Create a Personal Forensics Lab Part 5: The Windows 7 Workstations

2 min read

By the fifth instalment of the ‘build your own lab’ series, the lab already resembles this network diagram (or should, anyway):

Lab diagram

As the title suggests, it’s time to install the Windows 7 workstation(s).

NB: Windows 7 is end-of-life at this point and is included here strictly for [legacy forensics and artefact comparison purposes](/windows-artefacts/).

Workstation Configuration

During the installation, Windows asks for a user name and a computer name. Enter these during setup to save a step later in the process.

Enter user name and password

You can also configure Windows Update settings and the timezone during the installation if you like.

Once the OS is installed, the VM, as with the other workstations already added, will be automatically assigned the next available IP in the DHCP scope, likely 10.0.0.102. Check this in the Network and Sharing Centre:

Network and Sharing Centre

Don’t forget to disable the public (Internet-facing) NIC. With the existing network configuration, the VM should be able to access the primary and secondary DCs, as well as the Internet:

Disable public NIC

Domain Configuration

Open the Start Menu, right-click Computer, then click Properties:

Computer properties

In the resulting window, click Change settings:

Change settings

In System Properties, click Change:

System Properties

Enter the Computer Name and Domain, then click OK:

Join domain

When prompted, enter the domain administrator username and password you created earlier, then click OK:

Join domain

If everything is configured correctly, a success dialogue should appear:

Success dialogue

The workstation is now part of the domain, and basic configuration is complete.

Whether you set up the x64 or 32-bit version of Windows 7 first, the process is exactly the same for the other. If you want both versions in your lab, simply repeat the process with the alternate ISO.

Extra Credit

  1. Install all available Windows updates
  2. Adjust the timezone
  3. Install antivirus
  4. Install a browser other than Internet Explorer
  5. Take a snapshot

Now the lab looks like this:

Lab diagram

Go here to see how the Windows 8.1 workstation was created, or here to move on and create the CentOS workstation.