Setting Up Domain Controller
After configuring multiple components in the previous articles, we have finally arrived at the domain controller. The domain is the main component of our Demo Home Lab.
In this article, I will guide you through the process of creating and preparing a domain controller. We will install and configure the Active Directory Domain Service. Additionally, I will show you how to configure networking to work with the current RRAS configuration.
Network Configuration
Firstly we will configure networking for our Domain Controller.
In Hyper-V Manager, we will add a Private network switch (if you haven’t already done so).
Navigate to Network and Adapters and rename the private adapter to be more recognizable.
IP Configuration
Assign an IP Address. In my case, I am using the following segment for servers:
- 192.168.178.100 – 192.168.178.200 (Servers segment).
Assign an IP Default Gateway. This is the IP of the RRAS Server, which works as a router – 192.168.178.1
Assign the Subnet Mask – 255.255.255.0 (Class C).
Assign the Primary DNS Server, the Domain controller will work as a DNS server. So we will use 127.0.0.1 (the IP address of the local computer/localhost).
Assign Alternate DNS Server will be 8.8.8.8 (Google DNS).
You can check IP Configuration on – GitHub
Install Active Directory Domain Service
Before installing the Active Directory Domain Service, I suggest you check the server’s name. If it’s not set per your naming convention, set it now.
Open Server Manager, click Add Roles and Features. Install Active Directory Domain Services.
After installation, we need to promote a server to the domain controller.
First, we need to create a new forest. We need to choose our Root Domain Name.
The idea is to use an internal Domain name different from the public domain. In our example, we have a public routable domain that is ninjademolab.com.
For our internal domain, we will use ad.ninjademolab.com, which is not publicly routable. The best practice is to have separate private and public domains (Split DNS issue).
Choose the forest and the domain functional level. Because this is a Home Lab, we can easily choose the latest one (Windows Server 2016). Set up the DSMR password (this password provides the administrator a backdoor to the database in case something goes wrong later on).
NOTE: With Windows Server 2025 there will be a newer domain and functional level).
Set the NetBIOS name, follow the wizard, and choose the default configuration.
After promotion, the server will reboot, and then we must log in to our domain.
Domain is now prepared. We can now join computers, servers…
Connectivity check
A ping to our client’s computer is successful. A ping to Google.com is also successful.
Active Directory Structure
The Active Directory structure is shown in the following picture below.
I created a separate Organizational Unit Ninja Demo Lab.
Within this OU, you should create sub-OUs to further organize resources. For example:
- Users: Includes user accounts.
- Groups: Organize lab-related security groups (e.g., “Lab Admins,” “Lab Users”).
- Computers: Place lab computers (physical or virtual) in a sub-OU.
- Servers: Include Servers
- Other Resources: You can create additional sub-OUs for printers, network devices, etc.
RRAS Server is already joined.
Conclusions
In this article, we learned how to install and prepare our domain. We learned how to configure networking so it works with RRAS Servers. At the end, I showed you my current Active Directory structure. In the next blog post, we will learn how to prepare a DHCP server for our devices.
See ya in the next blog posts 🙂
