Home Lab

Create a VM without an OS first, and then add the Windows Server 2022 ISO file as the path.

Utilities

AD

From server manager:

  1. Add Roles and Features → Role-based or feature-based installation

  2. Local server → AD Domains Services

  3. Cick on the Promote to DC configuration triangle post-install

  4. Add new forest and go through the wizard

  • GUI AD control: dsa.msc

  • Microsoft Management Console: mmc— it’s a framework that allows the creation of custom management consoles by adding snap-ins for various administrative tools.

> Import-Module ActiveDirectory
> $username = "freya"
> $password = ConvertTo-SecureString "Password123!" -AsPlainText -Force
> New-ADUser -Name $username -SamAccountName $username -AccountPassword $password -Enabled $true -PasswordNeverExpires $true -Path "CN=Users,DC=MOLLY,DC=LOCAL"

ADCS

From server manager:

  1. Manage → Add Roles and Features

  2. Check ADCS → Click on the post-install notification triangle

  3. Choose CA → Enterprise CA (defaults for the rest)

  • Certificate Authority server manager (aka CA console): certsrv.msc

  • Certificate Template manager: certtmpl.msc

# From mmc
1. Add or Remove Snap-ins
2. Add `Certificates`
3. Computer Account
4. Local Computer
5. Can then view fields/details

To find EKUs:

  • certtmpl.msc → template → right click → Properties → Extensions tab

Commands

Write-Host "Hostname: $env:COMPUTERNAME"
Write-Host "NetBIOS Name: $env:COMPUTERNAME"
Write-Host "Domain Name: $((Get-WmiObject Win32_ComputerSystem).Domain)"
Write-Host "FQDN: $([System.Net.Dns]::GetHostByName(($env:COMPUTERNAME)).Hostname)"
Hostname: DC01
NetBIOS Name: DC01
Domain Name: molly.local
FQDN: DC01.molly.local
PreviousLearning Resources

Last updated