Reference no: EM133184618
PROG 2203 Access Controls - Durham College
Assignment 1:
Add an Ubuntu server to your domain
Add an Ubuntu server to your network and join it to the Active Directory domain
1. Create a VM running Ubuntu Server v.22.04
a. Include a screenshot of the output from the command lsb_release -a
2. Join it to the AD domain
a. Document the process of joining it to the domain using screenshots and explanations
b. Take a screenshot of the output from the realm list command to show that you have successfully joined the domain
c. Take a screenshot of the computer object from Active Directory on your Domain Controller
3. Take a screenshot of your configured yaml file (/etc/netplan/...config.yaml)
4. Permit a domain user account to logon via the console (sudo realm permit)
a. Include a screenshot of the output from the command
5. Add the domain user to the sudo permissions grants file (create the file: /etc/sudoers.d/domain_admins)
a. Include a screenshot of this file using nano or cat to show the contents
6. Configure the server to automatically create home directories for domain user accounts upon logon (/etc/pam.d/common-session)
a. Include a screenshot of the content of this file using the cat or nano command
7. Log into your server using domain credentials. Include a screenshot of:
a. whoami
b. The contents of the /home director (cd /home ls)
Assignment 2 - Linux and AAA
Part 1:
Explain in your own words:
1. What is the difference between AAA and NAC? How do these services work together?
2. What is a use case of NAC that could be applied to your organization?
3. What is "Defense in Depth"?
4. What are 3 ways you could incorporate defense in depth within your organization?
Part 2:
Implement a FreeRadius server within your network, hosted on Ubuntu Server 20.04.
The details for FreeRadius download and set-up instructions attached
Once your server is set up and running, browse to the Daloradius Login screen using your Host browser (NOT the Ubuntu machine):
Troubleshooting: You may only see the php code on login, this means it is not executing. You'll need to install php to apache using this command:sudo apt-get install php libapache2-mod-php
1. Using the DaloRadius Management Page, create a user for one of your departments. Go to Management > Users > New User
a. Include a screenshot of your user account in your report
2. Check the server status by going to Reports > Status > Server Status
a. Include a screenshot of your server status in your report
3. Create a Billing plan by going to Billing > Plans > New Plan
a. Include a screenshot of the plan in your report
Assignment 3 - Centralized Access Management Solutions
The CTO would like to implement a centralized access management solution for the organization. Your IT team will need to research the various options available, and choose the best one for the organization.
Build a business case defending your choice of management solution. A business case will typically include:
• A summary of the current organizational situation
o An overview of the business's current assets, devices, daily functions, blind spots, points of failure, etc.
o Build a case for how this product will benefit the organization as a whole
• A chart comparing the features of the various solutions that the team researched
• A detailed explanation of the best choice for the organization
o Why is it the one that will benefit your organization, specifically?
o Will the solution be applied to all of the devices used throughout the organization, or only specific ones?
• A summary of the roll-out process if approved
o Expected budget (note: if you can't find cost information on the website, this can be made up)
o Who will be the subject matter expert?
o Who will be the project manager for the deployment process?
o How long do you expect deployment to take? Will it be done in phases or all at once?
o Who will be responsible for the produce once it is deployed to production?
o How much management will the solution require once it is in production?
Attachment:- Access Controls.rar