The Auror Project


Auror Title Image

Challenge - 1: Automate AD Lab Setup

In this lab, we need to setup an Active Directory Server. But instead of doing everything manually, we need to automate the whole process. We’ll be doing this using Vagrant for now, but later we might to the same on a Cloud Lab setup on AWS using Terraform.

Vagrant might be new to many readers, as it was to me as well. But its great learning, while doing this task I found solutions to many of my ideas which I’ll be sharing soon. For now, lets start with the task.

The Task

Create two machines A and B. Machine A should be the domain controller and Machine B is the machine to join the domain controller. Machine B should have chrome installed and its Firewall should be off.

Installing the Windows AD Servers using Vagrant

Host System Configuration:

KeyValue
OSKubuntu 20.04
HypervisorVirtualBox
RAM8GB
CPUIntel i5 6th Gen

Installing Vagrant

To install Vagrant on your Linux System, use the following commands:

curl -fsSL https://apt.releases.hashicorp.com/gpg | sudo apt-key add - sudo apt-add-repository "deb [arch=amd64] https://apt.releases.hashicorp.com $(lsb_release -cs) main" sudo apt-get update && sudo apt-get install vagrant

Once vagrant has been installed, we need to get the base images for the lab setup.

Configuring Vagrant

Now we need to configure vagrant for installing the correct OS Images and then executing some scripts as soon as the OS is installed.

In this lab, we need to create two machines:

  1. Machine A - This machine will be the domain controller
  2. Machine B - The Machine connected to the domain controller

The machines will be having their own configurations which will be discussed later. For now, the configuration requires both the machines to be in the same subnet and have static IPs as mentioned below.

To perform the above, First we need to initialize Vagrant to the Project Folder.

vagrant up

We’ll be using Vagrant Cloud to get the initial base image.

For restarting the VMs smoothly, we need to install the following plugin as well.

vagrant plugin install vagrant-reload

Configuration File For Machine A:

Vagrant.configure("2") do |config| config.vagrant.plugins = ["vagrant-reload"] config.vm.define "Machine-A" do |dc| dc.vm.provider "virtualbox" do |vbox| vbox.memory = 2048 vbox.cpus = 1 vbox.name = "Machine A" vbox.gui = true end dc.vm.box = "gusztavvargadr/windows-server" dc.vm.box_version = "1809.0.2203" dc.winrm.transport = :plaintext dc.winrm.basic_auth_only = true dc.vm.hostname = "aurordc" dc.vm.network "private_network", ip: "10.0.0.9" dc.vm.provision "shell", path: "./scripts/setup_dc.ps1" dc.vm.provision "reload" dc.vm.boot_timeout = 6000 end end

Configuration File explained line by line:

  1. Configure Vagrant File of Version 2
  2. Include Vagrant Plugin vagrant-reload for smooth restart
  3. Since the config file will be a multi-machine, we define our configurations for Machine-A
  4. Describe the VM Provider and the Box Configurations.
  5. Specify the Base Image and its version.
  6. Enable WinRM login to the Machine
  7. Specify the Hostname and Network Configurations
  8. As this machine needs to be a Domain Controller, we need a PowerShell Script to automate our tasks on setting up the DC

Configuration File for Machine B:

Vagrant.configure("2") do |config| config.vagrant.plugins = ["vagrant-reload"] config.vm.define "Machine-B" do |user1| user1.vm.provider "virtualbox" do |vbox| vbox.memory = 2048 vbox.cpus = 1 vbox.name = "Machine B" vbox.gui = True end user1.vm.box = "gusztavvargadr/windows-10" user1.vm.box_version = "2102.0.2204" user1.winrm.transport = :plaintext user1.winrm.basic_auth_only = true user1.vm.hostname = "UserMachine" user1.vm.network "private", ip: "10.0.0.19" user1.vm.provision "shell", path: "./scripts/user_setup.ps1" user1.vm.provision "reload" user1.vm.boot_timeout = 6000 end end

The configurations are similar and they will be combined in a single file. The complete Vagrant Configuration File will be

