Sign in Subscribe

Setting Up a Complete Windows Server Deployment with Hyper-V

Setting Up a Complete Windows Server Deployment with Hyper-V
Photo by GuerrillaBuzz / Unsplash

Introduction

In this blog post, I will walk you through the process of setting up a Windows Server deployment using Hyper-V. This includes configuring a router, setting up a Windows Server as a Domain Controller, installing DHCP, DNS, Active Directory, and WDS, and finally adding two client machines to the domain. Additionally, I automated software deployment using Group Policy (GPO).

This guide is ideal for IT professionals or enthusiasts who want to set up a complete Windows network environment from scratch.

Key Learning: Patience is crucial. Not everything works immediately, and troubleshooting is an essential part of IT work. Sometimes, things just need time to take effect! This is an essential skill for any network administrator.

Additionally, setting up such environments is not only useful for corporate IT infrastructure but also for offensive security testing. Understanding Windows deployments, Active Directory structures, and network policies is invaluable for penetration testers who want to simulate and exploit real-world enterprise setups.

Setting Up Hyper-V and Creating Virtual Machines

Creating a Router VM

Since this is a virtual lab environment, I needed a router VM to act as a gateway for my network.

  • Assigned two network interfaces:
    • One connected to the external network.
    • One for the internal network (10.10.0.0/24).
  • Configured static IP settings:
    • External Interface: DHCP
    • Internal Interface: 10.10.0.1/24.
  • Enabled NAT and DHCP relay for internal clients.

Creating the Windows Server Domain Controller

  • Installed Windows Server as a VM.
  • Assigned the static IP 10.10.0.200.
  • Configured it as the Domain Controller (wayne.ent).

Creating Client VMs

  • Created two Windows 10 VMs (Client-001 and Client-002).
  • Assigned IPs via DHCP.
  • Joined them to the domain (wayne.ent).

Configuring the Windows Server (SRV-DC-001)

Installing and Configuring DHCP

The DHCP server dynamically assigns IP addresses to the clients in the network.

  • Installed the DHCP Server Role via Server Manager.
  • Configured a new DHCP scope:
    • Subnet: 10.10.0.0/24.
    • Gateway: 10.10.0.1.
    • DNS Server: 10.10.0.200.
  • Activated the scope and authorized the DHCP server.

Installing and Configuring DNS

  • Installed the DNS Server Role.
  • Created a Forward Lookup Zone (wayne.ent).
  • Created a Reverse Lookup Zone (10.10.0.x subnet).
  • Configured conditional forwarders for internet name resolution.

Setting Up Active Directory (AD DS)

Active Directory is the core of our domain environment.

  • Promoted the server to a Domain Controller.
  • Created Organizational Units (OUs) for Users, Computers, and Groups.
  • Created test user accounts.
  • Configured Group Policy Objects (GPOs) for security settings.

Deploying Windows via WDS

Installing Windows Deployment Services (WDS)

I set up Windows Deployment Services (WDS) to allow PXE boot installations.

  • Installed the WDS Role.
  • Configured WDS with the following settings:
    • Respond to known and unknown clients.
    • Enabled PXE boot support.
  • Mounted a Windows ISO, extracted boot.wim and install.wim, and added them to WDS.
  • Configured a PXE boot policy for new machines.

Booting Clients via PXE

  • Configured the Hyper-V VM network adapter to boot via PXE.
  • Powered on the client and pressed F12 to initiate PXE boot.
  • Successfully installed Windows 10 via WDS.

Automating Software Deployment with Group Policy

Deploying Google Chrome via GPO

To simplify software installation across all clients, I used Group Policy (GPO) to deploy Google Chrome.

Download the Google Chrome MSI Installer

  • Downloaded the Google Chrome MSI package from Google Enterprise.
  • Placed the file in a shared folder (C:\Software\Chrome\GoogleChromeStandaloneEnterprise64.msi).

Created a GPO for Software Installation

  • Opened the Group Policy Management Console (gpmc.msc).
  • Created a new GPO: Google Chrome Deployment.
  • Navigated to:
    • Computer Configuration → Policies → Software Settings → Software Installation.
  • Added the MSI package via network path:
    • \\SRV-DC-001\Software\Chrome\GoogleChromeStandaloneEnterprise64.msi.
  • Set deployment mode to Assigned.

Applied GPO to Clients

  • Linked the Google Chrome Deployment GPO to the Computers OU.
  • Ran gpupdate /force and restarted clients.

Verified installation using:

wmic product get name | find "Google Chrome"

Troubleshooting and Final Success

Initially, the GPO didn't seem to work. gpresult /r didn't list the Chrome Installer GPO, yet the software installed successfully after some time.

  • Checked the Event Viewer for Group Policy errors.
  • Verified GPO permissions for "Domain Computers."
  • Ensured the network share was accessible.
  • Rebooted clients multiple times to allow the GPO to apply properly.
  • Waited patiently — Sometimes policies take longer to apply!

Eventually, Google Chrome installed successfully across all clients.

Conclusion

This setup demonstrates how to deploy a fully functional Windows network using Hyper-V. I successfully:

  • Configured a router VM with NAT and DHCP relay.
  • Set up a Windows Server as a Domain Controller (AD DS, DHCP, DNS).
  • Installed and configured Windows Deployment Services (WDS).
  • Connected client machines via DHCP and domain join.
  • Used Group Policy (GPO) to automate software deployment.

Lessons Learned:

  • Patience pays off – IT setups can take time, and troubleshooting is key.
  • Network administration is all about structure and planning – Having a clear plan makes implementations smoother.
  • Enterprise environments require automation – GPO, scripting, and centralized deployments save a lot of time.
  • Offensive security benefits from understanding enterprise networks – Knowing how networks are configured helps security professionals identify weak points for penetration testing and security audits.

This lab serves as a great foundation for enterprise environments or testing network deployments. If you have any questions or want to expand on this setup, feel free to reach out.

Next Steps

Future improvements could include configuring Roaming Profiles, Folder Redirection, WSUS for Windows Updates, or automating other software deployments.

Have any questions? Let me know in the comments.