A guide to setting up a Windows lab environment for testing and learning purposes.

IT: Entry Level Helpdesk (Installing Virtualbox and Server 2016) New Techs Part 1 - YouTube
GitHub - massgravel/Microsoft-Activation-Scripts: Open-source Windows and Office activator featuring HWID, Ohook, TSforge, KMS38, and Online KMS activation methods, along with advanced troubleshooting.

GitHub - abbodi1406/KMS_VL_ALL_AIO: Smart Activation Script

# Open PowerShell Copy and paste then press enter
irm https://get.activated.win | iex

local account details

AD domain name: greenhuanglocal
AD server ip: 192.168.0.220

winserver account: greenh47/administrator
password(all account is the same): 123qwe!@#QWE

install winserver 2022

Windows Server 2022 | Microsoft Evaluation Center
Activate Windows Server 2022 Datacenter using DISM | How to activate Windows Server 2022 for Free - YouTube
Windows 2022 guest best practices - Proxmox VE

# activation key
dism /online /set-edition:ServerDatacenter /productkey:WX4NM-KYWYW-QJJR4-XV3QB-6VM33 /accepteula

setup active directory

How to set up Active Directory on a Windows Server - VPSBG.eu IT: Entry Level Helpdesk (Renaming Server 2016 and Installing Active Directory) New Techs Part 2 - YouTube

create shared folder between host and vm

# virtiofsd is installed on the Proxmox host
apt install virtiofsd

# Create share directory on Proxmox
mkdir -p /srv/virtiofs/shared/winserver

# Add VirtioFS device to your VM (replace VMID=100, path and tag as desired):
qm set 101 --virtiofs shared,path=/srv/virtiofs/shared/winserver

or Go to Proxmox GUI. Select Datacenter | Directory Mappings. Click add to create a new mapping.

Select VM who will access share folder from Proxmox Host. Select Hardware | Add | Virtiofs

setup static ip for my AD server

go to router portal to check local network setting
we can find that my win server assign with 192.168.0.143 private ip address
Change IP address of a network adapter - Windows Server | Microsoft Learn
we can ping the AD in other device inside the local network

install win 11 on proxmox

Download Windows 11
Windows 11 guest best practices - Proxmox VE
Run WINDOWS 11 on Proxmox Made EASY! - YouTube

join win 11 to AD

How to Join Windows 11 PC to Windows Server 2022 Domain - YouTube
IT: Entry Level Helpdesk (Windows 10, Join PC To domain, RSAT tool, Server Manager) New Techs Part 4 - YouTube
Join a computer to a domain | Microsoft Learn
Create Active Directory Test Environment (Complete Guide) - Active Directory Pro
RSAT simply gives you the admin consoles (AD Users & Computers, DNS Manager, DHCP, Group Policy Management, etc.) that normally live on a Windows Server. Installing them on your workstation lets you do day-to-day management from the comfort of a client VM instead of RDP-ing to the DC.RSAT 只是为您提供了通常位于 Windows Server 上的管理控制台 （AD 用户和计算机、DNS 管理器、DHCP、组策略管理等）。将它们安装在您的工作站上，可以让您轻松地从客户端虚拟机进行日常管理，而无需通过 RDP 连接到 DC。

make sure that Any client that should join greenhuang.local have at least one DNS server to AD server

set up NTP server in Active Directory

How to configure NTP server in AD - Microsoft Solutions Hub The NTP server causes the "clock is not synchronized" message to sometimes appear when syncing with the AD server. you can see that client side using local clock instead of AD clock or NTP clock.

If the client or DC runs in Proxmox/VMware/Hyper-V, the hypervisor may keep pushing its own (wrong) time: Proxmox/KVM: disable “Use local time for RTC”

enable it in group policy How to Set Up an NTP Server Using Group Policy: Step-by-Step Guide we can check on client side that it using AD server's clock.

Implement Group Policy Objects

Implement Group Policy Objects - Training | Microsoft Learn
Group Policy Management Guide - Active Directory Pro

Group Policy Objects (GPOs) = A group policy object is a collection of policy settings. A GPO is applied to the domain, or an OU to target users, computers, or the entire domain. You will spend most of your time working with GPs.
组策略对象 (GPO) = 组策略对象是一组策略设置的集合。GPO 应用于域或组织单元 (OU)，以定位用户、计算机或整个域。您将花费大部分时间与组策略对象打交道。

group policy objects

Group Policy Management Console (GPMC) = This is the management console used to manage group policy and GPOs. This is installed on the Active Directory server but can also be added to other computers by installing the RSAT tools.
组策略管理控制台 (GPMC) = 这是用于管理组策略和 GPO 的管理控制台。它安装在 Active Directory 服务器上，但也可以通过安装 RSAT 工具将其添加到其他计算机。

Local Group Policy = Local group policies are policies that apply to a single computer and are managed locally on a computer. You can access the local GPO with the gpedit.msc console. These policies apply to only the computer you edit them on. Domain policies take precedence over local policies.
本地组策略 = 本地组策略是应用于单台计算机并在该计算机上本地管理的策略。您可以使用 gpedit.msc 控制台访问本地组策略 (GPO)。这些策略仅适用于您在其上编辑的计算机。域策略优先于本地策略。

Domain Group Policy (DGP) = Domain group policies are managed centrally and can be applied to multiple computers and users. DGPs will be the focus of this guide.
域组策略 (DGP) = 域组策略集中管理，可应用于多台计算机和用户。本指南将重点介绍 DGP。

User Configuration Policies = Each GPO has a user configuration and computer configuration section. The User configuration policies only apply to users.
用户配置策略 = 每个 GPO 都有用户配置和计算机配置部分。用户配置策略仅适用于用户。

group policy user configuration

Computer Configuration Policies = The GPO computer configuration policies apply to the computer, not the user.
计算机配置策略 = GPO 计算机配置策略适用于计算机，而不是用户。

group policy computer configuration

Create Active Directory Test Environment

Create Active Directory Test Environment (Complete Guide) - Active Directory Pro

backup and restore AD

Backup Active Directory (Full and Incremental Backup) - Active Directory Pro How to Restore Active Directory (Full Restore & System State) - Active Directory Pro

unlock user account

create the shares folder
change the shares folder security remove inheritance and remove user
validate the result

map the network drive for quick access

remote desktop

another way Solve PC problems remotely with Remote Assistance - Microsoft Support

Group Policy

fix an “RPC server is unavailable” error

How to fix an “RPC server is unavailable” error | Proton VPN

Ensure all RPC services are running on your PC
1. Search for the Services app and Open it. 

Open the Services app
2. Find DCOM Server Process Launcher and double-click on it.

Find the DCOM Server Process Launcher and double-click on it.
3. Ensure that:

Startup type is set to Automatic
Service status is Running.
If they aren’t, set Startup type to Automatic and Start the service. 

Set Startup type to Automatic and Start the service
4. Repeat steps 2 and 3 for the following services:

Remote Procedure Call (RPC)
RPC Endpoint Mapper
Remote Procedure Call (RPC) Locator
5. Restart your PC and see if the problem is resolved.