Working with Active Directory FSMO Roles – In Everyone Else’s Words

nbeam published 10 years ago in Domain Administration, Microsoft. Tags: , ,

2

Recently I had to transfer the FSMO roles in my Active Directory Domain to a new domain controller. They aren’t a particularly exciting topic or even really all that common in the grand scheme of things. However, if you do Microsoft Active Directory administration, FSMO roles are something you should at least be aware of and preferably know how to work with.

Rather than re-writing what everyone else has already said. Here the links you need to visit to get a good grasp on this topic.

What are FSMO Roles?
http://www.ucs.cam.ac.uk/support/windows-support/winsuptech/activedir/fsmoroles

How to Transfer FSMO Roles..
http://www.petri.co.il/transferring_fsmo_roles.htm

How to Seize FSMO Roles
http://kpytko.pl/2011/08/28/seizing-fsmo-roles/

That should take care of most folks!

Cheers!

Shell scripts for quickly integrating an Ubuntu 14.04 LTS server into a Microsoft Windows Server Active Directory Domain

nbeam published 10 years ago in Domain Administration, Linux, Microsoft, Shell Scripting, Ubuntu. Tags: , , ,

7

A couple of days ago I posted full instructions for integrating an Ubuntu 14.04 LTS server into your Microsoft Active Directory Windows Domain. This is a short follow-up to that post which can be found here:
http://www.kiloroot.com/add-ubuntu-14-04-lts-server-to-a-windows-active-directory-domain-fullest-integration/

To make my life easier I wrote three shell scripts that can be run to automate the majority of the setup. You simply run them in order as a root user on your linux server (sudo su). The first and third shell script initiate a server reboot at the end. These reboots are necessary. You will need to modify the second and third scripts with information from your environment. I have commented both explaining what needs to be changed.
(more…)

Interesting read… Interview with a Hacktivist and a Thought on Governmental / Big Data Transparency…

nbeam published 10 years ago in Uncategorized.

0

Being a security person, having a strong respect and belief in the rule of law, and an ardent Libertarian… I sometimes find myself a bit philosophically conflicted 🙂

Anyhow, I am still reading through this but I do find it rather engrossing. Enjoy!

http://www.reddit.com/r/IAmA/comments/kpfsp/ama_request_sabu_from_lulsec_this_would_be_amazing/

To one person’s comment (this was written 2 years ago, well before the whole Snowden fiasco and the revelation of programs like PRISM… making it all the more relevant today…):

So I think about this a lot: Facebook, google, Twitter, etc. is all being pumped through various Carnivore, Echelon and other signals intelligence collection and analysis networks and are most likely being gather and processes by some super mega computer systems somewhere and is giving a near real-time readout of the entire “pulse” of our global society. Somebody, somewhere has access to this.

That’s some pretty powerful f***ing knowledge to have and my beef is this: that’s our data their using, that’s our lives, that’s us, and I feel it’s our right to have access to the output that system is giving. And I see anonymous and antisec as the beginning of a global push towards opening it up for all to see.
I wanna see the mega-cloud!!!

Yeah… I kind of agree. I am not sure if everyone should have access, but there should be better oversite and transparency… Probably just triggered something in PRISM with this post… 🙁

Great…

Rant about Dreamhost – The Worst Customer Support Known to Man

nbeam published 10 years ago in Uncategorized.

0

I have had my problems with hosting providers and have bounced around to a few different ones. Initially my goal was to go cheap. However I eventually wised up and settled with Media Temple. However I still have a few sites on a Dreamhost Shared Hosting Plan.

Why Dreamhost? Well… in the Shared Hosting world they had a lot of rave reviews. However, after being with them for over two years now I am seriously considering ditching them all together and migrating everything to Media Temple.

Let’s talk about why.
(more…)

Add Ubuntu 14.04 LTS Server to a Windows Active Directory Domain – Fullest Integration

nbeam published 10 years ago in Domain Administration, Linux, Microsoft, Ubuntu, Windows Administration. Tags: , , , , ,

93

Update 3/31/2016PBIS doesn’t work well as of late and this method has been superceded by this article here: http://www.kiloroot.com/add-ubuntu-14-04-server-or-desktop-to-microsoft-active-directory-domain-login-to-unity-with-domain-credentials/

Update 5/18/2014I created scripts to automate 90% of this process. I still recommend you read this post before just jumping in and using the scripts so that you know what exactly it is you are doing. However the scripts can save you a lot of time. You can get them by clicking here.

If you are like me and work in a mixed environment then the above topic is probably quite important to you. Especially if you also happen to be a security person for your organization and centralized account administration is a big deal.

In this tutorial, I will be walking through how to join an Ubuntu 14.04 LTS Server to a Windows Active Directory Domain. Furthermore, we will be adding a new domain group to the “sudoers” group on the box so that our Domain Admins will automatically have the ability to use sudo to administer your Ubuntu Servers as needed.

Additionally, we will also be making it easy for them to login (no appending of the domain onto their user account name) and giving them the more user-friendly BASH shell, rather than the default SH.

All commands reference the fictional domain “CONTOSO.COM” to make the syntax easier to understand. The Domain Controller (DC) for the domain will be at “192.168.0.100”. The domain controller is assumed to be running DNS services as this is tightly integrated with Active Directory. The name of the domain admin in the Windows domain is “admin”
(more…)