lotte/ChamplainTechJournals
1
Code Activity

migrate to git.charlotte.sh

Browse source
This commit is contained in:
Charlotte Croce 2025-04-19 23:42:08 -04:00
commit fbd588721e
412 changed files with 13750 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

BIN
sysadmin-i-sys255/CA_process.png Normal file
View file

Binary file not shown.
Side by side

After

Width:  |  Height:  |  Size: 98 KiB

17
sysadmin-i-sys255/README.md Normal file
View file

@ -0,0 +1,17 @@
# System Administration I
Spring 2024
- week01 - [Environment Setup](https://git.charlotte.sh/lotte/ChamplainTechJournals/src/branch/main/sysadmin-i-sys255/lab01-environment-setup.md)
- week02 - [DNS+ADDS](https://git.charlotte.sh/lotte/ChamplainTechJournals/src/branch/main/sysadmin-i-sys255/lab02-dns%2Badds-role.md)
- week03 - [Linux Intro](https://git.charlotte.sh/lotte/ChamplainTechJournals/src/branch/main/sysadmin-i-sys255/lab03-linux.md)
- week04 - [Linux DHCP](https://git.charlotte.sh/lotte/ChamplainTechJournals/src/branch/main/sysadmin-i-sys255/lab04-dhcp.md)
- week05 - [ADDS & Group Policy](https://git.charlotte.sh/lotte/ChamplainTechJournals/src/branch/main/sysadmin-i-sys255/lab05-adds-and-group-policy.md)
- week06 - [Midterm](https://git.charlotte.sh/lotte/ChamplainTechJournals/src/branch/main/sysadmin-i-sys255/lab06-midterm.md)
- week07 - [Server Core & RAT](https://git.charlotte.sh/lotte/ChamplainTechJournals/src/branch/main/sysadmin-i-sys255/lab07-lab-server-core-and-remote-administrator-tools.md)
- week08 - [Apache](https://git.charlotte.sh/lotte/ChamplainTechJournals/src/branch/main/sysadmin-i-sys255/lab08-apache.md)
- week8.5- [Windows DHCP](https://git.charlotte.sh/lotte/ChamplainTechJournals/src/branch/main/sysadmin-i-sys255/lab08.5-configure-windows-dhcp-server.md)
- week09 - [BASH Intro](https://git.charlotte.sh/lotte/ChamplainTechJournals/src/branch/main/sysadmin-i-sys255/lab09-bash-scripting.md)
- week10 - [PowerShell Intro](https://git.charlotte.sh/lotte/ChamplainTechJournals/src/branch/main/sysadmin-i-sys255/lab10-powershell.md)
- week11 - [Wordpress on Linux](https://git.charlotte.sh/lotte/ChamplainTechJournals/src/branch/main/sysadmin-i-sys255/lab11-wordpress-on-linux.md)
- week12 - [Automation Intro](https://git.charlotte.sh/lotte/ChamplainTechJournals/src/branch/main/sysadmin-i-sys255/lab12-automation.md)
- week13 - [Wordpress on Windows](https://git.charlotte.sh/lotte/ChamplainTechJournals/src/branch/main/sysadmin-i-sys255/lab13-wordpress-on-windows.md)

85
sysadmin-i-sys255/SYS255_NetworkDiagram.drawio Normal file
View file

@ -0,0 +1,85 @@
<mxfile host="app.diagrams.net" modified="2024-02-08T15:09:16.871Z" agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36" etag="KMtC-PqWGAay4y_au7GD" version="23.1.2" type="github">
<diagram name="Page-1" id="822b0af5-4adb-64df-f703-e8dfc1f81529">
<mxGraphModel dx="792" dy="1104" grid="1" gridSize="10" guides="1" tooltips="1" connect="1" arrows="1" fold="1" page="1" pageScale="1" pageWidth="1100" pageHeight="850" background="none" math="0" shadow="0">
<root>
<mxCell id="0" />
<mxCell id="1" parent="0" />
<mxCell id="k9p167rnngZEbdP0Ajg7-18" value="" style="rounded=0;whiteSpace=wrap;html=1;glass=0;perimeterSpacing=1;strokeWidth=1;movable=0;resizable=0;rotatable=0;deletable=0;editable=0;locked=1;connectable=0;" vertex="1" parent="1">
<mxGeometry x="90" y="280" width="710" height="390" as="geometry" />
</mxCell>
<mxCell id="-IeLTNNZ7KWvEU6to_KN-1" value="fw01-nathan&lt;br&gt;&lt;br&gt;10.0.17.104" style="whiteSpace=wrap;html=1;aspect=fixed;" parent="1" vertex="1">
<mxGeometry x="410" y="180" width="80" height="80" as="geometry" />
</mxCell>
<mxCell id="-IeLTNNZ7KWvEU6to_KN-2" value="wks01-nathan&lt;br&gt;&lt;br&gt;10.0.5.100" style="whiteSpace=wrap;html=1;aspect=fixed;" parent="1" vertex="1">
<mxGeometry x="410" y="530" width="80" height="80" as="geometry" />
</mxCell>
<mxCell id="-IeLTNNZ7KWvEU6to_KN-3" value="ad01-nathan&lt;br&gt;&lt;br&gt;10.0.5.5" style="whiteSpace=wrap;html=1;aspect=fixed;" parent="1" vertex="1">
<mxGeometry x="510" y="360" width="80" height="80" as="geometry" />
</mxCell>
<mxCell id="-IeLTNNZ7KWvEU6to_KN-4" value="dhcp01-nathan&lt;br&gt;&lt;br&gt;10.0.5.3" style="whiteSpace=wrap;html=1;aspect=fixed;" parent="1" vertex="1">
<mxGeometry x="180" y="360" width="80" height="80" as="geometry" />
</mxCell>
<mxCell id="k9p167rnngZEbdP0Ajg7-1" value="" style="endArrow=none;html=1;rounded=0;exitX=0.5;exitY=1;exitDx=0;exitDy=0;entryX=0.5;entryY=0;entryDx=0;entryDy=0;" edge="1" parent="1" source="-IeLTNNZ7KWvEU6to_KN-3" target="-IeLTNNZ7KWvEU6to_KN-2">
<mxGeometry width="50" height="50" relative="1" as="geometry">
<mxPoint x="380" y="590" as="sourcePoint" />
<mxPoint x="430" y="540" as="targetPoint" />
</mxGeometry>
</mxCell>
<mxCell id="k9p167rnngZEbdP0Ajg7-2" value="" style="endArrow=none;html=1;rounded=0;exitX=0.5;exitY=1;exitDx=0;exitDy=0;entryX=0.5;entryY=0;entryDx=0;entryDy=0;" edge="1" parent="1" source="-IeLTNNZ7KWvEU6to_KN-4" target="-IeLTNNZ7KWvEU6to_KN-2">
<mxGeometry width="50" height="50" relative="1" as="geometry">
<mxPoint x="380" y="590" as="sourcePoint" />
<mxPoint x="430" y="540" as="targetPoint" />
</mxGeometry>
</mxCell>
<mxCell id="k9p167rnngZEbdP0Ajg7-4" value="10.0.5.2" style="rounded=0;whiteSpace=wrap;html=1;" vertex="1" parent="1">
<mxGeometry x="410" y="260" width="80" height="20" as="geometry" />
</mxCell>
<mxCell id="k9p167rnngZEbdP0Ajg7-5" value="" style="endArrow=none;html=1;rounded=0;entryX=0.5;entryY=1;entryDx=0;entryDy=0;exitX=0.5;exitY=0;exitDx=0;exitDy=0;" edge="1" parent="1" source="-IeLTNNZ7KWvEU6to_KN-3" target="k9p167rnngZEbdP0Ajg7-4">
<mxGeometry width="50" height="50" relative="1" as="geometry">
<mxPoint x="380" y="590" as="sourcePoint" />
<mxPoint x="430" y="540" as="targetPoint" />
</mxGeometry>
</mxCell>
<mxCell id="k9p167rnngZEbdP0Ajg7-6" value="10.0.17.2" style="rounded=0;whiteSpace=wrap;html=1;" vertex="1" parent="1">
<mxGeometry x="410" y="160" width="80" height="20" as="geometry" />
</mxCell>
<mxCell id="k9p167rnngZEbdP0Ajg7-8" value="DNS" style="rounded=0;whiteSpace=wrap;html=1;" vertex="1" parent="1">
<mxGeometry x="590" y="360" width="50" height="45" as="geometry" />
</mxCell>
<mxCell id="k9p167rnngZEbdP0Ajg7-9" value="" style="endArrow=none;html=1;rounded=0;entryX=0.5;entryY=0;entryDx=0;entryDy=0;exitX=0.5;exitY=1;exitDx=0;exitDy=0;" edge="1" parent="1" source="k9p167rnngZEbdP0Ajg7-4" target="-IeLTNNZ7KWvEU6to_KN-2">
<mxGeometry width="50" height="50" relative="1" as="geometry">
<mxPoint x="380" y="590" as="sourcePoint" />
<mxPoint x="430" y="540" as="targetPoint" />
</mxGeometry>
</mxCell>
<mxCell id="k9p167rnngZEbdP0Ajg7-10" value="" style="endArrow=none;html=1;rounded=0;entryX=0.5;entryY=1;entryDx=0;entryDy=0;" edge="1" parent="1" target="k9p167rnngZEbdP0Ajg7-4">
<mxGeometry width="50" height="50" relative="1" as="geometry">
<mxPoint x="220" y="360" as="sourcePoint" />
<mxPoint x="270" y="310" as="targetPoint" />
</mxGeometry>
</mxCell>
<mxCell id="k9p167rnngZEbdP0Ajg7-13" value="" style="endArrow=none;html=1;rounded=0;entryX=1;entryY=0.5;entryDx=0;entryDy=0;exitX=0;exitY=0.5;exitDx=0;exitDy=0;" edge="1" parent="1" source="-IeLTNNZ7KWvEU6to_KN-3" target="-IeLTNNZ7KWvEU6to_KN-4">
<mxGeometry width="50" height="50" relative="1" as="geometry">
<mxPoint x="380" y="590" as="sourcePoint" />
<mxPoint x="430" y="540" as="targetPoint" />
</mxGeometry>
</mxCell>
<mxCell id="k9p167rnngZEbdP0Ajg7-16" value="DHCP" style="rounded=0;whiteSpace=wrap;html=1;" vertex="1" parent="1">
<mxGeometry x="130" y="360" width="50" height="45" as="geometry" />
</mxCell>
<mxCell id="k9p167rnngZEbdP0Ajg7-19" value="nathan.local&lt;br&gt;&lt;br&gt;10.0.5.0 /24" style="rounded=0;whiteSpace=wrap;html=1;" vertex="1" parent="1">
<mxGeometry x="555" y="500" width="120" height="60" as="geometry" />
</mxCell>
<mxCell id="k9p167rnngZEbdP0Ajg7-20" value="" style="endArrow=none;html=1;rounded=0;entryX=0.5;entryY=0;entryDx=0;entryDy=0;" edge="1" parent="1" target="k9p167rnngZEbdP0Ajg7-6">
<mxGeometry width="50" height="50" relative="1" as="geometry">
<mxPoint x="450" y="120" as="sourcePoint" />
<mxPoint x="440" y="440" as="targetPoint" />
</mxGeometry>
</mxCell>
<mxCell id="k9p167rnngZEbdP0Ajg7-21" value="SYS 255&lt;br&gt;WAN" style="ellipse;shape=cloud;whiteSpace=wrap;html=1;" vertex="1" parent="1">
<mxGeometry x="390" y="50" width="120" height="80" as="geometry" />
</mxCell>
</root>
</mxGraphModel>
</diagram>
</mxfile>

81
sysadmin-i-sys255/lab01-environment-setup.md Normal file
View file

@ -0,0 +1,81 @@
---
description: >-
In this lab, we set up our Windows workstation and PfSense firewall on
vSphere.
---
# Lab01 - Environment Setup
## Add a Network Adapters in VSphere:
- Power off the machine
- VM Hardware Section -> Edit
- Add New Device -> Network Adapter
- Change interface to either WAN or LAN
## FW01
Before powering on, check the network interface configuration (1:WAN 2:LAN)
### Configure IP Addresses
- Should VLANs be set up no: **n**
- Enter the WAN interface name: **em0**
- Enter the LAN interface name:**em1**
- Do you want to proceed:**y**
- Select Option 2 to Set IP Addresses, Pick 1 - WAN em0
- Configure IPv4 address WAN interface via DHCP?: **n**
- Enter your new WAN IPv4 address: **10.0.17.104**
- Enter the new WAN IPv4 subnet bit count: **24**
- For WAN enter the new IPv4 upstream gateway address of **10.0.17.2**
- Configure IPv6 address WAN interface via DHCP6?: **n**
- Enter the new WAN IPv6 address: **<ENTER> for none**
- Do you want to revert to HTTP as the webConfigurator protocol? : **n**
The console screen should now show a static IP address of 10.0.17.104/24 for em0:
Now we need to set the IP address for the other interface em1.
Select Option 2 again.
- Pick interface 2 - LAN (em1)
- Enter the new LAN IPv4 address: **10.0.5.2**
- Enter the new LAN IPv4 subnet bit count: **24**
- For a LAN press <ENTER> for none: **<ENTER>**
- Enter the LAN IPv6 address: **<ENTER>**
- Do you want to enable the DHCP server on LAN?: **n**
- Do you want to revert to HTTP as the webConfigurator protocol? : **n**
![image](../assets/5bde20db-9f06-4891-b5f1-22cea0ab2014.png)
## WKS01
### Rename this Windows Computer
* In File Explorer, right-click on “This PC”
* “Properties” -> “Change Settings”
* Click “Change” next to “To rename this computer…”
* rename to `wks01-charlotte`
### Add a user
* Computer Management -> Local Users and Groups -> Users
* Right Click -> New User
* `charlotte:password123`
![image](../assets/383fc178-8815-4a57-90f3-7138d8bbf02b.png)
### Add a User to a Group
* Go to user Properties -> Member Of -> Add
* Type the group name: `WKS01-CHARLOTTE\Adminstrators`
* Check names, if the text entered is a valid group, the text should underline
### Change IP Address
* Go to Network and Internet settings -> Change adapter options
* Right-click on network adapter - “properties”
* Double-click IPv4 setting
![image](../assets/1b3f68db-04b0-42dc-837e-c9d0623132d4.png)
### PFSense GUI (web)
The default username/password is admin/pfsense
![image](../assets/cb27b4f7-abd2-489e-a465-fadf7005c57a.png)
![image](../assets/1ea4dc4a-a2e4-4518-ae35-6ad320a8cf06.png)
new admin password: password123

