Active directory

From Braindump
Revision as of 10:26, 28 August 2023 by Jan (talk | contribs)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

Samba DC

samba 

smb
nmb
winbind

ldap / ldb
kerberos
rpc

musl-nscd
sssd
nss
pam

Microsoft Server 2022

Install the GUI Experience, because the Server Core option will lack IE/Edge which has DLL's that some powershell commands use, mainly AD Connect

sconfig 

2 Hostname
8 Network
6 Updates

Powershell

$PSVersionTable.PSVersion

Update-Module -Name AzureRM

Install-Module -Name AzureRM

get-executionpolicy

Set-ExecutionPolicy unrestricted -Scope currentuser 

Install-WindowsFeature -Name AD-Domain-Services,GPMC -computerName ws2022 -IncludeManagementTools -Restart
Get-Command -Module ADDSDeployment
Install-ADDSForest -DomainName islief.com -InstallDns
Get-ADDomainController

Install-Module -Name AzureAD
Get-Command -Module AzureAD

$cred = Get-Credential
Connect-AzureAD -Credential $cred

Get-Command -Module ActiveDirectory
Get-ADDomain | Select InfrastructureMaster, RID-Master, PDCEmulator
Get-ADForest | Select-Object DomainNamingMaster, SchemaMaster
Move-ADDirectoryServerOperationMasterRole

Invoke-Command {Install-ADDSDomainController -DomainName -Credential (Get-Credential) -ComputerName

Azure

Microsoft Cloud, runs mostly on Hyper-V

https://portal.azure.com

Powershell

https://learn.microsoft.com/en-us/powershell/azure/?view=azps-10.2.0

Azure AD / Entra ID

Azure Resources.png

Azure Ad is in the cloud, user accounts can be sync'ed with Onprem AD

https://learn.microsoft.com/en-us/certifications/exams/sc-300/

Exam SC-300: Microsoft Identity and Access Administrator

https://learn.microsoft.com/en-us/powershell/azure/active-directory/overview?view=azureadps-2.0

https://tryhackme.com/module/hacking-active-directory

Bloodhound

P2

P2 Trial License

Azure AD Connect

invoke-webrequest https://download.microsoft.com/download/B/0/0/B00291D0-5A83-4DE7-86F5-980BC00DE05A/AzureADConnect.msi -outfile AzureADConnect.msi
.\AzureADConnect.msi

Import-Module "C:\Program Files\Microsoft Azure AD Sync\Bin\ADSync\ADSync.psd1"
Get-ADSyncScheduler
Start-ADSyncSyncCycle -PolicyType Delta

Remote PS

Set-Item WSMan:\localhost\Client\TrustedHosts -Value 10.0.0.139
Enter-PSSession 10.0.0.6
Retrieved from "https://www.janmg.com/wiki/index.php?title=Active_directory&oldid=701"