Options
Fiddling with Active Directory
Hello
I want to learn Active directory or at least fiddle with it a bit, so I installed windows 2008 r2 standard edition as a trial version. I then added AD as a "role" but it said in order for it to work the computer must be running a static IP and their should be a dns server. I installed AD anyway.
Now i'm running server in a virtual OS on virtual box. I went to the cmd prompt in server and typed ipconfig and the ipv4 address is 10.0.0.5 or something along those lines. Normally my network uses the usual class C RFC1918 private addresses. The 10.0.0.5 is able to ping the 192.168.0.0/24 hosts
Is having a 10.0.0.5 ip normal? is some king of NAT going on here within the virtual environment?
if anyone could please give me the idiot's guide to learning a bit of AD that would be good. I'm not after anything fancy just want to learn how to create security policies and assign permissions to them. I think I need to to assign a static IP and setup DNS servers first? anyone know how best to do this with it running virtually?
I want to learn Active directory or at least fiddle with it a bit, so I installed windows 2008 r2 standard edition as a trial version. I then added AD as a "role" but it said in order for it to work the computer must be running a static IP and their should be a dns server. I installed AD anyway.
Now i'm running server in a virtual OS on virtual box. I went to the cmd prompt in server and typed ipconfig and the ipv4 address is 10.0.0.5 or something along those lines. Normally my network uses the usual class C RFC1918 private addresses. The 10.0.0.5 is able to ping the 192.168.0.0/24 hosts
Is having a 10.0.0.5 ip normal? is some king of NAT going on here within the virtual environment?
if anyone could please give me the idiot's guide to learning a bit of AD that would be good. I'm not after anything fancy just want to learn how to create security policies and assign permissions to them. I think I need to to assign a static IP and setup DNS servers first? anyone know how best to do this with it running virtually?
I'm an Xpert at nothing apart from remembering useless information that nobody else cares about.
Comments
-
Options
Essendon
Member Posts: 4,546 ■■■■■■■■■■
10.0.0.5 is perfectly normal. That IP address was likely DHCP'd to your DC by your modem/router.
These links may get you started:
How to Create a Windows Server 2008 Virtual Lab Using VirtualBox
Whitepaper – How to create a virtual lab using VirtualBox – Mike's View
A domain controller must have a static address so client machines always have the one IP address they need to target. If the DC's address were to change on reboot, client machines wouldnt know where the DC is and there'd be no logons, no authentication, basically chaos.
As for the ping working, there's got to be some kind of NAT'ing going on in Virtualbox. When you set up a lab like this, you should usually set the networking to Host-only. This way you have an isolated network of machines that can communicate with each other only. You assign your DC a static adderss (this can be any address, because the networking is host-only), as long as the client machines are on the same subnet you should be good. If you want the Internet on one of your client machines, set the NIC to bridged for that VM and it'll be able to get out to the Internet.
Your DC will also be your DNS server and that's a best practice. When you want to join clients to the domain you create, just set the DNS server on the clients to your DC and you should be able to join the domain just fine.
Hope this helps. -
Options
jmritenour
Member Posts: 565
Yes, but default, virtual box uses a NAT. However, you can configure the NIC to directly connect to the physical network, or do a VM only network.
Regardless, a domain controller needs to have a static address. The first DC in a domain needs to function as a DNS server, that definitely requires a static IP.
And also, adding the "role" only installs the binaries required for a domain controller. You still have to promote it to a domain controller with the command dcpromo.
That said, and please don't take this the wrong way... Active Directory isn't something you can just blindly poke around with and learn - it's just too complex. Even "simple" things like security policies can fill entire books.
Find yourself a good beginner's tutorial for AD and use that as a starting point. This might be a good one - Introduction to Active Directory | Learnthat.com | Free Tutorial"Start by doing what is necessary, then do what is possible; suddenly, you are doing the impossible." - St. Francis of Assisi -
Options
CodeBlox
Member Posts: 1,363 ■■■■□□□□□□
VirtualBox sets the guest to be NAT'ed by default. In the network settings for the guest, you can change that to "Bridged" so that you'll get a network address from your IP subnet at home.Currently reading: Network Warrior, Unix Network Programming by Richard Stevens -
Options
MrXpert
Member Posts: 586 ■■■□□□□□□□
Just wanted to post an update. All your advice was very helpful. Thank you
I managed to create a few user accounts and add them to the domain and have been messing about with account and password settings within group policy manager. It's helping me get a bit more familiar with the AD environment.I'm an Xpert at nothing apart from remembering useless information that nobody else cares about.