Setting Up an All-in-One Windows AD Test Environment (VMware Workstation Edition)

Build a basic all-in-one lab in VMware Workstation. This how-to shows you how to build a virtual Windows Active Directory environment isolated from your home or work network. This is a follow-up to my same procedure in VirtualBox:  https://smudj.wordpress.com/2019/01/17/setting-up-an-all-in-one-windows-ad-test-environment-virtualbox-edition/. 

Note: I’m no AD expert, there are better, worse, and different ways to do this and you’re not required to use VMware Workstation.

Requirements:
16GB RAM minimum
SSD or multiple HDDs
Quad-core or better CPU with hardware virtualization enabled

1. Download the necessary software. Download the ISO for the OSes you’ll be installing. For this example, I’ll be using IPFire and the MSDN versions of Windows Server 2016 and Windows 10 Pro.
   1. VMware Workstation Pro: https://www.vmware.com/products/workstation-pro.html
   2. Windows OS Evaluation: https://www.microsoft.com/en-us/evalcenter/
   3. IPFire: https://www.ipfire.org/download/ipfire-2.21-core124
2. Create a folder for your test environment. 
   1. In Workstation, right-click My Computer and click New Folder.  Enter a name like “Allin1 AD” and press Enter.  Click your new folder to select it.
3. Create an internal network.
   1. Click Edit–>Virtual Network Editor.
   2. Click Change Settings, click Yes at the UAC prompt.
   3. Click Add Network, select a network.  For this example, we’ll use VMnet15.  Click OK.
      1. Under VMnet Information, verify that Host-only is selected.
      2. Uncheck Connect a host virtual adapter to this network.  *This will prevent your physical host from accessing the test environment.
      3. Uncheck Use local DHCP service to distribute IP address to VMs. *We will use the Windows server’s DHCP and DNS for this environment.
      4. Change the subnet address to 192.168.15.0 **Any IP subnet can be used here.  To prevent confusion, use a unique IP range.  10.0.15.0, 10.15.0.0, 172.16.0.0 and 172.16.15.0 are all alternative options. Choose an appropriate subnet.   For the labs purposes, a 255.255.255.0 subnet is acceptable.  Click Apply. 
      5. Verify your settings for VMnet15 and click OK.
      6. 
4. Create your IPFire Router VM
   1. Click File–>New Virtual Machine or CTRL+N.
   2. Select Custom and click Next to begin the New Virtual Machine Wizard.
   3. Click Next, the default hardware compatibility is fine.
   4. Select Installer disc image file (iso) and click Browse.  Go to the location from step 1.3 where the IPFire ISO is located.
      1. Select the ISO and click Open.  
      2. Click Next. 
   5. Select Linux as the guest OS and click Next.  *IPFire is built from scratch and not based on any Linux distro.
   6. Enter IPFire for the VM’s name.  Select the appropriate location for your VM.  For this document, the name is ipfire-wpdoc and the location is C:\VMs\ipfire-wpdoc
   7. Click Next.
   8. One processor is enough for our IPFire router, click Next.
   9. 512MB is the minimum requirement for IPFire.  Click 512MB and click Next. (https://wiki.ipfire.org/hardware/requirements)
   10. Network type.  Select host-only networking and click Next.
   11. Click Next to select the default I/O controller type.
   12. Click Next to select the default disk type.
   13. Click Next to create a new virtual disk.
   14. Change the disk size to 4GB and click Next. *2GB is the minimum, 4GB is recommended for logs and add-ons. See 4.9 above. 
   15. Click Next to accept the default disk file name and location.
   16. Click Customize Hardware.
       1. Click Add…, 
       2. Click Network Adapter.  
       3. Click Finish.
          1. The new network adapter, network adapter 2, will be selected.  Select NAT or Bridged for the network connection. **NAT will provide a more isolated environment, where bridged will allow the IPFire VM an IP address on your host’s network.  NAT will be used for this document.
          2. Click Advanced. Click Generate under MAC Address.  Make note of this address.  We will need the address when assigning network types in the IPFire installation.  Click OK.
       4. Click Close.
   17. Click Finish.
   18. Click Edit Virtual Machine Settings
       1. Click Network Adapter
       2. Click Custom, select VMnet15, click OK.
   19. Drag the IPFire VM into the folder created in 2.1 above. 
5. Install IPFire
   
