The Installation

After I installed VMWare with Windows Server to the mini PC, I installed on the server Active Directory Domain Services (AD DS) along with DHCP to provide IP addresses and DNS to provide the domain name for the network. As I was installing DHCP, I created a scope of IP addresses. In other words, I created IP addresses that could be available for use in a certain period of time. As I was installing DNS, I gave the DNS server a static IP address and created a reverse lookup zone to make sure that connections establish both ways. Then I installed VMWare Fusion on my Mac laptop and configured Windows Pro 10 on it. I had bootcamp but I've learned that I needed to use Windows Pro to connect to AD not Windows Home. Considering the amount of space on my laptop, I've decided to remove bootcamp and use a virtual machine for Windows Pro.

The Connection

The virtual machine hosting Windows Server has the same static IP address as the DNS server in order to have an established connection towards a client. The goal was to include a computer for a user I created in the domain called "mylab.local". In order for the the domain name to show up as the ethernet connection, I connected the mini PC to the plugged in WiFi extender with an ethernet cord. I used the WiFi extender instead of a router because the router is located in the living room and I've been setting up my lab in my bedroom. I don't live alone. To make sure the connections are established, I first tested the connections of the physical infrastructures (the laptop itself and the mini PC itself) and the connections were successful. Then I got into both virtual machines to test their connections and they were successful since I statically assigned both VMs the same network ID as the DNS server. Once those connections became successful, I attempted to add my laptop to the Active Directory under "mylab.local". As I was trying to sign in as "Nicki" (the user I created in AD) I had this error saying "To sign in remotely, you need the right to sign in through Remote Desktop Services. By default, members if the Remote Desktop Users group have this right. If the group you're in doesn't have this right, or if the right has been removed from the Desktop Users group, you need to be granted this right manually."

Group Policy Management

To solve this error, I had to include Nicki in the Remote Desktop Users group and then categorize that group as authenticated users and domain users. In Nicki's properties in the "Member Of" tab, I've included Nicki in the Remote Desktop Users group. Then in the Server Manager under Tools, I opened Group Policy Management. Under Domains, I right clicked on the domain "mylab.local" and created a new organizational unit called Networking. In Networking, I created a new Group Policy Object (GPO) called "Remote Problem". In the GPO, I clicked on edit to go to Windows Settings to Security Settings to Local Policies and then to User Rights Assignment. Then I clicked on "Allow logon through Remote Desktop Services" and added these two categories: Authenticated Users and Domain Users. Then I went to the command prompt and entered 'gpuupdate /force', which updates the group policy. Finally, I tried logging in again as Nicki and the login was successful.