Install Notes and Documentation

First rip ISO onto either a Ventoy or Rufus

• Go through base GUI configuration steps:

• Ran massgavel to remove annoying popup of activating windows server (could have used temp lease, but for the installation I want permanent access since I may be rerunning it in the future)

• With new configuration; no longer using Datacenter since SQL database is unneeded

Basic Installation Notes:

• Installation drive organization
  • Specify size (minimum 32 GB, recommended 60+ GB)

• Selected the primary partition - Partition 2

Everything else is base configuration and just followed steps respectively

Administrator Management:

• Removed default administrator and configured new account
  • First created new user admin and assigned it under the Administrator group
    • Will need to make sure it is on the Domain Admin group when finished
  • Rebooted as that user; disabling the default Administrator

• Renamed computer to DC01 before (possibly) enabling ADCS

Set static IP address

1. Server Manager ; Local Server

2. Go to Ethernet adapter properties a

3. "Internet Protocol Version 4 (TCP/IPv4)"

4. "Use the following IP address:"

5. Example IPV4 settings: based on
   • IP address: 192.168.1.10
   • Subnet mask: 255.255.255.0
   • Default gateway: 192.168.1.1

Use the following DNS server addresses:

• Preferred DNS server: 127.0.0.1 (for future DC)

• Alternate DNS server: 8.8.8.8

DOMAIN CONTROLLER SETUP

DHCP Server on Another machine

Further Group Policy configuration for testing

Created the following structure:

• (Top Level OU) Lab
  • Lab - Computers
  • Lab-Users (with 2-3 test users - passwords in Bitwarden)
  • Lab-Groups (with 2-3 test groups)
  • Lab-Computers

• (Top Level OU) GPO-Testing
  • Restricted Users (with 2-3 tests users)
  • Locked Computers

Adding Test Computers

When you join test computers/VMs:

• Regular workstations → Move to LAB\TestComputers

• Restricted kiosk → Move to GPO-Testing\Locked-Computers

• Use different Windows versions to test WMI filters