   1. Click Power on this virtual machine.
   2. Click the IPFire splash screen and press Enter.  
   3. Press Enter to accept the default language selection.
   4. Press Enter to Start Installation. 
   5. Press Tab, press the spacebar to select I accept this license.  Press Tab again and press Enter.
   6. Press Enter to Delete all data.  
   7. Press Enter to accept the default file system.
   8. Press Enter to reboot.
6. Configure IPFIre
   1. Press Enter to select the default keyboard layout.
   2. Change the timezone.  For this document PST8PDT will be used.  Press Enter.
   3. Press Enter twice to accept the default hostname
   4. Press Enter twice to accept the default domain
   5. Root password.  Enter a password and press Enter twice. Press Enter to continue. 
   6. Enter a password and press Enter twice.  *this is for the admin password, it can be the same for simplicity. 
   7. Press Enter to continue. 
   8. Use the arrow key to move down to Drivers and card assignments, press Enter.
      
      1. Green — This is our internal test environment network.  It will have no direct access to the Internet or the host’s network.
         1. Press Enter to select
         2. Compare the MAC addresses and use the one that was not generated in step 4.16.3.2.
         3. Use the arrow keys to select the correct interface and press Enter.  To move between fields, use the Tab key.
      2. Red — this will allow the test environment external access via the NAT network.
         1. Use the arrow key to select Red and press Enter.
         2. There should only be one interface left to select.  Press Enter. 
   9. Both network cards should now be assigned.  Use Tab to move to Done and press Enter.
   10. 
   11. Tab to Address Settings and press Enter.
       
