Category Archives: Sysadmin

Windows Update with PowerShell

We generally connect to backend servers via a jump-box or bastion host. On Windows this means RDP into the jump-box, then RDP from the jump-box to the backend server. However, recently a Windows update meant that the jump-box (which had … Continue reading

Posted in PowerShell, Sysadmin | Leave a comment

AD for Debian with SaltStack – Part 5 – AD Join Script

Joining Active Directory is currently a manual operation. There is no reason why it couldn’t be done by SaltStack – that is left as an exercise for the reader!

Posted in Active Directory, SaltStack, Sysadmin | Leave a comment

AD for Debian with SaltStack – Part 4 – NTP

You need to keep the time consistent across your machines for a number of reasons – not the least is basic sanity. AD needs the time consistent as otherwise Kerberos won’t work. Standard practice is to use the DC as … Continue reading

Posted in Active Directory, SaltStack, Sysadmin | Leave a comment

AD for Debian with SaltStack – Part 3 – SSSD, PAM and sudo

This post finishes off the key parts of the AD configuration. Installs SSSD – the System Security Services Daemon sssd-pkg: pkg.installed: – name: sssd

Posted in Active Directory, SaltStack, Sysadmin | Leave a comment

AD for Debian with SaltStack – Part 2 – Samba

Continuing AD with SaltStack; onwards with Samba! Installs Samba for SMB support for AD samba-pkg: pkg.installed: – pkgs: – samba – samba-common

Posted in Active Directory, SaltStack, Sysadmin | Leave a comment

AD for Debian with SaltStack – Part 1

SaltStack provides an easy, fast way to manage systems – from one to thousands. One of its key capabilities is configuration management – “make it look like this” – and this series of posts describes how to implement the AD join … Continue reading

Posted in Active Directory, SaltStack, Sysadmin | Leave a comment

Authenticating Linux with Active Directory using SSSD

Sometimes it is handy if users are managed somewhere other than /etc/passwd – somewhere central. Sometimes this happens to be Active Directory. This post describes an approach on Debian Jessie against AD on Windows 2016 based on this excellent RedHat … Continue reading

Posted in Active Directory, Sysadmin | Leave a comment