Tim Sonner

Windows Server Active Directory VM Setup with VirtualBox and Linux

Published: 2023-11-08

A “white pages” telephone directory © 2010 by Tomasz Sienicki [user: tsca, mail: tomasz.sienicki at gmail.com] - Photograph by Tomasz Sienicki (Own work) Image intentionally scaled down. a phone / telephone book / directory

Active Directory VM Setup with VirtualBox

First thing is download a version of Windows Server…
https://www.microsoft.com/en-us/evalcenter/download-windows-server-2022

You should also have VirtualBox installed…
https://www.virtualbox.org/

Spin up the VM and install Windows Server…

For this guide we’re using Windows Server 2022 Standard Evaluation (Desktop Experience) x64
Custom Install - Utilizing entire disk space
Do you want to allow your PC to be discoverable by other PCs and devices on this network? - No
Decent idea to install VirtualBox Guest Additions

Take a VM Snapshot of the machine before first login with built-in Administrator account

Power down the Virtual Machine using PowerShell. Power on the VM once VirtualBox Network Settings are made

shutdown /s /t 0

VirtualBox Network Setup

File > Tools > Network Manager
Create a host-only network

Pick a network or use 192.168.56.1 which is default VirtualBox network address.

Setup a Host-Only network

Select the machine and then Settings
Choose the Adapter 2 tab, check the box Enable Network Adapter
Select the dropdown Attached to:, select Host-only-Adapter

Adapter 1 should be NAT in order to let the Windows Server communicate to the outside world using the Host OS (real life) adapter. If you’re running in a sandbox, disable Adapter 1.

Windows Networking Setup

Fire up the VM…

PowerShell…

ncpa.cpl

Edit the IPv4 Network Settings

Toggle the Use the following IP address: radio button

Settings breakdown

Ip address: Sets the IP address of our server. I’m using the 192.168.56 subnet from our VirtualBox netw0rk and assigning the server to the 105 slot.

Subnet mask: 255.255.255.0, another way of saying CIDR /24.

Default gateway: 192.168.56.1 is the default gateway for the 192.168.56.1 network.

Preferred DNS server: 127.0.0.1, we set this so the server (localhost) acts as its own Domain Name Server, we’ll setup DNS in a bit…

Try pinging the Windows guest at 192.168.56.105 from the host OS. It should fail, we need to poke holes in the firewall…

Windows Firewall Settings

P0werShell…

wf.msc

Find and click the Windows Defender Firewall Properties link
Click the Customize… button next to Protected network connections: in the dialog Uncheck Ethernet 2, this allows Network Traffic to and from the host running VirtualBox. These Ethernet and Ethernet 2 adapters are a referene to the VirtualBox N3twork Adapters we created earlier. Ethernet is our NAT adapter, Ethernet 2 is our Host-only Adapter
Repeat this process for the remaining Private Profile and Public Profile tabs

Try pinging the Windows Server VM (192.168.56.105) from the host OS now…

Install Active Directory

Powershell - If Server Manager isn’t already running…

servermanager

Add a Server Role

Select Manage > Add Roles and Features
Select Role-based or feature-based installation
Select the Windows Host as the Server (same as Windows hostname)
Check the Active Directory Domain Services check box
Click Add Features button

Once Role is installed, promote the Server to a Domain Controller

Toggle the Add a new forest radio button

Ignore the warning about DNS delegation
Use default paths

Machine will reboot and apply settings…

The machine is now part of the domain…

Finish setting up DNS

In Server Manager, navigate to Tools > DNS

Expand the Server tree and Select Reverse Lookup Zones

Right click on Reverse Lookup Zones and select New Zone

Zone Type: Default Setting (Primary zone)
Store the zone in Active Directory: True

If you’ve installed DNS before Active Directory Services, the Store the zone in Active Directory checkbox is how you fix your Reverse DNS lookups… Happened to me, idk…

Replication Scope: All DNS servers running on domain controllers in this domain: timsonner.com

Reverse Lookup Zone Name - Network ID: 192.168.56

Create a new Reverse DNS Pointer

In DNS Manager, right click the new Reverse Lookup Zone 56.168.192.in-addr.arpa, select New Pointer (PTR)…

Fill in the hostname with that of the Windows Server

Powershell

hostname

Test out the DNS settings…

Edit /etc/resolv.conf adding the following line to the top of the file

nameserver 192.168.56.105

Join Kali to the domain

realm join -v -U Administrator timsonner.com

Kali was successfully domain joined…