Active Directory Lab Setup

Setting up Users, Groups and Policies 📜

We'll be setting up a couple of things that are intentionally misconfigured to simulate real-life vulnerable environments

Adding Users

Switch to your Windows Server and log into it. In the server manager dashboard:

Click Tools > Active Directory Users and Computers

We create some user accounts for the purpose of enumerating or hacking on them later.

Right click the administrator and click copy:

Since we're using a marvel theme, lets name him Tony Stark, click next and finish:

Click Copy Administrator and create another account with the following name:

Assign an easy password (like Password1)

Right click on the empty area and go to New > Users

Name it fcastle and assign an easy password.

Create one named pparker as well:

We will also create a share (intended for hacking it later):

So in your server manager, click on shares:

Click Tasks and then New Share..:

Leave the default option and click next:

Leave it as it is and click next:

Name it hackme then click next:

Leave it as is and click next:

Permissions are fine as it is, proceed:

We now create a file share that we can abuse later on.

Go to the Server Manager and click on File and Storage Services as shown below

Click Create and then click next. Confirm and close:

Creating an SPN for the SQLServer

Now we setup our service account fully, that we created named SQLService.

Open a cmd as administrator and enter the following command to setup your SPN:

setspn -a HYDRA-DC/SQLService.MARVEL.local:60111 MARVEL\SQLService

Once you enter this command you should get the following output:

To check if it worked enter:

setspn -T MARVEL.local -Q */*

If existing spn found is written it means the spn was created, there is other information but u can ignore it for now.

Setting up a group policy

Next we're gonna be setting a group policy that applies to all the machines.

Search "group" and click Group Policy Management:

Click MARVEL.local and click create a GPO:

Call it disable windows defender and click ok:

Right click it and select edit:

A screen like this will pop up, we are gonna disable anti-virus here so that we can actually run our attacks.

Expand this, and what you're looking for is microsoft defender antivirus

Double click on the highlighted option

Click enabled, then apply, then ok

Right click it and select enforced

What we have done is we've basically created a Group Policy that disables windows defender on every device that is joined to the domain

Next section covers how to join the machines to the domain:

Setting up User Machines 🧑🏻‍💻

This section explains how to set up our 2 User Machines, THEPUNISHER and SPIDERMAN with users of frankcastle and peterparker respectively

Joining Machines to the Domain ➕

This is the part where we actually connect our machines to our domain controller, thus completing the active directory setup

On this page

Adding Users Creating a new share Creating an SPN for the SQLServer Setting up a group policy