SEC 350 Lab 5-2

Related pages/sections on this wiki:

• AD DS via Command Line
• Graylog: Send Windows EventLogs to Graylog with Sidecar and Winlogbeat
• Windows: Server: Time

Reflection

This lab was rough for me - I forgot to configure NTP on MGMT01 before starting to set up Active Directory, and tried to go back, which somehow screwed up my ability to log into MGMT01. I restored the snapshot of MGMT01 from before I'd touched it, and re-configured everything from the top. After that, due to some seriously facepalm-worthy mistakes on my part - forgetting to update the firewall on log01, missing the step where I added the input stream on Graylog - it was much harder than it needed to be. Actually setting up Active Directory was simple enough, but everything else was a problem.

I uploaded exports of my current VyOS configurations on fw-mgmt and fw01 to the non-wiki part of this repo, after running them through VyOS's strip-private tool, mentioned at the end of this section of the docs