Install Windows Server 2019 - DHCP, DNS, Active Directory
Change hostname
To help better identify our windows server, I will rename mine to SN-DC1.
SN = Securitynguyen.com
DC1= Domain Controller 1
To change the hostname, we will open our command prompt and type sconfig
|
|
We are going to select 2. Then we’re presented with a prompt: Enter new computer name (Blank=Cancel): For me, I’m going to name it SN-DC1. Name it whatever you want.\
Then it will ask you to restart your computer for the setting to apply. Let’s restart the computer shall we. After, the system is restarted, let go back to sconfig and see if the changes been applied.
|
|
Look what we have here. It look like our changes have been applied.
Install DNS, DHCP.
Go to Server Manager -> Manage -> Add Roles and Features -> Keep clicking next until you hit Server Roles. Under Roles, check DHCP server, DNS server. Keep clicking next until you hit the Confirmation section. Then you will click on install.
After you installed the service, you should see DHCP and DNS on the top left of the server manager.
But we’re not done yet, we have to click on the flag symbol and click on Complete DHCP configuration. Then click done and close. Before we add the scope of the DCHP and lease it to our windows. We have to configure an active directory and promote our server to the domain controller.
Install Active Directory
Go to Add Roles and Features -> Server Roles -> Check Active Directory Domain Services -> Click install. After that is installed, you will see a yield sign on the flag. Click on it and it will ask you to “Promote this server to a domain controller”, click on it. You will see a Active Directory Domain Services Configuration Wizard.\
Check “Add a new forest” -> Name your root domain. For me, I’m going to put it as securitynguyen.com. Enter the password you want to set your active directory and click next until you see “Additionals options”, NetBIOS domain name will be your domain name. Click next and then click next again. Keep click next until you’re in the Prequisites check. Then you will have to click “install”
Then, in a short min or two, you’re machine will automatically restart.
When logging into active directory again, you will see your domainName\administrator. This mean that our domain has been set up.
As we can see from our Server Manager -> Local Server. We have the domain that we set up.
Static IP for our Windows Server 2019
We will be giving our Windows Server an static IP since we want the IP to stay the same forever. To do that, we go to server manager -> Local Server -> Then click on Ethernet0. Select the network adapter that your windows server is using -> Click Properties -> Then click on “Internet Protocol Version 4 (TCP/IPv4)” -> We will change the setting from “Obtain an IP address automatically” to “Use the following IP addresss”. Then I will fill out the form that are in the IP address field, subnet mask, and default gateway.
These are my setting, yours might be different.
IP address: 192.168.40.2
Subnet mask: 255.255.255.0
Default Gateway: 192.168.40.1 (Router IP address)
Preferred DNS server: 192.168.40.2 (Windows Server IP address)
Configure DHCP Server
Now, that we have our firewall set up. We can configure our DHCP server to give out ip addresses to the client and make sure every client is using 192.168.40.1 as the gateway. Let’s get started.
In Server Manager, we are going click Tools. Then DHCP. The DHCP menu pop up. Now, we’re going to expand our server icon and right-click on IPv4. Afterwards, I’ll click on New Scope. Now, the new scope wizard pop up.
Click “Next”. Then it will ask us to enter a name and description for our scope. I’m going name mine “SecurityNguyen” and press Next. Now the fun stuff, It will ask us about the IP Address Range. This is the range that it will lease the IP address. Since 192.168.40.1 is already taken by the firewall, and 192.168.40.2 is already taken by the Windows Server. I am going start my IP address on 192.168.40.3 to 192.168.40.254
Then, it will ask us if we want to add “Exclusion or Delays”. This is essentially, what range of IP we want to exclude that won’t be distributed out. Since we don’t have any IP that we don’t want to exclude, we can move on.
Then it will ask us about “Lease Duration”, Lease duration is essentially how long will this computer hold this IP address. I’m just going keep it as default.
Then it will ask us about “Configure DHCP Options”, essentially saying while we are configuring the DHCP, do you want configure the DNS server and default gateways while we are at it? I’m going click “Yes”
Then it will ask us about “Router (Default Gateway))”, my firewall (192.168.40.1) is going be my gateway.
Then it will ask you about your Domain Name and DNS server. My DNS server is going to be my Windows Server 2019. As you can see it already added IP address of my Windows Server 2019 as the DNS. I’m just going click Next.
Then it will ask you about WINS servers, I’m not going use that service so I’m going skip it.
Then it will ask you to Activate Scope. I’m going select Yes, I want to activate this scope now then click Finish
We just created our scope! Now our DHCP server will start leasing IP address to computer within our network.\
Now, we are done configuring our DHCP server. It time to create some windows machine and make them domain join. I’ll cover that in later post.
Update: The start of my new DHCP is going to be 192.168.40.4 to 192.168.40.254. 192.168.40.3 will be IP of security onion.