       1. Press Enter to reconfigure the Green interface.
       2. Press Enter to acknowledge the warning.  We are not connected remotely, so this does not apply.
       3. Since we are using the 192.168.15.0 subnet, we will assign a 192.168.15.1 IP address to the Green interface as it will be our gateway IP address.  The default subnet mask does not need to be changed.  Press Enter three times to accept the IP, subnet, and return to Address Settings.
       4. Use the arrow key to select Red.  Press Enter.
       5. The Red interface will get an IP address from Workstation’s NAT.  Using the arrow keys and spacebar, select DHCP.  Use Tab to move to OK and press Enter.
       6. Use Tab to move to Done and press Enter. 
   12. DNS and Gateway settings are only needed if using a static IP. Since we are using DHCP, there is nothing to change here. Tab to Done and press Enter.
   13. We will be using Windows DHCP so we do not need to enable IPFire’s DHCP server.  Tab to OK and press Enter.
   14. Setup is complete.  Press Enter.
   15. Login with root and verify that you can ping an external IP address like 4.2.2.2 or 8.8.8.8.  Press CTRL+C to break the ping.  If unable to ping, verify the network configuration is correct above.
7. Create a Windows Server 2016 VM.
   1. Press CTRL+N, select Custom, click Next.
   2. Click Next, the default hardware compatibility is fine.
   3. Select Installer disc image file (iso) and click Browse.  Go to the location from step 1.2 where the Windows Server ISO is located.
      1. Select the ISO and click Open.  
      2. Click Next. 
   4. Click Next to skip the Easy Install Information. Click Yes to accept the product key prompt.
   5. Enter a VM name and location.  For this document, the name is W2016DC1 and D:\VMs\Virtual Machines\W2016DC1
   6. Click Next to select the default BIOS.
   7. Select One Processor and Two Cores. Click Next.
   8. Set RAM to 4096MB. If you have more than 16GB of RAM, you can increase to 6 or 8GB, if needed. Click Next.
   9. Select use host-only networking and click Next.
   10. Click Next to select the default I/O controller type.
   11. Click Next to select the default disk type.
   12. Click Next to create a new virtual disk.
   13. Change the Maximum disk size to 80.0 GB.  Click Next 
   14. Click Next to accept the default disk file name and location.
   15. Click Finish.
   16. Click Exit virtual machine settings.
       1. Click Network Adapter.
       2. Select Custom, VMnet15, and click OK
8. Install Windows 2016
   1. Install Windows as you normally would.
9. Configure Windows Server and Domain
   1. Enter the IP information. The IP needs to be on the same subnet as configured for the GREEN network. EX: 192.168.15.200, GW: 192.168.15.1, DNS: 127.0.0.1 since we’ll be creating a domain controller with DNS and DHCP services. *Remember to use the IP address entered in step 6.11.3 for the gateway address.
   2. You should be able to ping an IP address like 192.168.1.15 and 4.2.2.2, but not a DNS name.
   3. Change the name of your server and reboot.
   4. Start the Add Roles and Feature Wizard
      1. Add the following roles:
      –Active Directory Domain Services
      –DHCP Services
      –DNS Services
      2. Follow the wizard’s steps.
      3. Promote: Add a new forest.
      4. Enter your domain name and follow the wizard.  –you will get a warning about DNS, this will be resolved later.
   5. Configure DNS and DHCP
      1. DNS.  We need to add a forwarder for our DNS settings.
         1. From Administrative Tools, open DNS
         2. Right-click on your server and click Properties.
         3. Click the Forwarders tab
         4. Click Edit, and add your external DNS servers like 4.2.2.1, 4.2.2.2, 8.8.8.8, and 8.8.4.4.
      2. DHCP
         1. Double-click DHCP from Administrative Tools
         2. Expand IPv4 and right-click, click New Scope from the menu.
         3. Enter an IP range, ex: 192.168.211.50 to 192.168.211.100
         4. The remaining settings can be default for now.
         5. When asked to configure scop options, verify “Yes” and click Next.
         6. Router/Default gateway will be the IP we used to configure the GREEN NIC, ex: 192.168.15.1
         7. Domain name and DNS should be pre-configured. You should see the server’s IP in IP address box, ex: 192.168.15.200
         8. WINS does not need to be configured at this time.
         9. When prompted to activate scope, verify “Yes” and click Next.
         10. Click Finish to complete the wizard.
         11. Right-click on the server’s name under DHCP, and click Authorize from the menu. Refresh and IPv4 should have a green circle with a white check mark
   6. More details for setting up an DC in Windows 2016 can be found here: https://blogs.technet.microsoft.com/canitpro/2017/02/22/step-by-step-setting-up-active-directory-in-windows-server-2016/
10.  Managing IPFire via web interface
    1. IPFire can be accessed via web browser.  Enter Enter https://ipfire_ip-address:444, in this document it will be https://192.168.15.1:444
    2. You will get a certificate error when accessing the IPFire management page.
11. Adding Client VMs
    1. Add your Windows Client OSes.  Install Windows as usual, make sure to set your VM’s network to the custom VMnet15.
12. Completion! 

Here’s the all-in-one pic!

• VMware Workstation
• IPFire
• Windows 2016 DC via RDP
• Windows 10 

 

VirtualBox 6.0 Release

https://www.virtualbox.org/wiki/Downloads

This is a major update. The following major new features were added:

• Implemented support for exporting a virtual machine to Oracle Cloud Infrastructure
• User interface: greatly improved HiDPI and scaling support, including better detection and per-machine configuration
• Major rework of user interface with simpler and more powerful application and virtual machine set-up
• User interface: a new file manager enabling user to control the guest file system and copy files between host and guest.
• Graphics: major update of 3D graphics support for Windows guests, and VMSVGA 3D graphics device emulation on Linux and Solaris guests
• Added support for surround speaker setups (as used by Windows 10 Build 1809)
• Added utility vboximg-mount on Apple hosts to access the content of guest disks on the host
• Added support for using Hyper-V as the fallback execution core on Windows host, to avoid inability to run VMs at the price of reduced performance In addition, the following items were fixed and/or added:
• Execution core: fixed single-stepping in certain circumstances (bug #17316)
• User interface: video and audio recording can now be separately enabled
• Audio/Video recording fixes and improvements
• Audio: better support for attaching and detaching remote desktop connections
• Serial port emulation fixes
• Serial ports: allow changing the serial port attachment while a machine is running (bug #6115)
• Networking: Added a workaround for older guests which do not enable bus mastering for the virtio PCI device
• Networking: fixed wrong RCODE from DNS AAAA query with –natdnshostresolver1 (bug #18171)
• iSCSI: In cases where there is no ambiguity, the LUN of an iSCSI target is automatically determined, for targets with non-zero LUNs
• Transparently resize disk images when merging if possible
• VBoxManage: support for DHCP options
• Fixed VNC/RDP (bug #18153)
• Guest Control: various new interfaces and features (see SDK documentation)
• Linux hosts: support Linux 4.20 (thank you Larry Finger)
• Solaris: installer fixes
• Shared folders: performance improvements
• Guest Additions: improved shared folder auto-mounting
• Windows Guest Additions: fix incorrect tablet co-ordinate handling with recent Windows 10 builds
• Linux Additions: fix for building vboxvideo on EL 7.6 standard kernel, contributed by Robert Conde (bug #18093)
• Linux guests: support Linux 4.20 (thank you Larry Finger)
• Linux guests: support VMSVGA in the Linux and X11 Additions
• MacOS Guest Additions: initial support
• OS/2 Guest Additions: initial shared folder support
• BIOS fixes
• ACPI: Up to four custom ACPI tables can now be configured for a VM