53
sysadmin-i-sys255/lab02-dns+adds-role.md Normal file
View file

@ -0,0 +1,53 @@
---
description: >-
In this lab, we created an Active Directory Domain Server on our Windows 2019
Server (10.0.5.5)
---
# Lab02 - DNS+ADDS Role
## Domain vs. Local Administrator
Local administrators have power within the singular Windows OS, while Domain administrators have power over items within the AD domain
## Installing the ADDS Role on Windows Server
* go to Server manager
* Manage -> Add Roles and Features
* check `Active Directory Domain Services` and install dependencies as well
* continue through wizard and install
## Configure our server to be the primary domain controller for our domain
* click `Promote this server to a domain controller`
* `Add a new forest` - nathan.local
* set DSRM password
* continue through wizard and install
## Create Forward Lookup DNS Records
* go to DNS Manager
* DNS -> ad01-nathan.nathan.local -> Forward Lookup Zones -> right click nathan.local -> New Host
* PTR records will not work right now /bc there is no reverse lookup zone
## Create Reverse Lookup DNS Records
* go to DNS Manager
* DNS -> ad01-nathan.nathan.local -> right click Reverse Lookup Zones -> New Zone
* enter Network ID (10.0.5.) when prompted
* update PTR records on A records, refresh, and PTR records should appear in Reverse Lookup Zones
## Create a user in AD
* server manager -> AD DS -> right click server -> Active Directory Users and Computers
* nathan.local -> right-click Users -> New -> User
## Add a user to the domain admin group
* right click created user -> add to a group
* type 'Domain Admins'
## Add a computer to the domain
* control panel -> system and security -> system -> change settings
* change from workgroup to domain

27
sysadmin-i-sys255/lab03-linux.md Normal file
View file

@ -0,0 +1,27 @@
---
description: >-
In this lab we set up the DHCP server in Linux, but we haven't added any DHCP
functionality yet, just networking configurations and adding a user
---
# Lab03 - Linux Setup
## mntui
* network manager TUI
* used to set up network configuration & can change hostname
* (remember to set search domain to charlotte.local)
* `systemctl restart network` or `systemctl restart NetworkManager` to restart network after config change
## set hostname
`hostnamectl set-hostname dhcp01-charlotte`
## creating privileged user
* `useradd charlotte`
* `passwd charlotte`
* `usermod -aG (wheel/sudo) charlotte` - RH=wheel, Debain=sudo
## ipconfig DNS commands
* `/flushdns`: clears DNS cache and forces the computer to regain all DNS entries from the DNS server
* `/registerdns`: re-registers all domain names and IP addresses

95
sysadmin-i-sys255/lab04-dhcp.md Normal file
View file

@ -0,0 +1,95 @@
---
description: >-
this week we configured dhcp01-nathan to run the dhcp server. now wks01 uses
dhcp rather than static IP assignment
---
# Lab04 - DHCP
## DHCP configuration
* connect to dhcp01-nathan via puTTY
* `sudo yum install dhcp`
* configure `/etc/dhcp/dhcpd.conf` file
![alt text](../assets/lab04sys255.png)
* start\&enable dhcp
* configure dhcp on firewall
* configure wks01-nathan to use DHCP instead of static IP
#### to start dhcp
`systemctl start dhcpd`
#### to check status of dhcp
`systemctl status dhcpd`
#### configure dhcp to start on boot
`systemctl enable dhcpd`
#### configure dhcp on firewall
* `firewall-cmd --add-service=dhcp --permanent`
* `firewall-cmd --reload`
* `firewall-cmd --list-all`
#### search for dhcp logs from wks01-nathan
`sudo cat /var/log/messages | grep wks01-nathan`
#### release dhcp
`ipconfig /release`
#### renew dhcp
`ipconfig /renew`
#### filtering dhcp messages in wireshark
`udp.port==67`
## Disable root access via ssh
* `nano /etc/ssh/sshd_config`
* change `PermitRootLogin` from yes to no and uncomment
* `systemctl restart sshd`
## File Permissions
#### how to create a group
`groupadd [groupname]`
#### how to add a user to a group
`usermod -aG [groupname] [username]`
#### how to change the owner of a file
`chown filename [username]`
#### how to change the group of file
`chgrp filename [groupname]`
## Changing file permissions
#### Method 1: using bit values
* Read: 4
* Write: 2
* Execute: 1 Add up the numbers to set permissions for each accessor (owner/group/everyone else)
example: `chmod 640 file.txt` give read/write to owners, read to group members, and no access to everyone else
#### Method 2: adding/removing file permissions individually
* `chmod u+/-(r/w/x) [filename]` - users (owner)
* `chmod g+/-(r/w/x) [filename]` - group
* `chmod o+/-(r/w/x) [filename]` - others (everyone else)
example: `chmod g+w file.txt` gives write permissions to the group of `file.txt`

44
sysadmin-i-sys255/lab05-adds-and-group-policy.md Normal file
View file

@ -0,0 +1,44 @@
---
description: This week we created organizational units and group policy on our AD server
---
# Lab05 - ADDS & Group Policy
### Create organizational units and add users/computers/groups
* Server Manager -> Active Directory Users and Computers
* rc nathan.local -> new -> Organizational Unit (named SYS255)
* rc SYS255, create three child OUs (Accounts, Computers, and Groups)
* add users Alice, Bob, and Charlie to SYS255/Accounts (default password is Pass123!)
* move WKS01-NATHAN from nathan.local/Computers to nathan.local/SYS255/Computers
* within the SYS255\Groups OU, add a global security group called custom-desktop with users Alice and Bob (not Charlie) as members
### Create group policy
* Server Manager -> Group Policy Management
* rc nathan.local/SYS255 -> Create GPO in this domain... (name it sys255-desktop)
* click sys255-desktop, under Security Filtering, add the custom-desktop global security group
* remove Authenticated Users
* add Domain Computers
* Delegation tab -> Advanced -> Domain Computers -> Uncheck Apply Group Policy and Select Deny
### Edit group policy
* rc sys255-desktop - > Edit
#### remove the recycling bin
![image](../assets/lab05-1.png)
#### disable last login
* create a GPO under SYS255/Computers
* aplly security filtering to only domain computers
* rc DisableLastLogin -> Edit
### Useful commands
`gpresult /r` - shows a summary of group policy on a workstation\
`gpresult /scope computer /r` - shows a summary of computer-specific group policy\
`gpupdate /force` - forces a group policy update

8
sysadmin-i-sys255/lab06-midterm.md Normal file
View file

@ -0,0 +1,8 @@
---
description: >-
In this lab, we rebuilt the network so far using our notes from the first 5
labs. Some IP addresses were changed
---
# Lab06 - Midterm

44
sysadmin-i-sys255/lab07-lab-server-core-and-remote-administrator-tools.md Normal file
View file

@ -0,0 +1,44 @@
# Lab07 - Lab Server Core & Remote Administrator Tools
### Join FS01-nathan to domain
* `sconfig` - server configuration
* edit default configs to match the screenshots below
![image](../assets/lab07-1.png)
* join domain nathan.local using nathan.croce-adm user
### Allow AD02 remote access to FS01
* on AD02 - server manager - manage - add roles and features
* skip to features section
* check remote server administration tools / role administration tools / file services tools / file server resource manager tools
* install
* add FS01 to all servers
### Use RSAT to add to FS01 and create a Sales Users share
* on AD02 - all servers - rc FS01 - add roles and features
* skip to server roles
* file and storage services / file and iSCSI services / check file server & file server resource manager
* install
* Run the following Net Shell command on fs01 to open the firewall for managing the File Server `netsh advfirewall firewall set rule group=”Remote File Server Resource Manager Management” new enable=yes`
* on AD02 - Server Manager - file and storage services - servers - rc fs01 - file server resource manager
* on AD02 - Server Manager - file and storage services - shares - new share
* SMB quick share - located on FS01
* skip to create
* edit permissions and give sales-users full control over share
### mapping network share to drive letter
* on AD02 - group policy management - ... - SYS255 - groups - Create GPO and link it here (I name it 'Mapped Drive')
* check enforced on the GPO
* edit GPO
* User Configuration -> Preferences -> Windows Settings -> Drive Mappings - rc Drive Maps - new - mapped drive
* common tab - targeting
* new item - organization unit

41
sysadmin-i-sys255/lab08-apache.md Normal file
View file

@ -0,0 +1,41 @@
---
description: In this lab, we set up an Apache web server on WEB01
---
# Lab08 - Apache
## Apache Server Installation & Configuration
### Configure WEB01
* `nmtui`
* IP address is 10.0.5.10
* setting alternate DNS to 8.8.8.8 made initial connectivity work (idk why)
* remember to add A and PTR records to DNS server
### Install httpd
```bash
sudo yum install httpd
sudo firewall-cmd --add-service=http --permanent
sudo firewall-cmd --add-service=https --permanent
sudo firewall-cmd --reload
sudo systemctl start httpd
sudo systemctl enable httpd
```
* comment out all lines in `/etc/httpd/conf.d/welcome.conf`
* add _index.html_ file to `/var/www/html/`
* the contents of _index.html_ should be what searching `http://web01-nathan` in a browser will give you
### Install PHP
* `yum install -y php`
* `systemctl restart httpd`
* add _index.php_ file to `/var/www/html/`
## Linux Domain Join
* `sudo yum install -y realmd samba samba-common oddjob oddjob-mkhomedir sssd`
* `sudo realm join --user=nathan.croce-adm@nathan.local nathan.local`
* `realm list`

26
sysadmin-i-sys255/lab08.5-configure-windows-dhcp-server.md Normal file
View file

@ -0,0 +1,26 @@
---
description: In this lab, we configured a Windows DHCP server on FS01 via RSAT from AD02
---
# Lab08.5 - Configure Windows DHCP Server
## Install DHCP on FS01
* AD02 - all servers - rc FS01 - Add Roles and Features
* roles - check DHCP server
* continue to install
* complete DHCP configuration
## Add RSAT to AD02
* Add Roles and Features
* select AD02
* Features - Remote Server Administration Tools - Remote Server Administration Tools - DHCP Server Tools
* continue to install
## Configure DHCP on FS01
* rc FS01 - DHCP Manager
* add server - select FS01
* rc IPv4 - New Scope
* configs are pretty self-explanatory (remember to add 10.0.5.6 to DNS)

25
sysadmin-i-sys255/lab09-bash-scripting.md Normal file
View file

@ -0,0 +1,25 @@
---
description: In this lab, we explored basic BASH scripting
---
# Lab09 - BASH Scripting
## Commands to find Information on BASH Environment
* `bash -version | grep version` - BASH version installed
* `which bash` - where the BASH program resides
* `echo $PATH` - [Path Environment Variable](https://en.wikipedia.org/wiki/PATH\_\(variable\))
* `env` - [Environment Variables](https://www.techrepublic.com/article/linux-101-what-are-environment-variables/)
* `history` - shows previous commands executed
## Check if substring is in string
`if [[ $string =~ "substring" ]]; then`
* Ping sweeper script
<figure><img src="../assets/72455756211919931734.png" alt=""><figcaption></figcaption></figure>
* nslookup script
<figure><img src="https://lh7-us.googleusercontent.com/IKQIndPY0hAvn2fDJTtTBRb4CRJ6dzCMFQAZArjp3VfaE00BtvxBj6FZZcvUBCwx-rZw6BkQkIcjoOt8PcNBgQFe_iu1aFde_yg-gxNNxEn3OsSSReVV7Y2ZY1tTr4nhw21-izfg2T10FHsscQeG7A" alt=""><figcaption></figcaption></figure>

29
sysadmin-i-sys255/lab10-powershell.md Normal file
View file

@ -0,0 +1,29 @@
---
description: In this lab, we explored basic PowerShell scripting
---
# Lab10 - PowerShell
## AD Commands
* `Neq-ADUser -Name "Charlie" -SamAccountName "charlie" - AccountPassword(Read-Host -AsSecureString "Password: ") -Enabled $true`
* `Add-ADGroupMember -Identity "Sales-Users" - Members charlie`
<figure><img src="https://lh7-us.googleusercontent.com/yuCKKzJsbL2VJL5sVPcQIzLyQWuV2TMDL4CLXOJ-Q2nMhLBi6fkPr32FqvM3IN5obMTp2yBmL2xr09AfRQfUF93gZQp5nv9_84wZ0I5QWszJd4xIuA0AwHDKSEw988TywxU2Q1TBqo2UW03g-1l-MA" alt=""><figcaption></figcaption></figure>
## Allow PS Scripts to be Run
* `Set-ExecutionPolicy -Scope CurrentUser RemoteSigned`
* This allows current users to run local scripts and digitally signed remote scripts
## Remote Access
* `Enter-PSSession -ComputerName <computername>` - interactive remote session
<figure><img src="../assets/79934145188703508417.png" alt=""><figcaption></figcaption></figure>
* `Invoke-Command -ComputerName <computername> -ScriptBlock { <command> }` - launch a command remotely
<figure><img src="../assets/86790690807473581275.png" alt=""><figcaption></figcaption></figure>
* `Enable-PSRemoting` - allows remote commands to be executed on this machine

73
sysadmin-i-sys255/lab11-wordpress-on-linux.md Normal file
View file

@ -0,0 +1,73 @@
---
description: >-
In this lab, we installed and configured a WordPress site on the blog01
machine
---
# Lab11 - WordPress on Linux
{% embed url="https://www.digitalocean.com/community/tutorials/how-to-install-wordpress-on-centos-7" %}
* connect blog-01 to network (you should be good at this by now)
* remember DNS!
* install [Apache](lab08-apache.md)
* install MySQL
```bash
curl -sSLO https://dev.mysql.com/get/mysql80-community-release-el7-11.noarch.rpm
sudo rpm -ivh mysql80-community-release-el7-11.noarch.rpm
sudo yum update
sudo yum install mariadb-server
sudo systemctl start mariadb
sudo systemctl status mariadb
sudo mysql_secure_installation
ENTER PASSWORD AND CONFIGS
mysql -u root -p
```
* configure WordPress database
{% code overflow="wrap" fullWidth="false" %}
```bash
CREATE DATABASE wordpress
CREATE USER nathan@localhost IDENTIFIED BY 'password';
GRANT ALL PRIVILEGES ON wordpress.* TO nathan@localhost IDENTIFIED BY 'password';
FLUSH PRIVILEGES;
exit
```
{% endcode %}
* install PHP
```bash
yum install http://rpms.remirepo.net/enterprise/remi-release-7.rpm
yum install yum-utils
yum-config-manager --enable remi-php74
yum update
sudo yum install php php-gd php-mysql
php -v
```
* install WordPress
```bash
sudo service httpd restart
cd ~
wget http://wordpress.org/latest.tar.gz
tar xzvf latest.tar.gz
sudo rsync -avP ~/wordpress/ /var/www/html/
sudo chown -R apache:apache /var/www/html/*
```
* configure WordPress
```bash
cd /var/www/html
cp wp-config-sample.php wp-config.php
nano wp-config.php
```
<figure><img src="../assets/wordpress.png" alt=""><figcaption></figcaption></figure>
* on WKS, go to http://blog01-nathan/readme.html
* follow the installation steps

84
sysadmin-i-sys255/lab12-automation.md Normal file
View file

@ -0,0 +1,84 @@
---
description: >-
In this lab, we set up the clone machines, configured SSH to use RSA keys as
authentication, and used PSSH and Ansible to automate commands
---
# Lab12 - Automation
## Configure clone1, clone2, and clone3
For all three machines...
* Change network adapter to LAN
* `nmtui`
* Manual IP address&#x20;
* 10.0.5.70/24
* 10.0.5.71/24
* 10.0.5.72/24
* Gateway 10.0.5.2
* DNS 10.0.5.6 & 8.8.8.8
* Search domain: nathan.local
* `systemctl restart network`
* `user add nathan && passwd nathan`
* `usermod -aG wheel nathan`
* Add DNS records to AD02
## Configuring SSH
### Creating RSA key pair for SSH
* `ssh-keygen`
* Default location
* enter a passphrase
* `ssh-copy-id nathan@clone2`
* `ssh-copy-id nathan@clone3`
<figure><img src="../assets/28240178620173883519.png" alt=""><figcaption></figcaption></figure>
### Add passwordless SSH login (for 1 hour)
* `` eval `ssh-agent` ``
* `ssh-add -t 1h`
* This is not permanent, you have to retype these commands every session
### Allow passwordless elevation to root by wheel group members
* On clone2 and clone3, uncomment this line in /etc/sudoers
<figure><img src="../assets/97855147798409096157.png" alt=""><figcaption></figcaption></figure>
## PSSH - Parallel SSH.&#x20;
* Allows you to run SSH commands on multiple hosts
* On clone1
* `yum install epel-release`
* `yum install pssh`
* create a text file called _ssh-hosts.txt_ and add IP addresses of clone2 and clone3
<figure><img src="../assets/52008438397585002082.png" alt=""><figcaption></figcaption></figure>
* make sure passwordless SSH is enabled
* `pssh -i -h ssh-hosts.txt -- <command>`
* `-i` - interactive - show command output
<figure><img src="../assets/78542122222727064667.png" alt=""><figcaption></figcaption></figure>
## install Ansible
* On clone1
* `sudo yum install ansible`
* `ansible all -i ssh-hosts.txt -m ping`
<figure><img src="../assets/28098970826352958907.png" alt=""><figcaption></figcaption></figure>
* `-b` - tells Ansible that the user associated with the SSH public key at the other end of the connection is a sudoer user
<figure><img src="../assets/75917456384225415742.png" alt=""><figcaption></figcaption></figure>

105
sysadmin-i-sys255/lab13-wordpress-on-windows.md Normal file
View file

@ -0,0 +1,105 @@
---
description: >-
In this lab, we installed and configured a WordPress site on a Windows 2019
server
---
# Lab13 - WordPress on Windows
### MySQL
* go to https://dev.mysql/downloads/installer
* download the MSI file and run it
* Full version, server mode, keep the rest defaults
* MySQL Workbench -> open the only connection
<figure><img src="../assets/74084820811547432549.png" alt=""><figcaption></figcaption></figure>
* Create a new scheme (database icon)
<figure><img src="../assets/64154464512101878437.png" alt=""><figcaption></figcaption></figure>
* Add all privileges to root
<figure><img src="../assets/10871376959663845339.png" alt=""><figcaption></figcaption></figure>
### PHP
* go to https://windows.php.net/download
* download the non thread safe zip
<figure><img src="../assets/67257474633139373020.png" alt=""><figcaption></figcaption></figure>
* extract as `php` into the Program Files folder
* go to Environment Variables and add php to PATH
<figure><img src="../assets/68759560798920867956.png" alt=""><figcaption></figcaption></figure>
<figure><img src="../assets/74799811371189113438.png" alt=""><figcaption></figcaption></figure>
* In the php folder, rename php.ini-production to php.ini
* edit php.ini
* cgi.force\_redirect = 0
* cgi.fix\_pathinfo = 1
* fastcgi.impersonate = 1
* fastcgi.logging = 0
* extension\_dir = "ext"
* extension=mysqli
* extension=pdo\_mysql
### Install PHPMyAdmin
* go to phpmyadmin.net
* download the zip on the top right of the page
### C++ and URL Rewrite
* download from Microsoft and run the installer
### Internet Information Services (IIS)
* Add Web Server (IIS) feature
<figure><img src="../assets/37176438071902029052.png" alt=""><figcaption></figcaption></figure>
* no roles needed
* Web Server Roles
* Custom Logging & Logging Tools&#x20;
* CGI
* IIS 6 Management Compatibility & IIS Management Scripts and Tools
* ASP.NET 4.7 (latest version)
<figure><img src="../assets/24756578333294175972.png" alt=""><figcaption></figcaption></figure>
* Go to http://localhost to check if IIS is running
* Tools -> Internet Information Services (IIS) Manager
* Handler Mappings
* Add Module Mapping...
<figure><img src="../assets/39189716510044144776.png" alt=""><figcaption></figcaption></figure>
<figure><img src="../assets/75972885183370410713.png" alt=""><figcaption></figcaption></figure>
* IIS Manager -> default documents -> add index.php to top priority
* IIS Manager -> FastCGI Settings -> Environment Variables
<figure><img src="../assets/82622175695437562641.png" alt=""><figcaption></figcaption></figure>
* IIS Manager -> Application Pools -> Add Application pool... -> name it Wordpress (keep defaults)
* rc Wordpress -> Set Application Pool Defaults -> Application Pool Identity
* Sites -> Default Web Site -> Basic Settings...
<figure><img src="../assets/49334009375200079531.png" alt=""><figcaption></figcaption></figure>
### Install WordPress!!!!
* download zip from website
* extract into C:\inetpub\wwwroot
* rename to just wordpress
* copy paste all files to the root wordpress folder, then delete the internal wordpress folder
* rename wp-config-sample.php to wp-config.php
* edit with notepad

45
sysadmin-i-sys255/network_configuration.md Normal file
View file

@ -0,0 +1,45 @@
# SYS255 - Network Configuration
### vSphere
https://vcenter02.cyber.local\
Username: charlotte.croce@cyber.local\
Password: cyber.local password
### fw01-SYS-255-01-charlotte.croce - PfSense firewall
IP Address: 10.0.17.104\
Upstream gateway: 10.0.17.2\
LAN interface: 10.0.5.2\
Network Adapter 1: WAN\
Network Adapter 2: LAN
### wks01-charlotte - Windows workstation
IP address: 10.0.5.100\
Default Gateway: 10.0.5.2\
DNS: 10.0.5.6
### ad01-charlotte - Windows server
IP Address: 10.0.5.6\
Gateway: 10.0.5.2\
DNS 10.0.5.2
### dhcp01-charlotte - DHCP server
IP Address: 10.0.5.4\
Gateway: 10.0.5.2\
DNS 10.0.5.6
### fs01-charlotte - file server
IP Address: 10.0.5.8\
Gateway: 10.0.5.2\
DNS 10.0.5.6
### web01-charlotte - web server
IP Address: 10.0.5.10\
Gateway: 10.0.5.2\
DNS 10.0.5.6