A complete Active Directory environment built from scratch in VirtualBox, featuring domain controller setup, DNS configuration, DHCP, RAS/NAT, bulk user provisioning via PowerShell, and domain-joined client connectivity.
The objective of this lab was to build a fully functional Active Directory environment from the ground up. This involved deploying a Windows Server domain controller with dual network interfaces, configuring core infrastructure services (DNS, DHCP, RAS/NAT), automating user creation with PowerShell, and joining a Windows 10 client to the domain.
Final Result: A working Active Directory domain with automated user provisioning and a domain-joined client with full internet connectivity through the domain controller.
Internet
|
[NIC 1 - External]
|
Domain Controller (Windows Server)
- Active Directory Domain Services
- DNS Server
- DHCP Server
- RAS / NAT
|
[NIC 2 - Internal Network]
|
Client1 (Windows 10)
- Domain-Joined
- DHCP-Assigned IP
- Internet Access via DC
| Component | Details |
|---|---|
| Domain Controller | Windows Server with 2 NICs |
| NIC 1 | External — Internet-facing |
| NIC 2 | Internal — Private network for clients |
| Client | Windows 10 — Domain-joined workstation |
| Virtualization | Oracle VirtualBox |
| Technology | Purpose |
|---|---|
| Windows Server | Domain controller, DNS, DHCP, RAS/NAT |
| Windows 10 | Client workstation |
| Oracle VirtualBox | Virtualization platform |
| PowerShell | Automated bulk user creation |
| Active Directory Domain Services | Centralized identity and access management |
| DNS | Domain name resolution |
| DHCP | Dynamic IP assignment for clients |
| RAS/NAT | Routing and remote access for internal network internet connectivity |
The diagram below shows the full lab design including both NICs on the domain controller, the internal network, and the client VM.
Configured two network interfaces on the domain controller — one dedicated to the internet (external) and one for the internal private network where clients will reside.
The internal NIC was configured with a static IP address and DNS settings to support Active Directory and domain services on the private network.
Installed the Active Directory Domain Services (AD DS) role on Windows Server and promoted the server to a domain controller.
After configuring the domain name, the domain was created and ready for deployment.
Created a dedicated administrator account within Active Directory for domain management, following best practices of not using the default built-in administrator account.
Configured Remote Access Server (RAS) with Network Address Translation (NAT) on the domain controller. This allows clients on the internal private network to access the internet through the domain controller's external NIC.
Installed and configured the DHCP server role to automatically assign IP addresses to clients joining the internal network. The DHCP scope was configured to hand out addresses on the internal subnet with the domain controller as the default gateway.
Created a PowerShell script to automate the creation of multiple user accounts in Active Directory. This simulates a real-world scenario where IT administrators need to onboard a large number of users efficiently.
The script successfully created all user accounts, which are now visible in Active Directory Users and Computers.
Deployed a Windows 10 client VM (CLIENT1) connected to the internal network. The client received an IP address from the DHCP server and has internet access through the domain controller's RAS/NAT configuration.
CLIENT1 was successfully joined to the domain. Any user account created on the domain controller can now log in to this client machine, demonstrating centralized authentication and access management.
- Deploying Active Directory Domain Services and promoting a domain controller
- Configuring dual-NIC networking for internal/external network separation
- Setting up DNS services for domain name resolution
- Configuring DHCP for automated IP address assignment
- Implementing RAS/NAT to provide internet access to internal clients
- Automating bulk user creation with PowerShell scripting
- Joining client workstations to a domain
- Troubleshooting authentication, DNS, and network connectivity issues
Justin IT Professional
Last Updated: June 2024