Let’s continue our journey constructing an Active Directory home lab.
Once the rolled is correctly installed, we will see an exclamation mark near the flag option in the dashboard.
It will notify us that we need to complete the installation of the Active Directory role. We open it and see a list of three options.
We select the “Add a new forest” option and we set a root domain name.
In the next window, we leave it as it is and we add a DSRM password.
Here we leave it as it is and we click Next.
Here we also leave it as it is and we click Next.
Again, if we don’t want to change it, we leave the options as they are.
Here we get a summary of the options we will install, and we click Next.
The system will do a prerequisites check and if everything is okay, will unblock the Install button.
After the installation, the server will restart.
ADMINISTRATOR USER
Creating a separate administrator user instead of using the root/Administrator account enhances security by reducing the risk of compromise, improves accountability through better auditing, and minimizes the chance of accidental system-wide changes. It also aligns with best practices for least privilege and compliance.
So to begin it, we have to go to Active Directory Users and Computers and create a new OU.
Then we create a user account inside this OU. We called it usr001.
Finally, we add the user to the Domain Admins group.
In the end, we log in with the user we’ve just created.
In the following article we will see how to install the networking part.
[…] the following article, we will create the domain forest and a user to manage it, as it’s a bad practice to do […]