Preqrequisite:
Windows server 2022 :- Download
⇒ Setup for Single Domain Controller Single Domain Controller
Setting up v-DC02 which will be our [ Child Domain ]
- We have to check that (v-DC02) is accessible from (v-DC01) by ping the
DC02fromDC01
- Setting up the DNS server
- Note :- On the first section which is
Use the following IP addresswe have to put v-DC02 ip On the second column
Use the following DNS sever addresseswe have to put v-DC01 ipInstalling AD server
⇒ Now we will be installing Active Directory Domain Services and DNS Server
- Next
- Tick on
Active Directory Domain ServicesandDNS Server
- Next
- Next
- Click on install
Promoting To Domain Controller
Click on the Warning Yellow sign Flag icon
Promote this server to domain controller
Click on Add new domain to existing domain . Select Child Domain and enter the name of your Domain name ( Parent Domain ) click on
Selectadd cred as I mentioned before that we have to use admin cred for adding domain server to machineEnter you new child domain name
- You domain name should appear and click on that
- Create Password for the new child domain
- If everything went well your child domain name should appear here
- Click on Next and Install
- After Restarting your have successfully installed the child domain
Checking Trusts b/w Parent and Child Domain
Now lets back to our parent domain
crt.local(i.e v-DC01)Click on
Start->Active Directory Domain Trusts
- Select crt.local
Parent Domainand viewProperties
- As you can see that
kid.crt.localis child ofcrt.local
⇒ Running Get-ADTrust -Filter * we see that the trust direction is (bidirectional) which means that members can authenticate from one domain to another when they want to access shared resources.
Completed lab setup
Finally we have successfully set up our child domain now our lab is ready to practise attacks like Parent Child Domain Trust Abuse [ Domain Admin to Enterprise Admin ].