Build joined domain client

Orange-Cyberdefense / GOAD

game of active directory

GNU General Public License v3.0

4.63k stars 652 forks source link

Build joined domain client #165

Closed KINGSABRI closed 5 months ago

KINGSABRI commented 6 months ago

Hi, Thank you for making GOAD available

Would you please add a build for Windows 10 for vagrant & VBbox/VMware installation as a joined domain client machine for any of the domains? with Windows Defender disabled?

This would make more sense to simulate a normal domain client.

I tried to use the GOAD/data/inventory_extended in the goad.sh file which seems to contain ws01 but I got

fatal: [ws01]: UNREACHABLE! => {"changed": false, "msg": "ssl: HTTPSConnectionPool(host='ws01', port=5986): Max retries exceeded with url: /wsman (Caused by NewConnectionError('<urllib3.connection.HTTPSConnection object at 0x7f4e10b7a8c0>: Failed to establish a new connection: [Errno -3] Temporary failure in name resolution'))", "unreachable": true}

when I run install

Thanks again

Mayfly277 commented 6 months ago

if you want to do that you should add inside the vagrant file you use (depending on your provider) the line : (exemple in ad/GOAD/providers/virtualbox/vagrantfile)

= boxes = [
= { :name => "GOAD-DC01",  :ip => "192.168.56.10", :box => "StefanScherer/windows_2019", :box_version => "2021.05.15", :os => "windows"},
+ { :name => "GOAD-WS01", :ip => "192.168.56.30", :box => "mayfly/windows10", :os => "windows"},

and also add inside the inventory file inside your provider directory : example in ad/GOAD/providers/virtualbox/inventory

= ; ------------------------------------------------
= ; sevenkingdoms.local
= ; ------------------------------------------------
= dc01 ansible_host=192.168.56.10 dns_domain=dc01 dict_key=dc01
+ ws01 ansible_host=192.168.56.30 dns_domain=dc01 dict_key=ws01

binaryz0ne commented 6 months ago

I can confirm this works like a charm!

Thank you @KINGSABRI for such request and @Mayfly277 for the solution! This saved me a lot of research time that could be spent on something else :)

KINGSABRI commented 6 months ago

Thanks @Mayfly277 for the response.

KINGSABRI commented 5 months ago

Last question, how to apply "disable antivirus and firewall" scripts for WS01 from configurations?

Mayfly277 commented 5 months ago

This is not created yet so you have to do it manually on the vm or deal with the av ;)

KINGSABRI commented 5 months ago

Noted! thanks!