Setting Up an Active Directory Environment

As I look for jobs I see a lot of them are asking for AD experience. Active Directory is important because it provides a centralized way to manage and secure resources in a network environment. Here are some reasons why its important:

  • Centralized management: Active Directory provides a centralized location to manage users, computers, and other network resources. This makes it easier for administrators to manage and organize resources in the network.
  • Access control: Active Directory provides access control features that enable administrators to control who can access resources in the network. This helps to ensure that only authorized users can access sensitive data or applications.
  • Single sign-on: Active Directory provides a single sign-on feature that enables users to log in once and gain access to all the resources they are authorized to access. This improves productivity and reduces the need for users to remember multiple usernames and passwords.
  • Group policy: Active Directory provides group policy features that enable administrators to enforce policies across the network. This ensures that all users and computers comply with company policies and regulations.
  • Scalability: Active Directory is scalable and can support large enterprise environments with thousands of users and computers. This makes it an ideal solution for companies that need to manage a large number of resources in a network environment.

Also, while Active Directory is a part of Microsoft Windows environments, there are ways to integrate Mac Devices into Active Directory environments. Mac computers can join an Active Directory domain and use their domain credentials to access resources that are managed by Active Directory, such as file shares and printers. This integration allows administrators to manage user accounts and computers from a central location, regardless of whether they are Windows or Mac-based.

Also, Apple provides a built-in feature called Directory Utility on Mac computers, which allows administrators to connect Macs to Active Directory domains. In addition to this, there are also third-party solutions that allow much more extensive integration between Active Directory and Mac Computers.

1: Downloaded & installed VirtualBox. Also Windows Server ISO and a Windows 10. After installing both OS’s, configured the settings on Windows Server

Here I configured the IP address to and the subnet mask to
Here I set up and installed Active Directory

Here I made an admin account and added it to the new group I just created called Domain Admins.

Here I set up NAT.
Here I set up a new scope for DHCP and named it I also left the Lease Duration to the default which was 8 days. If I was setting this up in a real corporate environment I would take into account other factors to determine how long I should set the lease time to be.
Next I ran a PowerShell script that automates the creation of multiple user accounts in Active Directory based on a list of names in a text file.

This script defines two variables which are ‘$PASSWORD_FOR_USERS’ which is the password that will be assigned to each user account. ‘$USER_FIRST_LAST_LIST’ which is a list of names that will be used to create user accounts. Then the password variable is converted to a secure string using the ‘ConvertTo-SecureString’ cmdlet. After this, an organizational unit called ‘_USERS’ is created in AD using the ‘New-ADOrganizationalUnit’ cmdlet. The ‘-ProtectedFromAccidentalDeletion’ parameter is set to false so that the OU can be deleted if necessary.

The script then loops through each name in the list and does this:

First and last name are extracted from the name string using the Split method and stored in separate variables.

The first letter of the first name is extracted and combined with the last name to create a username using string interpolation.

The new ‘New-ADUser’ cmdlet is used to create a new user account in AD. The user account in configured with the given parameters such as the first name, last name, display name, employee ID, and path to the OU. The ‘-Enabled’ parameter is set to ‘$true’ to enable the account immediately upon creation.

Finally the script writes a message to the console for each user created.

From here, I set up another Virtual machine with VirtualBox and set up the client device and named it Client1.
With the power shell script now finished running, I have 1000 users (with the same password just for this homelab project.)
I decided to login with aabrev to test things out.
On the client machine, I pinged and DC) to see if we could connect to the Internet and make sure our DHCP was doing its job. We successfully could connect to the Internet.

Leave a Reply

Your email address will not be published. Required fields are marked *