Windows middle-button scroll icon!

I was trying to find an icon for this to put in a document, but couldn’t find one with the circle and all 4 arrows, so I made my own.

In case anyone else needs one, here you go.

It’s not perfect, but good enough for internal tech docs.

Easy (lazy) way to get your serial number for your Dell, or other OEM system?

Need your serial number?  Laptop’s docked, or workstation not easily accessible?

Here’s an easy way to get your vendor serial number:

1. Start a command prompt, click start, type “cmd”, hit enter
2. type “wmic bios get serialnumber”

This will return your Dell, Lenovo, etc serial number.

Note: If you have a custom or home built system, you’re not likely to get an serial number, you’ll probably see something like  “system serial number” or “to be filled in by o.e.m”

Dell Windows Recovery Images via the web

There are apparently a lot of people that don’t know about this, (or maybe google)?, so here’s a little publicity for Dell.

You can download the Windows recovery image for your Dell computer here:

http://www.dell.com/support/home/us/en/19/Drivers/OSISO

All you need is your service tag…and having purchased your Dell with Windows.

Here’s the full text of the site:

Recovery Image of Microsoft Windows

Download the recovery image

Download a recovery image of Microsoft Windows Operating System customized for your Dell product. Dell customization of the Windows image includes:

• Updated patches that address common issues for Dell systems.
• Dell support information.

The image provided in this download was configured to be bootable from either a DVD or USB.
Note: The recovery image contains the version of Windows that came installed on your computer. If you have upgraded your operating system, you will need to reinstall the upgrade after you have restored your system to the factory settings.

---

Identify your Dell PC

To ensure that we provided the correct image available for your Dell PC, provide the Service Tag of the system to which the image will be installed.

Dell’s Hosted Recovery Image is designed to work with Dell systems. It is not designed to be supported on non-Dell PCs.

Running DNS, DHCP, ADUC, etc, MMC Admin consoles with Windows 10 Microsoft Account

Note: This assumes you’ve already got the RSAT tools installed.  RSAT for Windows 10

Building on my post here for Hyper-V manager:

Running Hyper-V Manager as a different user in Windows 10 (Runas)

You can use the same method to get Active Directory Users and Computers (ADUC) and DNS MMC admin consoles working if you’re logged in with your Microsoft account versus your domain account:

DNS shortcut:

C:\Windows\System32\runas.exe /savecred /user:domain\username  "cmd /c Start /B %SystemRoot%\system32\mmc.exe %SystemRoot%\system32\dnsmgmt.msc""

Icon path:

%SystemRoot%\system32\dnsmgr.dll

ADUC shortcut:

C:\Windows\System32\runas.exe /savecred /user:domain\username  "cmd /c Start /B %SystemRoot%\system32\dsa.msc""

Icon path:

%SystemRoot%\system32\dsadmin.dll

When you double-click, you’ll get prompted for the password (if you haven’t already) and also for UAC

DHCP is a little more involved as the RSAT doesn’t include the DHCP manager.  NOTE: this is not currently supported by MS

