Setting up a virtual network with Active Directory

As we progress in building our own verification lab, it's worth keeping in mind that the majority of corporate companies utilize Microsoft Active Directory for user administrative management and resource sharing activities, such as printer use, file sharing, and identity management. Attackers are no longer interested in just running the command on the server or shutting it down; they are now more focused on owning a full domain controller, which can potentially be the DNA of a company. We will perform some advanced attacks on Active Directory and the DNS server. In this section, we will install Active Directory on a Windows 2008 R2 server.

We will perform the same steps that we performed to install Kali to install Windows 2008 R2 to the same network.

Now we will see step-by-step instructions to install Active Directory Domain Services. Assuming we have already installed the Microsoft Windows 2008 R2 server, click on Server manager, go to Roles, and then click on Add Roles. This should take us to Before you Begin, and clicking on Next will bring up the following dialog box:

Select Active Directory Domain Services. When we select this, we are likely to get the following alert to install .NET Framework 3.5.1 Features, which is necessary for ensuring that all the API features are enabled. Click on Add Required Features, as shown in the following screenshot:

Let's move ahead and click on Install to continue. Both the items will be installed and we will see the successful completion of the installation of Active Directory Domain Services, as shown in the following screenshot:

Once the service is installed, we need to ensure that we run the service by clicking on the Active Directory Domain Services installation wizard and creating a new forest by following the instructions. In our case, we will be creating a new forest with FQDN as Secure.kali.com. Then with the domain NetBIOS name as Secure, set the forest functional level to Windows 2003 or Windows 2008 R2. This will invoke the Domain Name Server (DNS). As a fresh install, we will need to install DNS and follow the wizard. Finally, we must have a new domain as secure.kali.com, as shown in the following screenshot: