📖
Building a Windows AD lab
  • Building a Windows AD lab
  • Lab-setup
    • Lab overview
    • Building the lab
      • Prerequisite
      • Creating images
        • Optional: Install software & Settings
      • Network setup
      • Cloning & Creating VM's
      • Creating bank.local
        • Creating Domain Controller - DC01
          • Enable RDP
        • Creating amsterdam.bank.local
          • Creating Domain Controller - DC02
            • Creating a AD structure
            • Create a CA
            • Configure LDAPS
          • Creating Fileserver - FILE01
            • File services
          • Creating W10 client - WS01
            • PSRemoting
          • Creating Webserver - WEB01
            • Web Services
            • SQL Server
              • Create database
      • Creating secure.local
        • Creating Domain Controller - DC03
        • Creating File/SQL Server - DATA01
          • SQL Server
            • Create database
    • Attack Paths
      • Attack path 1 (hard)
        • Configuring
        • Tasks
        • Manual
      • Attack path 2
        • Configuring
        • Task
        • Manual
    • Troubleshooting
    • To-Do
  • Vulnerabilities & Misconfigurations & Attacks
    • Initial Access Attacks
      • Username Enumeration
        • Password Spraying
        • AS-REP Roasting
        • Empty Password
      • SMB Relaying
      • SMB Null-Session (To-Do)
      • SQL Server default login
    • Active Directory Attacks
      • Password spraying
      • AS-REP Roasting
      • Empty password
      • Password in description
      • Kerberoasting
      • Delegation Attacks
        • Unconstrained Delegation
          • Printerbug
        • Constrained Delegation
        • Resource Based Constrained Delegation
          • Computeraccount Takeover
          • Change-LockScreen
          • Webclient Attack (todo)
      • DACL-Abuses
        • Write Owner
        • Owns
        • WriteDacl
        • GenericAll
        • GenericWrite (todo)
        • ForceChangePassword
        • Add user to group (todo)
        • Targeted Kerberoast (todo)
        • Get-Changes
      • Reused local administrator (todo)
      • SQL Server Attacks (todo)
        • Initial Access
          • SQL Server default login
          • Normal domain user access
        • Privilege Escalation
          • Impersonation
          • DB-Owner
          • Enumerate Logins
            • Weak passwords
        • Executing Commands
        • Database-Links
        • Capturing hashes & Relaying
      • Reading LAPS passwords (todo)
      • Priviliged Groups (todo)
        • DNS-Admins (todo)
        • Account Operators (todo)
        • Backup Operators
        • Server Operators (todo)
      • Hopping domains and forests
        • Child to parent domain
          • Krbtgt hash
          • Trust key
        • Cross forest Attacks (todo)
          • Foreign user
    • Misc
      • Reverse shell trick
      • Lateral Movement
        • PSRemoting
        • PsExec (todo)
      • Misconfigured Service (todo)
        • Unqouted Service Path
      • Discovering Shares
      • Password on shares
      • Different methods of dumping credentials
        • LSASS (todo)
        • Dumping DPAPI
          • Browser passwords
        • Scheduled tasks (todo)
        • Services (todo)
        • Vssadmin Shadow Copy
      • ms-ds-machineaccountquota (todo)
      • add DNS Records (todo)
      • Bypassing UAC
    • Template page
  • Defence
    • Detection
    • Hardening
      • LDAP
        • LDAP Signing
        • LDAPS Binding
      • Strong Password Policy
      • Change who can join computers to the domain
      • Protected users group
      • Account is sensitive and cannot be delegated
      • Powershell Execution Policy
      • Template page
Powered by GitBook
On this page
  • Why create images?
  • Downloading ISO's
  • Creating a virtual machine VMware
  • Creating a image
  • Updating
  • Optionally
  • Cleanup
  • Sysprep
  • Finished
Edit on GitHub
  1. Lab-setup
  2. Building the lab

Creating images

We are expecting that you know how to create a virtual machine and install a Windows client or server. Below is a short manual on how to do so for some guidance.

PreviousPrerequisiteNextOptional: Install software & Settings

Last updated 3 years ago

Why create images?

It is way easier to create an updated image with all the updates etc. of an operating system and clone it then to install updates, software on every machine all the time.

Downloading ISO's

Windows ISO's can be downloaded from the . For this lab we will be using the following operating system so please download all four the ISO's under the and category:

  • Windows Server 2022

  • Windows Server 2019

  • Windows 10

Creating a virtual machine VMware

For this lab we will be creating images which can be used to quickly clone and deploy another server or client. Hopefully you already know how to create a virtual machine in the hypervisor you are using. For demonstration I will show how to create a virtual machine in VMware Workstation.

I would recommend creating all virtual machine images at the same time!

  1. Open VMware workstation and in the top left click on File --> New Virtual Machine and a pop-up should come up to create a new virtual machine.

  2. On the step "What type of configuration you want" select "Typical (recommended)" and click Next.

  3. On the step "Guest Operating System Installation" select "Installer disc image file (iso)" and select the Windows Server 2019 ISO. Click Next.

  4. On the step "Select guest Operating system" select "Microsoft Windows" and in the dropdown menu select "Windows Server 2019. Click Next.

  5. Give the the name "Windows Server 2019 Image" and click Next.

  6. Choose the default Disk Size and click Next.

  7. Click Finish.

Repeat these steps for each Image we would like to create (Windows Server 2019, 2022 and Windows 10)

Creating a image

  1. Start-up the virtual machine and quickly pres a key to boot to the CD.

  2. Make sure the language is set to "English" and the keyboard layout to "US" or your own keyboard layout and click Next.

3. Click Install Now.

  • When asked to select an operating system select "Windows Server Standard Evaluation (Desktop Experience)" and click Next.

4. Accept the licene terms and click Next.

5. Select "Custom: Install Windows only" and select the disk, click on New and Apply.

6. Select the Primary Partition and click Next.

7. After the installation finishes the machine will reboot. Make sure you remove the ISO by going to the settings of the machine and disconnecting the CD drive.

8. Start the VM and go through the installation. For the Image just choose a simple Administrator password which you could remember, such as Welcome01!.

9. Click through next during the installation steps and I would recommend choosing the most privacy friendly settings.

  • For Windows 10 select "Domain Join instead" to create a local user account

Updating

  1. Click Start and select the gear Settings Icon.

2. The Windows Settings menu appears, click on "Update & Security"

3. Click on "Check for Updates" and install all updates.

4. When the system asks for a reboot, reboot is and repeat till there are no more updates left.

Repeat these steps for each Image we would like to create (Windows Server 2019 and 2022, and Windows 10 and Windows 11)

Optionally

Cleanup

  1. Make sure the downloads folder is empty.

  1. Empty the recycle bin by rightcliking on it and selecting "Empty Recycle Bin"

  1. Open explorer and click on "This PC", right click the C:\ disk and click "Properties".

4. Click on "Disk Cleanup", "Clean System Files", select everything and Click "OK"

Sysprep

To be able to clone the virtual machine without having any problems when joining the same machine to the domain, we have to run sysprep.

  1. Press Windows + R, type sysprep and click OK.

2. Windows Explorer opens and click on the "Sysprep" application.

3. Select "Generalize", Choose Shutdown and click on "OK"

Finished

When the machine is fully shutdown the image is finished.

Microsoft Evaluation Center
Windows
Windows Server
Optional: Install software & Settings