đ SYS 255 - tconklin-champlain/Tech-Journal GitHub Wiki
Pfsense | Default Credentials |
---|---|
Username: | admin |
Password: | pfsense |
- Assign interfaces
- Setup interface IP address
- Navigate to firewall ip to finish setup
- Select Active Directory Domain Services
- Add Features
- Pick Active Directory Domain
- Continue through deployment
- Sign in as Domain Admin
- Open DNS Manager
- Expand Foward Lookup Zones
- Add a New Host on your domain
OR - Expand Reverse Lookup Zones
- Add a New Zone
- Select ADDS
- Choose Active Directory Users & Computers
- Under Users Select 'New User'
AND OR - Add them to Domain Admins group to become a admin.
- Control Panel -> System & Security
- System -> System Properties
- Change Domain
đĄ Best to create two accounts, one with admin privileges and one without.
Command | Description |
---|---|
nmtui | Network Manager Text User Interface |
useradd | Adds New User |
passwd | Adds Password for User |
usermod -aG | Modify and Append User's Group |
groupadd | Add New Group |
chgrp | Change Group |
systemctl restart network | Restart network |
- DHCP Discover
- DHCP Offer
- DHCP Request
- DHCP Acknowledge
Citation
đŖ Time It is very important that all your Windows systems are on the same timezone and have accurate time with respect to one another. Windows authentication is sensitive to differences in time.
- Server Manager -> Local Server
- Active Directory Users & Computers
- Select Domain -> New OU
- Active Directory Users & Computers
- Groups -> Group Policy Managment
- Select Folder -> Create a GPO
- On Windows Server type
sconfig
- Disable remote root ssh access within the PermitRootLogin no flag in
/etc/ssh/sshd_config
file. - Type
service sshd restart
to finalize settings.
đŖ CentOS and other Redhat based Linux servers ship with SSH turned on. This combined with a known "root" user who is able to attempt login remotely presents a security flaw that must be addressed by the systems administrator before the system is accessible over the internet. The typical solution involves explicitly preventing root from logging in via the sshd_config file.
- Install realmd
sudo yum install realmd samba samba-common oddjob oddjob-mkhomedir sssd
- Join The Domain
realm join --user=[email protected] yourdomain.local, realm list
đĄ Note, if your time is not consistent across Windows and Linux, then you will likely have problems. Timezone can sometimes be a problem.
- Installing Apache
- Configuring Apache:
All the configuration files for Apache are located in /etc/httpd/conf and /etc/httpd/conf.d.
- Add Port to Firewall
firewall-cmd --permanent --add-port=port_id/protocol
- Firewall Config Commands
firewall-cmd --list-all
firewall-cmd --add-service=(http,https,httpd)
firewall-cmd --reload