TechGuy215 wrote: »
Server 2008R2 shouldn't be a client...its a server. You need to create a domain on your LAN, and join your clients to it. Also, BT5 isn't a client you would find in a business environment, you should use a distro such as Suse, RHEL, or CENTOS. BT5 is the OS you should have loaded on the machine you intend to use as the attacking machine.
Promote your 2012 server to a DC, then join your clients to it. You'll also want to assign the Server a Static IP, and enable DHCP on it. Create a few accounts in AD with different permissions, memberships, some with a weak password, some with a strong password, etc...
Once you have a domain setup and working, user/computer accounts created, the skies the limit on what you want to test. You can install different applications, frameworks, webservices, etc.. that you can attempt to exploit/scan for vulnerabilities.
BT5 has some great tools built in, you can also find many script-kiddie tools by simply Googling them.
*Edit, I forgot to mention if you enable DHCP on your server, besure to disable it on your router.