Project 7 - Windows Admin Center
Setup AD01
sconfig:
IP: 10.0.5.5/24
Time: Setup
Hostname ad01-Paul
Make Forest
Install-WindowsFeature -Name AD-Domain-Services -IncludeManagementTools
Install-ADDSForest -DomainName "paul.local"
Install ADDS
Install-WindowsFeature DNS -IncludeManagementTools
Add-DnsServerPrimaryZone -NetworkID 10.0.5.0/24 -ReplicationScope "Domain"
Add-DnsServerResourceRecordA -CreatePtr -Name "fs01-paul" -ZoneName "oliver.local" -AllowUpdateAny -IPv4Address "10.0.5.7"
Add-DnsServerResourceRecordPtr -Name "5" -ZoneName "5.0.10.in-addr.arpa" -AllowUpdateAny -AgeRecord -PtrDomainName "ad01-paul.paul.local"
Setup User
$password = Read-Host -AsSecureString
New-ADUser -Name paul.gleason-adm -AccountPassword $password -Passwordneverexpires $true -Enabled $true
$password = Read-Host -AsSecureString
New-ADUser -Name paul.gleason -AccountPassword $password -Passwordneverexpires $true -Enabled $true
Add-ADGroupMember -Identity "Domain Admins" -Members paul.gleason-adm
Add-ADGroupMember -Identity "Enterprise Admins" -Members paul.gleason-adm
DHCP
Install-WindowsFeature DHCP -IncludeManagementTools
netsh dhcp add securitygroups
Restart-Service dhcpserver
Add-DHCPServerv4Scope -Name "lan-scope" -StartRange 10.0.5.60 -EndRange 10.0.5.70 -SubnetMask 255.255.255.0 -State Active -LeaseDuration 1.00:00:00
Set-DHCPServerv4OptionValue -ScopeID 10.0.5.0 -DnsDomain paul.local -DnsServer 10.0.5.5 -Router 10.0.5.1
Add-DhcpServerInDC -DnsName "ad01-paul.paul.local" -IpAddress 10.0.5.5
WK01 on DHCP
FS01
IP: 10.0.5.7
Hostname fs01-Paul
Join domain
Setup Windows Admin Center
Click through installer
Windows Admin Center Setup
Click add and add servers
Add Extension:
Install AD and DNS extension
GPO for WinRM Setup
I made a new OU in AD for WKS01-Paul
Then Added A New GPO
Then go to Computer Configuration > Policies > Administrative Templates > Windows Components > Windows Remote Management > WinRM Service then select Allow remote server management through WinRM and set to Enabled and * for filters
The modify Computer Configuration > Policies > Windows Settings > Security Settings > System Services and selected Windows Remote Management
Make it look like
Finally add an inbound firewall rule: Computer Configuration > Policies > Windows Settings > Security Settings > Windows Defender Firewall with Advanced Security
Then did a “gpupdate /force” on windows once windows restart then go on fs01 and test the connection