1. 1. copy dhcpmgmt.msc and dhcpsnap.dll.mui from %windir%\system32\system32\en-us on the 2012 server to the same location on the w10 pc
2. copy dhcpsnap.dll from %windir%\system32\ on the 2012 server to the w10 pc
3. From an admin cmd prompt run: regsvr32.exe dhcpsnap.dll
4. Create the short-cut: C:\Windows\System32\runas.exe /savecred /user:domain\username  “cmd /c Start /B %SystemRoot%\system32\mmc.exe %SystemRoot%\system32\dhcpmgmt.msc””
5. Change Icon path: %SystemRoot%\System32\dhcpsnap.dll

You’ll need to manually add your DHCP server each time you run this.  I haven’t found a way to save the config.

*This was done with Windows 10 Build 1511 and Windows Server 2012.

For additional snap-ins, just modify the last part of the short-cut with the correct mmc path for the add-in you want.

Switching from Public to Private network via PowerShell

Here’s a quick way to get rid of the “public” network on Windows and switch it to a more usable private network type.

1. Open a PowerShell Window.
2. Get the list of network profiles on the system.  Note the InterfaceIndex number listed, you’ll need it for the final step.

   Get-NetConnectionProfile

3. Change the network interface to private, use the network interface index number from the previous command.

Set-NetConnectionProfile -InterfaceIndex xx -NetworkCategory Private

Restoring the Quick Launch Menu (and Windows Explorer) for Windows 7 and 10

(this is an updated repost of an article I have on my deprecated http://www.essjae.com website)

One thing I really had grown accustomed to is the Quick Launch menu and easily opening multiple Windows Explorer windows across my 2 and 3 monitor setups and seeing the Drives view.

Both of these have been noticeably missing since Win 7.

Step 1: Get back the Quick Launch menu

• Right-click the Taskbar, select Toolbars–>New Toolbar.
• In Folder text box copy and paste the following:     %userprofile%\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch
• Right-click the Taskbar, uncheck Lock the Taskbar, and right-click on the new Quick Launch toolbar. Uncheck Show Text and Show Title, click View–>Small Icons
• Drag the toolbar divider all the way to the left of the taskbar to position it next to the Windows Orb, adjust the spacing on the taskbar as necessary
• End result:   (minus the Explorer icon)

Step 2:

• Add Windows Explorer in Win 7
  •  Click the Orb, then All Programs–>Accessories
  • Right-click to select and drag Windows Explorer () to the Quick Launch toolbar, then release
  • Select Copy Here from the pop-up menu
  • Right-click the Windows Explorer icon (), then click Properties
• In Windows 10
  •  select and copy %SystemRoot%\
  • Click the Win icon or press the Win key and then paste %SystemRoot%\
  • Press Enter
  • Find explorer.exe, right-click and drag it to the Quick Launch bar
  • Right-click the Windows Explorer icon (), then click Properties
• Add the following to the end of the command in Target:     /e,
• The command should look like this:  %SystemRoot%\explorer.exe /e,

• Click OK
• Now, when you click on the Windows Explorer icon you’ll see this:

• • 

Disabling Aero Shake via Group Policy

If you’re running Pro or higher, you can use Group Policy to disable Aero Shake instead of a Registry edit.

Press the Windows key and enter “gpedit.msc” to launch the Local Group Policy Editor

Navigate to “User Configuration–>Administrative Templates–>Desktop”

Double-click “Turn off Aero Shake window minimizing mouse gesture” and select “Enabled” to disable it.

Enabling or Disabling Aero Shake on Windows 10

Has this happened to you?  You’re moving around one window, trying to position it just right and all your other windows just minimize? You’re a victim  of the Aero Shake minimize.

This seems to get me more often than I’d like.  There’s a simple way to disable it via the Registry.

Keep in mind that messing with Registry can cause bad things to happen to your system.  Make a backup before you mess around.  If you’re uncomfortable, maybe you don’t change this.

The Registry key you need is here:

HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\Explorer

NoWindowMinimizingShortcuts DWORD

Set to 0 = Enable
Set to 1 = Disable

 

This should work on Home and Pro versions.