Home Lab

Create a VM without an OS first, and then add the Windows Server 2022 ISO file as the path.

Utilities

AD

From server manager:

1. Add Roles and Features → Role-based or feature-based installation

2. Local server → AD Domains Services

3. Cick on the Promote to DC configuration triangle post-install

4. Add new forest and go through the wizard

• GUI AD control: dsa.msc

• Microsoft Management Console: mmc— it’s a framework that allows the creation of custom management consoles by adding snap-ins for various administrative tools.

Create User

> Import-Module ActiveDirectory
> $username = "freya"
> $password = ConvertTo-SecureString "Password123!" -AsPlainText -Force
> New-ADUser -Name $username -SamAccountName $username -AccountPassword $password -Enabled $true -PasswordNeverExpires $true -Path "CN=Users,DC=MOLLY,DC=LOCAL"

ADCS

From server manager:

1. Manage → Add Roles and Features

2. Check ADCS → Click on the post-install notification triangle

3. Choose CA → Enterprise CA (defaults for the rest)

• Certificate Authority server manager (aka CA console): certsrv.msc

• Certificate Template manager: certtmpl.msc

# From mmc
1. Add or Remove Snap-ins
2. Add `Certificates`
3. Computer Account
4. Local Computer
5. Can then view fields/details

To find EKUs:

• certtmpl.msc → template → right click → Properties → Extensions tab

Commands

Write-Host "Hostname: $env:COMPUTERNAME"
Write-Host "NetBIOS Name: $env:COMPUTERNAME"
Write-Host "Domain Name: $((Get-WmiObject Win32_ComputerSystem).Domain)"
Write-Host "FQDN: $([System.Net.Dns]::GetHostByName(($env:COMPUTERNAME)).Hostname)"
Hostname: DC01
NetBIOS Name: DC01
Domain Name: molly.local
FQDN: DC01.molly.local