Apache Lab - kerryallen89/SYS-255-01 GitHub Wiki

Apache Lab Deliverables

Firewall-cmd Config + Apache Installation

Deliverable 1. Using PuTTY or SSH from AD02 to Web01, provide a screenshot that shows:

  • Your console login as a named sudo user and your elevation to root. The hostname should already be set. This implies that wks01 has network connectivity, you have downloaded PuTTY (you may need to work your way around the DHCP outage), and that you have properly configured DNS for web01.
  • nslookup to 10.0.5.10, grepping the hostname to target results.
  • ping to champlain.edu, grepping the string ‘packet’ to target results.

image

This screenshot shows that I successfully was able to connect my web01-kerry server to my ad02-kerry. I ran into trouble with not being able to connect it due to a simple reason, I didn't switch it from WAN to LAN. It took me so long to figure that out but eventually I got to work. I also performed the command "nslookup 10.0.5.10 | grep name". This greps the hostname to my web01-kerry server. I also pinged champlain.edu which by grepping the string "packet" to the target's results.

Deliverable 2. Provide the output of firewall-cmd --list-all

image

This screenshot shows that I have configured my firewall to allow the TCP ports of 80 and 443 which represent HTTP and HTTPS services. I did this by performing the command "firewall-cmd --permanent --zone=public --add-port=80/tcp" which added port 80/tcp permanently and I did the same for port 443/tcp but by replacing the 80 with 443.

Initially when I was adding these services into my firewall. I added both HTTP and HTTPS on top of this setup as well, I eventually had to look up how to remove the services as I didn't know if having both of them would mess up the lab. In my opinion, it wouldn't have made a difference, but for the sake of not messing anything up I performed the command "firewall-cmd --zone=public --remove=service=http" (I also did this for HTTPS but instead of http I used "https".) To make sure both HTTP and HTTPS were removed, I had to put in the command "firewall-cmd --runtime-to-permanent" for both.

Deliverable 3. Provide a screenshot showing wks browsing to web01 by hostname

image

In this screenshot, It shows that I have connected to "http://web01-kerry/" on wks02-kerry through firefox.

It took me a bit to do this as I forgot to start httpd services. Its a little mistake that I wish I knew, but once I figured it out it was all good.

Deliverable 4. Provide a screenshot similar to the one below, displaying VM name and browse by hostname.

image

In this screenshot, I deleted the contents of the welcome.conf file that was located in a directory called "/etc/httpd/conf.d/welcome.conf" and replaced the website with a index.html file where I put it in a directory called "/var/www/html/index.html". I then put my own little message inside of the empty file which is pasted above.

For some reason, I wasn't able to do this part within PowerShell through an SSH, but only inside of web01-kerry itself. I thought it was an apache error or that httpd wasn't enabled. But, that wasn't the case as it still would give me a blank terminal when I tried to access and/or create a new file.

INSTALLING PHP

NOTE: I feel that dedicating a part of this wiki page to installing PHP will help me in the future and will flow a lot better into the next deliverable> :)

SO WHAT IS PHP?

PHP or Hypertext Preprocessor is a scripting language dedicated to web development. Created in the early 90s by Rasmus Lerdorf, it is standard in every website you access and visit everyday! PHP files can contain a range of languages from basic text, HTML, CSS, JavaScript, and PHP code. PHP code is executed on the server which then outputs plain HTMl within the browser.

HOW TO INSTALL PHP

To install PHP within web01, we must perform the command "yum install -y php" within elevated root access.

image

After finishing the install, you now have access to being able to use PHP code and to create .php files. If the php code doesn't show up or straight up doesn't work. All you have to do is to restart the httpd service. The command for that is:

  • "systemctl restart httpd"

Deliverable 5. You can either use & modify the script shown below, or develop your own. Provide a screenshot showing both the PHP code and how it is rendered similar to the screenshot below. Make sure you access this site by hostname.

image

This screenshot shows my PHP code inside my ad02-kerry VM and the output on my WKS02-kerry website. This is the default code that is used as an example but the only thing I changed was "HELLO SYS255" to "THIS IS KERRY'S PHP CODE". Other than that, the code is simple. It says to echo a list of values from 1 to 10, but to echo "X is now:" with it.

LINUX DOMAIN JOIN

Realmd

What is realmd?

Realmd is a system that provides a clear way to join identity domains to achieve direct domain integration. It will configure Linux system services, such as SSSD (System Security Services Daemom) to connect to the domain.

Why use realmd?

Realmd ensures that the system is properly configured for services such as SSSD as it is a back-end identity provider for both local systems and Active Directory. Realmd simplifies the configuration of SSSD by searching to identify available AD and Identity Management domains and then joining the system to the domain. It will also set up required client services that are used to connect to the given identity domain and manage user access.

SOURCE: https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/windows_integration_guide/ch-configuring_authentication

How to install realmd?

To install realmd within web01, you must type the command "sudo yum install -y realmd samba samba-common oddjob oddjob-mkhomedir sssd". This command lets you install realmd, which makes it easier to join Linux systems to a Windows Active Directory Domain.

Joining the Domain

To join our Active Directory domain after successfully installing realmd, we must type in the command "realm join --user=([email protected] yourdomain.local)(THIS IS YOUR OWN SO FOR ME ITS [email protected] kerry.local)".

image

I had problems with trying to join the domain. I thought it was something to do with the times as one of the VMs was off by 40 seconds but it was me putting the domain admin username in. I thought it was "kerry-adm" and not "kerry.allen-adm".

Deliverable 6. Provide a screenshot showing a domain login via PuTTY or SSH to web01. Issue the id, whoami, and pwd commands.

image

This screenshot shows a domain login through SSH to web01 on Alice. I was able to do this by typing the command "[email protected]@web01-kerry". I then issued the id, whoami, and pwd commands while SSH-d into Alice.

Deliverable 7. The realm join operation should add web01 to Active Directory Users and Computers on the Domain Controller. Provide a screenshot similar to the one below:

image

This screenshot shows that the realm join operation worked and added web01 to the Active Directory Users and Computers inside the Domain Controller.