# lab_AD_Complet Reproducible Active Directory lab, based on Docker, for training and self-study. > Version française : [README.md](README.md) ## Lab content A complete, isolated Active Directory environment comprising: - **DC01**: Windows Server domain controller (AD DS + DNS) - **PC01**: Windows 11 client workstation to join the domain - **linux01**: Debian 12 client to join the domain (realmd + SSSD) Everything is orchestrated via a single `docker-compose.yml`, fully configurable via environment variables. ## Prerequisites The lab requires hardware virtualization access (KVM on Linux, WSL2 + nested virt on Windows). | System | Supported | Notes | |---|---|---| | Linux (kernel >= 5.x with KVM) | Yes | Simplest setup | | Windows 10/11 Pro + Docker Desktop | Yes | Enable nested virtualization in `.wslconfig` | | macOS Intel | Partial | Degraded performance, not recommended | | macOS Apple Silicon (M1/M2/M3) | No | Use a Linux VM (UTM) - see `docs/etudiant/en/00-prerequisites.md` | Minimum resources: - 16 GB RAM recommended (12 GB minimum) - 80 GB free disk space (Windows install + snapshots) - CPU with VT-x / AMD-V enabled in BIOS Check scripts provided: ```bash ./scripts/check-prereqs.sh # Linux, macOS .\scripts\check-prereqs.ps1 # Windows ``` ## Quick start ```bash git clone lab_AD_Complet cd lab_AD_Complet cp .env.example .env # adapt variables ./scripts/check-prereqs.sh docker compose up -d dc01 ``` Windows Server installation runs automatically in the background (20 to 40 minutes depending on your connection). Monitor progress via: - Web UI: http://localhost:8006 - Logs: `docker compose logs -f dc01` Once Windows is installed, AD configuration (promotion, OUs, users, GPOs, shares) is left to the learner. Detailed guides are in `docs/etudiant/en/`. ## Accessing the hosts Two methods available: ### Web UI (noVNC) - DC: http://localhost:8006 - Windows client: http://localhost:8009 - Useful to observe boot / installation, but slow and no clipboard sync. ### RDP (recommended) ```bash ./scripts/rdp-dc.sh # opens RDP session on DC01 ./scripts/rdp-client.sh # opens RDP session on PC01 ``` On Windows: ```powershell .\scripts\rdp-dc.ps1 ``` RDP provides native clipboard, folder redirection (`\\tsclient\shared`) and much better performance. ## Project structure ``` lab_AD_Complet/ docker-compose.yml Defines the 3 containers .env.example Configurable variables linux-client/ Debian image pre-equipped (SSSD/realmd) scripts/ Prerequisite checks + RDP launchers shared/ Folder shared with Windows VMs via RDP docs/ etudiant/ Learning guides (FR + EN) formateur/ Instructor materials and solutions (not distributed) ``` ## Documentation - `docs/etudiant/en/00-prerequisites.md`: Docker install and checks - `docs/etudiant/en/01-lab-startup.md`: first lab startup - `docs/etudiant/en/02-dc-promotion.md`: domain controller promotion (GUI + PowerShell) - `docs/etudiant/en/03-ou-users-groups.md`: OU tree, users, groups, AGDLP - `docs/etudiant/en/04-gpo.md`: GPO creation and linking - `docs/etudiant/en/05-shares-ntfs.md`: SMB shares and NTFS permissions - `docs/etudiant/en/06-join-windows-client.md`: joining PC01 to the domain - `docs/etudiant/en/07-join-linux-client.md`: joining linux01 to the domain - `docs/etudiant/en/troubleshooting.md`: common issues Each procedure is documented with a dual approach: **graphical interface** (Server Manager, ADUC, GPMC) and **PowerShell scripting**. ## Stop the lab ```bash docker compose stop # stop without losing state docker compose down # stop and remove containers docker compose down -v # remove everything including VM disks ``` Windows disks are stored in `./storage-dc01/` and `./storage-pc01/` at the project root. Removing these directories resets everything to a fresh install. ## License MIT - see [LICENSE](LICENSE). ## Contributing Contributions are welcome (fixes, translations, new exercises). Open an issue or submit a merge request. --- Made by [AcadéNice](https://acadenice.fr/).