🏢 Active Directory Lab

---

🔎 Overview

This project simulates an enterprise infrastructure environment using:

• VirtualBox
• Windows Server
• Windows Client
• Active Directory
• Group-Based File Permissions
• Network Isolation

It demonstrates practical implementation of:

• Identity management
• Domain authentication
• File share security
• Permission layering (Share vs NTFS)
• Network troubleshooting

---

🎯 Objectives

• Deploy a Domain Controller
• Configure Active Directory
• Create users and security groups
• Implement secure file sharing
• Join a client machine to the domain
• Perform intentional break testing

---

🏗 Architecture

[ Windows Client ] │ │ Internal Network (CorpNet) │ [ Windows Server / Domain Controller ]

Network Configuration:

Internal Network Name: CorpNet

---

💻 Infrastructure Setup

---

🖥 Domain Controller Configuration

Property	Value
OS	Windows Server 2025
RAM	4GB
CPU	2 Cores
IP	192.168.50.10
Subnet	255.255.255.0
DNS	Self-Hosted
Domain	corp.local

Installed Roles

• Active Directory Domain Services
• DNS
• File Services

---

📸 Screenshot – Domain Controller Setup

---

📸 Screenshot – Active Directory Configuration

---

🖥 Client Machine Configuration

Property	Value
OS	Windows 11
RAM	4GB
CPU	2 Cores
IP	192.168.50.20
DNS	192.168.50.10
Domain Joined	Yes

---

📸 Screenshot – Client Domain Join

---

🔐 Active Directory Configuration

Organizational Unit

Employees

---

📸 Screenshot – OU Structure

---

Security Group

FileShare-Access

---

📸 Screenshot – Security Group Configuration

---

Test User

John.T

User Details:

• Located in Employees OU
• Member of FileShare-Access group
• Domain authenticated

---

📁 File Share Configuration

Shared Folder

C:\SharedDocs

Share Name

SharedDocs

Permissions Applied

Share Permissions

• Removed default “Everyone”
• Granted access to FileShare-Access

NTFS Permissions

• Granted Modify access to FileShare-Access

---

📸 Screenshot – File Share Permissions

---

📸 Screenshot – NTFS Permissions

---

✅ Validation Testing

From Client:

Test Network Connectivity

ping 192.168.50.10
Test File Share Access
\\192.168.50.10\SharedDocs

Expected Result:

Authentication successful

File creation allowed

File modification allowed

File deletion allowed

📸 Screenshot – Successful File Access

🚨 Break & Troubleshooting Scenarios

These scenarios simulate real-world infrastructure failures.

🔴 Scenario 1 – Permission Removal

Action:

Remove user from FileShare-Access group

Goal:

Observe authorization failure

📸 Screenshot – Broken Permission State

🔴 Scenario 2 – DNS Failure

Action:

Change client DNS to 8.8.8.8

Test:

Domain authentication

File access

Goal:

Demonstrate DNS dependency in AD

🔴 Scenario 3 – Network Failure

Action:

Disable client network adapter

Or modify network settings

Goal:

Observe connectivity failure behavior

📌 Skills Demonstrated

Active Directory Administration

Identity & Access Management

Domain Infrastructure Deployment

File Permission Management

Network Configuration

Troubleshooting Methodology

Enterprise Environment Simulation

👤 Author

Zachary Aspiring IT Infrastructure & Networking Professional

Project Version: 1.0