🚨 LAB-DC01 is the Active Directory Domain Controller (AD DC) for the RougeLabs cyber lab. This guide walks through the manual setup of LAB-DC01 using Windows Server 2025 (or 2022) inside Proxmox VE.
VM Settings:
| Setting | Value |
|---|---|
| Name | LAB-DC01 |
| OS | Windows Server 2025 (or 2022) |
| System BIOS | OVMF (UEFI) |
| Machine Type | Q35 |
| EFI Disk | ✅ Add EFI Disk |
| TPM | ✅ Add TPM (version 2.0) |
| ISO | Mount official Server 2025 ISO |
| CD/DVD (optional) | Mount VirtIO ISO (for drivers) |
| SCSI Controller | VirtIO SCSI (or SATA if skipping VirtIO) |
| Hard Disk | 60GB+ (VirtIO SCSI or SATA) |
| CPU | 2+ cores |
| Memory | 4096MB (4GB) |
| Network Device | VirtIO (or E1000 if no VirtIO) |
| VLAN Tag | Set to your internal lab VLAN (e.g., 10) |
| Boot Order | CD-ROM first, Disk second |
➡️ Tip: Set the boot order to prioritize the hard disk after the OS install is complete.
In PowerShell (as Administrator):
Rename-Computer -NewName "LAB-DC01" -Restart
Example configuration:
| Field | Value |
|---|---|
| IP Address | 10.0.0.10 |
| Subnet Mask | 255.255.255.0 |
| Default Gateway | 10.0.0.1 |
| DNS Server | 10.0.0.10 (itself) |
| Alternate DNS | e.g., 1.1.1.1 |
Steps:
qemu-ga-x86_64.msiOpen Server Manager ➔ Add Roles and Features:
Roles:
Features:
Do NOT promote to Domain Controller yet—just install the roles for now.
Once AD DS role is installed:
rougelabs.localrougelabs💥 The server will reboot automatically after promotion.
1.1.1.1, 8.8.8.8)Example structure:
rougelabs.local
├── OU: Users
│ ├── user1
│ ├── user2
├── OU: Admins
│ ├── labadmin
├── OU: Workstations
│ ├── WIN10-CLIENT
│ ├── WIN11-CLIENT
# Create OUs
New-ADOrganizationalUnit -Name "Users"
New-ADOrganizationalUnit -Name "Admins"
New-ADOrganizationalUnit -Name "Workstations"
# Create Users
New-ADUser -Name "labadmin" -SamAccountName "labadmin" -AccountPassword (ConvertTo-SecureString "Passw0rd!" -AsPlainText -Force) -Enabled $true
Add-ADGroupMember "Domain Admins" "labadmin"
New-ADUser -Name "user1" -SamAccountName "user1" -AccountPassword (ConvertTo-SecureString "Passw0rd!" -AsPlainText -Force) -Enabled $true
New-ADUser -Name "user2" -SamAccountName "user2" -AccountPassword (ConvertTo-SecureString "Passw0rd!" -AsPlainText -Force) -Enabled $true
LAB-DC0110.0.0.10rougelabs.local created and promoted