Difference between revisions of "AD Topology"

From Stadm
Jump to navigationJump to search
 
(7 intermediate revisions by the same user not shown)
Line 6: Line 6:
 
=Topology=
 
=Topology=
  
==Servers==
+
==Linux==
===Linux==
+
===Servers===
 
*Rumba(CentOS 7)
 
*Rumba(CentOS 7)
 
**AD Controller
 
**AD Controller
 
**Group Policy Objects(GPO) must be edited on Rumba(through Group Policy Management on a  domain joined Windows computer)
 
**Group Policy Objects(GPO) must be edited on Rumba(through Group Policy Management on a  domain joined Windows computer)
 
***This is because GPO syncing is done through rsync and Limbo pulls the GPO changes from Rumba
 
***This is because GPO syncing is done through rsync and Limbo pulls the GPO changes from Rumba
 +
***Running a DNS forwarder, DNS can be viewed using RSAT, nothing really ever needs to be changed there
 +
**NFS mounts here
 +
**smb.conf location: /usr/local/samba/etc/smb.conf
 
*Limbo(Centos 6)
 
*Limbo(Centos 6)
 
**AD Controller(in case rumba goes down users can still authenticate, NFS mount points are on rumba though so anyone with a roaming profile will have issues loading and saving profile)
 
**AD Controller(in case rumba goes down users can still authenticate, NFS mount points are on rumba though so anyone with a roaming profile will have issues loading and saving profile)
===Windows===
+
**Also running DNS forwarder that syncs w/ rumba
 +
*Managing rumba and limbo: http://wiki.eri.ucsb.edu/stadm/Samba4_Administration
 +
 
 +
==Windows==
 +
===Servers===
 
*Daft(Windows Server)
 
*Daft(Windows Server)
 
**Windows Server Update Services(WSUS) - provides domain joined computers update management if GPO is applied
 
**Windows Server Update Services(WSUS) - provides domain joined computers update management if GPO is applied
**Can be used to manage Domain(GPO's and Users/Computers)
+
***http://wiki.eri.ucsb.edu/stadm/Samba4_Administration#WSUS
 +
**Can be used to manage Domain(GPO's and Users/Computers): http://wiki.eri.ucsb.edu/stadm/Samba4_Administration#Creating_Users
 
***RSAT can as well from any domain joined machine: https://wiki.samba.org/index.php/Installing_RSAT
 
***RSAT can as well from any domain joined machine: https://wiki.samba.org/index.php/Installing_RSAT
 
*atlas/quinaya/tliyel-Remote Desktop Servers that need a DC to provide Windows RDS
 
*atlas/quinaya/tliyel-Remote Desktop Servers that need a DC to provide Windows RDS
 +
===Computers===
 +
*lluvia/smaug-Windows 7 Machines with RSAT installed, can manage the domain. Can be used to test GPO's or user creation on the domain.

Latest revision as of 12:22, 19 April 2016


Topology

Linux

Servers

  • Rumba(CentOS 7)
    • AD Controller
    • Group Policy Objects(GPO) must be edited on Rumba(through Group Policy Management on a domain joined Windows computer)
      • This is because GPO syncing is done through rsync and Limbo pulls the GPO changes from Rumba
      • Running a DNS forwarder, DNS can be viewed using RSAT, nothing really ever needs to be changed there
    • NFS mounts here
    • smb.conf location: /usr/local/samba/etc/smb.conf
  • Limbo(Centos 6)
    • AD Controller(in case rumba goes down users can still authenticate, NFS mount points are on rumba though so anyone with a roaming profile will have issues loading and saving profile)
    • Also running DNS forwarder that syncs w/ rumba
  • Managing rumba and limbo: http://wiki.eri.ucsb.edu/stadm/Samba4_Administration

Windows

Servers

Computers

  • lluvia/smaug-Windows 7 Machines with RSAT installed, can manage the domain. Can be used to test GPO's or user creation on the domain.