Creating Vulnerable lab in Active Directory

In this post I will be documenting how I created a AD lab in Oracle Cloud. So I logged in to oracle cloud and using the free trial credit ( not mine, bless that person though ).

So I went on and created 4 vms that I thought I will connect to the AD. The main problem I got when I was figuring out to how to create VMs, oracles dashboard was confusing. There are no visual way to adjust VM sizes, at least not as comfortable as GCP.

After Creating the hosts ( Oracle only let me create 3 hosts, 4th one was stopped with an error because of CPU limit.) We will configure Network ingress rules as follows.

Then we choose what is the server that we choose to use as the AD. I chose server 1. When I connected to it using RDP first thing I did was running the following commands.

net user Administrator *

This command sets a password for the inbuilt Administrator account.

net user Administrator /active:yes

Above command will active the Administrator account. This account will be used to create the domain admin account. Then we have to install Active Directory Domain Tools in that server.

Install-WindowsFeature -Name AD-Domain-Services -IncludeManagementTools

Then create the AD Forest using following command.

Install-ADDSForest`
-CreateDnsDelegation:$false `
-DatabasePath "C:\Windows\NTDS" `
-DomainMode "Win2012R2" `
-DomainName "example.com"`
-DomainNetbiosName "Example" `
-ForestMode "Win2012R2" `
-InstallDns:$true`
-LogPath "C:\Windows\NTDS" `
-NoRebootOnCompletion:$false `
-SysvolPath "C:\Windows\SYSVOL"`
-Force:$true

Then to add to a client to a AD, Start the Server 2, Go to network settings> Adaptor options > IPv4 settings and change them as following.

The IP of the above entered 10.0.0.172 is the IP of the Server 1 that we created.

Then search “Advanced system settings” in the start and click to open it.

And then go to Computer name > Change > and add the Domain name > click okay

Then I ran into this problem. Tried a with messing with firewalls and oracle vnc settings. Had no luck.

If you know the solution comment below!

Resources:

• Creating Active Directory Domain Services in Oracle Cloud Infrastructure
• Creating Active Directory Microsoft
• Install-ADDSForest
• Deploying AD in Google Cloud
• https://www.rebeladmin.com/2014/07/step-by-step-guide-to-setup-active-directory-on-windows-server-2012/
• https://www.rebeladmin.com/2015/09/why-i-cant-connect-pc-to-the-domain/
• https://www.hammer-software.com/how-to-enable-icmp-ping-through-the-windows-firewall-with-advanced-security-using-group-policy/
• https://www.integraxor.com/add-client-to-active-directory-domain-part-2/