day, decide to AD Connect your on-premise, you won't be able to register/confirm your AD domain and you'll be missing out on a lot of cool features like synching your on-prem users with your domains UPN. 


Choose a (Directory Restore Mode DSRM) password. You know, in case the worst happens 😉.


Ignore the "A delegation for this DNS  server cannot be created because the authoritative parent zone" warning. You'd only need to pay attention to it if we were setting up a public DNS server (nameserver). Which we're not. So...

The NetBIOS domain name should be populated automatically with the domain name we made for the forest. It might take a minute. 

Best practice for the default locations of the AD DS database files would normally be storing them on a seperate disk (e.g. D:\Windows\NTDS and D:\Windows\SYSVOL) but honestly I don't bother with that when it comes to homelabs. In production environments? Oh yes. Definitely. 

Since they contain some pretty important things and you'd be saving yourself a headache incase you found yourself in a situation where you need to wipe the OS drive for a reinstall. And if you only had the one DC while you found yourself in that situation then... 

Doesn't matter for now! 😝

From this point on, just click next until you finish the wizard.  A quick 'n dirty Active Directory Domain Controller!


Just make sure you pay attention to what I've drawn a red box around. The server will reboot automatically once the installation has completed so make sure you're not working on anything. 


Don't mind the yellow warnings. 


Aaaaand it's done! Congratulations on having your very own Active Directory Domain Controller!