diff options
Diffstat (limited to 'doc/markdown/swiftkerbauth/AD_server.md')
-rw-r--r-- | doc/markdown/swiftkerbauth/AD_server.md | 119 |
1 files changed, 0 insertions, 119 deletions
diff --git a/doc/markdown/swiftkerbauth/AD_server.md b/doc/markdown/swiftkerbauth/AD_server.md deleted file mode 100644 index 66d90f2..0000000 --- a/doc/markdown/swiftkerbauth/AD_server.md +++ /dev/null @@ -1,119 +0,0 @@ -#Windows Active Directory & Domain Controller Server Guide - -###Contents -* [Setup Overview] (#Setup) -* [Installing Active Directory Services] (#AD-server) -* [Configuring DNS] (#DNS) -* [Adding Users and Groups] (#users-groups) - - -<a name="Setup" /> -###Setup Overview - -The setup includes a server machine installed with Windows 2008 R2 Server, with -Domain Controller, Active Directory services & DNS server installed alongwith. -The steps to install windows operating system and above servers can be found -on MicroSoft Documentation. This windows Active Directory server would act as an -authentication server in the whole setup. This would provide the access control -and permissions for users on certain data objects. - - -Windows 2008 R2 deployment: - -http://technet.microsoft.com/en-us/library/dd283085.aspx - - -Configuring Active Directory, Domain Services, DNS server: - -http://technet.microsoft.com/en-us/library/cc770946.aspx - - -<a name="AD-server" /> -###Installing AD Server - -Administrators need to follow simple instructions in Server Manager on Windows -2008, and should add Active Directory Domain Services & DNS server. It is -recommended to use static IP for DNS server. Preferred Hostname(FQDN) for -Windows server could be of format hostname 'server.winad.com' where -'winad.com' is a domain name. - -Following tips would help prepare a test setup neatly. - - - Select Active Directory Domain services wizard in Server Manager - - Move on to install it with all the pre-requisits, e.g. .NET framework etc. - - Configure Active directory after installtion via exapanding the 'Roles' - section in the server manager. - - Create a new Domain in the New Forest. - - Type the FQDN, winad.com - - Set Forest functional level Windows 2008 R2. - - Selct additional options for this domain controller as DNS server. - - Leave the log locations to default provided by wizard. - - Set the Administrator Password carefully. - - Thats it. You are done configuring active directory. - - -<a name="dns" /> -###Configuring DNS - -This section explains configuring the DNS server installed on Windows 2008 R2 -server. You must know know about - - - Forward lookup zone - - - Reverse lookup zone - - - Zone type - -A forward lookup zone is simply a way to resolve hostnames to IP address. -A reverse lookup zone is to lookup DNS hostname of the host IP. - -Following tips would help configure the Zones on DNS server. - - - Create a Forward lookup zone. - - Create it a primary zone. - - Add the Clients using their ip addresses and FQDN to this forward lookup - zones. - - This would add type 'A' record for that host on DNS server. - - Similarly create a Reverser lookup zone. - - Add clients 'PTR' record to this zone via browsing through the forward - zones clients. - -The above setup can be tested on client once it joins the domain using 'dig' -command as mentioned below. - - -On client: - - # dig fcclient.winad.com - This should yield you a Answer section mentioning its IP address. - - Reverse lookup can be tested using - - # 'dig -t ptr 101.56.168.192.in-addr.arpa.' - The answer section should state the FQDN of the client. - - Repeat the above steps on client for Windows AD server as well. - - -<a name="users-groups" /> -###Adding users and groups - -The following convention is to be followed in creating group names: - - <reseller-prefix>\_<volume-name> - - <reseller-prefix>\_<account-name> - -As of now, account=volume=group - -For example: - - AUTH\_test - -Adding groups and users to the Windows domain is easy task. - - - Start -> Administrative Tools -> Active Directory Users & Computers - - Expand the domain name which was prepared earlier. e.g winad.com - - Add groups with appropreate access rights. - - Add users to the group with appropreate permissions. - - Make sure you set password for users prepared on AD server. |