alientim/Gl-Komp-IT-Sys
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
a77c5b4eed861503c50fc59cabb8be8eaafa53d3
Gl-Komp-IT-Sys/Active Directory/README.md

219 lines
3.3 KiB
Markdown
Raw Blame History

# Active Directory
## Konfiguration
<details open>
<summary>Powershell</summary>
#### Local Password
<details>
````ruby
Get-LocalUser -Name "Administrator" | Set-LocalUser -Password (ConvertTo-SecureString -AsPlainText "Passw0rd" -Force)
````
</details>
#### Local Netconf
<details>
```ruby
New-NetIPAddress -InterfaceIndex 3 -AddressFamily IPv4 -IPAddress '172.16.7.100' -PrefixLength '255.255.255.0' -DefaultGateway '172.16.7.254'
```
```ruby
Set-DnsClientServerAddress -InterfaceIndex '3' -ServerAddresses ('172.16.7.11','172.16.7.12')
```
</details>
#### Set-Hostname
<details>
```ruby
Rename-Computer -NewName 'DC01' -Restart -Force
```
</details>
#### Netzwerkkarte auf Private setzen
<details>
````ruby
Get-NetConnectionProfile
````
````ruby
Set-NetConnectionProfile -InterfaceIndex [Index der Netzwerkkarte] -NetworkCategory "Private"
````
</details>
#### Firewall abschalten
<details>
````bash
netsh advfirewall set allprofiles state off
````
</details>
#### IPv6 de-/aktivieren
<details>
````ruby
Disable-NetAdapterBinding -Name [Name der Netzwerkkarte] -ComponentID ms_tcpip6
````
````ruby
Enable-NetAdapterBinding -Name [Name der Netzwerkkarte] -ComponentID ms_tcpip6
````
</details>
</details>
## Aufnahme in die Domäne
<details open>
<summary>Powershell</summary>
#### Domain-Join
<details>
````ruby
Add-Computer -Domain "podxx.spielwiese.intern" -Restart -Force
````
</details>
</details>
## GPOs
<details open>
<summary>GUI</summary>
#### Keine Login History
<details>
````ruby
-> Windows-Einstellungen
-->Sicherheitseinstellungen
--->Lokale Richtlinien
---->Sicherheitsoptionen
----->Interaktive Anmeldung
````
<details>
<summary>Bild</summary>
![GUI-Config](IMG/NO_LOGON_HISTORY.PNG)
</details>
</details>
</details>
## PSO
<details open>
<summary>GUI</summary>
#### Password Settings Objects
<details>
````ruby
-> Password Settings Objects
--> Advaned View (Activ Directory User & Computer)
---> Active Directory Administrativ Center
----> System
-----> Password Settings Container
````
<details>
<summary>Bild</summary>
![GUI-Config](IMG/PSO.PNG)
</details>
</details>
</details>
## Zertifikate & PKI
<details open>
<summary>GUI</summary>
#### Externe Root CA
<details>
````ruby
-> Group Policy Management Editor
--> Computer Configuration
---> Policies
----> Windows Settings
-----> Sicherheitseinstellungen
------> Public Key Policies
-------> Trusted Root CA
````
<details>
<summary>Bild</summary>
![GUI-Config](IMG/CA-EXTERN.PNG)
</details>
</details>
#### AD-integrierte CA
<details>
Installiere 'Active Directory Certificate Services'
````ruby
MMC erstellen:
-> Snap-ins:
- Active Directory Sites and Services
- Certificate Templates
- Certification Authority
- Enterprise PKI
- Group Policy Management
````
Rechtklickt auf ADSSS -> View -> Show Service Node
> Rechte im Template lt. Bild setzen
> Domain Controller -> Domain Controller rechte
> Computer -> Computer rechte
> usw.
<details>
<summary>Bild</summary>
![GUI-Config](IMG/CA-TEMPLATE-RIGHTS.PNG)
</details>
</details>
</details>
<details open>
<summary>Powershell</summary>
#### AD-integrierte CA
<details>
> Zertifikat Anfodern
````ruby
Get-Certificate -Template PODxx.Computer -CertStoreLocation Cert:\LocalMachine\My\
````
</details>
Reference in New Issue View Git Blame Copy Permalink