Vagrant.configure("2") do |config| config.vargrant.plugins = ["vagrant-reload"] config.vm.define "Machine-A" do |dc| dc.vm.provider "virtualbox" do |vbox| vbox.memory = 2048 vbox.cpus = 1 vbox.name = "Machine A" vbox.gui = true end dc.vm.box = "gusztavvargadr/windows-server" dc.vm.box_version = "1809.0.2203" dc.winrm.transport = :plaintext dc.winrm.basic_auth_only = true dc.vm.hostname = "aurordc" dc.vm.network "private_network", ip: "10.0.0.9" dc.vm.provision "shell", path: "./scripts/setup_dc.ps1" dc.vm.provision "reload" dc.vm.boot_timeout = 6000 end config.vm.define "Machine-B" do |user1| user1.vm.provider "virtualbox" do |vbox| vbox.memory = 2048 vbox.cpus = 1 vbox.name = "Machine B" vbox.gui = true end user1.vm.box = "gusztavvargadr/windows-server" user1.vm.box_version = "1809.0.2203" user1.winrm.transport = :plaintext user1.winrm.basic_auth_only = true user1.vm.hostname = "UserMachine" user1.vm.network "private", ip: "10.0.0.19" user1.vm.provision "shell", path: "./scripts/user_setup.ps1" user1.vm.provision "reload" user1.vm.boot_timeout = 6000 end end

Once vagrant configuration is done, we need to write the PowerShell Scripts for setting up the DC and the user to connect to the DC

setup_dc.ps1:

# Creating a Local User net user adam Pass@123 /add # Allow User to perform RDP net localgroup "Remote Desktop Users" adam /add # Global Variables $domain_name = "auror.local" $domain_netbios_name = "auror" $mode = "Win2012R2" $password = "Password@123!" $secure_password = $password | ConvertTo-SecureString -AsPlainText -Force # Install Active Directory Install-WindowsFeature AD-Domain-Services -IncludeManagementTools -IncludeAllSubFeature # Configuring Active Directory ## Import AD DS Deployment Import-Module ADDSDeployment ## AD DS Forest Configuration $forest_config = @{ DomainName = $domain_name SafeModeAdministratorPassword = $secure_password DomainMode = $mode DomainNetBIOSName = $domain_netbios_name ForestMode = $mode InstallDNS = $true DatabasePath = "C:\Windows\NTDS" LogPath = "C:\Windows\NTDS" SYSVOLPath = "C:\Windows\SYSVOL" Force = $true NoRebootOnCompletion = $true } ## Install AD DS Forest Install-ADDSForest @forest_config

user_setup.ps1:

# Disable Firewall Set-NetFirewallProfile -Profile Domain,Public,Private -Enabled False # Disable Windows Defender Set-MpPreference -DisableBehaviorMonitoring $true -DisableRealtimeMonitoring $true -DisableScriptScanning $true -DisableIOAVProtection $true -EnableNetworkProtection 0 # Configure Machine A as the DNS Server $net_adapters = Get-WmiObject Win32_NetworkAdapterConfiguration $net_adapters | ForEach-Object {$_.SetDNSServerSearchOrder("10.0.0.9")} # Add Computer to Domainn $username = "vagrant" $password = "vagrant" $secure_password = $password | ConvertTo-SecureString -AsPlainText -Force $credentials = New-Object System.Management.Automation.PSCredential($username, $secure_password) $domain = "auror.local" Add-Computer -DomainName $domain -Credential $credentials # Add User Adam to Local Administrators net localgroup "Administrators" auror\adam /add # Install Chrome $PATH = "C:\\Windows\\Tasks" $INSTALLER = "chrome_installer.exe" Invoke-WebRequest "http://dl.google.com/chrome/install/375.126/chrome_installer.exe" -OutFile $PATH\$INSTALLER Start-Process -FilePath $PATH/$INSTALLER -Args "/silent/install"

Now as we have got all out files ready, its time to run vagrant and test if the files are working correctly.

vagrant up

As soon as the above command is executed, your complete infrastructure is up and running.

Note: You might some irrelevant errors, if so re-run the command.

Reference: https://www.passthehacks.com/post/the-auror-project

© 2024 Simardeep Singh | Some Rights Reserved