Milestone 9 - blue.local
π‘In this milestone you will deploy active directory domain services to our BLUE1-LAN using a combination of PowerCLI and Ansible.
Prerequisites
Create the following Base VMs
- ServerCore 2019
- Windows 10 LTSC
Ensure both are sysprepped and have SSH Server and VMWare Tools installed
9.1 Server Core Linked Cloneβ
Resourcesβ
Tasksβ
- Use 480-utils to create a linked clone of your server 2019 core base, drop it on the BLUE-LAN and call it dc-blue1
- Start dc-blue1
- create a function in 480-utils that can set a static ip of for windows systems using the Invoke-VMScript function. This function, in addition to guest credentials, can call an operating system command like netsh. Set the blue1-dc's static ip to 10.0.5.5, set the netmask, gateway and name server appropriately.
Deliverable 1. In your video recording, run your set ip function and then ssh into the new ip, do an ipconfig /all.β
9.2 ADDSβ
Resourcesβ
Tasksβ
Use ansible to install Active Directory Domain Services in a new Forest
The following pseudocode should help
Set the Local Administrator's Password
Set the hostname
Create a new forest using an existing ansible module and register a variable indicating the domain was installed
If a reboot is required, do so.
- you may have to create a pause for while dns services start up.
Create an OU structure (there are many ways to do this) similar to this:
blue1
Accounts
- Groups
Computers
- Servers
- Workstations
Deliverable 2. In your video recording, show the successful execution of your playbook, login as a domain administrator via SSH and issue the following commands.β
hostnamewhoamiGet-ADGroupMember -Identity "Domain Admins"Get-ADOrganizationalUnit -LDAPFilter '(name=*)' -SearchBase 'OU=BLUE1,DC=BLUE1,DC=LOCAL' | Format-Table Name