Active directory: Difference between revisions
No edit summary |
|||
| Line 23: | Line 23: | ||
6 Updates | 6 Updates | ||
=== Powershell === | |||
$PSVersionTable.PSVersion | |||
Update-Module -Name AzureRM | |||
Install-Module -Name AzureRM | |||
get-executionpolicy | |||
Set-ExecutionPolicy unrestricted -Scope currentuser | |||
Install-WindowsFeature -Name AD-Domain-Services,GPMC -computerName ws2022 -IncludeManagementTools -Restart | Install-WindowsFeature -Name AD-Domain-Services,GPMC -computerName ws2022 -IncludeManagementTools -Restart | ||
Get-Command -Module ADDSDeployment | Get-Command -Module ADDSDeployment | ||
| Line 41: | Line 51: | ||
Invoke-Command {Install-ADDSDomainController -DomainName -Credential (Get-Credential) -ComputerName | Invoke-Command {Install-ADDSDomainController -DomainName -Credential (Get-Credential) -ComputerName | ||
=== Azure AD === | === Azure === | ||
Microsoft Cloud, runs mostly on Hyper-V | |||
<nowiki>https://portal.azure.com</nowiki> | |||
Powershell | |||
https://learn.microsoft.com/en-us/powershell/azure/?view=azps-10.2.0 | |||
=== Azure AD / Entra ID === | |||
[[File:Azure Resources.png|thumb]] | |||
Azure Ad is in the cloud, user accounts can be sync'ed with Onprem AD | |||
https://learn.microsoft.com/en-us/certifications/exams/sc-300/ | |||
Exam SC-300: Microsoft Identity and Access Administrator | |||
https://learn.microsoft.com/en-us/powershell/azure/active-directory/overview?view=azureadps-2.0 | |||
https://tryhackme.com/module/hacking-active-directory | https://tryhackme.com/module/hacking-active-directory | ||
Latest revision as of 10:26, 28 August 2023
Samba DC
samba
smb nmb winbind ldap / ldb kerberos rpc musl-nscd sssd nss pam
Microsoft Server 2022
Install the GUI Experience, because the Server Core option will lack IE/Edge which has DLL's that some powershell commands use, mainly AD Connect
sconfig
2 Hostname 8 Network 6 Updates
Powershell
$PSVersionTable.PSVersion
Update-Module -Name AzureRM
Install-Module -Name AzureRM
get-executionpolicy
Set-ExecutionPolicy unrestricted -Scope currentuser
Install-WindowsFeature -Name AD-Domain-Services,GPMC -computerName ws2022 -IncludeManagementTools -Restart Get-Command -Module ADDSDeployment Install-ADDSForest -DomainName islief.com -InstallDns Get-ADDomainController
Install-Module -Name AzureAD Get-Command -Module AzureAD
$cred = Get-Credential Connect-AzureAD -Credential $cred
Get-Command -Module ActiveDirectory Get-ADDomain | Select InfrastructureMaster, RID-Master, PDCEmulator Get-ADForest | Select-Object DomainNamingMaster, SchemaMaster Move-ADDirectoryServerOperationMasterRole
Invoke-Command {Install-ADDSDomainController -DomainName -Credential (Get-Credential) -ComputerName
Azure
Microsoft Cloud, runs mostly on Hyper-V
https://portal.azure.com
Powershell
https://learn.microsoft.com/en-us/powershell/azure/?view=azps-10.2.0
Azure AD / Entra ID
Azure Ad is in the cloud, user accounts can be sync'ed with Onprem AD
https://learn.microsoft.com/en-us/certifications/exams/sc-300/
Exam SC-300: Microsoft Identity and Access Administrator
https://learn.microsoft.com/en-us/powershell/azure/active-directory/overview?view=azureadps-2.0
https://tryhackme.com/module/hacking-active-directory
Bloodhound
P2
P2 Trial License
Azure AD Connect
invoke-webrequest https://download.microsoft.com/download/B/0/0/B00291D0-5A83-4DE7-86F5-980BC00DE05A/AzureADConnect.msi -outfile AzureADConnect.msi .\AzureADConnect.msi
Import-Module "C:\Program Files\Microsoft Azure AD Sync\Bin\ADSync\ADSync.psd1" Get-ADSyncScheduler Start-ADSyncSyncCycle -PolicyType Delta
Remote PS
Set-Item WSMan:\localhost\Client\TrustedHosts -Value 10.0.0.139 Enter-PSSession 10.0.0.6